I don’t see why a hub shouldn’t be able to supply power… it will disable PD modes and limit everything to 5V though

Just make sure to use it on 5V-only chargers. You can glue it to one of them.

This is a great time for the engineer to exert leverage.

"Yes, I can fix it in hours. Here are my demands:

• $200,000
• I’ll also push a firmware update to all your devices that allows setting any address for the server and exposes all functionality in a Home Assistant API, and you won’t ever disable this in current or future devices
• You’ll offer a free locally-connected button/knob device to any customer owning an affected product, or a free service to upgrade the products with on-device controls
• In any social media posts, press releases, customer communication or interviews regarding today’s outage, you have to say that plumbing that requires a server connection is a bad idea

They are keeping around so many deprecated features for internal use and whatnot, I would be surprised if they did remove this registry check.

Until Windows 12 is released, you can always use an old ISO and then update to the newest version.

The command (C:\Windows\System32\) OOBE\bypassnro (.cmd) one types into the command prompt (after opening it with Shift+F10) for the bypass is the location of a batch file they will be removing (the parenthesized parts are optional, implied by the command interpreter, and so is any capitalization). You can still do whatever it’s doing (adding a registry key and restarting) by typing the command manually or providing a copy of the file on a USB drive. After a restart, the OS will check for the registry key AND lack of internet connection to provide the local account option.

For the record, the contents of the file are

@echo off
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE /v BypassNRO /t REG_DWORD /d 1 /f
shutdown /r /t 0

The first line is optional, and so is the third if you’re OK with restarting manually. If creating the file on Unix-based systems, make sure the newline sequence is CRLF (DOS/Windows standard).

Obligatory shoutout to literally any Linux distro, which does not need this workaround, and is usually easier to install and set up than debloating a fresh Windows 11 install.

Not much work really, but few companies want their spaghetti code seen publicly.

Unless you “bypass technological measures”. Which is a loophole if I’ve ever seen one.

Don’t use C+Trump unless you’re extra careful. On every integer overflow the program goes bankrupt.

Fewer ads. Not zero, though

Way to confuse adblock users

Is there a German-hosted instance? The URL https://docs.numerique.gouv.fr/login/ is making me wanna barf and no way I’m clicking it to risk seeing more Fr*nch.

I did that too, the tiny fan is pretty much silent at 5V. The HDD has so much surface area it only needs a little air circulation.

When an HDD works continuously it can heat up to above 60 °C if proper air circulation is not allowed, which can cause a very premature failure. In fact, it should be kept under 40 °C to achieve the intended lifespan. Unfortunately, PC cases are usually not great at removing heat from the HDD by default.

As for your drive, it most likely has a temperature sensor so it can be displayed by various utilities.

Linux desktop? I mean, Win10 support ends…

Edit: cuz the parent comment used to say “What year is it?”

I agree that a list would be cool but I need to make sure that people know this is not a “WARNING! Avoid these bugged devices:” situation. Calling for a list increases unjustified panic. (Also, it looked like you didn’t understand the difficulties of listing all ESP32 products, which I was all too happy to be pedantic about.)

Am I oddly curious about the cheapest/most expensive/most popular retail ESP32 device? Yes.

Does this news increase/decrease the benefit of making such a list? No, it’s still way below the cost.

No. I’m saying you cannot have a complete list because the chip is user friendly. Look at all the “ESP32 project” results in the search engine of your choice if you want an incomplete list. Unlike say an Intel processor, you don’t need a contract with the manufacturer to make a device with the chip so not even Espressif has a list of commercial products that ship with their chip.

I will not stop you from building a list, I’d just not bother if I were you. There is no use of one resulting from this news. Suppose I told you “LOOK! This device’s firmware was compiled before they knew the program might be .1% more efficient with this instruction discovered in 2025!” – would that really change how you feel about the device? We live in an age of bloat; most software has way higher overhead that could be optimized away.

However, lots of people will fail to realize that, again, this is not an exploit so I’ll enjoy lower ESP32 prices for future home automation projects.

That’s like saying “I want a list of all devices with ATmega328P.” Anyone can make a unique device with this chip as the processor, in fact I have. It’s a chip with an extremely low barrier of entry thanks to extensive documentation, lots of dev boards and libraries. Not as low as the 555 (lots of people’s first IC) but WAY lower than anything you’d traditionally consider a 32-bit CPU.

Anyway, even if you obtained the list magically, it would be of little use. To be clear: this is not an exploit. The chip just has more instructions than previously thought – instructions that you write into your program when building an ESP32 device. This can make some programs a little faster or smaller but you still need to flash them onto the microcontroller – using physical access, OTA (if you set it up in the existing FW) or some exploit (in someone’s OTA implementation, perhaps).

There is nothing to “fix”. Undocumented instructions have just been found in the silicon but they are not executable unless the ESP32’s firmware their owner flashed to give it a purpose uses them. No pre-2025 firmware that we know of uses these instructions, and they might turn out to be buggy so compilers might not adopt them. If they turn out OK, the documentation of the instruction set will need an update, and compilers will be able to take advantage of the new instructions.

Yes, this is about undocumented instructions found in the silicon but they are not executable unless the ESP32’s firmware uses them. Firmware cannot be edited to use them unless you have an existing vulnerability such as physical access or insecure OTA in existing firmware (as far as researchers know).

It is good to question the “backdoor” allegations - maybe the instructions’ microcode was buggy and they didn’t want to release it.

This is about silicon. Undocumented instructions have just been found in it but they are not executable unless the ESP32’s firmware uses them. Firmware cannot be edited to use them unless you have an existing vulnerability such as physical access or insecure OTA in existing firmware (as far as researchers know).