pull down to refresh

Taken directly from the blog post for anyone 'liberating' a Windows laptop/desktop....

Main Steps

"Assuming you have a brand new machine with a Windows 11 OEM pre-install, and you have not yet turned it on"...
  1. On first boot, go to BIOS settings and turn off the TPM (and backdoors like Intel AMT, Absolute Persistence module, etc.), and allow third party OS boot. On my machine (a Lenovo laptop) this caused the screen to go black for quite a while on reboot as it undid the Bitlocker encryption on the pre-installed Windows volume. Decrypting the Windows volume is necessary for the next steps.
  2. Grab an Ubuntu install image, put it on a USB drive, and boot the Ubuntu image using the “Try Ubuntu” selection.
  3. Mount the C: volume (probably the biggest partition on the NVME drive). You may have to run ntfsfix on the volume first to make it writeable.
  4. Edit the file at …/Windows/panther/unattend.xml and insert some XML (exact incantation shown below).
  5. Unmount the volume and reboot.
  6. When the first dialog box appears during setup, hit Shift + F10 and type OOBE\BYPASSNRO into the command prompt shell that appears. This will disable the internet connection requirement, and force a reboot of the machine to restart the setup process.
  7. When you get to “Let’s connect you to a network” there should be an option now that says “I don’t have Internet”; click that, and the system should proceed to setup a local-only account.

Exact Commands

During setup, I connected to the Internet using a wired Ethernet line, so I could easily cut the internet by pulling the cable out if things went wrong and I had to try again (if you do set up by wifi, it’s a bit more complicated to cut internet). In my trials I did end up connecting a couple times and allowing the system to update, and that didn’t impact my ability to pull off the procedure in the end. The specific commands I used within Ubuntu to access the unattended installer manifest were:
sudo su ntfsfix /dev/nvme0n1p3 mount /dev/nvme0n1p3 /mnt nano /mnt/Windows/panther/unattend.xml
But the exact path to the Windows partition will probably be different depending on your OEM and hardware configuration. The right partition is probably the biggest partition, so you can use fdisk to inspect your disk and guess the exact path for your machine. The XML injected was this snippet:
<RunSynchronousCommand wcm:action="add"> <Order>1</Order> <Path>reg add HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\OOBE /v BypassNRO /t REG_DWORD /d 1 /f</Path> </RunSynchronousCommand>
Stick it in the first “settings” block, just after the “component” block. So overall, the top of the unattended.xml file on my machine ends up looking like this:
<?xml version='1.0' encoding='utf-8'?> <unattend xmlns="urn:schemas-microsoft-com:unattend"> <settings pass="specialize"> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="xxxxxxxxxxxxxxxx" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <OEMName>Lenovo</OEMName> <OEMInformation> <Logo>c:\windows\system32\oemlogo.bmp</Logo> <Manufacturer>Lenovo</Manufacturer> <HelpCustomized>true</HelpCustomized> <RecycleURL>https://www.lenovo.com/recycling</RecycleURL> <TradeInURL>https://www.lenovo.com/trade-in-program</TradeInURL> </OEMInformation> </component> <RunSynchronousCommand wcm:action="add"> <Order>1</Order> <Path>reg add HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\OOBE /v BypassNRO /t REG_DWORD /d 1 /f</Path> </RunSynchronousCommand> </settings> .... more settings blocks below ....

Conclusion

"It’s not exactly a fast or convenient procedure, but unfortunately the “just unplug network during setup” hack that populates the front couple pages of Google searches on the topic was patched."
"Anyways, I always disable a bunch of the security theater/DRM and back doors installed by OEMs (in addition to running an overnight RAM test, hence the need to allow third-party/unsigned OS boot), so this was only incrementally more effort on top of what I was already going to do."
All you have to do is use a@a.com for the username and anything you want for the password. It still works.
reply
Thank you for posting this as its helpful.
However, it occurs to me that, if this is the length you need to go to in order to achieve a reasonable user-experience, perhaps you should just use that Ubuntu install media for its intended purpose?
reply
Step 0. Don't buy hardware with preinstalled OS.
reply
Yow... lemee tried it to my dummy pc
reply