Windows 11 officially requires TPM 2.0, secure-boot enabled, and an AMD Zen+ (Ryzen 2xxx) or later or an Intel Core Gen 8 or later.

https://arstechnica.com/gadgets/2021/10/windows-11-the-ars-t...

> ... the best rationale for the processor requirement is that these chips (mostly) support something called “mode-based execution control,” or MBEC. MBEC provides hardware acceleration for an optional memory integrity feature in Windows (also known as hypervisor-protected code integrity, or HVCI) that can be enabled on any Windows 10 or Windows 11 PC but can come with hefty performance penalties for older processors without MBEC support.

> Another theory: older processors are more likely to be running in old systems that haven’t had their firmware updated to mitigate major hardware-level vulnerabilities that have been discovered in the last few years, like Spectre and Meltdown

You can use a TPM for disk encryption with Linux if you want. You also get to use your own secureboot keys if you want. Your choice.

I can't be bothered. My 80386 worked fine without any of the above and I still don't need any of it on a Zen%d (except Linux)

I have a few machines which lack a supported CPU. There's CPU's only 6 years old which aren't supported. There may be some newer ones even (I didn't bother to look).

If it was 2000 - it'd be like, "OK boss, you gotta upgrade that old dog of a CPU", but software bloat really hasn't kept up with CPU performance. I've got an i3 which is serviceable enough from 2014. Is it going to be able to keep up with modern SQL Server and Teams and VSCode and all that? Probably not all at once. But totally fine for basic computing.

For some reason that risk never seemed larger than the one that Microsoft would force me into subscribing to more services because they hold my data hostage or that they would be more than happy to pass the keys to my machine to the USG.