Aaron44126

New post on the input module and expansion module connectors for Framework Laptop 16. https://frame.work/blog/framework-laptop-16-deep-dive---connectors

It *is* normal to need to enter the BitLocker key to get into safe mode. You can avoid this by suspending BitLocker before you try to enter safe mode... but of course you can only do that if your trip to safe mode is "planned".

I watched the video. There are some spots where I think that Apple could step in to cause trouble. First off, the "pypush" demo included an Apple serial number in the config, and if Beeper Mini is similarly using one serial number for all of its sessions, I don't see why Apple wouldn't just block it. It is a clear terms of service violation. I don't think they'd start blocking "serial numbers hosting a large number of Apple accounts" as they could be used by enterprise customers as you say, but if they are able to find a serial number of a pool of serial numbers being specifically used by Beeper, then that's another story. ...Beeper could get around this by generating unique serial numbers for every user, and adding some mechanism to have you generate a new one if something is not working with the one that you have. There are well-known ways to generate serials; I messed with this when I was doing my macOS VM setup to get it happy with iMessage. The other is their notifications bridge. Beeper runs its own connection to the Apple Push Notifications service in its cloud, and when a notification comes in, it triggers the phone app to wake up and connect to an Apple server to see what the message is. The behavior of a notification going to one device immediately triggering a connection to come in from a different device is not normal behavior for an Apple device, and if Apple were able to key in on this behavior, that's another thing they could use as the starting point for a block. (Also, they could pay attention to whatever IP range Beeper's notification bridge is running out of... which they could find easily enough by just running their own Beeper Mini instances and seeing where the connections come from.) The app does have an option to turn off push notifications and that would remove this "vulnerability". Also. iMessage spam is starting to become more of a thing (I'm starting to get these once or twice a month myself), so I wouldn't be surprised to find Apple cracking down on how iMessage authentication works and trying harder to lock it down to specific (verified) devices in any case.

That is odd. When you first boot up a Dell system (in the factory, or after having the motherboard replaced with a brand new one) it is supposed to go through some initial BIOS screens and ask you to input the service tag, set the vPro support level, and maybe a couple of other things. It sounds like this is what he ran into? I have no idea why. On older systems you could "trick" the system into going back to this stage so that you could change the service tag (I remember doing this on an Inspiron 5150 after I swapped out the motherboard by myself) but my impression was that with newer systems it is locked down after you go through this process once.

Yeah, Nouveau should work decently for office/desktop stuff, but if you're going to do actual 3D workloads....... it is known to have "poor" performance when compared to the actual official NVIDIA drivers.

Honestly I'm surprised that this wasn't done sooner. Clearly you can run iMessage on non-Apple hardware. (I ran it in a macOS VM on a Dell Precision M6700 for years.) The protocol isn't that complicated. The "trick" is just getting through the initial steps of registering a device with Apple to get encryption keys and such, and it looks like that is what this high school student figured out. Apple could try to update things server-side to close this loophole, but if the Beeper implementation is good, Apple won't be able to do that without also breaking iMessage support on older devices. (You can still use iMessage on like iOS 9 and older devices. They've been good about keeping their cloud stuff working even after they end OS support for old hardware.)

Oracle Linux is basically a RHEL/CentOS derivative, right? Solid, but probably not the best choice for a laptop, since the intended use is servers/workstations and I doubt that they pay a lot of attention to driver support for many different types of laptops. With regards to the FX3800, I do not think that is supported in the latest NVIDIA drivers. I think you'd need 390.xx drivers for that one? You could either use Nouveau (probably fine for "office" workloads) or find a repo with old NVIDIA drivers. Ubuntu's driver team has a PPA with legacy NVIDIA drivers available in it (with current security updates, if available). Not sure if there is something similar for Fedora.

Microsoft is going to offer three years of extended support security updates for Windows 10, stretching its EOL from late 2025 to late 2028. No pricing yet, but they will be allowing individual consumers to buy into the program. When they did this for Windows 7, they upped the price each year that the program was active to further nudge people to move off. https://arstechnica.com/gadgets/2023/12/windows-10-gets-three-more-years-of-security-updates-if-you-can-afford-them/ https://www.theverge.com/2023/12/5/23988896/microsoft-windows-10-extended-security-updates-consumers-paid https://www.neowin.net/news/windows-10-will-get-three-years-of-extended-security-updates/ (Probably easier to just Windows 10 Enterprise IOT LTSC, which will be supported through 2031 and no extra cost for updates if you somehow manage to purchase a license.)

iMessage has apparently been reverse-engineered. Beeper has taken advantage of this and created a new "Beeper Mini" app for Android, which allows for iMessage access and end-to-end encryption without a Mac intermediary server. https://arstechnica.com/gadgets/2023/12/beeper-mini-on-android-claims-to-have-reverse-engineered-imessage-compatibility/ https://blog.beeper.com/p/how-beeper-mini-works

I'm also using Firefox ESR (+ uBlock Origin, and extra Mozilla "fluff" like Pocket disabled). I saw the stuff about Google changing up how YouTube ads work more frequently to get around ad blockers, but I have been on YouTube a little bit in the past few days and I have not yet run across any ads. ...I think I also saw a post from the uBlock guys stating that there might be times while YouTube is briefly unavailable when they have to update their scripts or lists or whatever, to keep up with Google's changes, but I haven't run into this yet. uBlock Origin saves the Internet for me. I'm glad that I switched to Firefox a couple of years ago ... using a mainstream Chromium-based browser will be untenable soon.

Yes, disabling switchable graphics puts your system in dGPU-only mode, with all outputs driven by the dGPU. This is the case for all Dell Precision mobile workstations since graphics switching was introduced (M6500 or M6600 generation?) through today. There is a way to get to iGPU-only mode in the M4800/M6800. It is ....... physically remove the dGPU. The system will boot up and work off of the iGPU. Dell never shipped systems with this configuration, so it is not "supported", but I wonder what that would do with this HDMI mux. Not that it really matters for your use case. (Most Precision systems will boot without a dGPU card installed and just use the iGPU. However, Precision 7X30/7X40/7X50/7X60 systems will not boot without a dGPU, unless there is an iGPU pass-through card in place. Starting with 7X70, it will boot with the dGPU card slot completely unoccupied again.)

Yeah, that stinks, looks like a single pixel 😕 I guess it just showed bright against the dark background in your photo above. You can ask Asus but they probably have a policy regarding how many stuck pixels warrant a warranty replacement of the display panel. (Maybe unless the system is brand new, they'd be willing to swap it out for different unit, but you said you've had it for a few months now.) It might be possible to source a panel aftermarket but I've never found an aftermarket company/source that was willing to commit to zero pixel issues, so no telling what you'd get. (I myself would be willing to pay a little extra to ensure a panel with no defects!) There are lots of "tricks" to try to jog a stuck pixel into working properly again (pressure, animations you can run), but I have never had success with any of these.

That looks like more than one pixel to me, but with the low sharpness it is hard to tell for sure. Some options to check: Get out an image editor that lets you mark a single pixel. Put it at 100% zoom and see how many you can place without being able to see them. I use Paint.net and the pencil tool, which will color a single pixel on the image. You can scroll the image to move your markings into and out of the dead pixel spot. If you have a camera with "macro mode" (I'm thinking a real digital camera or a decent point-and-shoot camera, not a phone camera) then you should be able to take an in-focus up-close image of the screen where you can actually see the individual pixels. Use a light background so that the boundaries between pixels can be seen easily. Then you can just count them, and even send it along to Asus for your RMA. (I had a group of six stuck pixels in a Precision 7770 earlier this year. Been through this 😕)

I feel like the dedicated USB-C power port was an issue in early systems that used USB-C for power, but most new systems support power input from any USB-C port, so that issue should be going away. Hopefully as you suggest, if they get rid of the AC port then they will fill the space with an additional USB-C port. I can see the appeal of a future where there are only USB-C ports and everything that you plug in "just works", but I think we are a ways off from that yet. Regarding the "who knows what this USB device is doing" (your hotel room example), that's one thing that I do like about macOS, which prompts to ask if it is "OK" when plugging in a USB data device before allowing the OS to interact with it. There's a similar thing on iOS; basic I/O devices will be connected without a prompt, but if a USB device wants to access stuff on the phone then it must first be marked "trusted" and you have to enter your phone passcode for that. I know Dell has BIOS options to disable certain Thunderbolt functions for security, but I don't think there are any just for plain USB(-C). But, you can get USB "power-only" adapters or cables that will physically block the data pins and only allow the power pins to connect... though I don't know off hand if those would work with the new high-capacity power chargers.

I'm skeptical about this, but maybe? I've had a M6700 and a M4800 and both of them only allowed the HDMI to be used by the dGPU. The only options for direct iGPU output were the VGA port, or in the case of the M4800(+M6800), a "new" option for one of the dock DP ports to be connected to the iGPU. Maybe that toggle also affects the HDMI port even though in the BIOS it specifically references a dock port. (I pretty much always used my M4800 docked so I might not have tried that.) I remember caring about direct iGPU output because I had some applications that misbehaved if you had a split iGPU/dGPU display setup going on.

Yeah, unless there is some way you can "hot swap" the dGPU between the host and guest depending on whether you need the VM on or not.

You must have a dGPU to make use of the HDMI and DP ports on the system, since they are hard-wired to the dGPU. However, there is a BIOS option to attach one DP port on the ePort dock to the iGPU.

Yes, this is a stupid but known thing. Get to safe mode, go to Device Manager, and disable the "NVIDIA platform controller & framework" device under "Software devices". You should then be able to boot normally. To avoid this, you have to run an older version of the NVIDIA driver (I think 511.x and older is safe). You can also enable Intel TurboBoost 3.0 or some such setting in the BIOS to avoid this, but Dell removed that option in the latest BIOS updates, which is probably why you ran into this right after you updated the BIOS. If you don't downgrade the NVIDIA driver or the BIOS, then watch out for future NVIDIA driver updates or Windows major upgrades which might "un-disable" this device. (Hopefully, NVIDIA or Dell eventually fixes this so that we don't have to worry forever.)

If the system came with an eSATA port (i.e. it is not being added by an expansion card), something attached there "should" show up like any other SATA drive and be bootable. (This is bringing me back to the days of trying to boot off of SATA expansion cards in like 2005. I had to select the BIOS option to boot a RAID card in order to boot a drive attached to a SATA expansion card.) You might also be able to boot off of just a USB drive, like a flash drive or USB hard drive. Most BIOS allow this, and while Windows doesn't like to do it, Linux-type OS's typically have no problem.

If you have the SSD installed with an "adapter" in a slot that you normally wouldn't use for a drive, you possibly won't be able to boot it directly from the BIOS. Windows doesn't technically require that the boot/EFI partition and the OS partition be on the same drive. You will need to install the Windows boot loader on a drive that the BIOS can boot, and have it boot the OS partition on your desired SSD. This will probably take a manual install of the bootloader using bcdboot, and possibly some mucking with bcdedit. You can run both of these tools from the command prompt that you can access by booting install media and opening the recovery tools. You could also probably use GRUB (Linux boot loader) installed on a BIOS-bootable drive to chainload to the Windows boot loader on a different drive.

The fans are controlled by the Dell embedded controller. The Radeon software can't do anything about them. You do have some options for manual control. SpeedFan or HWiNFO64 can be used to set the fan speed, plus some tools that I produced (but don't maintain anymore) linked in signature.

Yeah, I looked at doing that but it says my license is not eligible for renewal a second time. They must have some time cap on how far you can push it out.

CrossOver 23.7 is out today with GPTK 1.1 and MSync built-in. MSync is a new-ish Wine synchronization feature designed specifically for macOS and has been shown to drastically improve performance in some games (CPU-constrained games in particular, I think). Here, Andrew Tsai shows Cyberpunk 2077 going from mid-30's FPS to 80+ FPS when MSync is turned on (but "more investigation required"). CodeWeavers has really been on a roll with their CrossOver 23.x release updates. I've thought about this, but they are known to offer good sales every year around Black Friday / Cyber Monday... If you can get a one-year extension each year for ≈$10, I'll take that over paying hundreds for a lifetime license.

I knew about the CodeWeavers sale but didn't realize that you could "renew" early like this. Following your lead, I just went and bought a cheap year extension even though my license was not up until August 2024 (now August 2025). Hopefully this works every year!

GeForce 1070 will not work in a Precision M6800 unless you are wanting to just run Linux, or are willing to really get down and muck with the BIOS to get past a Windows ACPI BSOD.