Microsoft Introduces Major New Windows 11 Security Feature Requiring Clean Installation of the OS

[Tsing]

Microsoft has detailed a new security feature for Windows 11 called Smart App Control, a major enhancement that is designed to prevent users from running malicious applications on Windows devices by blocking untrusted and unsigned applications by default. Sounds neat, right? Absolutely, but there's a major caveat.

Go to post

 

[LazyGamer]

It's not April 1 any more

 

[Ditchinit]

At what point does Windows, itself, become a malicious application?

 

[Brian_B]

Sounds like it’s working if you can’t install it

 

[Elf_Boy]

Clean install is doable - if painful.

 

[Grimlakin]

So you lock yourself in to running approved apps only?

NO.. not only no but HELL NO. Maybe for Joe user but anyone in IT knows you need qccess to advanced apps that Microsoft does not approve to do things in their os.

 

[LazyGamer]

So... let's say you're setting up a system for a corporate desktop, or worse, for someone that knows just enough about computers to get in trouble.

I think I could find a use for this!

 

[Grimlakin]

So... let's say you're setting up a system for a corporate desktop, or worse, for someone that knows just enough about computers to get in trouble.

I think I could find a use for this!

Depends on the user. Generic corporate use sure. It people.. no.

 

[MadMummy76]

So basically voluntarily moving into a jail cell, of course for your own protection. No thanks.

 

[Uvilla]

It makes sense that it has to be fresh install. As long as the feature remains an option sure. But we suspect were this is going.

 

[Elf_Boy]

I wonder if 'Locked' is the right word - if done correctly there would be a w2arning that the app has not been tested and approved by MS, do you still want to install.

I'd be ok with that. Well unless it bugs me about everything I install from Steam

 

[Grimlakin]

I wonder if 'Locked' is the right word - if done correctly there would be a w2arning that the app has not been tested and approved by MS, do you still want to install.

I'd be ok with that. Well unless it bugs me about everything I install from Steam

This behavior is normal and consistent with what happens today. It seems to be this enhanced security flavor is the CRAP we don't want at least as DIY and IT people.

Imagine owning a PC where it is a closed system... where you can ONLY run approved applications that have security stamps recognized by the vendor of the OS.

Now imagine if that vendor of the OS were to... Oh I don't know... CHARGE for approving digital signatures for software?

One of the things that would bump me RIGHT over to a Unix blend gaming be damned would be such a 'feature'. I use a PC because I WANT the flexibility to install and use what I want when I want from wherever the hell I want without having to report it to Microsoft or anyone else.

I don't care if it is a game cheat, a piece of software to listen on a network port, a enhanced pingtrace program, or anything else. I want to be able to run that and having this inverted walled garden is going to be destructive to that.

And it is VERY MUCH SO an inverted walled garden. Where Apple has a software distribution and payment service they require all software vendors for IOS applications to use so they can 'get their cut' and offer 'secured verified software'. Which they are getting sued for. All this new security feature does is invert the wall. You can get the software from ANYWHERE you want... as long as it is verified and trusted by Microsoft. Actually in practice this will be even MORE authoritarian.

Again I DO NOT want this.... I think it should be thrown out with the dirty bathwater.

If you think Microsoft is doing this for the 'good of the community' you are wrong. The place where this will do the most good is in their pocketbooks.

 

[Nanobot]

I am so glad I switched to Linux years ago. It’s rare that I ever need to use Windows now.

 

[Denpepe]

I wonder if 'Locked' is the right word - if done correctly there would be a w2arning that the app has not been tested and approved by MS, do you still want to install.

I'd be ok with that. Well unless it bugs me about everything I install from Steam

I think the intent is more to stop virus type software from beeing installed without the user knowing and an attemmt to try and stop or reduce botnets, but what do I know, "M$ is tha great evel doing only anti consumer stuff"

Like windows11 would be subscription based, people were sure of that adter some teeny string of code was found in a testversion, where did that end up?

 

[Brian_B]

M$ is tha great evel doing only anti consumer stuff

Maybe, but I certainly won’t give them a pass. They have done enough anti-consumer stuff in the past that you have to keep a vigilant, skeptical eye. And they control enough market share that even small changes have large consequences.

I don’t want to see Windows go to signed only apps. I already dislike iOS for this reason. OS X I think handles it ok - it defaults to only allowing signed apps, but you can override it (although it isn’t obvious how to), and verifying an app signature can at times take a noticeable amount of time.