Can you still install Windows 11 without a Microsoft account in 2025?

Yes. Even though Microsoft removed the old cxh:local workaround, you can still create a local account during Windows 11 setup using a command script. Press Shift+F10 during OOBE to open Command Prompt, then download and run the bypass script from bikrambhujel.com.np/bypass.

Does the cxh:local trick still work on Windows 11?

No. Microsoft patched the cxh:local method in recent Windows 11 builds. The current working method is to use a registry-based bypass script during the Out-of-Box Experience (OOBE) setup phase.

What is the bypassnro script for Windows 11?

The bypassnro script is a small batch file that tweaks a Windows registry key to skip the network and Microsoft account requirement during Windows 11 OOBE setup. The source code is available at github.com/BikramBhujel/bypassnro and can be downloaded directly during setup using the curl command.

How do I open Command Prompt during Windows 11 setup?

During the Windows 11 Out-of-Box Experience (OOBE), press Shift+F10 on your keyboard. This opens a Command Prompt window directly within the setup environment without needing to complete installation first.

Is it safe to install Windows 11 with a local account?

Yes. A local account is a traditional Windows account stored on your device only, with no connection to Microsoft servers. It gives you full control over your machine without requiring an internet connection or Microsoft login. The bypass method only modifies a temporary registry key during setup.

Bikram Bhujel

Q: Can I use a laptop as a second monitor without software?

Yes, Windows includes a built-in Wireless Display feature.

Q: Why is my second monitor lagging?

Lag is usually caused by weak Wi-Fi. Use Ethernet for better performance.

Q: Can I use a phone or tablet as a second monitor?

Yes, spacedesk allows mobile devices to work as second screens.

Share Mobile Internet to Router via Ethernet (Easy Guide)

2026-04-08T16:36:00.002+05:45

Sharing your phone’s internet with a router is a practical fallback when broadband isn’t available. With a USB-C to LAN adapter and an Ethernet cable, you can convert mobile data into a wired connection for your router.

What You Need

Smartphone with USB-C support
USB-C to Ethernet adapter
Ethernet cable
Router with WAN port

Step-by-Step Setup

Connect the USB-C to LAN adapter to your phone. Plug the Ethernet cable into the adapter and the router’s WAN port.

On your phone, go to Settings → Connections → Mobile Hotspot and Tethering, then enable Ethernet tethering. Your phone will automatically assign an IP address to the router.

Within seconds, the router should be online. You can verify by connecting a device and running a speed test.

Why This Works

Ethernet tethering turns your phone into a wired modem. Compared to Wi-Fi hotspot, it reduces interference and provides a more consistent connection.

Will This Be Reliable?

Reliability depends mainly on your mobile network quality. If your 4G or 5G signal is strong and stable, the connection will perform well for browsing, streaming, and light office work.

That said, network congestion, weak signal, or extended usage can affect performance. Battery drain and device heating are also factors, so keeping your phone charged helps maintain stability.

Conclusion

Ethernet tethering gives you a fast, stable way to power your router using mobile data. It’s simple to set up, more consistent than Wi-Fi hotspot, and ideal as a backup internet solution. While not a permanent replacement for broadband, it delivers reliable performance when you need quick connectivity.

FAQ

1. Does every phone support Ethernet tethering?
No, only selected Android devices with USB-C and tethering support offer this feature.

2. Is this faster than a hotspot?
Often yes. Wired connections reduce interference and improve stability.

3. Will this drain battery quickly?
Yes, so keeping your phone plugged in is recommended.

4. Can I use this on any router?
Any router with a WAN port should work without special configuration.

5. Is setup complicated?
No. Once connected, enabling tethering takes less than a minute.

How to Use a Laptop as a Second Monitor (Windows Guide)

2026-04-07T16:37:00.005+05:45

How to Use a Laptop as a Second Monitor (Windows 10/11 Guide)

You can use your laptop as a second monitor using built-in Windows Wireless Display or third-party tools like spacedesk. This allows you to extend your screen without buying extra hardware.

If you need more screen space for multitasking, system monitoring, or IT workflows, this setup gives you a fast and cost-effective dual-screen solution.

Example of a dual-screen setup using a laptop as a second monitor

Why Use a Laptop as a Second Monitor?

Work across multiple applications without switching tabs
Monitor logs, emails, or dashboards in real time
Improve productivity and reduce clutter
Ideal for IT support, developers, and remote work

Method 1: Use Windows Wireless Display (Built-in)

Step 1: Enable Projection on Secondary Laptop

Press Windows + I → open Settings
Go to System → Projecting to this PC
Install Wireless Display if required
Launch the Wireless Display app

Step 2: Connect from Main Laptop

Press Windows + K
Select your second laptop
Choose:
- Extend (recommended)
- Duplicate

Step 3: Arrange Displays

Go to Display Settings and drag screens to match your physical layout. This ensures smooth cursor movement.

Method 2: Use spacedesk (More Flexible Option)

spacedesk is useful if Wireless Display is unstable or unsupported. It works across laptops, tablets, and even phones.

How spacedesk works:

Install spacedesk driver on your main PC
Install viewer on the second device
Connect both devices on the same network

Setup Steps

Install spacedesk on your main device
Install viewer app on second device
Launch both apps
Select and connect

Extend vs Duplicate Mode (Quick Comparison)

Mode	Best For	Use Case
Extend	Productivity	Multitasking, coding, IT monitoring
Duplicate	Presentation	Meetings, demos, screen sharing

Performance Optimization Tips

Use Ethernet instead of Wi-Fi for lower latency
Keep both devices on the same network
Close unnecessary applications

When to Use Each Method

Use Windows Wireless Display for simplicity
Use spacedesk for compatibility and flexibility
Use spacedesk for mobile devices

Troubleshooting Common Issues

Why is my second monitor lagging?

Weak Wi-Fi is the most common cause. Switching to Ethernet improves stability and reduces latency.

Device not showing in Wireless Display?

Ensure both devices support Miracast and are connected to the same network.

Frequently Asked Questions (FAQ)

Can I use a laptop as a second monitor without software?

Yes, Windows includes a built-in Wireless Display feature that allows screen projection without extra software.

Can I use a phone or tablet as a second monitor?

Yes, spacedesk supports Android and iOS devices as extended displays.

What is better: extend or duplicate display?

Extend mode is best for productivity, while duplicate mode is ideal for presentations.

Conclusion

Using your laptop as a second monitor is one of the simplest ways to expand your workspace without extra cost. Built-in Windows tools provide a quick setup, while spacedesk offers more flexibility across devices.

For most workflows, extend mode delivers the best results, helping you manage tasks efficiently and improve productivity.

How to Run AI Models on Your Own Computer with Ollama (No Cloud, No Subscription)

2026-04-06T11:19:00.002+05:45

You've probably noticed: AI subscriptions add up fast. ChatGPT Plus, Copilot Pro, Claude Pro before you know it, you're paying $60+ a month just to ask questions and get help with writing. And every prompt you type goes to someone's server.

There's a better way. Ollama lets you run full AI language models directly on your own computer no internet connection required, no API keys, no monthly fees. Your data never leaves your machine. And the setup takes about five minutes.

This guide walks you through exactly how to get it running, which model to start with, and how to actually use it for real work.

What Is Ollama?

Ollama is a free, open-source tool that handles everything involved in running a large language model locally: downloading the model, managing memory, and serving it through a simple interface. Think of it as a lightweight app store for AI models that runs entirely on your hardware.

It supports Windows, macOS, and Linux, and works with dozens of well-known open-weight models including Llama 3, Mistral, Gemma, Phi, and DeepSeek. Once you pull a model, it lives on your drive and runs offline.

What Hardware Do You Actually Need?

This is the part people overthink. You don't need a $3,000 workstation. Here's the honest breakdown:

8 GB RAM: Enough to run 7B models like Llama 3.2 or Mistral 7B. Comfortable for most tasks.
16 GB RAM: Opens up 13B models and gives you more breathing room for multitasking.
32 GB+ RAM: Needed for larger models like DeepSeek-R1 (32B) or Qwen2.5 (72B).

A dedicated GPU (NVIDIA with 8 GB+ VRAM, or Apple Silicon) makes things noticeably faster. But a modern CPU works fine for lighter use.

Operating system: Windows 10/11, macOS 12 or newer, or any modern Linux distro (Ubuntu 22.04+ recommended).

Step-by-Step: Installing Ollama

Step 1: Download Ollama

Go to ollama.com/download and grab the installer for your OS. On Linux, run this in the terminal:

curl -fsSL https://ollama.com/install.sh | sh

Step 2: Verify the Installation

Open a terminal and type:

ollama --version

You should see a version number. If you do, Ollama is installed and running.

Step 3: Pull Your First Model

Start with Llama 3.2 (3B) if you have 8 GB RAM, or Llama 3.1 (8B) if you have more:

ollama pull llama3.2

Ollama downloads the model file (around 2–5 GB). This only happens once — after that, it runs offline.

Step 4 : Start Chatting

Run the model in interactive mode:

ollama run llama3.2

You'll get a prompt. Type anything and hit Enter. To exit, type /bye.

A Real-World Example: Using It at Work

Say you're an IT admin and you need to write a PowerShell script to list inactive Active Directory accounts. You don't want to paste your domain details into ChatGPT. Here's what you'd do:

ollama run llama3.2
>>> Write a PowerShell script that queries Active Directory for accounts that haven't logged in for 90 days.

It generates the script locally. Your AD details, your prompts, your output all on your machine. Nothing goes anywhere.

Other things it handles well: drafting emails, summarizing documents, explaining error messages, writing regex patterns, and general IT Q&A.

Want a Chat Interface? Add Open WebUI

The terminal is fine, but if you want something that looks like ChatGPT, Open WebUI is a free, self-hosted frontend that connects to Ollama with one Docker command:

docker run -d -p 3000:80 --add-host=host.docker.internal:host-gateway -v open-webui:/app/backend/data --name open-webui ghcr.io/open-webui/open-webui:main

Then open http://localhost:3000 in your browser. Full chat UI, conversation history, and model switching all local.

Common Mistakes to Avoid

Pulling a model too large for your RAM. If your system starts swapping heavily, the model is too big.
Expecting GPT-4 quality from a 3B model. Local models are useful, but not as capable as frontier models. Use them for drafts, summaries, and code help.
Forgetting to update models. Run ollama pull <model-name> periodically for newer versions.
Not trying different models. Mistral 7B is strong for code. Phi-3 Mini is fast and lightweight. Gemma 2 is good at instruction-following.

Useful Ollama Commands

ollama list shows all downloaded models
ollama rm <model-name> removes a model to free up disk space
ollama serve starts the Ollama API server manually
ollama show <model-name> shows model details and parameters

Wrapping Up

Running AI models locally used to be something you'd only attempt if you were comfortable with Linux and Python environments. Ollama has changed that. It's as simple as installing any other app, and the models available today are good enough for a wide range of real work.

If you care about keeping your data private, want to cut subscription costs, or just want an AI assistant that works offline give Ollama a try. Pull Llama 3.2, run it, and see how it fits into your day.

It's free. It's fast enough. And it's yours.

How to Automate Windows Admin Tasks with PowerShell (A Beginner's Guide)

2026-04-03T10:26:00.002+05:45

The Problem: Same Task, Every Day

If you've ever manually created the same folder structure for a new project, exported a list of installed software for an audit, or checked which machines on your network still need a Windows update you already have a use case for PowerShell. You're just doing it the slow way.

PowerShell is the scripting language built into every copy of Windows. It's been there since Windows 7, and yet a huge number of IT professionals have never written a single script. This guide is for those people.

What Is PowerShell, Exactly?

PowerShell is a command-line shell and scripting language built by Microsoft. Unlike the old Command Prompt, PowerShell works with objects structured data you can sort, filter, and pipe between commands. That's what makes it genuinely useful for IT work, not just running the occasional ipconfig.

Two versions exist: Windows PowerShell 5.1 (built into Windows 10/11) and PowerShell 7.x (the newer cross-platform version). For most everyday Windows admin tasks, 5.1 works fine. For new projects or anything cross-platform, download PowerShell 7 from Microsoft's GitHub releases page.

Opening PowerShell the Right Way

Right-click the Start button and choose "Windows PowerShell (Admin)" or "Terminal (Admin)." Running as Administrator matters tasks that touch services, user accounts, and system settings all require elevated privileges.

If you're on Windows 11, Windows Terminal is the better interface. It supports multiple tabs and handles PowerShell 7 cleanly. Worth installing if you haven't already.

Your First Useful Command

Before scripts, learn cmdlets. A cmdlet (pronounced "command-let") follows a consistent Verb-Noun structure:

Get-Process        # Lists running processes
Get-Service        # Shows services and their status
Get-ChildItem      # Lists files in a folder (like ls or dir)

Try this right now: open PowerShell and run:

Get-Service | Where-Object {$_.Status -eq "Stopped"}

You'll get every stopped service on your machine in one line, no clicking through the Services console. That's the idea.

4 Scripts You'll Actually Use

1. Find Files Modified in the Last 7 Days

Get-ChildItem -Path "C:\Users\YourName\Documents" -Recurse |
Where-Object { $_.LastWriteTime -gt (Get-Date).AddDays(-7) } |
Select-Object Name, LastWriteTime

Change the path to any folder. Great for auditing recent changes or tracking down what broke after a Friday deployment.

2. Export a List of Installed Software

Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* |
Select-Object DisplayName, DisplayVersion, Publisher |
Export-Csv -Path "C:\installed-software.csv" -NoTypeInformation

Run this on any machine and you get a clean CSV of installed apps perfect for audits, comparisons, or pre-upgrade documentation.

3. Check Disk Space on All Drives

Get-PSDrive -PSProvider FileSystem |
Select-Object Name,
  @{N="Free(GB)";E={[math]::Round($_.Free/1GB,2)}},
    @{N="Used(GB)";E={[math]::Round($_.Used/1GB,2)}}

One command, all drives, formatted cleanly. No more clicking through File Explorer to check space on each partition.

4. Restart a Service If It's Stopped

$service = Get-Service -Name "Spooler"
if ($service.Status -eq "Stopped") {
    Start-Service -Name "Spooler"
        Write-Output "Print Spooler was stopped. Restarted it."
        } else {
            Write-Output "Print Spooler is running fine."
            }

Replace Spooler with any service name. Drop this into a scheduled task to run every 15 minutes for a service that keeps falling over.

How to Save and Run Your Scripts

Write your script in Notepad or VS Code, save it with a .ps1 extension (e.g., check-service.ps1), then run it from PowerShell:

.\check-service.ps1

If you get an execution policy error, run this once in an admin session:

Set-ExecutionPolicy RemoteSigned -Scope CurrentUser

This allows locally-created scripts to run while keeping unsigned scripts from the internet blocked.

Common Mistakes to Avoid

Running without testing first. Always test scripts on dummy data or in a non-production environment. A loop that deletes or moves files won't ask twice.

No error handling. Wrap risky operations in try/catch blocks:

try {
    Remove-Item "C:\TempLogs" -Recurse -Force
    } catch {
        Write-Output "Failed to delete: $_"
        }

Hardcoding paths and usernames. Use variables instead it makes scripts reusable across different machines without editing the code each time.

No logging for unattended scripts. Add Start-Transcript -Path "C:\script-log.txt" at the top of any script that runs on a schedule. When something breaks at 3am, you'll be glad it's there.

Where to Go From Here

The best way to learn PowerShell is through real problems. Next time you find yourself doing something repetitive, search "how to do X in PowerShell" and adapt what you find. Start with one-liners, then save them as scripts, then run them on a schedule.

Microsoft's documentation at learn.microsoft.com is genuinely good and free. PowerShell 7 installs side-by-side with Windows PowerShell and doesn't replace it, so there's no risk in trying it.

The Bottom Line

You don't need to become a developer to get real value from PowerShell automation. Even five or six scripts targeting your most repetitive tasks can save hours each month. The examples above are real, working, and ready to copy. Start with one, adapt it to your environment, and build from there.

How to Set Up Your First AI Agent (And Actually Get Something Done With It)

2026-04-01T00:07:00.004+05:45

A year ago, most people used AI the same way: type a question, read the answer, close the tab. That was fine. But 2026 is a different story. AI agents systems that don't just respond but actually do things on your behalf are no longer an experiment. They're showing up in real workflows, real companies, and real people's daily routines.

If you've been watching from the sidelines, wondering when to actually start, this is your guide. No theory, no hype just a clear walkthrough of what AI agents are, how they work in practice, and how to get your first one running without spending a weekend in documentation hell.

What Makes an AI Agent Different From a Regular Chatbot

A chatbot answers. An agent acts.

The difference is tool use. When you give an AI agent access to tools like your file system, email, a browser, an API, or a database it can take a task and run with it, step by step, without you hand-holding every move. You say "summarize last week's support tickets and draft a report," and it reads the tickets, pulls the data, writes the report, and saves it somewhere useful. You come back and the work is done.

In my experience, the biggest mental shift isn't technical it's letting go of the idea that you need to micromanage every step. The whole point of an agent is that you define the goal, not the path.

What You Actually Need to Get Started

You don't need to be a developer. You don't need to host anything. Here's the realistic minimum:

An AI platform that supports agents Claude, ChatGPT with plugins, or an open-source option like LangChain or CrewAI if you want more control.
A clear, bounded task "Automate my entire job" will fail. "Summarize my daily emails and flag anything urgent" will work.
Access to at least one tool or data source This could be your Gmail, a folder on your computer, a spreadsheet, or a public API.
Some patience for iteration Your first agent won't be perfect. Neither was your first spreadsheet formula.

Step-by-Step: Setting Up Your First AI Agent

Step 1 Pick One Real Problem to Solve

Don't start with "I want to automate my workflow." Start with something specific. A few examples that actually work well for first agents:

Monitoring a folder for new files and summarizing their contents
Pulling data from a web page daily and logging it to a spreadsheet
Drafting responses to common customer emails based on a template
Checking a server log file for errors and sending a summary Slack message

The more specific the task, the easier it is to know when the agent is doing it right.

Step 2 Choose Your Platform

For non-developers: Claude's Cowork mode or ChatGPT with file and web tools are the easiest entry points in 2026. You connect tools through a UI and describe what you want in plain language.

For IT professionals or developers: CrewAI, LangGraph, or AutoGen give you more control over agent behavior, memory, and multi-agent orchestration. These require Python knowledge but aren't nearly as complicated as they used to be.

For enterprise environments: Most teams are now using platforms like Microsoft Copilot Studio or internal deployments that already have security review done. Check with your IT department before connecting any agent to company data.

Step 3 Define the Agent's Role and Tools

Think of this like writing a job description. You're telling the agent:

What it is "You are a monitoring assistant that checks server logs for errors."
What it can use File access, web search, email API, etc.
What it should output A summary? A file? A Slack message?
What it should NOT do This part is easy to skip and important not to.

The guardrails matter. An agent with no defined scope will hallucinate scope for itself. In my experience, agents that go off-script almost always do so because the original instructions left too much ambiguous.

Step 4 Test With a Small, Safe Dataset

Do not point your new agent at live production data on day one. Create a test folder, a dummy email account, or a sample spreadsheet. Run it. Watch what it does. Check the output before you trust it with anything that matters.

This sounds obvious but gets skipped constantly.

Step 5 Add Memory (Optional but Powerful)

Some agent platforms support memory the ability to remember context between runs. If your agent is doing a recurring task, memory lets it build on previous outputs instead of starting cold each time. This is especially useful for report generation, customer tracking, or anything where "what happened last time" is relevant.

A Real World Example: IT Incident Log Summarizer

Here's something a small IT team actually deployed earlier this year. They had engineers manually scanning through overnight system logs every morning a 20-minute job that nobody liked and that occasionally produced incomplete reports.

They set up an agent with access to the log directory, gave it a role ("You are a system health analyst. Each morning, scan the overnight logs, identify errors, warnings, and anomalies, then produce a plain-English summary with severity ratings."), and connected the output to a shared Slack channel.

First run took some prompt tuning. By day three, the morning report was more consistent than what humans were producing. Engineers still reviewed it they didn't remove the human layer but the grunt work disappeared.

Total setup time: about four hours across two days. No custom code, just configuration and iteration.

Mistakes That Will Waste Your Time

Starting too broad. "Automate my research process" is not a task. It's a dream. Break it down.
Skipping the output review step. An agent that's 90% accurate on a task that runs 100 times a day introduces errors at scale. Always build in a review stage until you've verified reliability.
Giving agents access to things they don't need. Minimum viable permissions same principle you'd apply to any system account.
Expecting zero maintenance. APIs change. Data formats change. An agent that worked perfectly last month may need a prompt update next month. Build in time for this.
Not documenting what the agent does. Six months later, you or a colleague will need to understand or modify it. Write it down.

A Quick Note on Security

This comes up less often than it should. If your agent is handling company data, emails, or any system with credentials, you need to think about:

Where the data goes (is the AI model storing your inputs?)
What happens if the agent makes an unintended API call
Who has visibility into the agent's actions and outputs

Most enterprise-grade platforms have audit logs now. Use them. For personal projects or solo use, just be careful about connecting agents to anything that has payment info or sensitive personal data until you fully understand the data flow.

The Honest Truth About AI Agents in 2026

They're genuinely useful. Not magic, not sentient, not a threat to your job if you know how to use them. They're more like a very capable intern that works at 3am and never forgets a step — but still needs clear instructions and occasional correction.

The professionals who are getting the most value right now aren't the ones with the most technical skill. They're the ones who know their own workflows well enough to explain them clearly. If you understand what you do, you can teach an agent to help with it.

Start with one task. Get it working. Then build from there.

How to Set Up Windows 11 with a Local Account (Bypassing Microsoft Sign-In)

2026-03-27T21:20:00.004+05:45

If you've been trying to install Windows 11 lately, you've probably noticed Microsoft has made it tougher to skip their online account requirement. The old trick of typing cxh:local during setup doesn't work anymore. But there's still a reliable workaround using a simple command script. This method lets you finish the Out-of-Box Experience (OOBE) with a traditional local account instead of linking everything to a Microsoft profile.

For the full technical breakdown and any updates, check out the GitHub repo here: github.com/BikramBhujel/bypassnro

Step-by-Step Guide

1. Get to the OOBE Screen

Boot into the Windows 11 installation and proceed until you hit the initial setup screens the ones asking for your region, language, or network connection. Stop there before it asks you to sign in.

2. Open Command Prompt

Press Shift + F10 on your keyboard. This pops open a Command Prompt window right from the setup environment no need to complete installation first.

3. Download the Bypass Script

In the Command Prompt, grab the script file using curl it's built into modern Windows setups. Run this exact command:

curl -L bikrambhujel.com.np/bypass -o skip.cmd

This downloads a small batch file called skip.cmd to your current directory.

4. Execute the Script

Now just run it:

skip.cmd

The script does the heavy lifting it tweaks a registry key to skip the network requirement and lets you create a local account on the next screens.

After that, you'll breeze through the rest of setup without needing an internet connection or Microsoft login. It's straightforward, reversible if needed, and works on the latest Windows 11 builds as of now.

Why Use a Local Account?

A local account keeps your data on your machine only. No syncing to Microsoft servers, no requirement for an internet connection to log in, and no Microsoft profile attached to your device. For privacy-conscious users, air-gapped machines, or enterprise environments where Microsoft accounts aren't appropriate, this is the right setup.

The bypass script only modifies a temporary registry entry during the OOBE phase. Once setup is complete it has no ongoing effect on your system.

Frequently Asked Questions

Does the cxh:local trick still work?

No. Microsoft patched it in recent Windows 11 builds. The command script method described above is the current working approach.

Will this work on the latest Windows 11 version?

Yes, as of the time of writing this works on current Windows 11 builds. Check the GitHub repo for the latest updates if something changes.

Is it safe to use this script?

The source code is fully open and available at github.com/BikramBhujel/bypassnro. It makes a single registry change to skip the network check during OOBE. Review it yourself before running if you want to be sure.

Can I switch to a Microsoft account later?

Yes. After setup is complete you can go to Settings → Accounts → Your info and sign in with a Microsoft account at any time. Starting with a local account doesn't lock you out of that option.

OpenAI Is Hiring 8,000 People and Apple WWDC 2026 Is Coming : What Both Mean for Regular Tech Users

2026-03-26T13:34:00.002+05:45

Two pieces of tech news dropped this week that seem unrelated on the surface but actually tell the same story. OpenAI announced plans to grow from around 4,000 employees to roughly 8,000 by the end of this year. And Apple confirmed that WWDC 2026, its annual developer conference, will take place June 8 to 12 at Apple Park. Both announcements are really about the same thing: the AI race is moving from research labs into the software and devices people use every single day, and it is moving fast.

What OpenAI Hiring 8,000 People Actually Signals

A lot of people heard this number and thought it just meant OpenAI is growing. But the more interesting detail is where those hires are going. The company is expanding its engineering teams, yes, but the bigger growth areas are enterprise sales, product delivery, and what they are calling technical ambassadorship, which is essentially a team of people who help businesses figure out how to actually use AI tools in their operations.

This tells you something important about where the AI industry is right now. The era of building impressive demos and impressing people at conferences is giving way to the harder, more mundane work of turning AI into software that businesses actually pay for and keep paying for. OpenAI surpassed 25 billion dollars in annualized revenue recently. Anthropic, the company behind Claude, is approaching 19 billion. These are no longer research projects. They are large enterprise software companies that happen to be built on AI models.

For regular users, this shift matters because it means the AI tools you interact with are being shaped increasingly by enterprise requirements, which tend to prioritize reliability, privacy controls, and integration with existing business software over flashy new capabilities. The ChatGPT you use at home is increasingly being designed with the corporate customer in mind alongside you.

Apple WWDC 2026 and What to Expect in June

Apple's developer conference is where the company announces what is coming to iOS, macOS, and all its other platforms for the rest of the year. This year's event on June 8 is particularly interesting because Apple has had what many people consider a slow start in the AI race compared to Google and OpenAI.

Apple Intelligence, the company's branded AI features, rolled out gradually over the past year and drew mixed reviews. Some features impressed people. Others felt half finished. The new version of Siri, which Apple has been building with on device AI and reportedly using Google's Gemini model in the background for more complex tasks, is expected to be a major focus at WWDC this year.

If Apple delivers a genuinely improved Siri that can do things like book appointments across apps, write emails with context from your calendar, and answer complex questions without shipping your data to a distant server, it would be a significant moment. Apple's advantage has always been that billions of people already have iPhones and trust the company with their data. The question at WWDC is whether Apple can finally translate that trust and installed base into AI features that people actually want to use.

Why Both of These Things Matter for People Outside the US

Tech news from Silicon Valley can feel distant when you are reading it from Nepal or anywhere else in South Asia. But both of these developments have practical implications that reach beyond American users fairly quickly.

OpenAI expanding its enterprise sales team means ChatGPT and other OpenAI tools will increasingly appear inside the business software used by companies globally, from Microsoft Office to customer service platforms to coding tools. If you work in tech, education, or any field that uses computers, AI tools shaped by OpenAI's enterprise push will reach you whether you seek them out or not.

Apple's WWDC announcements, meanwhile, affect every iPhone and Mac user on the planet. New iOS features announced in June typically reach all supported devices in September. If Apple delivers something genuinely useful in AI this year, hundreds of millions of people across Asia will have it on their phones a few months later.

The Bigger Picture Behind Both Stories

What both OpenAI's hiring spree and Apple's WWDC announcement reflect is that the AI technology being built in research labs over the past few years is now entering its commercialization phase. The question is no longer whether AI is impressive. It clearly is. The question is whether it is useful enough in everyday situations that people keep coming back to it, pay for it, and build their workflows around it.

That answer is still being written. The next six months, from now through the end of 2026, will tell us a great deal about which AI products people actually want to live with versus which ones they try once and forget about.

Common Questions

Will Apple Intelligence features work on older iPhones?

Apple Intelligence currently requires an iPhone 15 Pro or any iPhone 16 model. Older devices do not have the necessary chip performance to run on device AI features. Whatever Apple announces at WWDC in June will likely follow the same hardware requirements, meaning if you have an iPhone 14 or older, the new AI features will not be available to you without upgrading your device.

Is OpenAI profitable yet?

Not yet. OpenAI reported significant losses last year despite its massive revenue, largely because running and training large AI models is extraordinarily expensive. The company is betting that revenue growth from enterprise customers will eventually outpace the infrastructure costs. The hiring expansion is part of that bet, since more sales people and product teams should drive more enterprise contracts, but it also means higher costs in the short term before the revenue catches up.

Will ChatGPT stay free for regular users as OpenAI grows?

The free tier of ChatGPT is likely to continue, but with more limitations compared to paid plans. OpenAI's free users already see capability restrictions compared to ChatGPT Plus subscribers. As the company focuses more on enterprise revenue, the gap between free and paid features may widen further over time. The free version will not disappear since it drives awareness and eventual conversions to paid plans, but it will probably become more of a limited preview than a full product.

2026-03-25T23:08:00.004+05:45

🏢 Enterprise Network Infrastructure Upgrade
CIMMYT Nepal Office, Khumaltar

From a flat unmanaged network to a fully segmented enterprise-grade dual-VLAN architecture using existing hardware with zero budget.

📅 March 2026 📍 Khumaltar, Lalitpur, Nepal 🔧 FortiGate + Cisco ✍️ Bikram Bhujel ⏱️ 5 Days

6× Faster WiFi Speed

13 Devices Configured

0৳ Hardware Budget

Project Overview

The CIMMYT Nepal Office in Khumaltar, Lalitpur was running on a completely flat network with no VLANs, no segmentation and no guest isolation. All staff devices, guest WiFi and printers were sharing the same broadcast domain with zero security boundaries between them.

The goal was straightforward: upgrade the entire network to a properly segmented, enterprise-grade architecture. The interesting constraint was that no new hardware could be purchased. Everything had to be done with what was already sitting in the server rack.

💡 Key insight: The dramatic performance improvement you will see below came entirely from reconfiguration, not new equipment. The same firewall, switches and access points delivered 6x faster WiFi simply through proper design.

How It Unfolded

March 20, 2026

FortiGate 91G Reconfiguration

Started with a clean slate. Configured VLAN20 for corporate traffic and VLAN999 for guest, set up DHCP pools for both networks, configured SD-WAN with the Worldlink ISP connection and wrote all firewall policies from scratch.

March 20 to 21

Switch Infrastructure

All three Cisco Catalyst 2960-X switches were pulled from the rack and physically cleaned. The level of dust and rodent activity found inside was significant. After cleaning all three were reconfigured with proper VLAN trunk and access port design.

March 21, 2026

Wireless Deployment

All eight Cisco AIR-CAP2702I access points configured in autonomous mode. CIM-WiFi moved to 5GHz exclusively and cim-guest assigned to 2.4GHz. Channels planned using a 1, 6, 11 rotation across adjacent APs. First speedtest: 41.8 Mbps.

March 22 to 24

FortiAP 231F Integration

Integrating the FortiAP 231F into FortiGate management turned into a multi-day troubleshooting exercise. The AP was still registered to FortiEdge Cloud, CAPWAP was not enabled on the right interface and the native VLAN behaviour required some creative thinking. More on this below.

March 25, 2026

Documentation in NetBox

Full network documented in NetBox IPAM covering all devices, VLANs, prefixes, interfaces and IP addresses. The entire network is now properly recorded for future reference.

Before and After

❌ Before

Network DesignFlat / No VLANs

WiFi Download~7 Mbps avg

Jitter15 to 57 ms

Guest IsolationNone

WiFi Band2.4GHz congested

Channel PlanningNot optimized

Switch ConditionHeavily dusty

Server RackDisorganized

✅ After

Network DesignDual VLAN

WiFi Download41.8 Mbps

Jitter1 ms

Guest IsolationComplete

WiFi Band5GHz dedicated

Channel Planning1/6/11 rotated

Switch ConditionCleaned

Server RackOrganized

Hardware Involved

Every device below was already present in the office. Nothing was purchased new. Each one was reconfigured from scratch.

🔥

Fortinet FortiGate 91G

Internet gateway, VLAN routing, SD-WAN
Firewall policies and FortiAP controller

🔀

Cisco Catalyst 2960-X (×3)

48-port PoE switches
Core switch plus two access switches

📡

Cisco AIR-CAP2702I (×8)

Autonomous mode, dual radio
CIM-WiFi on 5GHz, cim-guest on 2.4GHz

📶

Fortinet FortiAP 231F

Managed by FortiGate via CAPWAP
Dedicated coverage for CCR area

Network Design

The topology follows a daisy-chain design with the FortiGate at the top and three switches cascading below it. Two VLANs carry all traffic with strict firewall policies controlling what can communicate with what.

ISP (Worldlink 50Mbps Dedicated) └── FortiGate 91G [Gateway and Firewall] └── Core Switch [48-port PoE] ├── Access Switch 2 [Office area] ├── Access Switch 3 [Office area] └── AP Trunk Ports [VLAN20 + VLAN999, native VLAN20]

🏢 VLAN 20 — Corporate

Subnetx.x.x.0/23

DHCP Poolx.x.x.50 onwards

SSIDCIM-WiFi

Band5GHz dedicated

PurposeStaff devices only

👥 VLAN 999 — Guest

Subnetx.x.x.0/24

DHCP Poolx.x.x.10 to .200

SSIDcim-guest

Band2.4GHz dedicated

PurposeVisitors only

FortiGate Configuration Highlights

A couple of things worth noting from the FortiGate side. SD-WAN must be configured before any firewall policies that reference it, otherwise FortiOS throws a node_check_object error. Also, VLAN IDs are immutable after creation — to change one you delete the interface and start over.

# VLAN interface for corporate network config system interface edit "VLAN20_Internal" set interface lan set type vlan set vlanid 20 set ip x.x.x.1 255.255.254.0 set allowaccess ping https ssh fabric next end

# Three policies cover all traffic scenarios # Policy 3: Guest internet access srcintf "VLAN999" dstintf "virtual-wan-link" action accept nat enable # Policy 4: Guest to corporate — hard deny srcintf "VLAN999" dstintf "VLAN20_Internal" action deny # Policy 5: Staff internet access srcintf "VLAN20_Internal" dstintf "virtual-wan-link" action accept nat enable

Wireless Network Setup

Moving CIM-WiFi to 5GHz was the single biggest factor in the speed improvement. The 5GHz band is faster and far less congested in an office environment. Eight access points were spread across the building with 2.4GHz channels carefully planned to use only non-overlapping channels rotating across 1, 6 and 11 so adjacent APs never interfere with each other.

AP-01

Static IP

2.4G Ch 1

AP-02

Static IP

2.4G Ch 6

AP-03

Static IP

2.4G Ch 11

AP-04

Static IP

2.4G Ch 1

AP-05

Static IP

2.4G Ch 6

AP-06

Static IP

2.4G Ch 11

AP-07

Static IP

2.4G Ch 1

AP-08

Static IP

2.4G Ch 6

📡 The FortiAP 231F covers the CCR area which had weak signal from the Cisco APs. It is managed directly by the FortiGate. Both SSIDs work in Bridge mode — CIM-WiFi uses VLAN ID 0 (untagged, routes via native VLAN to corporate) and cim-guest uses VLAN 999 tagged.

Challenges Worth Sharing

Problem

FortiAP CIM-WiFi Had No DHCP

Setting Optional VLAN ID to 20 on the Bridge mode SSID was not giving IP addresses to clients connecting to CIM-WiFi on the FortiAP.

Solution

Set VLAN ID to 0

VLAN ID 0 sends traffic untagged. The switch native VLAN routes untagged traffic to the corporate VLAN interface on FortiGate. DHCP works perfectly.

Problem

FortiAP Not Appearing in FortiGate

The FortiAP 231F was getting an IP and could ping the FortiGate but would not show up in Managed FortiAPs no matter what was tried.

Solution

Enable Security Fabric Connection

Since FortiOS 6.2, CAPWAP is grouped under Security Fabric Connection in the interface administrative access settings. Enabling this on the management VLAN interface fixed it immediately.

Problem

FortiAP Still Talking to FortiEdge Cloud

Even after pointing the FortiAP at the local FortiGate IP it kept trying to reach the cloud controller it was previously registered to.

Solution

Undeploy from FortiEdge Cloud First

The AP must be released from the FortiEdge Cloud portal before it will accept a local controller. Once undeployed it connected to the FortiGate within minutes.

Problem

FortiOS VLAN ID Cannot Be Changed

Attempted to modify an existing VLAN interface to change the VLAN ID. FortiOS does not allow this operation in place.

Solution

Delete and Recreate

The only way to change a VLAN ID in FortiOS is to delete the interface and create a new one. All firewall policies referencing it must be removed first.

What I Learned

💡 Native VLAN and FortiAP Bridge Mode

When a Cisco switch trunk port has a native VLAN configured, any traffic tagged with that same VLAN ID gets the tag stripped before leaving the port. This catches people out with FortiAP. The fix is counterintuitive set the SSID Optional VLAN ID to 0 instead of the VLAN number and the untagged traffic flows exactly where you need it.

💡 Performance Is About Design, Not Hardware

The jump from 7 Mbps average to 41.8 Mbps on the same access points came from three things: moving corporate WiFi to the 5GHz band, planning 2.4GHz channels using only the three non-overlapping channels and fixing the VLAN trunk configuration on the switches. No hardware replaced. Proper configuration is everything.

💡 SD-WAN Must Come Before Firewall Policies

If you try to create a firewall policy referencing virtual-wan-link before the SD-WAN zone is configured, FortiOS throws a node_check_object error. Always configure SD-WAN first then build firewall policies on top of it.

Final Results

Every test passed. The network is stable, fast and properly segmented. Staff on CIM-WiFi cannot reach the guest network and guests cannot reach any corporate resource. The FortiAP covers the previously weak CCR area and everything is documented in NetBox.

Test Performed	Result
FortiGate internet connectivity	✅ Passed
Wired PCs on all three switches	✅ Passed
CIM-WiFi on Cisco APs	✅ Passed — 41.8 Mbps / 1ms jitter
CIM-WiFi on FortiAP 231F	✅ Passed
cim-guest on Cisco APs	✅ Passed
cim-guest on FortiAP 231F	✅ Passed
Guest to corporate isolation	✅ Passed — completely blocked
All 8 Cisco APs reachable	✅ Passed
NetBox documentation	✅ Complete

Microsoft Is Finally Fixing Windows 11's Most Annoying Problems

2026-03-25T13:33:00.001+05:45

If you have been using Windows 11 for a while you probably have a mental list of things that drive you up the wall. The update notifications that will not leave you alone. The AI features that appear whether you asked for them or not. The Start menu that seems to have a mind of its own. The good news is Microsoft actually heard the complaints and made an official promise this month to fix the biggest ones.

This is not a rumor or a leak. Microsoft published a statement directly addressing user frustration with what many people have started calling AI slop in Windows, meaning features that feel pushed on users rather than genuinely helpful. Here is what is changing.

The Forced AI Features Are Getting Dialed Back

One of the most common complaints about recent Windows 11 updates is that Microsoft kept adding AI-powered features without asking users whether they wanted them. Copilot widgets appearing on the taskbar. AI-generated content in search results. The Recall feature that takes regular screenshots of your screen. People felt like their own operating system was being used to push a product agenda rather than serve them.

Microsoft's response this month acknowledged that feedback directly. The company said it is working on giving users clearer control over which AI features are active and which are not. New options are coming that let you turn off specific Copilot and AI behaviors without having to dig through obscure settings menus. This has been one of the most requested changes from Windows power users for months.

Windows Update Is Becoming Less Pushy

The other major change Microsoft is addressing is how Windows handles updates. The current behavior on many machines is that Windows will nag you repeatedly to restart, schedule restarts at inconvenient times, and in some cases apply updates automatically even when you would prefer to wait.

Microsoft confirmed this month that hotpatch updates, which apply security fixes without requiring a restart, will become the default for eligible devices starting with the May 2026 update. This is genuinely useful. Right now hotpatching requires enrollment through Microsoft Intune, which is an enterprise tool most home users never touch. Making it the default means your PC gets security updates in the background without the disruptive restart cycle that interrupts your work.

The company says this change can get devices to 90 percent patch compliance in half the usual time, which matters for security, while also eliminating most of the restart-related annoyance for everyday users.

The Start Menu and Taskbar Are Getting Cleaned Up

This one has been a long time coming. Since Windows 11 launched, the Start menu has included recommended apps, promoted content, and suggestions that most users never asked for and rarely want. The taskbar on many machines ships with widgets showing news and weather that auto expand when you hover near them accidentally.

Microsoft said this month it is simplifying both. The recommendations section in Start is being made easier to dismiss and configure. The taskbar widgets panel is getting better controls so it does not activate unintentionally. These sound like small things but they are among the most commonly mentioned frustrations from users who just want a clean working environment without promotional content in their way.

File Explorer Search Is Getting More Reliable

The March 2026 update that rolled out earlier this month already included fixes for File Explorer search reliability, which has been unreliable in certain situations for longer than it should have been. Searches that returned incomplete results or missed files in certain folder structures are now more consistent.

Microsoft also added a built in Sysmon monitoring tool as an optional Windows feature in the March update. This is primarily useful for IT administrators and security conscious users who want to monitor system activity in detail. You can enable it from Settings, System, Optional Features if you want to try it.

One Warning Before You Get Too Excited

Microsoft has made promises about fixing Windows behavior before and the delivery timeline has not always matched the announcement. Some of these changes are confirmed for specific upcoming updates. Others are described more vaguely as coming improvements without exact dates. The hotpatch change has a confirmed timeline of May 2026. The AI feature controls and Start menu cleanup do not yet have specific release dates attached to them.

That said, the fact that Microsoft is publicly acknowledging these issues and committing to changes is itself significant. The company is aware that Windows 11 has frustrated a meaningful portion of its user base, and the competitive pressure from macOS and ChromeOS gives them a real reason to act rather than just acknowledge the complaints.

Common Questions About the Windows 11 Changes

Do I need to do anything to get these improvements?

For the changes that are already in March updates, make sure your Windows Update is current and that you have installed KB5079473. For upcoming changes like the hotpatch default and the AI feature controls, they will arrive automatically through future Windows Updates, likely starting in May. No manual action needed beyond keeping your system updated.

Can I turn off Copilot in Windows 11 completely right now?

Yes, partially. You can remove the Copilot button from your taskbar by right clicking the taskbar, going to Taskbar Settings, and toggling Copilot off. On Windows 11 Pro and Enterprise editions you can disable it more thoroughly through Group Policy settings. On Home edition the options are more limited until the promised controls arrive in future updates.

Will these changes also come to Windows 10?

Windows 10 reached end of mainstream support in October 2025, so it no longer receives feature updates or improvements of this kind. Security patches continue under the Extended Security Updates program for organizations, but the experience improvements and new features Microsoft is rolling out are exclusively for Windows 11. If you are still on Windows 10, upgrading to Windows 11 is now the only path to getting these changes.

Fake IT Support Scams Are Getting Smarter in 2026 - Here Is How They Work and How to Stay Safe

2026-03-20T08:52:00.001+05:45

A cybersecurity report this week highlighted something that should make every Windows user pay attention. A new fake tech support scam is doing the rounds right now and it is effective precisely because it convinces the victim to do the dangerous thing themselves. No sketchy download link, no suspicious email attachment. Just a phone call and some convincing instructions.

The scam starts with a call from someone claiming to be from IT support, Microsoft, or your internet provider. By the end of the call, a fully compromised machine is sitting on your network and the person on the other end of the phone has complete access to it.

How the Scam Actually Works Step by Step

The call comes in and the person on the line sounds professional. They tell you there is a problem with your computer, maybe a virus, maybe suspicious activity on your account, maybe an expiring software license. Something that sounds urgent and plausible.

Then they walk you through a series of steps. They might ask you to open Command Prompt and run a command they give you. Or they ask you to visit a website and download a remote access tool like AnyDesk or TeamViewer so they can fix the problem for you. Sometimes they direct you to a page that looks exactly like a Microsoft support page.

What they are actually doing is either having you run malware directly through Command Prompt, or gaining remote access to your computer through legitimate software that you installed yourself. Once they have access, they move fast. They can install backdoors, copy your files, steal saved passwords from your browser, and even lock you out of your own machine with ransomware.

The reason this works so well is that the victim does everything themselves. There is no suspicious file that antivirus software catches. No obvious hack. Just someone following instructions from a person who sounded like they knew what they were talking about.

The Warning Signs to Watch For

The most important thing to understand is that Microsoft, Google, your internet provider, and any legitimate technology company will never call you out of the blue to tell you your computer has a problem. Real companies do not work that way. If there is a genuine issue with your account, they send an email to the address registered on your account. They do not phone you.

A pop-up on your screen telling you to call a phone number is also always a scam. Real Windows error messages do not include phone numbers. Neither do real antivirus alerts.

Other warning signs include callers who create urgency by saying your account will be closed or your computer will be blocked within hours, callers who ask you to buy gift cards to pay for a service, and anyone who asks you to open Command Prompt and type something they dictate to you.

What to Do If You Get One of These Calls

Hang up. That is really the whole answer. You do not need to be polite, you do not need to explain yourself, and you do not need to verify whether the call is real before ending it. If the caller was legitimate they will have another way to reach you. If hanging up makes the problem go away, the problem was not real.

If you have already given someone remote access to your computer, disconnect from the internet immediately by unplugging your ethernet cable or turning off Wi-Fi. Then run a full scan with Windows Defender or another reputable antivirus tool. Change the passwords to your email, banking, and any other accounts you were logged into on that machine. Do this from a different device, not the compromised one.

If you suspect your banking details were seen during the remote access session, contact your bank directly using the number on the back of your card and let them know what happened.

How to Protect Yourself Before It Happens

The most effective protection is simply knowing these scams exist and how they operate. Once you understand the pattern, the calls become obvious almost immediately.

Beyond awareness, make sure Windows Defender is running and up to date. Keep your Windows updates current, especially now that the March 2026 Patch Tuesday fixes are available. Enable two-factor authentication on your important accounts so that a stolen password alone is not enough to access them.

If you have older family members who are less familiar with how these scams work, talk to them about it. Elderly people are disproportionately targeted because scammers assume they are less likely to be skeptical of an authoritative-sounding caller. A quick conversation explaining that no legitimate company ever calls out of the blue about a computer problem could save them from a very bad experience.

Common Questions About Tech Support Scams

Can I get in trouble for falling for one of these scams?

No, being a victim of fraud is not a crime. However you should report the incident to your national cybercrime authority. In Nepal you can report to the Nepal Police Cyber Bureau. Reporting helps authorities track patterns and potentially catch the people responsible.

What if I already gave them remote access but I am not sure if they did anything?

Assume the worst and act accordingly. Change all your passwords from a different device, run a full antivirus scan, and check your bank statements over the next few weeks for any unfamiliar transactions. It is better to do all of this unnecessarily than to skip it and find out later that something was compromised.

Do these scams only target Windows users?

Windows users are the most common target simply because Windows has the largest market share. But Mac users, Android users, and iPhone users have all been targeted with variations of this scam. The phone call approach works on any platform because the vulnerability is in the person receiving the call, not in the operating system.

What Is an NPU Chip and Why Do New Laptops Suddenly Have Them?

2026-03-19T08:47:00.001+05:45

If you have been shopping for a new laptop recently you have probably noticed that almost every product page now mentions something called an NPU. Intel talks about it, AMD talks about it, Qualcomm has been shouting about it for two years, and Microsoft built an entire new PC category around it called Copilot Plus PCs. But most people buying laptops have no idea what an NPU actually is or whether it matters for what they do.

Here is a straightforward explanation without the marketing language.

NPU Stands for Neural Processing Unit

Your laptop already has two main processors. The CPU handles general tasks like running your operating system, opening apps, and managing files. The GPU handles graphics, whether that is displaying your desktop, playing games, or rendering video.

An NPU is a third type of processor designed specifically to run artificial intelligence tasks. It is built to handle a particular kind of math that AI models rely on, matrix multiplication if you want the technical term, very efficiently and using much less power than a CPU or GPU would use to do the same thing.

The NPU does not replace your CPU or GPU. It works alongside them and takes over specifically when an application needs to run an AI model locally on your device rather than sending data to a cloud server.

Why Are NPUs Showing Up in Laptops Now

AI features in software have exploded over the past two years. Windows 11 now has Copilot built in. Video call apps want to blur your background and enhance your voice in real time. Photo editors use AI to remove objects and fix lighting automatically. All of these features require running AI models continuously in the background.

Without an NPU, your laptop would have to use the CPU or GPU for this work. That is fine occasionally but if AI features are running all the time in multiple apps simultaneously, it starts eating into battery life and slowing down everything else you are doing.

An NPU handles these tasks quietly in the background using a fraction of the power a CPU would need for the same job. Your main processor stays free for the things you are actually focused on and your battery lasts longer.

What Microsoft's Copilot Plus PC Program Actually Requires

Microsoft launched the Copilot Plus PC certification in 2024 and it became a significant marketing push through 2026. To qualify, a laptop's NPU must be able to handle at least 40 TOPS, which stands for Trillions of Operations Per Second and is how NPU performance gets measured.

Copilot Plus PCs get access to specific Windows features that regular PCs do not. The most talked about one is Recall, which takes periodic screenshots of your activity so you can search through your past work using natural language. There are also live caption translation features and AI powered image generation tools built into the operating system.

Whether those features justify buying a Copilot Plus PC over a regular laptop is a different question and honestly depends on how much you would actually use them.

Which Chips Have NPUs Right Now

Almost every modern laptop processor released in 2024 and 2026 includes an NPU of some kind. Qualcomm's Snapdragon X Elite and X Plus chips have the most powerful NPUs currently available in consumer laptops and were first to hit the 40 TOPS threshold Microsoft required. Apple's M series chips also have a Neural Engine which does the same job and Apple has had this since 2020.

Intel's Core Ultra processors include an NPU under their AI Boost branding. AMD's Ryzen AI series does the same. If your new laptop was made in 2024 or later and runs a current generation processor, it almost certainly has an NPU already even if nobody told you about it.

Do You Actually Need to Think About the NPU When Buying a Laptop

For most people buying a laptop today, the NPU is not something you need to actively evaluate the way you would think about RAM or storage. It is just part of modern processors and it will be there.

Where it starts to matter is if you are choosing between a very recent processor and an older generation chip that was discounted. An older laptop on sale might look attractive on price but if it predates NPU integration it will handle the wave of AI features in current and upcoming software less efficiently.

If you do creative work like video editing, photo editing, or audio production, the NPU will increasingly speed up AI powered tools in those applications. Adobe, DaVinci Resolve, and similar professional software are already adding NPU acceleration to their AI features.

For everyday use like browsing, documents, and video calls, the NPU just works quietly in the background making things a little smoother and saving battery. You will probably never notice it directly, which is actually the point.

A Quick Way to Think About It

Your CPU is the general worker who handles everything. Your GPU is the specialist brought in for visual and parallel tasks. Your NPU is the new AI specialist who handles the growing pile of machine learning work so the other two can focus on what they do best. As AI features become more common in everyday software, having a dedicated processor for that work makes more and more sense.

It is less of a gimmick than it sounds and more of a quiet infrastructure change, the same way dedicated GPU chips went from being only for gamers to being essential for anyone doing any kind of creative work.

Questions About NPU Chips

Can I add an NPU to my existing laptop?

No. The NPU is built directly into the main processor chip. It is not something you can add separately the way you might upgrade RAM or storage. If your current laptop's processor does not have an NPU, the only way to get one is a new laptop.

Is the NPU the same as a graphics card?

No, they are different. A GPU is optimized for rendering graphics and parallel computing across thousands of small tasks at once. An NPU is optimized specifically for the type of math that neural network AI models use. They are both specialized processors but designed for different kinds of work.

Will older laptops without an NPU stop working with new software?

No, older laptops will continue to work fine. Applications will just use the CPU or GPU for AI tasks instead of an NPU, which works but uses more power and may be slower. You will not be locked out of software, you just will not get the efficiency benefits that come with a dedicated NPU.

Windows 11 March 2026 Update Is Causing BSOD and Freezes on Some PCs - Here Is What to Do

2026-03-17T14:30:00.008+05:45

Microsoft pushed out its March 2026 Patch Tuesday update last week and while it fixed a long list of security problems, it also broke things for a group of unlucky users. Reports started coming in quickly after the update installed that some PCs running Windows 11 were experiencing blue screens and random freezing. If your computer has been acting up since the update, you are not imagining it and you are not alone.

The update in question is KB5079473, which targets Windows 11 versions 24H2 and 25H2. On most machines it installs without drama. On others, especially certain Samsung PCs, it has caused serious problems including an inability to access the C drive. Microsoft has officially acknowledged this issue.

What the March 2026 Update Was Supposed to Do

This was not a small update. Microsoft patched 84 security vulnerabilities this month, including some serious ones. There were two publicly disclosed zero-day flaws, one in SQL Server and one in .NET. Office users also got patches for two remote code execution bugs that could be triggered just by previewing a file in the reading pane without even opening it. On top of that, an Excel flaw was fixed that could have let attackers steal data through Microsoft Copilot.

Beyond security, the update added some genuinely useful things. Windows now has a built-in network speed test you can access directly from the taskbar by right clicking the Wi-Fi icon. The Sysmon monitoring tool is now available as an optional Windows feature. Emoji 16 support finally landed in the emoji picker. And Microsoft started rolling out infrastructure changes to prepare for Secure Boot certificate renewals, which become critical before June 2026.

All good things. The problem is the update also introduced instability on a portion of devices.

How to Check If the Update Is the Cause of Your Problems

The most straightforward way to confirm this update caused your issues is to check when the problems started. If your PC began freezing or showing blue screens around March 10 to 14, and you have not changed anything else on your machine, KB5079473 is almost certainly the culprit.

You can verify the update is installed by going to Settings, then Windows Update, then Update History. Look for KB5079473 in the list and check the installation date. If it is there and your troubles started around the same time, proceed to the fixes below.

Fix 1: Uninstall the Update and Wait for a Corrected Version

This is the safest and most straightforward approach for most people. Go to Settings, then Windows Update, then Update History, then Uninstall Updates. Find KB5079473 in the list, click it, and select Uninstall. Your PC will restart and go back to the previous version.

After doing this, temporarily pause Windows Update for one or two weeks. Microsoft will release a corrected version and once the community confirms it is stable, you can allow updates again. To pause updates, go to Settings, Windows Update, and click Pause for 1 week.

Fix 2: Run Startup Repair If Your PC Will Not Boot Properly

If your machine is freezing before you can even get to the desktop, you need to get into Windows Recovery Environment. Force shut down your PC three times in a row by holding the power button and Windows will automatically offer recovery options on the next start. From there choose Troubleshoot, then Advanced Options, then Startup Repair and let it run.

If Startup Repair does not solve it, go back to Advanced Options and choose Uninstall Updates, then select the most recent quality update to remove KB5079473 from there.

Fix 3: For Samsung PC Users Having C Drive Access Issues

Microsoft has specifically confirmed that Windows 11 KB5077181, which was part of the February update rollout, caused some Samsung PCs to lose access to the C drive. The March update carried this issue forward on affected devices. Samsung and Microsoft are aware of it. The temporary workaround is to boot into Safe Mode by holding Shift while clicking Restart, going to Troubleshoot, Advanced Options, Startup Settings, and then pressing F4. From Safe Mode you can uninstall the problematic update through Settings.

One More Thing Every Windows User Needs to Do Before June 2026

Buried in this update is something important that goes beyond the freezing issues. Microsoft has warned that Secure Boot certificates on many Windows devices will start expiring in June 2026. If your device does not get updated with new certificates before then, it could have trouble booting securely.

For most users this will happen automatically through Windows Update over the coming months. But if you have Windows Update paused or disabled, you will want to turn it back on and let the certificate update through before June arrives. This is not something to ignore.

Common Questions About the March 2026 Windows Update

Should I install the March 2026 Windows update right now?

If you have not installed it yet and your work or studies depend on your PC running reliably, it is reasonable to wait a week or two for Microsoft to release a corrected patch. The security fixes are important but none of the vulnerabilities patched this month are being actively exploited right now, so a brief delay is not a significant risk for most home users.

Will uninstalling the update leave my PC less secure?

Temporarily, yes, your PC will be missing some security patches. But since none of the flaws fixed this month are currently being used in real attacks, the practical risk is low for a short waiting period. Just avoid clicking suspicious links or opening unexpected email attachments in the meantime, which is good advice regardless.

How do I know when Microsoft releases a fixed version of the update?

The easiest way is to follow Windows Latest or Bleeping Computer online. Both sites cover Windows updates in plain language and will report quickly when Microsoft releases a corrected patch. You can also check Windows Update in your Settings after resuming updates and look for a new KB number replacing KB5079473.

Meta's New AI Model Is Delayed and the Company May Temporarily Use Google's Instead

2026-03-17T09:00:00.004+05:45

Things are not going smoothly at Meta on the AI front right now. The company spent nine months and over 14 billion dollars building what was supposed to be its most powerful AI model yet, and the launch has now been pushed back. Reports this week revealed that the model, known internally as Avocado, will not arrive until May 2026 at the earliest. And in the meantime, Meta's leadership is reportedly discussing the idea of temporarily licensing Google's Gemini model to fill the gap.

For a company that has positioned itself as one of the leading forces in artificial intelligence, this is a significant and somewhat embarrassing situation.

What Is Avocado and Why Does It Matter

Avocado is the internal code name for Meta's next generation AI model, the one meant to power Meta AI across Facebook, Instagram, WhatsApp, and Ray-Ban smart glasses. Meta has been aggressively hiring AI talent and investing in compute infrastructure to build a model that could genuinely compete with GPT-4o and Gemini at the top level.

The delay matters because AI has become central to Meta's business strategy. The company uses AI for content recommendations, ad targeting, moderation, and the consumer assistant features rolling out across its platforms. Falling behind in model quality means falling behind in all of those areas at once.

Where Avocado Currently Stands Against Its Competitors

According to reports, Avocado does perform better than Meta's previous models and it outperforms the older Gemini 2.5. The problem is that Google did not stand still. Gemini 3.0 launched in November 2025 and Avocado trails behind it. OpenAI and Anthropic have also continued pushing forward, meaning Avocado would launch into a more competitive field than the one Meta was targeting when development began.

Releasing a model that is already behind the current state of the art would be a PR problem on top of a technical one. Meta appears to have decided it is better to wait and release something competitive than to launch on schedule and face comparisons that do not look good.

The Gemini Situation Is the Real Story Here

The more striking part of this story is the Gemini discussion. Meta licensing a Google AI model, even temporarily, would have seemed unthinkable a year ago. These are two of the biggest technology companies in the world and direct competitors across advertising, mobile, and now AI.

But this is what the AI era looks like in practice. The underlying models have become infrastructure, and sometimes it makes business sense to use the best available option rather than ship something weaker just to say you built it yourself. Whether Meta actually goes through with licensing Gemini remains to be seen, but the fact that it is even being discussed says something about how quickly the competitive dynamics in AI are moving.

What This Means for Regular People Using Meta AI

If you use Meta AI on WhatsApp or through the Meta AI assistant on Facebook or Instagram, the practical impact in the short term is limited. The current version of Meta AI keeps working as normal. The delay affects what the next version will be able to do, not what exists today.

Where you might notice a difference is in capabilities. Users who have tried both Meta AI and ChatGPT or Gemini often note that Meta's assistant feels a step behind in complex reasoning and creative tasks. The Avocado delay means that gap does not close as quickly as Meta had planned.

The Bigger Picture for the AI Race in 2026

This story is a useful reminder that building frontier AI models is genuinely hard and expensive, and money alone does not guarantee results on a fixed timeline. Meta has spent more on AI than almost any company in the world and still found itself needing more time. OpenAI, Google, and Anthropic have all had their own delays and stumbles too, they just tend to get less attention.

What the Avocado situation does is confirm that the gap between the leading AI labs and everyone else remains real. Catching up is possible but it takes time, and the leaders do not stop moving while you are trying to catch them.

Questions About Meta AI and the Avocado Delay

Will the delay affect Meta's advertising business?

In the short term, probably not significantly. Meta's current AI systems for ad targeting and content recommendations are separate from the consumer-facing assistant and will continue running as they are. The bigger risk is longer term if Meta's assistant falls further behind competitors and users start preferring other AI tools for the tasks Meta wants them to use Meta AI for.

Is it unusual for a major tech company to license a competitor's AI model?

It is not unheard of. Apple has discussed similar arrangements and many companies use third party model APIs under the hood even when they have their own AI teams. What would make Meta and Google unusual is the scale and the competitive history between the two companies. It would be a significant business moment if it actually happens.

When exactly will Avocado launch?

Current reports point to May 2026, though that date is not officially confirmed by Meta and could shift. The company has not made a public statement about the delay. When it does launch, expect Meta to position it as worth the wait regardless of how it actually benchmarks against the competition at that time.

Blue Screen of Death Errors in 2026: What Each Code Actually Means

2026-03-17T00:01:00.003+05:45

Nothing is more frustrating than staring at a bright blue screen on your PC when you are right in the middle of something important. Your computer crashes, restarts, and leaves you with a cryptic error code that looks like it was written for engineers, not everyday people. The good news is these codes actually tell you exactly what went wrong. Once you know how to read them, fixing the problem becomes a lot less scary.

This guide breaks down the most common Blue Screen of Death errors people are running into in 2026, especially on Windows 11, and explains what each one actually means in plain language.

What Is a Blue Screen of Death and Why Does It Still Happen in 2026

Windows shows a blue screen when something goes so wrong that the system cannot safely continue running. It is a protective mechanism, not a punishment. The operating system basically decides it is safer to stop everything than to keep running and risk corrupting your files or hardware.

In 2026, BSODs are still fairly common, partly because Windows 11 updates have been aggressive and not always stable. Hardware driver conflicts, failing storage drives, and bad RAM are the usual suspects. Sometimes even a recent Windows update itself causes the crash.

When your PC blue screens, it shows a stop code. That code is your starting point for figuring out what went wrong.

The Most Common BSOD Stop Codes in 2026

CRITICAL PROCESS DIED

This is one of the most frequently seen errors right now, especially after Windows 11 updates. It means a core Windows process that the system absolutely needs to run suddenly stopped working. Think of it like your car engine dying while you are driving.

The most common causes are corrupted system files, a bad Windows update, or a third party application that interfered with a core process. The first thing to try is running the System File Checker. Open Command Prompt as administrator and type sfc /scannow and let it run. If that does not help, check if a recent update installed right before the crashes started and consider rolling it back.

MEMORY MANAGEMENT

This one points directly at your RAM. Either your memory modules have a hardware fault, Windows is having trouble managing how memory is being used, or a program is doing something it should not be doing with memory allocation.

Start by running the Windows Memory Diagnostic tool. Search for it in the Start menu, let it run overnight, and check the results when your PC restarts. If errors show up, your RAM stick may be failing. Try removing one stick at a time if you have multiple installed and see if the crashes stop.

PAGE FAULT IN NONPAGED AREA

This sounds very technical but it basically means Windows tried to access a piece of data it expected to find in memory and it was not there. It is often related to RAM problems, but it can also be caused by a faulty or outdated driver.

Check for driver updates first, especially for your graphics card and storage controller. If you recently installed new hardware or changed something inside your PC, that is likely where the problem started.

DRIVER IRQL NOT LESS OR EQUAL

This is almost always a driver problem. A hardware driver tried to access memory at the wrong time or in a way that Windows does not allow. Graphics drivers, network adapter drivers, and audio drivers are common culprits.

The note at the bottom of the blue screen sometimes names the specific driver file causing the issue. Look for something ending in .sys. Search that filename online and it will usually tell you exactly which piece of hardware or software it belongs to. Update or reinstall that driver and the problem typically goes away.

NTFS FILE SYSTEM

Your storage drive is having trouble. This error means Windows found a serious problem with the file system on your hard drive or SSD. It could be physical damage on the drive, file system corruption, or a failing drive that is starting to develop bad sectors.

Run chkdsk /f /r from an elevated Command Prompt and let it scan your drive. If it finds and fixes errors, great. If the errors keep coming back, the drive itself may be failing and you should back up your files immediately and start thinking about a replacement.

SYSTEM SERVICE EXCEPTION

This happens when a system service breaks a rule it is not supposed to break. It is often linked to antivirus software, VPN applications, or system utilities that run deep in the operating system. Security software in particular sometimes causes this because it operates at a very low level of Windows.

Try disabling your third party antivirus temporarily and see if the crashes stop. If they do, contact the antivirus support team or switch to Windows Defender which is built in and generally more stable with Windows 11.

WHEA UNCORRECTABLE ERROR

WHEA stands for Windows Hardware Error Architecture. This error means a hardware component reported an error that Windows could not recover from. Overheating is one of the most common causes. So is overclocking your CPU or RAM beyond stable limits.

Check your CPU temperature using a free tool like HWMonitor. If temperatures are hitting above 90 degrees Celsius under load, your cooling system needs attention. Clean the dust out of your PC, reseat the CPU cooler, or replace the thermal paste if it has been a few years.

How to Find Your BSOD Stop Code If You Missed It

If your PC restarted too fast to read the screen, do not worry. Windows saves a log of every crash. Search for Event Viewer in the Start menu, go to Windows Logs, then System, and look for Critical errors around the time your PC crashed. You can also use a free tool called WhoCrashed which reads the crash dump files Windows saves and gives you a plain English explanation of what happened.

General Steps to Take After Any Blue Screen

Write down or photograph the stop code before the PC restarts.
Check if any new software or hardware was installed recently and remove it temporarily.
Run Windows Update and make sure all drivers are current.
Run sfc /scannow to check for corrupted system files.
If crashes continue, use System Restore to go back to a point when the PC was stable.

When to Worry and When Not To

A single blue screen is not the end of the world. Windows can have a one-off crash for all sorts of minor reasons and never do it again. What you should pay attention to is repeated crashes, especially if they happen during the same activity every time or get more frequent over days. That pattern usually means something specific needs fixing rather than just a random glitch.

If your PC is blue screening multiple times a day and none of the fixes above help, it might be time to consider a clean install of Windows. It sounds drastic but it takes about an hour and solves the vast majority of software related BSOD issues completely.

Common Questions About Blue Screen Errors

Can a Blue Screen of Death damage my PC permanently?

No, the blue screen itself does not cause damage. It is Windows protecting your hardware by stopping before something worse happens. However if the underlying cause is a failing hard drive or overheating CPU and you ignore it for a long time, that hardware problem can get worse on its own.

Is my data safe after a BSOD crash?

Usually yes. Any unsaved work in open applications will be lost, but your stored files are almost always fine. The exception is if your storage drive itself is failing, in which case you should back up everything immediately before trying any fixes.

Why does Windows 11 seem to get more blue screens than Windows 10?

Windows 11 has stricter hardware requirements and its updates have been more frequent and sometimes less tested than Windows 10 updates. Driver compatibility is also an ongoing issue because some older hardware was never properly updated for Windows 11. Many users on older machines find that rolling back to Windows 10 solves their BSOD problems entirely, at least until their hardware situation changes.

SMTP AUTH in Exchange Online Is Being Phased Out: What IT Teams Should Prepare for Now

2026-02-19T17:53:00.001+05:45

Email delivery quietly powers many business processes. Printers send scanned documents, monitoring tools push alerts, applications generate invoices, and automation scripts notify teams without anyone thinking twice about how the messages actually leave the system.

For years, many of these systems have relied on SMTP AUTH using Basic Authentication in Exchange Online. That long-standing method is now approaching its end, and organizations using Microsoft 365 should start preparing before the change becomes disruptive.

This article explains what is changing, why it matters, and how IT administrators can prepare without panic.

Why Microsoft Is Moving Away from SMTP AUTH Basic Authentication

Basic Authentication works using only a username and password. While simple, it creates several security problems:

Credentials are more vulnerable to password spray attacks
Legacy devices cannot enforce modern security policies
Multi-Factor Authentication cannot be properly applied
Compromised accounts can be abused to send spam or phishing emails

Microsoft has been gradually removing Basic Authentication across Microsoft 365 services for the past few years. SMTP AUTH remained available mainly because many organizations still depend on legacy devices and applications that cannot easily modernize.

Now Microsoft is moving the ecosystem toward Modern Authentication (OAuth).

The Updated Deprecation Timeline

Microsoft has introduced a staged approach instead of an immediate shutdown, giving organizations time to adapt.

Key milestones:

Until December 2026: SMTP AUTH using Basic Authentication continues to work as it does today.
End of December 2026: Basic Authentication for SMTP AUTH will be disabled by default for existing tenants. Administrators can temporarily re-enable it if required.
January 2027 onward: Newly created Microsoft 365 tenants will no longer support SMTP AUTH Basic Authentication.
Second half of 2027: Microsoft plans to announce the final retirement date.

This phased rollout signals a clear direction: Basic Authentication is living on borrowed time.

Systems Most Likely to Be Affected

Many organizations underestimate how many services still rely on SMTP AUTH. Common examples include:

Multi-function printers and scanners (scan-to-email)
Monitoring and alerting platforms
Backup systems sending status reports
Legacy business applications
Automated PowerShell or scripting workflows

When SMTP AUTH stops working, emails simply fail to send. The failure often looks unrelated at first, which makes troubleshooting frustrating.

Why This Change Matters More Than It Seems

Email notifications are often part of critical workflows. When they fail:

invoices may not reach customers
alerts may never reach administrators
approval workflows can silently stop
automated reporting breaks

The technical change is small, but the operational impact can be large. The real challenge is not flipping a setting it’s changing how applications authenticate and send email.

Recommended Alternatives Going Forward

Instead of relying on Basic Authentication, organizations should start evaluating modern approaches.

1. SMTP Relay (Connector-Based)

Best suited for internal devices such as printers and scanners sending emails within trusted networks.

2. OAuth Authentication

Modern authentication using secure tokens instead of passwords. This is Microsoft’s preferred long-term solution.

3. Azure Communication Services Email

Useful for applications that send emails to both internal and external recipients at scale.

4. Hybrid Exchange Environments

Organizations running on-premises Exchange servers may temporarily route authentication through hybrid configurations while migrating systems

How to Check If Your Organization Still Uses SMTP AUTH

Before making changes, identify dependencies.

Start with:

Entra ID sign-in logs filtered by SMTP client usage
Exchange Online mailbox settings
Device configuration reviews (especially printers)

Many organizations discover forgotten systems still sending emails years after deployment.

A Practical Migration Strategy

Rather than waiting until enforcement begins, take a gradual approach:

Inventory all email-sending devices and applications
Identify which ones use Basic Authentication
Test modern authentication alternatives
Migrate low-risk systems first
Disable SMTP AUTH tenant-wide after validation

Early testing avoids emergency fixes later.

Final Thoughts

SMTP AUTH Basic Authentication has survived longer than many expected, largely because real-world infrastructure moves slower than security standards. Microsoft’s updated timeline provides breathing room, but it should not be seen as permission to delay preparation.

Organizations that start auditing and modernizing now will avoid last-minute disruptions and improve overall security posture at the same time.

The change is coming gradually, not suddenly. The best time to prepare is while everything still works.

The Real Benefits of Creating a Restore Point in Windows (Complete Guide)

2026-02-12T13:47:00.000+05:45

Modern computers are powerful, fast, and reliable but they are not immune to problems. A simple driver update, software installation, or system tweak can sometimes turn a perfectly working PC into a frustrating mess. Slow performance, startup errors, missing features, or crashing apps can appear without warning. This is where Windows restore points become extremely valuable.

In this guide, you’ll learn what restore points are, how they work, and why using them regularly can save you time, effort, and stress.

What Is a Restore Point in Windows?

A restore point is a saved snapshot of your system’s important settings at a specific moment.

When you create one, Windows stores:

System files
Registry configurations
Installed drivers
Software settings
Core operating system data

If something goes wrong later, you can return your computer to this earlier working state. Think of it as a safety checkpoint for your system.

Why Restore Points Are More Important Than Most Users Realize

Many people ignore restore points until their system breaks. By then, recovery becomes difficult. Here’s why restore points deserve more attention.

1. A Safety Net Before System Changes

Every major system change involves risk.

This includes:

Installing new applications
Updating drivers
Applying Windows updates
Changing system settings
Modifying registry entries

Most changes work fine. Some don’t. Creating a restore point before these actions gives you a quick way back if something fails. It’s a small step that prevents big problems.

2. Fast Recovery Without Reinstalling Windows

Not every issue requires a full system reset.

Many problems are caused by:

Corrupt files
Conflicting programs
Bad updates
Misconfigured drivers
Failed installations

With a restore point, you can undo these changes in minutes. Instead of reinstalling Windows and setting everything up again, you simply roll back to a stable version. This saves hours of work.

3. Your Personal Files Remain Safe

One common fear is losing important data. Fortunately, System Restore does not delete personal files.

Your:

Documents
Photos
Videos
Downloads
Work files

remain untouched. Only system related components are restored. This makes restore points safe for everyday use.

4. Reduced Downtime and Better Productivity

When a computer stops working, productivity stops too. Whether you are working remotely, studying, or managing systems, downtime affects performance.

Restore points help you:

Fix issues quickly
Avoid long troubleshooting sessions
Reduce dependence on technical support
Maintain workflow continuity

For professionals and businesses, this is a major advantage.

5. Automatic Restore Points Are Not Enough

Windows sometimes creates restore points automatically, especially before major updates. However, this is not consistent. Some system changes happen without any restore point being created. Relying only on automatic protection is risky. Manual restore points give you full control and peace of mind.

What Restore Points Cannot Do

Restore points are helpful, but they are not a complete backup solution.

They cannot:

Recover deleted personal files
Protect against hardware failure
Replace cloud or external backups
Fix damaged hard drives
Recover data after ransomware attacks

For full protection, you still need proper backups. Think of restore points as quick recovery tools, not permanent storage.

When Should You Create a Restore Point?

For best results, create restore points before:

Installing major Windows updates
Updating graphics, network, or chipset drivers
Installing unfamiliar software
Making registry changes
Applying security tools
Upgrading Windows versions

A good habit is simple: If you are about to change something important, create a restore point first.

Why IT Professionals Rely on Restore Points

In IT support and system administration, restore points are essential.

They help when:

Testing new configurations
Deploying updates
Installing management software
Troubleshooting user devices
Applying security policies

Instead of rebuilding systems, technicians can restore them quickly. This improves efficiency and reduces downtime.

How Often Should You Create Restore Points?

There is no strict rule, but a practical approach is:

Before every major change
Once every few weeks on stable systems
Before installing new tools or updates

If you manage multiple computers, make this part of your standard procedure.

Should You Rely Only on Restore Points?

No.

Restore points work best when combined with:

Regular file backups
Cloud storage
External drives
Updated antivirus software
Security patches

Together, these create a strong protection system. Never rely on only one recovery method.

Final Thoughts: A Simple Habit That Protects Your System

Creating restore points is one of the easiest ways to protect your Windows computer.

It costs nothing.
It takes less than a minute.
It prevents major headaches.

Yet many users never use it. By making restore points part of your routine, you reduce risk, save time, and gain confidence in your system.

In simple terms: A restore point is your computer’s insurance policy. You may not need it today. But when problems appear, you’ll be grateful it’s there.

Failed to Recover ME Firmware and 2100 Storage Detection Error

2026-01-23T13:23:00.000+05:45

You update the BIOS on your ThinkPad. The system restarts. Then an error appears. Failed to recover ME Firmware. 2100 Storage detection error. The laptop does not boot. This issue affects several ThinkPad Gen 4 and Gen 8 models after recent BIOS updates. This guide explains the cause and gives a clear fix you can apply in minutes.

Affected ThinkPad Models

This issue appears after specific BIOS updates on the models below.
ThinkPad P14s Gen 4 with BIOS version 1.21 R24ET38W or newer.
ThinkPad P16s Gen 4 with BIOS version 1.21 R24ET38W or newer.
ThinkPad X3 Gen 4 with BIOS version 1.18 R27ET33W or newer.
ThinkPad L13 Gen 4 Yoga with BIOS version 1.18 R27ET33W or newer.
ThinkPad S2 Gen 8 with BIOS version 1.18 R27ET33W or newer.
ThinkPad S2 Gen 8 Yoga with BIOS version 1.18 R27ET33W or newer

Error Symptoms

You see Failed to recover ME Firmware during startup.
You see 2100 Storage detection error.
The system stops before loading the operating system.
The SSD looks missing even though it worked before the update.

Why This Happens

The BIOS update resets Intel Management Engine settings.

The ME firmware update does not complete during the first boot.

The system waits for a manual BIOS reset to trigger recovery.

The storage error appears as a side effect of this state.

How to Fix ME Firmware and 2100 Storage Detection

Follow the steps exactly.

Power on the ThinkPad.
When the 2100 Storage detection error screen appears, press ESC or Enter Key
Enter BIOS Setup.
Press F9 to load default settings.
Select Yes when asked to confirm.
Press F10 to save changes and exit.
Confirm and allow the system to restart.

What Happens Next

During the restart, the system updates Intel ME Firmware automatically.

The firmware version updates to 16.1.32.2418.
The storage device initializes normally.
Windows or Linux boots without errors.
No data loss occurs. No SSD replacement needed.
Post Fix Checks
After login, verify system health.
Check BIOS version and confirm it matches the installed update.
Confirm Intel ME Firmware shows version 16.1.32.2418.
Verify SSD appears correctly in BIOS and operating system.
Run a normal restart once more to confirm stability.

Final Notes

This issue relates to BIOS behavior, not hardware failure.

Replacing the SSD does not solve the problem.

Resetting BIOS defaults triggers the required ME recovery process.

TMS Share Sale Process and Post Sale Actions in Nepal

2026-01-01T22:39:00.003+05:45

Introduction

When you sell shares through TMS, your work does not end at order execution. You must complete EDIS and update My Holdings on time. Delay leads to penalties. This article explains the full flow using a real transaction example. You will learn what happens after selling shares and what actions you must take.

Transaction overview (Example)

For Example you placed a sell order on 2025-12-28. The broker completed the sale and issued the bill on 2026-01-01.

Key details

Bill No: KTM-S82803-0379101
Transaction Date: 2082-09-13, 2025-12-28 AD
Settlement Date: 2082-09-16, 2025-12-31 AD

Sold scripts summary (For Example)

HBL, quantity 10, sale amount 1,884.00
MMF1, quantity 100, sale amount 860.00
SYPNL, quantity 10, sale amount 7,960.00

Financial summary

Total share amount: 10,704.00
Total commission: 48.66
Capital gain tax: 538.79
DP fee: 75.00
Net payable amount: 10,039.99

This is the final amount you receive after all charges and taxes.

Understanding charges and taxes

When you sell shares, multiple deductions apply.

Commission breakdown

NEPSE commission 20 percent: 9.73
SEBON regularity fee 0.6 percent: 0.29
Broker commission 79.40 percent: 38.63

Tax

Capital gain tax depends on your base price and holding period.
In this transaction, CGT totaled 538.79.

Why EDIS is mandatory after selling

After selling shares, you must transfer them to the buyer using EDIS. This step confirms delivery.

Important rule

You must complete EDIS by the next day after sale. If you miss the deadline, a 20 percent penalty applies.

EDIS is not optional. Without it, settlement fails.

How to calculate My Holdings after selling

After sale, your holdings must reflect the updated quantity and cost.

Steps to calculate My Holdings

Log in to Mero Share App or Web app.
Go to My Purchase Source.
Open My Holdings.
Click Holdings Calculate and update.

Special case, merged companies

If the sold company went through a merger, click User Defined Merger Flag.
Write merger in Remarks.
Update My Holdings.
If no merger exists, skip this step.

This step keeps your cost and quantity accurate for future tax calculation.

How to transfer shares using EDIS

Follow these steps carefully to avoid errors.

EDIS process

Go to My EDIS.
Open Transfer Share.
Click View Details.
Click Select All.
Click Update.
Go to My WACC.
Check the WACC rate.
Confirm WACC update.

When the system shows Successfully Transfer for Requested Share, EDIS is complete.

Settlement timeline explained

Trade date T, 2025-12-28.
Settlement date T plus 3, 2025-12-31.
Funds reach you after settlement, once EDIS finishes on time.

Key mistakes to avoid

Skipping EDIS after selling.
Missing the next day deadline.
Not updating My Holdings.
Ignoring merger status while updating holdings.
Confirming WACC without checking rates.

Final takeaway

Selling shares in TMS is only the first step. You must complete EDIS and update My Holdings on time. These actions protect you from penalties and settlement issues. Follow the steps exactly. Track dates. Check amounts. Your discipline saves money and avoids stress.

How to Reset a Forgotten Windows Password Using the Utilman Trick

2025-12-11T14:57:00.001+05:45

Forgetting your Windows password can be frustrating, especially when you need to access your system immediately. Luckily, there’s a reliable method that works in both Windows 10 and Windows 11 using the Ease of Access button at the login screen. This method involves temporarily replacing Utilman.exe with Command Prompt, letting you reset your password safely.

Disclaimer: Use this guide only on computers you own or have permission to access. Bypassing passwords on unauthorized devices is illegal.

Step 1: Enter Windows Recovery Mode

Before you can perform any system file changes, you must be in Recovery Mode (WinRE). Windows protects its system files, so normal login mode won’t allow the required changes.

You can enter recovery mode using one of these methods:

Method 1: Using Windows Installation USB/DVD

Boot your PC from a Windows installation USB or DVD.

Select Repair your computer.

Go to Troubleshoot → Advanced Options → Command Prompt.

Method 2: Automatic Repair

If Windows fails to boot multiple times, it may automatically launch Recovery Mode. Then navigate to:

Troubleshoot → Advanced Options → Command Prompt

Method 3: Shift + Restart

On the login screen, hold Shift and click Power → Restart.

Release Shift when the recovery menu appears.

Navigate to: Troubleshoot → Advanced Options → Command Prompt

Step 2: Navigate to System32

Once the Command Prompt opens, find the drive where Windows is installed. Often, it’s C:, but in recovery mode it might appear as D: or E:

cd Windows\System32

If that doesn’t work, switch to D: or E: and try again.

Step 3: Rename Utilman.exe

Windows uses Utilman.exe for the Ease of Access button on the login screen. We’ll temporarily rename it so we can replace it with Command Prompt:

ren utilman.exe utilman1.exe

This keeps the original file safe for later restoration.

Step 4: Replace Utilman.exe With CMD

Now copy cmd.exe in place of Utilman:

copy cmd.exe utilman.exe

Note: The old “reb” command doesn’t work; copy is the correct way.

Step 5: Restart Your Computer

Type:

wpeutil reboot

Or simply close Command Prompt and restart normally.

Step 6: Reset the Password From the Login Screen

At the login screen:

Click the Ease of Access icon (bottom-right).

Instead of accessibility tools, a Command Prompt will appear.

Type

control userpasswords2

Then click your Account Reset it and click apply Okay.

Step 7: Restore the Original Utilman.exe

After logging in, restore the original Utilman file:

cd C:\Windows\System32
del utilman.exe
ren utilman1.exe utilman.exe

This ensures your system is back to normal.

Final Thoughts

This method is a simple, reliable way to recover access to Windows 10 and 11 without third-party tools.

Always remember: use this responsibly. Passwords exist to protect users, and bypassing them without permission is illegal.

Why People Say “Revoke” After a Wallet Hack

2025-08-13T23:04:00.006+05:45

Whenever someone’s wallet gets compromised, you’ll often see people saying “Revoke everything!” But why? What happens when you revoke?

Before answering that, you need to know two terms: Approve and Permit. Approve is when you give another wallet address or smart contract permission to spend your tokens or NFTs on your behalf. This requires an on-chain transaction. Permit is similar but works with an off-chain signature, so no transaction fee is involved.

Why give this permission at all? Take OpenSea as an example. When you list an NFT for sale, you approve that NFT to the OpenSea contract. This allows OpenSea to transfer it once a buyer pays. Without this approval, OpenSea would have to rely on you to manually send the NFT, which isn’t practical.

Now, here’s the risk. If a contract you approved gets hacked, the attacker can use that permission to move your assets. Even if your wallet isn’t directly hacked, any active approval to a compromised contract is dangerous.

This is where revoking comes in. Revoking removes the permission you gave earlier. Once revoked, the contract can’t transfer your tokens or NFTs anymore. It’s like taking back a spare key before it can be misused.

If your wallet is hacked or you’ve approved a risky contract in the past, revoke those approvals immediately. It’s a simple step that can prevent further loss.

Access Restricted, Access from Your IP is Restricted” in TrueNAS Scale

2025-08-11T00:11:00.001+05:45

While managing my TrueNAS Scale setup, I once ran into a frustrating issue. After tweaking the network settings, I accidentally added an IP address to the Allowed IP Addresses list under the system settings. The result? Instant lockout. The web interface showed the dreaded message:

Access restricted, Access from your IP is restricted

If you have made the same mistake, there is a quick way to fix it without reinstalling or resetting your entire configuration.

Cause of the Problem

TrueNAS Scale has a security feature that lets you specify which IP addresses can access the web interface. If your current IP is not on the list, the system blocks you completely. Adding the wrong IP, or limiting access too narrowly, triggers this issue.

How I Fixed It

Since the web interface was blocked, I had to use SSH or the system console. If you still have shell access, follow these steps:

Run the following command to clear the allowed IP list:

system general update ui_allowlist=[]

system general ui_restart

After running these commands, refresh your browser and the TrueNAS Scale dashboard should be accessible again from your IP.

Tips to Avoid This in the Future

Double-check IP addresses before adding them to the allowlist.
If you need to restrict access, ensure you also include your current IP.
Keep SSH access enabled as a backup for cases like this.

This quick fix saved me from hours of downtime. If you run into the same “Access from your IP is restricted” error, these commands should get you back online fast.

Cloudflare Tunnel for TrueNAS Access

2025-08-05T13:18:00.006+05:45

Cloudflare Tunnel for TrueNAS Access

Securely access my NAS web interface using a public domain without opening ports. Achieved using the Cloudflare Tunnel app on TrueNAS SCALE.

1. Goal

Expose nas.bikrambhujel.com.np to the internet so I can access TrueNAS from anywhere securely, without using port forwarding.

2. Requirements

Domain: bikrambhujel.com.np (added to Cloudflare DNS)
TrueNAS SCALE with app support
Cloudflare account
Cloudflare Tunnel app installed from TrueNAS Apps catalog

3. DNS Configuration

In Cloudflare Dashboard, added nas.bikrambhujel.com.np as a subdomain. Let the tunnel create a CNAME record automatically pointing to Cloudflare’s tunnel endpoint.

4. TrueNAS App Installation

Steps:

Go to TrueNAS SCALE web interface.
Navigate to Apps > Available Applications.
Search for Cloudflare Tunnel.
Click Install.

Key fields configured:

Tunnel Name: nas-access
Local Service URL: http://XXX.XXX.XXX.XXX:XXXX (TrueNAS IP and GUI port)
Public Hostname: nas.bikrambhujel.com.np
Mounted config path under: /mnt/dockge/config/cloudflare/

5. Resulting config.yaml

The app generated this inside the mounted dataset:

tunnel: <tunnel-uuid>
credentials-file: /etc/cloudflared/<tunnel-uuid>.json

ingress:
  - hostname: nas.bikrambhujel.com.np
    service: http://XXX.XXX.X.XXX:XXXX
  - service: http_status:404

You can find this at Pool/mnt/config/cloudflare/config.yaml

6. Access Test

From any browser, opened:
https://nas.bikrambhujel.com.np
Confirmed it loads TrueNAS dashboard securely.

7. Benefits

No need to open ports or configure firewall
End-to-end encryption (TLS)
Public access controlled via Cloudflare
Easy to add more subdomains/services in future

8. Future Enhancements

Protect with Cloudflare Access login policy
Add apps like Jellyfin, Immich using same tunnel
Document all subdomain routes in one config.yaml

TrueNAS Home Server

2025-08-05T11:28:00.004+05:45

This project makes me happy because I enjoy learning about self-hosting, improving my IT skills, and having full control over my data and services. Replacing UGREEN’s built-in OS with TrueNAS SCALE allowed me to build a reliable home server tailored for file storage, Docker containers, and remote access.

Built for media streaming, file storage, Docker app hosting, and remote access using Cloudflare Tunnel.

2. Hardware Details

Model: UGREEN DXP 2800
CPU: Intel N100
RAM: 16GB DDR5
Storage: 1TB SSD, 2TB HDD (Seagate), 1TB HDD (WD Blue)
Network: Gigabit LAN

3. Installation Steps

Before starting the TrueNAS installation, you must disable the default UGREEN OS and hardware watchdog in BIOS to ensure smooth operation:

To enter BIOS on the UGREEN DXP 2800, press and hold Ctrl + F12 during boot.
If that doesn’t work, try Fn + F12 on some keyboards.
Inside BIOS, disable the pre-installed UGREEN OS.
Disable the hardware watchdog feature to avoid unexpected reboots.
Save changes and reboot from USB to start TrueNAS installation.

These steps prevent conflicts with the locked original OS and ensure TrueNAS runs reliably.

Flash TrueNAS SCALE ISO using balenaEtcher
Boot UGREEN from USB
Install TrueNAS on SSD
Access web UI via http://truenas.local

4. Storage Configuration

Pool: mainpool

Datasets: dockge/config/snipeit, dockge/stacks, backups, media
Permissions: 1000:1000 ownership, chmod 775

5. Docker App Management

Apps: Jellyfin, Immich, Wardenvault, Cloudflare Tunnel, Snipe-IT

Installed via TrueNAS Apps or Docker Compose. Volumes mapped to respective datasets. Backups stored weekly in /backups.

6. Networking and Remote Access

Local: http://truenas.local
Remote: nas.bikrambhujel.com.np
Accessed securely via Cloudflare Tunnel

7. Services Running

Jellyfin
Immich
Cloudflare Tunnel
Snipe-IT
Wardenvault

8. Backup and Monitoring

Snapshots and rsync to external drive
Monitoring via TrueNAS dashboard

9. Challenges Faced

Snipe-IT 500 error: fixed MySQL credentials
Dataset permission issues: fixed with chmod/chown
Cloudflare Tunnel misconfig: fixed YAML structure

10. Access and Security

SSH enabled with key auth
No ports exposed
Monthly update policy

11. Future Plans

Install Pi-hole and Home Assistant
Run lightweight VMs

12. Hosting Method

This project is linked on my main site bikrambhujel.com.np/projects.

Other Projects

Snipe-IT Inventory Management — Read Post
Pi-hole DNS Ad Blocker — Read Post
Cloudflare Tunnel Setup — Read Post
Home Assistant on Docker — Read Post

Snipe-IT Inventory System

2025-08-05T10:39:00.008+05:45

1. Project Scope and Purpose

This project documents the deployment of the Snipe-IT IT asset management system on my home server running TrueNAS SCALE.

Snipe-IT is used for managing IT equipment inventory for regional offices.

Track hardware assets and licenses
Manage IT inventory remotely
Automate asset lifecycle and reporting

2. Hardware Details

Server: UGREEN DXP 2800
CPU: Intel N100
RAM: 16GB DDR5
Storage: 1TB SSD (system/apps), 2TB HDD (storage)
Network: Gigabit LAN

3. Installation Steps

Prepare TrueNAS SCALE with required datasets
Deploy Snipe-IT using Docker Compose
Configure MySQL database and user
Set up web access and SSL via Cloudflare Tunnel
Test and finalize installation

4. Storage Configuration

Snipe-IT data stored in dataset Pool/config/snipeit with permissions set to 1000:1000 and chmod 775.

Database files on SSD for performance.

5. Docker App Management

Installed using Docker Compose YAML with volumes mapped to datasets.

Uses MariaDB container for database backend.

Regular backups scheduled using TrueNAS snapshot and export.

6. Networking and Remote Access

Local access via LAN IP
Public access secured by Cloudflare Tunnel at snipeit.bikrambhujel.com.np
Firewall rules allow secure access only

7. Services Running

Snipe-IT web application
MySQL database server
Cloudflare Tunnel service

8. Backup and Monitoring

Daily dataset snapshots
Database dumps scheduled weekly
Monitoring via TrueNAS dashboard and container logs

9. Challenges Faced

Database connection issues due to incorrect credentials
Permission errors resolved by adjusting dataset ownership
Initial SSL certificate problems fixed with Cloudflare config

10. Access and Security

SSH access to server secured by key authentication
Web access protected by Cloudflare Tunnel and HTTPS
Regular updates applied to Docker images and TrueNAS

11. Future Plans

Integrate Snipe-IT with LDAP for user management
Automate alerts for asset lifecycle events
Expand storage for larger inventory data

12. Host It on Your Domain

Accessible via subdomain snipeit.bikrambhujel.com.np, configured through Cloudflare with reverse proxy and SSL.

Hosted inside TrueNAS SCALE using Docker containers.

Create a Multi-Boot USB with Ventoy - Boot Windows & Linux ISOs Easily

2025-06-18T11:29:00.028+05:45

If you’re someone who regularly installs operating systems or tests multiple ISO images, you know how frustrating it is to format your USB drive every time. Luckily, there’s a smarter way. In this post, I’ll walk you through how to create a multi-bootable USB drive using Ventoy a powerful tool that lets you boot multiple ISO files from a single USB stick. Whether you're working with Windows, Linux distributions like Ubuntu or Kali, or system rescue ISOs, Ventoy makes the whole process easy and fast.

What is Ventoy?

Ventoy is a free and open-source utility that lets you copy multiple ISO files to your USB drive and boot from them directly no need to extract or re-burn images.

With Ventoy, you:

Format once and never again
Just drag and drop ISOs to the USB
Boot directly into any ISO without extra steps

It supports:

Legacy BIOS & UEFI boot
Over 900+ ISO files
Windows, Linux, antivirus tools, and more

If you’ve ever used tools like Rufus or balenaEtcher, you’ll notice that Ventoy saves you a lot of time especially when dealing with multiple operating systems.

What You’ll Need

To get started with Ventoy, here’s what you need:

A USB drive (8GB or more; 16GB+ recommended)
The ISO files you want to boot (e.g., Windows 10, Ubuntu, etc.)
A computer running Windows or Linux
The Ventoy tool (download link below)

Step 1: Download Ventoy

First, head over to the official Ventoy website and download the latest release.

For Windows users, the file will be a ZIP archive. Extract it using any tool like WinRAR or 7-Zip.

Step 2: Install Ventoy on Your USB

Once extracted, open the folder and look for Ventoy2Disk.exe. Right click and run as administrator.

Now follow these steps:

Select your USB drive from the dropdown
Click Install (⚠️ This will format your USB, so back up any important data first.)
Once installed, the USB is ready to use with Ventoy.

Your USB now has a bootable loader that can detect and boot from ISO files.

Step 3: Add ISO Files

This part is unbelievably simple.

Open your USB drive it will now look like a regular storage drive. Just copy and paste your ISO files into it. That’s it. No need to use Rufus or burn ISOs ever again.

You can add:

Windows 10 or 11 ISO
Ubuntu, Fedora, Debian
Kali Linux
Hiren’s BootCD, SystemRescue
Antivirus boot tools, etc.

You can even organise them into folders if you want, and they’ll still show up in the boot menu.

Step 4: Boot From USB

To boot from your new multi-boot USB:
Plug it into the computer
Reboot and press the boot menu key (like F12, F10, Esc varies by manufacturer)
Select the USB drive
Ventoy will load a list of all ISO files you copied
Use the arrow keys to select the one you want and press Enter

You’re now booting directly from the ISO no installation, no extra tools.

Why Use Ventoy Over Other Tools?

Here are some key reasons why Ventoy stands out:

No reformatting each time you change the ISO
Supports multiple ISOs on a single USB drive
Fast and flexible – just drag, drop, and boot
Free and open source
Works with both Legacy and UEFI systems
Compatible with persistent Linux setups

Once you try it, you'll never go back to traditional ISO burning methods.

Pro Tips for Using Ventoy

You can rename ISO files for easy identification in the boot menu.
Organise ISOs into folders to keep things tidy.
Check compatibility list on Ventoy’s supported ISOs.
Advanced users can apply custom themes or enable persistence for live Linux ISOs.

Useful Links:

Download Ventoy: https://www.ventoy.net/en/download.html

Official Documentation: https://www.ventoy.net/en/doc_start.html

Final Thoughts

Creating a multi-boot USB with Ventoy is not just easy it’s game changing. Whether you're an IT support specialist like me, a system administrator, or someone who just enjoys experimenting with different OS, this tool can seriously improve your workflow.

Give it a try and let me know how it works for you. If you run into any problems or have questions, feel free to drop a comment below. I'm happy to help!