Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.
posted by martyb on Saturday October 02 2021, @05:44PM   Printer-friendly
from the security-versus-performance dept.

Windows 11 will hobble gaming performance by default on some prebuilt PCs:

Despite Microsoft's claims that "if you're a gamer, Windows 11 was made for you" you will need to watch out for future prebuilt PCs with the new OS factory installed. That's because the Big M is enabling more security features in PCs by default, and one in particular can seriously tank gaming performance.

In our testing, that can add up to as much as a 28% drop in average frame rates. And you thought the TPM 2.0 restrictions were a pain...

That sort of frame rate delta is like dropping down an entire tier of graphics card and, in these days where GPUs are so hard to come by, Microsoft gimping the performance of the chip in your newbuild machine would surely be hard for gamers to stomach.

The issue is Virtualization-Based Security (VBS), a setting introduced into Windows 10 which uses hardware and software virtualisation to enhance the security of your system. It basically creates an isolated subsystem that helps prevent malware from screwing your PC.

Microsoft explains it as follows: "VBS uses hardware virtualization features to create and isolate a secure region of memory from the normal operating system. Windows can use this 'virtual secure mode' to host a number of security solutions, providing them with greatly increased protection from vulnerabilities in the operating system, and preventing the use of malicious exploits which attempt to defeat protections."

[...] "In our testing with pre-release builds of Windows 11," UL tells us, "a feature called Virtualization-based Security (VBS) causes performance to drop. VBS is enabled by default after a clean install of Windows 11, but not when upgrading from Windows 10. This means the same system can get different benchmark scores depending on how Windows 11 was installed and whether VBS is enabled or not.

"We plan to add VBS detection to our benchmarks in a future update to help you compare scores fairly."

[...] The thing to note, though, is that VBS is not enabled by default for all clean installs of Windows 11.

Another setting to tweak in the registry.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 5, Interesting) by Snospar on Saturday October 02 2021, @06:27PM (9 children)

    by Snospar (5366) Subscriber Badge on Saturday October 02 2021, @06:27PM (#1183716)

    Why would anyone switch to Windows 11 in order to make their system perform worse? All these "features" in the name of security but at the end of the day it's still Windows and we all know how that will end. Now that Wine and/or Proton are bringing a huge number of games to Linux surely now is the time for people to switch? Especially if they're being told that their current system might not even run Windows 11. A well maintained Linux system is secure without all the bells and whistles Microsoft keep talking about and it's easy to keep it up to date because you don't have to run ****ing Windows Update!

    --
    Huge thanks to all the Soylent volunteers without whom this community (and this post) would not be possible.
    • (Score: 5, Funny) by fustakrakich on Saturday October 02 2021, @07:28PM (2 children)

      by fustakrakich (6150) on Saturday October 02 2021, @07:28PM (#1183737) Journal

      Why would anyone switch to Windows 11 in order to make their system perform worse?

      It's one louder, isn't it?

      --
      La politica e i criminali sono la stessa cosa..
      • (Score: 2) by Gaaark on Saturday October 02 2021, @08:33PM

        by Gaaark (41) on Saturday October 02 2021, @08:33PM (#1183760) Journal

        But you can't dust for vomit.

        --
        --- Please remind me if I haven't been civil to you: I'm channeling MDC. I have always been here. ---Gaaark 2.0 --
      • (Score: 0) by Anonymous Coward on Saturday October 02 2021, @09:20PM

        by Anonymous Coward on Saturday October 02 2021, @09:20PM (#1183771)

        Not louder. More annoying.

    • (Score: 5, Insightful) by Thexalon on Saturday October 02 2021, @08:37PM (1 child)

      by Thexalon (636) on Saturday October 02 2021, @08:37PM (#1183763)

      In all seriousness, I've pretty much dumped Windows completely and never regretted it. Although it does help that most of my gaming tastes run 5-10 years behind the latest and greatest - I figure that way the player base tests out how much fun it really is before I'm parting with any of my easily-earned cash.

      --
      "Think of how stupid the average person is. Then realize half of 'em are stupider than that." - George Carlin
      • (Score: 2) by rigrig on Saturday October 02 2021, @10:29PM

        by rigrig (5129) <soylentnews@tubul.net> on Saturday October 02 2021, @10:29PM (#1183784) Homepage

        I've pretty much dumped Windows completely and never regretted it

        Same here, and it's funny how games running natively on Linux seems to inversely correlate with how buggy they are.

        My current favorite: Factorio [factorio.com], where performance is actually a factor, and which does have a first-class Linux version.

        But there will always be the Discworld MUD [starturtle.net], which I firmly believe(and hope) will be around forever, regardless of OS.

        --
        No one remembers the singer.
    • (Score: 0) by Anonymous Coward on Saturday October 02 2021, @11:47PM (2 children)

      by Anonymous Coward on Saturday October 02 2021, @11:47PM (#1183795)

      A well maintained Linux system is secure without all the bells and whistles Microsoft keep talking about and it's easy to keep it up to date because you don't have to run ****ing Windows Update!

      Key words: "well maintained". Most Windows users don't know shit about what's going on in the box/laptop/tablet thingie they bought that came with Windows on it. Gamers will have incentive, now, to disable this "feature", but the common user will probably get some protection via this.

      Meanwhile, most of those users couldn't even install Linux, let alone figure it out. I say this as someone who is currently moving to Linux from the Mac. Figuring out which distro to go with was a royal fucking pain, and while installing new applications for most things hasn't been a big deal, a few things have been just another fucking pain. And I've been in computers for over 30 years, built plenty of computers, and worked professionally on Unix systems back when Linux was just getting going -- and *I* think it's a pain.

      Common users just don't give enough of a fuck to go through all this. They don't care what the computer does inside, they just want to play a game or watch the cat videos. Windows gives them that, mostly. Mac gives them that, mostly. That's all they care about.

      • (Score: 0) by Anonymous Coward on Sunday October 03 2021, @05:46AM

        by Anonymous Coward on Sunday October 03 2021, @05:46AM (#1183846)

        There's a little "update" button on the taskbar of most of the distros running the major desktops. Clicking on that button every once-in-a-while is all one needs to do for a "well maintained" Linux system.

        If you are coming from the Mac world, any major distro with a Gnome desktop should be good for you. Gnome gives you the least amount of choices. Most of the big desktops will hold your hand, and some have even created excellent Big Sur front ends in Gnome and KDE Plasma.

        You *may* have worked professionally on Unix systems, but you certainly don't seem to know much about Linux.

      • (Score: 2) by driverless on Sunday October 03 2021, @08:16AM

        by driverless (4770) on Sunday October 03 2021, @08:16AM (#1183857)

        but the common user will probably get some protection via this.

        I doubt it, the malware will just work around it like it always does. And that's the killer with this thing, Microsoft have imposed a 28% drop in frame rates in exchange for a "feature" that'll hold up the malware for what, about three days until the malware authors adjust to it? And given that goes-to-eleven betas are already widely available, that three days' grace expired about four months ago.

        Sort of like Intel's endless performance-killing microcode patches for all of their CPU flaws, the only thing "the common user" will get out of it is a huge performance drop.

    • (Score: 0) by Anonymous Coward on Sunday October 03 2021, @03:05PM

      by Anonymous Coward on Sunday October 03 2021, @03:05PM (#1183900)

      The same reasons they switched to Windus Dindus 10: M$ baiting them into it on one end and a scaremongering tekpress conjuring up make-believe doomsday exploits that're always "just around the corner" but then never manifest on the other.

      * The "doomsday exploits" that do manifest have this awkward tendency of affecting newer windus versions worse. Overengineered tacked on cruft's a bitch.

  • (Score: 5, Insightful) by Opportunist on Saturday October 02 2021, @06:33PM

    by Opportunist (5545) on Saturday October 02 2021, @06:33PM (#1183718)

    becomes even more relevant: "Can you turn it off, and if, how?"

  • (Score: 1, Funny) by Anonymous Coward on Saturday October 02 2021, @07:13PM (13 children)

    by Anonymous Coward on Saturday October 02 2021, @07:13PM (#1183729)

    I won't go near a PC with that abortion of an OS that is Windows 11. They can pry Windows 10 out of my cold dead hands.

    • (Score: 2) by hendrikboom on Saturday October 02 2021, @07:22PM

      by hendrikboom (1125) on Saturday October 02 2021, @07:22PM (#1183733) Homepage Journal

      pry Windows 10 out of my cold dead hands

      I'm sure they can figure out a way to do that if they judge it necessary.

    • (Score: 3, Insightful) by Anonymous Coward on Saturday October 02 2021, @08:18PM (8 children)

      by Anonymous Coward on Saturday October 02 2021, @08:18PM (#1183756)

      I won't go near a PC with that abortion of an OS that is Windows 11. They can pry Windows 10 out of my cold dead hands.

      Which is exactly what millions of Windows 7 users said about Windows 10. But, like it or not, they have (almost) all upgraded.

      Not that I care, I run Linux on my machines.

      • (Score: 2) by Runaway1956 on Saturday October 02 2021, @09:51PM

        by Runaway1956 (2926) Subscriber Badge on Saturday October 02 2021, @09:51PM (#1183779) Journal

        This, exactly. Few people are willing to do the work to keep an old OS running. It was a struggle to prevent the machine doing automagical upgrades, what with Microsoft having a direct channel with which to distribute malware.

        One real computer still running Win7, and multiple virtual machines. To hell with Microsoft dictating what OS we'll run around here!

        --
        “I have become friends with many school shooters” - Tampon Tim Walz
      • (Score: 3, Insightful) by Subsentient on Saturday October 02 2021, @11:32PM (3 children)

        by Subsentient (1111) on Saturday October 02 2021, @11:32PM (#1183790) Homepage Journal

        Yeah, they all say that. Runaway has the right idea. They said the same thing about Windows XP. I think I remember people saying that about Windows 95 on some ancient archived forums. If you want consistency, switch to Linux. My GUI has looked the same since 2014, and before that it was just a different panel layout I had come up with.

        --
        "It is no measure of health to be well adjusted to a profoundly sick society." -Jiddu Krishnamurti
        • (Score: 2, Interesting) by Anonymous Coward on Sunday October 03 2021, @12:59AM (2 children)

          by Anonymous Coward on Sunday October 03 2021, @12:59AM (#1183800)

          > Windows 95

          I used an old ThinkPad running Win98SE until a couple of years ago. It drove a ledger size (11x17) scanner/copier/collator/stapler very nicely, lots of options available through the computer interface...until the scanner/copier died with no hope of repair. To communicate with it, there was a special driver loaded for specific PNY USB memory sticks--I have several of these sticks.

          I suspect there are others with even more expensive devices (CNC, medical, etc) that do the same thing.

          • (Score: 0) by Anonymous Coward on Sunday October 03 2021, @07:26AM

            by Anonymous Coward on Sunday October 03 2021, @07:26AM (#1183852)

            We have devices running DOS and other OSes of similar age. Some are even connected to our IPX network or to our "legacy" network.

          • (Score: 0) by Anonymous Coward on Sunday October 03 2021, @12:49PM

            by Anonymous Coward on Sunday October 03 2021, @12:49PM (#1183878)

            In a lot of cases, that can be dealt with via VirtualBox with the USB driver. It's a bit of a pain, but if the hardware demands such out of date equipment, it's less likely to be a problem than needing to track down a used laptop to use with it.

      • (Score: 2) by Spamalope on Saturday October 02 2021, @11:54PM

        by Spamalope (5233) on Saturday October 02 2021, @11:54PM (#1183796) Homepage

        We didn't move to Vista or 8 ever, though Win10 has so many more ways to force the issue...

      • (Score: 2) by edIII on Sunday October 03 2021, @10:15PM (1 child)

        by edIII (791) on Sunday October 03 2021, @10:15PM (#1183967)

        Not me. I was one of the ones that was serious about Windows 7 being my last Microsoft OS. Most annoying thing about the move away from Microsoft isn't the learning curves of Linux, but people asking me to help them with their Windows 10 crap heap of an OS.

        --
        Technically, lunchtime is at any moment. It's just a wave function.
        • (Score: 2) by RS3 on Monday October 04 2021, @11:06PM

          by RS3 (6367) on Monday October 04 2021, @11:06PM (#1184312)

          Yup, in the same boat. So I installed 10 on a home machine just to "play" enough so I'd really know it.

          But I don't have good broadband at home (just don't need it, hate the rip-off plans and games) and the Win10 updates started bogging down my ADSL-fed network.

          The ADSL is gone now, and I use only my phone as "hotspot", so I don't do updates through the phone at home (don't want to chew up my monthly data allotment).

          All that said, I've had to use / fix Win10 enough that I'm pretty familiar with it. Pretty much everything is still in there, just in different places, or looks different. Annoying at best.

    • (Score: 5, Insightful) by Gaaark on Saturday October 02 2021, @08:36PM

      by Gaaark (41) on Saturday October 02 2021, @08:36PM (#1183761) Journal

      I won't go near a PC with that abortion of an OS that is Windows. They can pry Linux out of my cold dead hands.

      --
      --- Please remind me if I haven't been civil to you: I'm channeling MDC. I have always been here. ---Gaaark 2.0 --
    • (Score: 0) by Anonymous Coward on Sunday October 03 2021, @01:24AM (1 child)

      by Anonymous Coward on Sunday October 03 2021, @01:24AM (#1183805)

      I won't go near a PC with that abortion of an OS that is Windows 11. They can pry Windows 10 out of my cold dead hands.

      They hardly need to go to all that trouble.

      With mandatory updates - one of the key Windows 10 "features" - you're not going to have a chance to refuse if they don't want to take "no" for an answer.

      • (Score: 1, Touché) by Anonymous Coward on Sunday October 03 2021, @04:06AM

        by Anonymous Coward on Sunday October 03 2021, @04:06AM (#1183833)

        Hell, the people who *WERE* giving "no" as their answer (redefining the meaning of the big X at the top corner, remember?) were force updated anyways.

  • (Score: 0) by Anonymous Coward on Saturday October 02 2021, @09:07PM (1 child)

    by Anonymous Coward on Saturday October 02 2021, @09:07PM (#1183767)

    Imagine how many holes will it need to prevent using it to circumvent various "copy protection" and "anti cheat" schemes. This will probably be just for a handful of MS-blessed programs.

    • (Score: 0) by Anonymous Coward on Sunday October 03 2021, @11:18AM

      by Anonymous Coward on Sunday October 03 2021, @11:18AM (#1183869)

      "Solitaire should be good enough for anyone to run in their 640K of RAM"

      -Bill Gates, 1981

  • (Score: 3, Insightful) by bzipitidoo on Saturday October 02 2021, @09:44PM

    by bzipitidoo (4388) on Saturday October 02 2021, @09:44PM (#1183776) Journal

    Seriously nerfing the performance, eh? Like they did in Windows Vista, spying on users and scanning everything in order to stop them from committing piracy?

    I really thought Vista might finally sink MS. But they realized they'd really screwed up, and soon fixed it in the Service Packs. Windows 7 even managed to win back the love.

  • (Score: 5, Informative) by Runaway1956 on Saturday October 02 2021, @10:01PM (5 children)

    by Runaway1956 (2926) Subscriber Badge on Saturday October 02 2021, @10:01PM (#1183781) Journal

    I've been playing with Win11 in virtual machines. No real hardware yet. A person who knows his/her way around the command line and/or powershell, willing to spend some time with DISM, can make an acceptable operating system out of Win11. Best is to DISM the installation media, burn and install from that media. You can get rid of all the most annoying stuff easily - like Cortana, Bing weather, Bing this and that, Microsoft Store, the Wallet thing, Xbox this and that, Microsoft Games and the Gaming service, the invasive Experience thing.

    I've not yet seen the "downgrade my video and gaming performance" thing, but there will be a way around it - possibly in Group Policy editor.

    Oh yeah - DO NOT INSTALL home, or ultimate, or whatever they call their crippled versions. Install Pro or Enterprise. You need Group Policy editor, if nothing else! That's where you disable telemetry.

    Expect to spend two to three hours tweaking to your satisfaction. Microsoft isn't making it easy to like their new OS.

    --
    “I have become friends with many school shooters” - Tampon Tim Walz
    • (Score: 2) by bzipitidoo on Saturday October 02 2021, @10:39PM (2 children)

      by bzipitidoo (4388) on Saturday October 02 2021, @10:39PM (#1183785) Journal

      Been a while since I last fooled with virtualization. How good is it these days? Something like 98% of the performance you get natively? Can it run 3D accelerated graphics with reasonable performance?

      • (Score: 2) by Runaway1956 on Saturday October 02 2021, @11:06PM (1 child)

        by Runaway1956 (2926) Subscriber Badge on Saturday October 02 2021, @11:06PM (#1183787) Journal

        In my experience, you're not going to compete with real gamers. But, yeah, something around 95% of native hardware performance. Since I'm not a gamer, my "reasonable performance" may not match yours, but I can play all the old games that I like in a VM.

        My experience is with VBox mostly, now I'm playing with VMWare. If I can get macOS installed (on AMD CPUs) I might claim to know my way around VMWare.

        --
        “I have become friends with many school shooters” - Tampon Tim Walz
        • (Score: 4, Interesting) by Anonymous Coward on Saturday October 02 2021, @11:33PM

          by Anonymous Coward on Saturday October 02 2021, @11:33PM (#1183791)

          One really needs GPU paravirtualization passthrough from your host (Linux) to your guest (Windows) to get 'native' performance.

          MS, ironically, have done it the converse with WSL2. Primarily for their Windows 11-hosted Android environment, they built an interface to their host DirectX12 emulating all that OpenGL/Vulkan stuff through Mesa.

          If only we could convince MS to dump their own proprietary graphics architecture and implement all their DirectX stuff on top of DRM and Gallium3D then we would have native levels of performance through VirtIO passthrough. I mean Embrace, Extend and Extinguish but in a good way where they set fire to their own legacy crap. A side benefit, we'd have Windows up and running on ARM boxes where Microsoft can't be bothered writing graphics drivers for VideoCore, Vivante or Mali.

    • (Score: 2) by SDRefugee on Sunday October 03 2021, @01:22AM

      by SDRefugee (4477) on Sunday October 03 2021, @01:22AM (#1183804)

      I've been playing with Win11 in virtual machines.

      I've been running the W11 Insider Preview as a virtual machine on my KUbuntu main system. It actually looks pretty nice. I run it the same way I run a W10 vm, castrated to hell, local account ONLY, with my outside firewall blocking a LONG list of Microsofts malware/spyware addresses. For the "eyecandy" crowd, W11 looks like a winner for MS..

      --
      America should be proud of Edward Snowden, the hero, whether they know it or not..
    • (Score: 2) by bradley13 on Sunday October 03 2021, @08:01AM

      by bradley13 (3053) on Sunday October 03 2021, @08:01AM (#1183856) Homepage Journal

      Expect to spend two to three hours tweaking to your satisfaction. Microsoft isn't making it easy to like their new OS.

      So...why bother? Pick your favorite flavor of Linux, and use it for everything. Gaming works fine, for many games. For the rest: if more gamers move, then more games will follow.

      Otherwise, the only products that don't really work well under Linux are some Adobe products. Microsoft must've paid them a nice bribe at some point, but frankly, most Adobe products have acceptable alternatives.

      --
      Everyone is somebody else's weirdo.
  • (Score: 5, Informative) by ElizabethGreene on Sunday October 03 2021, @02:53AM (1 child)

    by ElizabethGreene (6748) on Sunday October 03 2021, @02:53AM (#1183813) Journal

    Taking this at face value, I'm curious if the problem is exclusive to virtualization based security or more broadly impacts whenever windows is running the hyper-v kernel. That's worth testing.

    If you aren't familiar with VBS, it uses the hyper-v virtualization kernel to allow the OS to create small special purpose VMs to perform operations that need to be isolated from the operating system. An example of this is Credential Guard. On Windows credentials are managed by the Local Security Authority (LSA). On a PC not protected by VBS and Credential Guard, a process (e.g. mimikatz) with kernel debug privileges can attach to LSA and extract credentials. This is the most common method of acquiring credentials for lateral traversal. CredentialGuard uses VBS to create a tiny standalone virtual machine whose job it is to host secrets (credentials) for LSA so this attack isn't possible. VBS can also be used for verifying code integrity too, but I'm far less familiar with that use case.

    My guess is the framerate drop is most likely to be from the hypervisor overhead. That is usually fixable; they should open a case on it.

    (Full disclosure, I work for Microsoft supporting Windows at Fortune 500 customers. Yes I know that makes my opinion invalid.)

    • (Score: 2) by RS3 on Monday October 04 2021, @11:30PM

      by RS3 (6367) on Monday October 04 2021, @11:30PM (#1184318)

      (Full disclosure, I work for Microsoft supporting Windows at Fortune 500 customers. Yes I know that makes my opinion invalid.)

      On the contrary, your authoritative knowledge and information contribution is exceptionally useful. Rumors and speculation run rampant (and I don't blame people for their pessimism toward MS) and you've helped dispel many, and helped us tech-types to understand the underlying mechanisms.

  • (Score: 2, Insightful) by Anonymous Coward on Sunday October 03 2021, @05:28AM

    by Anonymous Coward on Sunday October 03 2021, @05:28AM (#1183844)

    If everyone said a collective FUCK YOU to One Microsoft Way, maybe other platforms would flourish.

    "OH BUT I NEED WINDOWS FOR X" - no, you've ALLOWED people to dictate what you need, no one needs Windows.

    "OH BUT I USE WINDOWS FOR GAMES" - and if you stopped and insisted companies made games for Linux things would change, but people don't like to unite anymore.

  • (Score: 2, Funny) by Anonymous Coward on Sunday October 03 2021, @05:31AM (1 child)

    by Anonymous Coward on Sunday October 03 2021, @05:31AM (#1183845)

    With every boot of Winshit10/11, I'd like to play a game like Punch The Monkey.

    If I win, no telemetry is sent.

    However, should I lose, the telemetry is sent.

    AT LEAST GIVE US A FIGHTING CHANCE!

    It should come with it's own embedded proprietary DRM anti-cheat technology.

    • (Score: 2) by RS3 on Monday October 04 2021, @11:33PM

      by RS3 (6367) on Monday October 04 2021, @11:33PM (#1184319)

      Whack-a-mole game comes to my mind in this context. :)

  • (Score: 2) by stormreaver on Sunday October 03 2021, @07:33PM

    by stormreaver (5101) on Sunday October 03 2021, @07:33PM (#1183941)

    I do that at work, when I have to physically be there. It involves installing Linux on the desktop to protect the important stuff (my work) from the rest of the workplace Windows computers. I have a few coworkers who do the same thing.

    At home, I'm all Linux all the time.

(1)