Kinda, they excluded CPU’s that are no longer supported by Intel. If a vulnerability happens, Intel isn’t going to willingly provide microcode fixes. I’d say it’s old enough it’s safe, but history has proven that to be a dicey proposition. TPM was arguably bad architecture with vulnerabilities; it’s just protecting the boot chain, but BitLocker is already fucked 7 ways to Sunday.
Trying to up their security for corporations is understandable, that’s not to say this isn’t a hard push to get people to upgrade because providing support for 10 probably costs them a lot of money.
Requiring TPM at the install check but not actually requiring it to run is bullshit.
LUKS on Linux is far better at protecting your equipment.
Kinda, they excluded CPU’s that are no longer supported by Intel. If a vulnerability happens, Intel isn’t going to willingly provide microcode fixes. I’d say it’s old enough it’s safe, but history has proven that to be a dicey proposition. TPM was arguably bad architecture with vulnerabilities; it’s just protecting the boot chain, but BitLocker is already fucked 7 ways to Sunday.
Trying to up their security for corporations is understandable, that’s not to say this isn’t a hard push to get people to upgrade because providing support for 10 probably costs them a lot of money.
Requiring TPM at the install check but not actually requiring it to run is bullshit.
LUKS on Linux is far better at protecting your equipment.