Last night, my wife looks up from her computer, troubled. She tells me she can’t log into her computer running Windows 11, as every time she enters the PIN code to her account, the login screen throws up a cryptic error: “Your credentials could not be verified”. She’s using the correct PIN code, so that surely isn’t it. We opt for the gold standard in troubleshooting and perform a quick reboot, but that doesn’t fix it. My initial instinct is that since she’s using an online account instead of a local one, perhaps Microsoft is having some server issues? A quick check online indicates that no, Microsoft’s servers seem to be running fine, and to be honest, I don’t even know if that would have an effect on logging into Windows in the first place.

The Windows 11 login screen does give us a link to click in case you forget your PIN code. Despite the fact the PIN code she’s entering is correct, we try to go through this process to see if it goes anywhere. This is where things really start to get weird. A few dialogs flash in and out of existence, until it’s showing us a dialog telling us to insert a security USB key of some sort, which we don’t have. Dismissing it gives us an option to try other login methods, including a basic password login. This, too, doesn’t work; just like with the PIN code, Windows 11 claims the accurate, correct password my wife is entering is invalid (just to be safe, we tested it by logging into her Microsoft account on her phone, which works just fine).

In the account selection menu in the bottom-left, an ominous new account mysteriously appears: WsiAccount.

The next option we try is to actually change the PIN code. This doesn’t work either. Windows wants us to use a second factor using my wife’s phone number, but this throws up another weird error, this time claiming the SMS service to send the code isn’t working. A quick check online once again confirms the service seems to be working just fine for everybody else. I’m starting to get really stumped and frustrated.

Of course, during all of this, we’re both searching the web to find anything that might help us figure out what’s going on. None of our searches bring up anything useful, and none of our findings seem to be related to or match up with the issue we’re having. While she’s looking at her phone and I’m browsing on my Fedora/KDE PC next to hers, she quickly mentions she’s getting a notification that OneDrive is full, which is odd, since she doesn’t use OneDrive for anything.

We take this up as a quick sidequest, and we check up on her OneDrive account on her phone. As OneDrive loads, our jaws drop in amazement: a big banner warning is telling her she’s using over 5500% of her 5GB free account. We look at each other and burst out laughing. We exchange some confused words, and then we realise what is going on: my wife just got a brand new Samsung Galaxy S25, and Samsung has some sort of deal with Microsoft to integrate its services into Samsung’s variant of Android. Perhaps during the process of transferring data and applications from her old to her new phone, OneDrive syncing got turned on? A quick trip to the Samsung Gallery application confirms our suspicions: the phone is synchronising over 280GB of photos and videos to OneDrive.

My wife was never asked for consent to turn this feature on, so it must’ve been turned on by default. We quickly turn it off, delete the 280GB of photos and videos from OneDrive, and move on to the real issue at hand.

Since nothing seems to work, and none of what we find online brings us any closer to what’s going on with her Windows 11 installation, we figured it’s time to bring out the big guns. For the sake of brevity, let’s run through the things we tried. Booting into safe mode doesn’t work; we get the same login problems. Trying to uninstall the latest updates, an option in WinRE, doesn’t work, and throws up an unspecified error. We try to use a restore point, but despite knowing for 100% certain the feature to periodically create restore points is enabled, the only available restore point is from 2022, and is located on a drive other than her root drive (or “C:\” in Windows parlance). Using the reset option in WinRE doesn’t work either, as it also throws up an error, this time about not having enough free space. I also walk through a few more complex suggestions, like a few manual registry hacks related to the original error using cmd.exe in WinRE. None of it yields any results.

It’s now approaching midnight, and we need to get up early to drop the kids off at preschool, so I tell my wife I’ll reinstall her copy of Windows 11 tomorrow. We’re out of ideas.

The next day, I decide to give it one last go before opting for the trouble of going through a reinstallation. The one idea I still have left is to enable the hidden administrator account in Windows 11, which gives you password-free access to what is basically Windows’ root account. It involves booting into WinRE, loading up cmd.exe, and replacing utilman.exe in system32 with cmd.exe:

move c:\windows\system32\utilman.exe c:\
copy c:\windows\system32\cmd.exe c:\windows\system32\utilman.exe

If you then proceed to boot into Windows 11 and click on the Accessibility icon in the bottom-right, it will open “utilman.exe”, but since that’s just cmd.exe with the utilman.exe name, you get a command prompt to work with, right on the login screen. From here, you can launch regedit, find the correct key, change a REG_BINARY, save, and reboot. At the login screen, you’ll see a new “adminstrator” account with full access to your computer.

During the various reboots, I do some more web searching, and I stumble upon a post on /r/WindowsHelp from 7 months ago. The user William6212 isn’t having the exact same issues and error messages we’re seeing, but it’s close enough that it warrants a look at the replies. The top reply by user lemonsandlimes30 contains just two words:

storage full

↫ lemonsandlimes30, the real MVP

And all of a sudden all the pieces of the puzzle fall into place. I instantly figure out the course of events: my wife gets her new Galaxy S25, and transfers over the applications and data from her old phone. During this setup process, the option in the Samsung Gallery application to synchronise photos and videos to OneDrive is enabled without her consent and without informing her. The phone starts uploading the roughly 280GB of photos and videos from her phone to her 5GB OneDrive account, and she gets a warning notification that her OneDrive storage is a bit full.

And now her Windows 11 PC enters the scene. Despite me knowing with 100% certainty I deleted OneDrive completely off her Windows 11 PC, some recent update or whatever must’ve reinstalled it and enabled its synchronisation feature, which in turn, right as my wife’s new phone secretly started uploading her photos and videos to OneDrive, started downloading those same photos and videos to her Windows 11’s relatively small root drive. All 280GB of them.

Storage full.

The reboots were done, and indeed, the secret passwordless administrator account was now available on the login screen. I log in, wait for Windows 11’s stupid out-of-box-experience thing to run its course, immediately open Explorer, and there it is: her root drive is completely full, with a mere 25MB or so available. We go into her account’s folder, delete the OneDrive folder and its 280GB of photos and videos, and remove OneDrive from her computer once again. Hopefully this will do the trick.

It didn’t. We still can’t log in, as the original issue persists. I log back into the administrator account, open up compmgmt.msc, go to Users, and try to change my wife’s password. No luck – it’s an online account, and it turns out you can’t change the password of such an account using traditional user management tools; you have to log into your Microsoft account on the web, and change your password there. After we do this, we can finally log back into her Windows 11 account with the newly-set password.

We fixed it.

Darkest of patterns

My wife and I fell victim to a series of dark patterns that nearly rendered her Windows 11 installation unrecoverable. The first dark pattern is Samsung enabling the OneDrive synchronisation feature without my wife’s consent and without informing her. The second dark pattern is Microsoft reinstalling OneDrive onto my wife’s PC without my wife’s consent and without informing her. The third dark pattern is OneDrive secretely downloading 280GB of photos and videos without once realising this was way more data than her root drive could store. The fifth and final dark pattern runs through all of this like a red thread: Microsoft’s insistence on forcefully converting every local Windows 11 user account to an online Microsoft account.

This tragedy of dark patterns then neatly cascaded into a catastrophic comedy of bugs, where a full root drive apparently corrupts online Microsoft accounts on Windows 11 so hard they become essentially unrecoverable. There were no warnings and no informational popups. Ominous user accounts started to appear on the login screen. Weird suggestions to use corporate-looking security USB keys pop up. Windows wrongfully tells my wife the PIN code and password she enters are incorrect. The suggestion to change the password or PIN code breaks completely. All the well-known rescue options any average user would turn to in WinRE throw up cryptic errors.

At this point, any reasonable person would assume their Windows 11 installation was unrecoverable, or worse, that some sort of malware had taken over their machine – ominous “WsiAccount” and demands for a security USB key and all. The only course of action most Windows users would take at this point is a full reinstallation. If it wasn’t for me having just enough knowledge to piece the puzzle together – thank you lemonsandlimes30 – we’d be doing a reinstallation today, possibly running into the issue again a few days or weeks later.

No sane person would go this deep to try and fix this problem.

This cost us hours and hours of our lives, causing especially my wife a significant amount of stress, during an already very difficult time in our lives (which I won’t get into). I’m seething with rage towards Microsoft and its utter incompetence and maliciousness. Let me, for once, not mince words here: Windows 11 is a travesty, a loose collection of dark patterns and incompetence, run by people who have zero interest in lovingly crafting an operating system they can be proud of. Windows has become a vessel for subscriptions and ads, and cannot reasonably be considered anything other than a massive pile of user-hostile dark patterns designed to extract data, ad time, and subscription money from its users.

If you can switch away and ditch Windows, you should. The ship is burning, and there’s nobody left to put out the fires.

Intel is in very dire straits, and as such, the company needs investments and partnerships more than anything. Today, NVIDIA and Intel announced just such a partnership, in which NVIDIA will invest $5 billion into the troubled chip giant, while the two companies will develop products that combine Intel’s x86 processors with NVIDIA’s GPUs.

For data centers, Intel will build NVIDIA-custom x86 CPUs that NVIDIA will integrate into its AI infrastructure platforms and offer to the market.

For personal computing, Intel will build and offer to the market x86 system-on-chips (SOCs) that integrate NVIDIA RTX GPU chiplets. These new x86 RTX SOCs will power a wide range of PCs that demand integration of world-class CPUs and GPUs.

↫ NVIDIA press release

My immediate reaction to this news was to worry about the future of Intel’s ARC graphics efforts. Just as the latest crop of their ARC GPUs have received a ton of good press and positive feedback, with some of their cards becoming the go-to suggestion for a budget-friendly but almost on-par alternative to offerings from NVIDIA and AMD, it would be a huge blow to user choice and competition if Intel were to abandon the effort.

I think this news pretty much spells the end for the ARC graphics effort. Making dedicated GPUs able to compete with AMD and NVIDIA must come at a pretty big financial cost for Intel, and I wouldn’t be surprised if they’ve been itching to find an excuse to can the whole project. With NVIDIA GPUs fulfilling the role of more powerful integrated GPUs, all Intel really needs is a skeleton crew developing the basic integrated GPUs for cheaper and non-gaming oriented devices, which would be a lot cheaper to maintain.

For just $5 billion dollars, NVIDIA most likely just eliminated a budding competitor in the GPU space. That’s cheap.

GNOME 49 has been released, and it’s got a lot of nice updates, improvements, and fixes for everyone. GNOME 49 finally replaces the ageing Totem video player with Showtime, and Evince, GNOME’s document viewer, is replaced by the new Papers. Both of these new applications bring a modern GTK4 user interface to replace their older GTK3 counterparts. Papers supports a ton of both document-oriented as well as comic book formats, and has annotation features.

We’ve already touched on the extensive accessibility improvements in GNOME Calendar, but other applications have been improved as well, such as Maps, Software, and Web. Software’s improvements focus on improving the application’s performance, especially when dealing with Flatpaks from Flathub, while Web, GNOME’s web browser, comes with improved ad blocking and optional regional blocklists, better bookmark management, improved security features, and more.

The remote desktop experience also saw a lot of work, with multitouch input support, extended virtual monitors, and relative mouse input. For developers, GNOME 49 comes with the new GTK 4.20, the latest version of Glib, and Libadwaita 1.8, released only a few days ago. It brings a brand new shortcuts information dialog as its most user-facing feature, on top of a whole bunch of other, developer-oriented features.

GNOME 49 will find its way to your distribution of choice soon enough.

It’s 2025, and yes, you can still install and run a modern Linux distribution like Debian through a real hardware terminal.

While I have used a terminal with the Pi, I’ve never before used it as a serial console all the way from early boot, and I have never installed Debian using the terminal to run the installer. A serial terminal gives you a login prompt. A serial console gives you access to kernel messages, the initrd environment, and sometimes even the bootloader.

This might be fun, I thought.

↫ John Goerzen at The Changelog

It seems Debian does a lot of the correct configurations for you, but there’s still a few things you’ll need to manually change, but none of it seems particularly complicated. Once the installation is completed, you have a system that’s completely accessible and usable from a hardware terminal, which, while maybe not particularly important in this day and age of effortless terminal emulators, is still quite a cool thing to have.

Some time ago, people noticed that buried in the Windows Bluetooth drivers is the hard-coded name of the Microsoft Wireless Notebook Presenter Mouse 8000. What’s going on there? Does the Microsoft Wireless Notebook Presenter Mouse 8000 receive favorable treatment from the Microsoft Bluetooth drivers? Is this some sort of collusion?

No, it’s not that.

↫ Raymond Chen

So, what is the actual problem? It’s a funny one: an encoding mistake. The device local name string for a device needs to be encoded in UTF-8, and that’s where the developers of the Microsoft Wireless Notebook Presenter Mouse 8000 made a mistake. The string contains a registered trademark symbol – ® – but they encoded it in code page 1252, which not only isn’t allowed, but gets rejected completely.

So, Windows’ Bluetooth drivers have a table that contains the wrong name for a driver, accompanied by the right name to use. This mouse is the only entry.

Java 25 has been released.

JDK 25, the reference implementation of Java 25, is now Generally Available. We shipped build 36 as the second Release Candidate of JDK 25 on 15 August, and no P1 bugs have been reported since then. Build 36 is therefore now the GA build, ready for production use.

↫ Java 25/JDK 25 release announcement

If you want to dive into the details about this new release, feel free to peruse the long, long list of improvements and changes.

It’s release day for all of Apple’s operating systems, so if you’re fully or only partway into the ecosystem, you’ve got some upgrades ahead of you. Version 26 for macOS, iOS and iPadOS, watchOS, tvOS, visionOS, and HomePod Software have all been released today, so if you own any device running any of these operating system, it’s time to head on over to the update section of the settings application and wait for that glass to slowly and sensually liquefy all over your screens.

Do put a sock on the doorknob.

I recently implemented a minimal proof of concept time-sharing operating system kernel on RISC-V. In this post, I’ll share the details of how this prototype works. The target audience is anyone looking to understand low-level system software, drivers, system calls, etc., and I hope this will be especially useful to students of system software and computer architecture.

[…]

Finally, to do things differently here, I implemented this exercise in Zig, rather than traditional C. In addition to being an interesting experiment, I believe Zig makes this experiment much more easily reproducible on your machine, as it’s very easy to set up and does not require any installation (which could otherwise be slightly messy when cross-compiling to RISC-V).

↫ Uros Popovic

This is not the first, and certainly not the last, operating system implemented from scratch as a teaching exercise, both for the creator itself, as well as for others wanting to follow along. This time it’s developed for RISC-V, and in an interesting twist, programmed in Zig (no Rust for once!).

It may be arcane knowledge to most users of UNIX-like systems today, but there is supposed to be a difference between /usr/bin and /usr/sbin; the latter is supposed to be for “system binaries”, not needed by most normal users. The Filesystem Hierarchy Standard states that sbin directories are intended to contain “utilities used for system administration (and other root-only commands)”, which is quite vague when you think about it. This has led to UNIX-like systems basically just winging it, making the distinction almost entirely arbitrary.

For a long time, there has been no strong organizing principle to /usr/sbin that would draw a hard line and create a situation where people could safely leave it out of their $PATH. We could have had a principle of, for example, “programs that don’t work unless run by root”, but no such principle was ever followed for very long (if at all). Instead programs were more or less shoved in /usr/sbin if developers thought they were relatively unlikely to be used by normal people. But ‘relatively unlikely’ is not ‘never’, and shortly after people got told to ‘run traceroute’ and got ‘command not found’ when they tried, /usr/sbin (probably) started appearing in $PATH.

↫ Chris Siebenmann

As such, Fedora 42 unifies /usr/bin and /usr/sbin, which is kind of a follow-up to the /usr merge, and serves as a further simplification and clean-up of the file system layout by removing divisions and directories that used to make sense, but no longer really do. Decisions like these have a tendency to upset a small but very vocal group of people, people who often do not even use the distribution implementing the decisions in question in the first place. My suggestions to those people would be to stick to distributions that more closely resemble classic UNIX.

Or use a real UNIX.

Anyway, these are good moves, and I’m glad most prominent Linux distributions are not married to decisions made in the ’70s, especially not when they can be undone without users really noticing anything.

Google continues putting nails in the coffin that is the Android Open Source Project. This time, they’re changing the way they handle security updates to appease slow, irresponsible Android OEMs, while screwing over everyone else. The basic gist is that instead of providing monthly security updates for OEMs to implement on their Android devices, Google will now move to a quarterly model, publishing only extremely severe issues on a monthly basis.

The benefit for OEMs is that for most vulnerabilities, they get three months to distribute (most) fixes instead of just one month, but the downsides are also legion. Vulnerabilities will now be out in the wild for three months instead of just one, and while they’re shared with OEMs “privately”, we’re talking tends of thousands of pairs of eyes here, so “privately” is a bit of a misnomer. The dangers are obvious; these vulnerabilities will be leaked, and they will be abused by malicious parties.

Another massive downside related to this change is that Google will now no longer be providing the monthly patches as open source within AOSP, instead only releasing the quarterly patch drops as open source. This means exactly what you think it does: no more monthly security updates from third-party ROMs, unless those third-party ROMs choose to violate the embargo themselves and thus invite all sorts of problems.

Extending the patch access window from one month to three is absolutely insane. Google should be striving to shorten this window as much as possible, but instead, they’re tripling it in length to create a false sense of security. OEMs can now point at their quarterly security updates and claim to be patching vulnerabilities as soon as Google publishes them, while in fact, the unpatched vulnerabilities will have been out in the wild for months by that point.

This change is irresponsible, misguided, and done only to please lazy, shitty OEMs to create a false sense of security for marketing purposes.

Celebrate classic Psion machines with us, from the original Organiser, through the Series 3 and Series 5, all the way to the netBook. Get help with your classic palmtop computer, or help to develop software and hardware that will bring these devices into the 21st Century.

↫ Psion Community website

A brand new one-stop shop for everything related to keeping Psion machines going. A library of all the software, lists of all the ROM images, tons of development resources, and much more.

More than three years in the making, with a concerted effort starting last year, my CPU-time profiler landed in Java with OpenJDK 25. It’s an experimental new profiler/method sampler that helps you find performance issues in your code, having distinct advantages over the current sampler. This is what this week’s and next week’s blog posts are all about. This week, I will cover why we need a new profiler and what information it provides; next week, I’ll cover the technical internals that go beyond what’s written in the JEP. I will quote the JEP 509 quite a lot, thanks to Ron Pressler; it reads like a well-written blog post in and of itself.

↫ Johannes Bechberger

There’s also a third entry detailing queue sizing, and a fourth entry going into the removal of redundant synchronisation.

I’m not really into the niche of “virtual YouTubers” – people who post YouTube videos and/or stream using a virtual avatar – but to each their own, and if this technology enables people to remain anonymous while doing what they love on YouTube or Twitch, I’m all for it. Since these virtual avatars also do things like face-tracking, there’s a whole cottage industry of software tools to make this all work, but Adrian “asie” Siekierka decided to take a look at where the training data used to make such face-tracking work actually comes from.

One day, some years ago, I decided to look at the data used to train OpenSeeFace. OpenSeeFace is the most popular open source face tracking solution for virtual YouTubers. It is supported by both open source and commercial model rendering tools; in particular, VTube Studio allows using it as an option for webcam tracking.

↫ Adrian “asie” Siekierka

The results of the investigation are not exactly great. Much of the data used by OpenSeeFace comes with serious restrictions on commercial use, and many of the underlying datasets contain images that you would need consent for from the people inside the image to actually use. On top of that, a lot of these data sets seem to have just scraped the internet for images of faces without asking anyone of the people in those images for consent, which raises a whole number of troubling issues.

I find this a very interesting topic of discussion, if only because you’d be hard-pressed to argue that the average cartoon-esque virtual avatars even remotely resemble real human faces, so it’s not like you’re going to suddenly run into your own face somewhere on YouTube or Twitch, but plastered into another person. On the other hand, the underlying datasets still contain a ton of people’s faces without those people’s consent, and even for those that did give consent, there’s often a commercial use restriction which earning revenue on YouTube or Twitch might violate.

It’s a fascinating microcosm of a whole slew of issues we’re dealing with right now, neatly contained in a relatively small niche.

Who doesn’t love a desktop-oriented hobby operating system to start off the weekend?

SkiftOS is a hobbyist operating system built from the ground up with a focus on modularity, simplicity, and modern design principles. Driven by a dissatisfaction with the fragmented user experiences prevalent in contemporary operating systems, SkiftOS strives for deep integration and a cohesive aesthetic. This project is a labor of love—an artistic pursuit rather than a commercial product.

↫ SkiftOS gitHub page

Reading through the GitHub page and SkiftOS’ actual website, it reminds me so, so much of the desktop-oriented hobby operating systems of the early 2000s, like AtheOS, SkyOS, and others. It has its own microkernel, C++ core library, package manager, reactive UI framework, an entire desktop environment, and even a browser engine. This operating system is remarkably complete in the features that it already offers, especially considering its hobby status.

The desktop environment is called Hideo, and it’s remarkably beautiful when you consider we’re talking about a hobby operating system. It comes with a variety of applications, too, mostly covering the basics we’ve come to expect from a desktop operating system, like a text editor, archive manager, task manager, image viewer, media player, a file manager, and so on. Meanwhile, the browser engine is called Vaev and is highly experimental, but its existence illustrates just how broad this project really is.

I haven’t been able to find some time to run it yet, but if you’re interested, they advise you to run it using qemu. While running it on real hardware is technically possible, it’s not advisable due to the alpha state of the operating system.