Billy Hurley has covered tech long enough to see Windows upgrades come and go. As a reporter for IT Brew with 20 years of experience, he’s watched the industry move from floppy disks to cloud computing, from obvious phishing emails to AI-enhanced social engineering attacks.
During a recent episode of MyComputerCareer’s “Get Into IT” Live show, Billy broke down why the Windows 10 to Windows 11 migration is proving so painful for IT teams and everyday users. He also talked about what the 1995 movie Hackers got surprisingly right about cyber security threats that still work today.
The Windows 11 problem nobody wants to talk about
Windows 11 launched with big promises. AI integration. Better security. A fresh interface. So why are so many people refusing to upgrade?
Billy pointed to several friction points. First, there’s simple familiarity. “You know where the start bar is. It’s not in the center,” he explained. “You’ve learned the technology. You’ve learned on that system.”
But the bigger issue is hardware. Windows 11 requires TPM 2.0 chips, specific CPUs, particular memory and disk space requirements. For many organizations and individual users, meeting those requirements means buying entirely new machines.
“The only way for some people to upgrade is to buy new hardware,” Billy said. “That could be a cost issue.”
For IT professionals managing entire organizations, the challenge multiplies. They need to conduct asset inventory, test applications on new systems, back up employee data, and deploy upgrades carefully. One person Billy spoke with reported their computer overheating after attempting to run Windows 11 on older hardware.
All of this explains why legacy systems stick around far longer than anyone wants. It’s not stubbornness. It’s resources.
Security vs. comfort: The tough choice
The tension between security and familiarity defines this whole migration mess.
Billy spoke with one user, who described Windows 10 as “a decade of finely tuned and stable releases.” That stability matters. IT pros have PowerShell scripts, workflows, and systems they’ve spent years perfecting. There’s no guarantee any of it carries over smoothly.
But here’s the problem: at some point, you can’t ignore security anymore.
“People don’t want to feel like they have an abandoned computer,” Billy noted. Once Microsoft stops providing security updates, systems become vulnerable. Extended security updates exist for critical patches, but they’re not a long-term solution.
The recent BitLocker recovery screen issue didn’t help Windows 11’s case. After an October update, some systems started booting into BitLocker recovery, forcing users to enter recovery keys just to access their machines. It looked like ransomware. It acted like ransomware. Microsoft says it’s a bug.
“A lot of people who don’t want to make the upgrade want to wait till things settle down and these kind of issues get worked out,” Billy said.
What a 30-year-old movie gets right about cybersecurity
Billy recently wrote a piece about the movie Hackers turning 30. He brought in Nathan Hunstable, CISO at Chuck E. Cheese and a former movie theater network admin, to review the hacks in the film.
The verdict? Social engineering is still the most realistic threat.
The movie opens with the main character calling a security guard and tricking them into revealing a modem number. The technical details are dated, but the core concept works just as well today.
“People want to help,” Billy explained. “People trust that what they’re seeing in front of them is real.”
He shared examples from recent pentesting stories he’d covered. One tester walked into a building with a fake pest control canister, spraying water outside. When they knocked on the door claiming they needed to spray inside, they got access immediately. Another used a $100 Home Depot recycling bin with a stenciled “data destruction company” label to walk right in and collect “sensitive data.”
“It worked in 1990s movies and it seems to work today,” Billy said.
The lesson for anyone training in cyber security: technical skills matter, but understanding human behavior matters more. The best firewall in the world can’t stop someone from holding the door open for a confident stranger with a clipboard.
Prompt injections: The new social engineering
Billy’s currently fascinated by prompt injections…using natural language to break large language models and get them to do things they shouldn’t.
“I’m fascinated by how people can use natural language to disrupt a technology,” he said. As an English major turned tech reporter, he sees parallels between old-school social engineering and the ways people manipulate AI systems today.
The guardrails exist, but they can’t keep up. New exploits appear constantly. It’s social engineering for the AI age.
The bottom line
Windows 11 migration struggles highlight something every IT professional knows: change is hard when it involves real costs, potential disruptions, and uncertain benefits. Security ultimately forces the decision, but nobody pretends it’s painless.
And whether you’re dealing with 30-year-old social engineering tactics or brand-new prompt injection attacks, the fundamentals stay consistent. Understanding how systems work matters. Understanding how people work matters more.
Ready to build those skills? MyComputerCareer’s cyber security training programs teach both the technical fundamentals and the strategic thinking that make great IT professionals. Get started with a free career evaluation and see how we can help you break into this field.
