Tech – Page 9

Raspberry Pi cuts product returns by 50% by changing up its pin soldering

electronics, electronics manufacturing, manufacturing, Raspberry Pi, raspberry pi 5, single board computers, soldering, Tech / Kelly Newman / May 1, 2025

Getting the hang of through-hole soldering is tricky for those of us tinkering at home with our irons, spools, flux, and, sometimes, braids. It’s almost reassuring, then, to learn that through-hole soldering was also a pain for a firm that has made more than 60 million products with it.

Raspberry Pi boards have a combination of surface-mount devices (SMDs) and through-hole bits. SMDs allow for far more tiny chips, resistors, and other bits to be attached to boards by their tiny pins, flat contacts, solder balls, or other connections. For those things that are bigger, or subject to rough forces like clumsy human hands, through-hole soldering is still required, with leads poked through a connective hole and solder applied to connect and join them securely.

The Raspberry Pi board has a 40-pin GPIO header on it that needs through-hole soldering, along with bits like the Ethernet and USB ports. These require robust solder joints, which can’t be done the same way as with SMT (surface-mount technology) tools. “In the early days of Raspberry Pi, these parts were inserted by hand, and later by robotic placement,” writes Roger Thornton, director of applications for Raspberry Pi, in a blog post. The boards then had to go through a follow-up wave soldering step.

Now Pi boards have their tiny bits and bigger pieces soldered at the same time through an intrusive reflow soldering process undertaken with Raspberry Pi’s UK manufacturing partner, Sony. After adjusting component placement, the solder stencil, and the connectors, the board makers could then place and secure all their components in the same stage.

Raspberry Pi cuts product returns by 50% by changing up its pin soldering Read More »

Intel says it’s rolling out laptop GPU drivers with 10% to 25% better performance

intel, Tech / Kelly Newman / April 30, 2025

Intel’s oddball Core Ultra 200V laptop chips—codenamed Lunar Lake—will apparently be a one-off experiment, not to be replicated in future Intel laptop chips. They’re Intel’s only processors with memory integrated onto the CPU package; the only ones with a neural processing unit that meets Microsoft’s Copilot+ performance requirements; and the only ones with Intel’s best-performing integrated GPUs, the Intel Arc 130V and 140V.

Today, Intel announced some updates to its graphics driver that specifically benefit those integrated GPUs, welcome news for anyone who bought one and is trying to get by with it as an entry-level gaming system. Intel says that version 32.0.101.6734 of its graphics driver can speed up average frame rates in some games by around 10 percent and can speed up “1 percent low FPS” (that is, for any given frames-per-second measurement, whatever your frame rate is the slowest 1 percent of the time) by as much as 25 percent. This should, in theory, make games run better in general and ease some of the stuttering you notice when your game’s performance dips down to that 1 percent level.

Intel’s performance numbers for its new GPU drivers on a laptop running at the “common default power level” of 17 W. Credit: Intel

Intel’s performance comparisons were made using an MSI Claw 7 AI+ using an Arc 140V GPU, and they compare the performance of driver version 32.0.101.6732 (released April 2) to version 32.0.101.6734 (released April 8). The two additional driver packages Intel has released since then will contain the improvements, too.

Intel says it’s rolling out laptop GPU drivers with 10% to 25% better performance Read More »

OnePlus lowers Watch 3 price by $150, promises refunds for early buyers

OnePlus, smartwatches, tariffs, Tech, wearables / DJ Henderson / April 28, 2025

Things are still uncertain, but OnePlus claims to have made some adjustments to its supply chain so it can offer the Watch 3 at a more palatable price. It’s unlikely that OnePlus could eat the cost of that Chinese tariff on a wearable, so perhaps it found a way to redirect its shipments through another location with lower tariffs.

A company spokesperson confirms the watch is now listed at $349.99 in the US, and it will stay at that price despite any future changes to import tariffs. This is a bit higher than the original $330 price tag, but it’s not bad given the challenging market conditions and OnePlus’ Chinese roots.

“This change reflects our effort to be transparent, responsive, and committed to bringing the OnePlus Watch 3 to the US at a competitive price point, despite the ongoing market conditions,” a OnePlus spokesperson said.

At $500, the OnePlus Watch 3 was hard to justify when devices like the Pixel Watch, itself not exactly a bargain-priced wearable, are available for substantially less. Still, there are probably some OnePlus fans who bit at $500. The company says anyone who paid that price since the watch’s release in early April will get a refund of the difference—keep an eye out for an email from OnePlus support with details.

For anyone who was planning to pick up the Watch 3 and was scared off by the tariff increase, the lower price is available immediately in the OnePlus store.

OnePlus lowers Watch 3 price by $150, promises refunds for early buyers Read More »

iOS and Android juice jacking defenses have been trivial to bypass for years

android, Apple, Biz & IT, choicejacking, Features, Google, iOS, juice jacking, juicejacking, Security, Tech / Kelly Newman / April 28, 2025

SON OF JUICE JACKING ARISES

New ChoiceJacking attack allows malicious chargers to steal data from phones.

Credit: Aurich Lawson | Getty Images

About a decade ago, Apple and Google started updating iOS and Android, respectively, to make them less susceptible to “juice jacking,” a form of attack that could surreptitiously steal data or execute malicious code when users plug their phones into special-purpose charging hardware. Now, researchers are revealing that, for years, the mitigations have suffered from a fundamental defect that has made them trivial to bypass.

“Juice jacking” was coined in a 2011 article on KrebsOnSecurity detailing an attack demonstrated at a Defcon security conference at the time. Juice jacking works by equipping a charger with hidden hardware that can access files and other internal resources of phones, in much the same way that a computer can when a user connects it to the phone.

An attacker would then make the chargers available in airports, shopping malls, or other public venues for use by people looking to recharge depleted batteries. While the charger was ostensibly only providing electricity to the phone, it was also secretly downloading files or running malicious code on the device behind the scenes. Starting in 2012, both Apple and Google tried to mitigate the threat by requiring users to click a confirmation button on their phones before a computer—or a computer masquerading as a charger—could access files or execute code on the phone.

The logic behind the mitigation was rooted in a key portion of the USB protocol that, in the parlance of the specification, dictates that a USB port can facilitate a “host” device or a “peripheral” device at any given time, but not both. In the context of phones, this meant they could either:

Host the device on the other end of the USB cord—for instance, if a user connects a thumb drive or keyboard. In this scenario, the phone is the host that has access to the internals of the drive, keyboard or other peripheral device.
Act as a peripheral device that’s hosted by a computer or malicious charger, which under the USB paradigm is a host that has system access to the phone.

An alarming state of USB security

Researchers at the Graz University of Technology in Austria recently made a discovery that completely undermines the premise behind the countermeasure: They’re rooted under the assumption that USB hosts can’t inject input that autonomously approves the confirmation prompt. Given the restriction against a USB device simultaneously acting as a host and peripheral, the premise seemed sound. The trust models built into both iOS and Android, however, present loopholes that can be exploited to defeat the protections. The researchers went on to devise ChoiceJacking, the first known attack to defeat juice-jacking mitigations.

“We observe that these mitigations assume that an attacker cannot inject input events while establishing a data connection,” the researchers wrote in a paper scheduled to be presented in August at the Usenix Security Symposium in Seattle. “However, we show that this assumption does not hold in practice.”

The researchers continued:

We present a platform-agnostic attack principle and three concrete attack techniques for Android and iOS that allow a malicious charger to autonomously spoof user input to enable its own data connection. Our evaluation using a custom cheap malicious charger design reveals an alarming state of USB security on mobile platforms. Despite vendor customizations in USB stacks, ChoiceJacking attacks gain access to sensitive user files (pictures, documents, app data) on all tested devices from 8 vendors including the top 6 by market share.

In response to the findings, Apple updated the confirmation dialogs in last month’s release of iOS/iPadOS 18.4 to require a user authentication in the form of a PIN or password. While the researchers were investigating their ChoiceJacking attacks last year, Google independently updated its confirmation with the release of version 15 in November. The researchers say the new mitigation works as expected on fully updated Apple and Android devices. Given the fragmentation of the Android ecosystem, however, many Android devices remain vulnerable.

All three of the ChoiceJacking techniques defeat the original Android juice-jacking mitigations. One of them also works against those defenses in Apple devices. In all three, the charger acts as a USB host to trigger the confirmation prompt on the targeted phone.

The attacks then exploit various weaknesses in the OS that allow the charger to autonomously inject “input events” that can enter text or click buttons presented in screen prompts as if the user had done so directly into the phone. In all three, the charger eventually gains two conceptual channels to the phone: (1) an input one allowing it to spoof user consent and (2) a file access connection that can steal files.

An illustration of ChoiceJacking attacks. (1) The victim device is attached to the malicious charger. (2) The charger establishes an extra input channel. (3) The charger initiates a data connection. User consent is needed to confirm it. (4) The charger uses the input channel to spoof user consent. Credit: Draschbacher et al.

It’s a keyboard, it’s a host, it’s both

In the ChoiceJacking variant that defeats both Apple- and Google-devised juice-jacking mitigations, the charger starts as a USB keyboard or a similar peripheral device. It sends keyboard input over USB that invokes simple key presses, such as arrow up or down, but also more complex key combinations that trigger settings or open a status bar.

The input establishes a Bluetooth connection to a second miniaturized keyboard hidden inside the malicious charger. The charger then uses the USB Power Delivery, a standard available in USB-C connectors that allows devices to either provide or receive power to or from the other device, depending on messages they exchange, a process known as the USB PD Data Role Swap.

A simulated ChoiceJacking charger. Bidirectional USB lines allow for data role swaps. Credit: Draschbacher et al.

With the charger now acting as a host, it triggers the file access consent dialog. At the same time, the charger still maintains its role as a peripheral device that acts as a Bluetooth keyboard that approves the file access consent dialog.

The full steps for the attack, provided in the Usenix paper, are:

1. The victim device is connected to the malicious charger. The device has its screen unlocked.

2. At a suitable moment, the charger performs a USB PD Data Role (DR) Swap. The mobile device now acts as a USB host, the charger acts as a USB input device.

3. The charger generates input to ensure that BT is enabled.

4. The charger navigates to the BT pairing screen in the system settings to make the mobile device discoverable.

5. The charger starts advertising as a BT input device.

6. By constantly scanning for newly discoverable Bluetooth devices, the charger identifies the BT device address of the mobile device and initiates pairing.

7. Through the USB input device, the charger accepts the Yes/No pairing dialog appearing on the mobile device. The Bluetooth input device is now connected.

8. The charger sends another USB PD DR Swap. It is now the USB host, and the mobile device is the USB device.

9. As the USB host, the charger initiates a data connection.

10. Through the Bluetooth input device, the charger confirms its own data connection on the mobile device.

This technique works against all but one of the 11 phone models tested, with the holdout being an Android device running the Vivo Funtouch OS, which doesn’t fully support the USB PD protocol. The attacks against the 10 remaining models take about 25 to 30 seconds to establish the Bluetooth pairing, depending on the phone model being hacked. The attacker then has read and write access to files stored on the device for as long as it remains connected to the charger.

Two more ways to hack Android

The two other members of the ChoiceJacking family work only against the juice-jacking mitigations that Google put into Android. In the first, the malicious charger invokes the Android Open Access Protocol, which allows a USB host to act as an input device when the host sends a special message that puts it into accessory mode.

The protocol specifically dictates that while in accessory mode, a USB host can no longer respond to other USB interfaces, such as the Picture Transfer Protocol for transferring photos and videos and the Media Transfer Protocol that enables transferring files in other formats. Despite the restriction, all of the Android devices tested violated the specification by accepting AOAP messages sent, even when the USB host hadn’t been put into accessory mode. The charger can exploit this implementation flaw to autonomously complete the required user confirmations.

The remaining ChoiceJacking technique exploits a race condition in the Android input dispatcher by flooding it with a specially crafted sequence of input events. The dispatcher puts each event into a queue and processes them one by one. The dispatcher waits for all previous input events to be fully processed before acting on a new one.

“This means that a single process that performs overly complex logic in its key event handler will delay event dispatching for all other processes or global event handlers,” the researchers explained.

They went on to note, “A malicious charger can exploit this by starting as a USB peripheral and flooding the event queue with a specially crafted sequence of key events. It then switches its USB interface to act as a USB host while the victim device is still busy dispatching the attacker’s events. These events therefore accept user prompts for confirming the data connection to the malicious charger.”

The Usenix paper provides the following matrix showing which devices tested in the research are vulnerable to which attacks.

The susceptibility of tested devices to all three ChoiceJacking attack techniques. Credit: Draschbacher et al.

User convenience over security

In an email, the researchers said that the fixes provided by Apple and Google successfully blunt ChoiceJacking attacks in iPhones, iPads, and Pixel devices. Many Android devices made by other manufacturers, however, remain vulnerable because they have yet to update their devices to Android 15. Other Android devices—most notably those from Samsung running the One UI 7 software interface—don’t implement the new authentication requirement, even when running on Android 15. The omission leaves these models vulnerable to ChoiceJacking. In an email, principal paper author Florian Draschbacher wrote:

The attack can therefore still be exploited on many devices, even though we informed the manufacturers about a year ago and they acknowledged the problem. The reason for this slow reaction is probably that ChoiceJacking does not simply exploit a programming error. Rather, the problem is more deeply rooted in the USB trust model of mobile operating systems. Changes here have a negative impact on the user experience, which is why manufacturers are hesitant. [It] means for enabling USB-based file access, the user doesn’t need to simply tap YES on a dialog but additionally needs to present their unlock PIN/fingerprint/face. This inevitably slows down the process.

The biggest threat posed by ChoiceJacking is to Android devices that have been configured to enable USB debugging. Developers often turn on this option so they can troubleshoot problems with their apps, but many non-developers enable it so they can install apps from their computer, root their devices so they can install a different OS, transfer data between devices, and recover bricked phones. Turning it on requires a user to flip a switch in Settings > System > Developer options.

If a phone has USB Debugging turned on, ChoiceJacking can gain shell access through the Android Debug Bridge. From there, an attacker can install apps, access the file system, and execute malicious binary files. The level of access through the Android Debug Mode is much higher than that through Picture Transfer Protocol and Media Transfer Protocol, which only allow read and write access to system files.

The vulnerabilities are tracked as:

- CVE-2025-24193 (Apple)
- CVE-2024-43085 (Google)
- CVE-2024-20900 (Samsung)
- CVE-2024-54096 (Huawei)

A Google spokesperson confirmed that the weaknesses were patched in Android 15 but didn’t speak to the base of Android devices from other manufacturers, who either don’t support the new OS or the new authentication requirement it makes possible. Apple declined to comment for this post.

Word that juice-jacking-style attacks are once again possible on some Android devices and out-of-date iPhones is likely to breathe new life into the constant warnings from federal authorities, tech pundits, news outlets, and local and state government agencies that phone users should steer clear of public charging stations. Special-purpose cords that disconnect data access remain a viable mitigation, but the researchers noted that “data blockers also interfere with modern

power negotiation schemes, thereby degrading charge speed.”

As I reported in 2023, these warnings are mostly scaremongering, and the advent of ChoiceJacking does little to change that, given that there are no documented cases of such attacks in the wild. That said, people using Android devices that don’t support Google’s new authentication requirement may want to refrain from public charging.

Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. In his spare time, he enjoys gardening, cooking, and following the independent music scene. Dan is based in San Francisco. Follow him at here on Mastodon and here on Bluesky. Contact him on Signal at DanArs.82.

iOS and Android juice jacking defenses have been trivial to bypass for years Read More »

“You wouldn’t steal a car” anti-piracy campaign may have used pirated fonts

anti-piracy, antipiracy, ff confidential, fontfont, fonts, monotype, MPA, MPAA, Tech, typefaces, xband, xband rough, you wouldn't download a car, you wouldn't steal a car / Shannon Garcia / April 27, 2025

Aquilina, who was speaking generally and not on the specifics of the anti-piracy campaign and its font use, said that using a font from a free source, with an “effectively implied license to use it,” could be “a good defense,” though “not a complete defense.” Typically, a rightsholder would go after websites distributing copies of their font, not after users of the end product.

Fonts used commercially that happen to be exact copies of existing and copyrighted fonts are “fairly common,” Aquilina said, “simply because of the popularity of certain fonts and a desire to use them, to create a certain aesthetic.” But, he said, there is “a very small percentage that could be, or are, litigated.” Even with software licenses at issue, a type foundry faces an uphill battle, as witnessed in the battle over Shake Shack’s typography (paywalled).

Still missing: the source of XBand Rough

A few glyphs from FF Confidential, the font that was not used on some anti-piracy materials, even if it sure looked like that. Credit: MyFonts/MonotType

So where did Xband Rough come from?

The styling of the font name, “XBAND Rough” with the first noun in all-caps, calls to mind the early online gaming network XBAND, launched in 1994 and discontinued in 1997. In some XBand packages, a similar “rough” style can be seen on the lettering. The PDF sleuth, Rib, noted that XBAND Rough “came out four years after the original” (about 1996) and was “near-identical, except for the price.”

Another Bluesky user suggests “a plausible explanation” for the font, suggesting that Xband may have licensed FF Confidential and then given it the internal name “Xband Rough.” A copy of the font with that name could have been extracted from some Xband material and then “started floating around the Internet uncredited.” In the end, though, the real answer is unclear.

We contacted the Motion Picture Association (now just the MPA, sans “of America”), but they declined to comment.

The original “You Wouldn’t Steal a Car” campaign was simple to the point of being simplistic. IP law isn’t really like “stealing a car” in many cases—as has made clearly once again by the recent Xband Rough investigation.

“You wouldn’t steal a car” anti-piracy campaign may have used pirated fonts Read More »

Perplexity will come to Moto phones after exec testified Google limited access

AI, Artificial Intelligence, Google, Motorola, Tech / Mike M. / April 25, 2025

Shevelenko was also asked about Chrome, which the DOJ would like to force Google to sell. Like an OpenAI executive said on Monday, Shevelenko confirmed Perplexity would be interested in buying the browser from Google.

Motorola has all the AI

There were some vague allusions during the trial that Perplexity would come to Motorola phones this year, but we didn’t know just how soon that was. With the announcement of its 2025 Razr devices, Moto has confirmed a much more expansive set of AI features. Parts of the Motorola AI experience are powered by Gemini, Copilot, Meta, and yes, Perplexity.

While Gemini gets top billing as the default assistant app, other firms have wormed their way into different parts of the software. Perplexity’s app will be preloaded, and anyone who buys the new Razrs. Owners will also get three free months of Perplexity Pro. This is the first time Perplexity has had a smartphone distribution deal, but it won’t be shown prominently on the phone. When you start a Motorola device, it will still look like a Google playground.

While it’s not the default assistant, Perplexity is integrated into the Moto AI platform. The new Razrs will proactively suggest you perform an AI search when accessing certain features like the calendar or browsing the web under the banner “Explore with Perplexity.” The Perplexity app has also been optimized to work with the external screen on Motorola’s foldables.

Moto AI also has elements powered by other AI systems. For example, Microsoft Copilot will appear in Moto AI with an “Ask Copilot” option. And Meta’s Llama model powers a Moto AI feature called Catch Me Up, which summarizes notifications from select apps.

It’s unclear why Motorola leaned on four different AI providers for a single phone. It probably helps that all these companies are desperate to entice users to bulk up their market share. Perplexity confirmed that no money changed hands in this deal—it’s on Moto phones to acquire more users. That might be tough with Gemini getting priority placement, though.

Perplexity will come to Moto phones after exec testified Google limited access Read More »

Roku tech, patents prove its potential for delivering “interruptive” ads

ads, Roku, streaming, Tech, TVs / Mike M. / April 25, 2025

Roku, owner of one of the most popular connected TV operating systems in the country, walks a fine line when it comes to advertising. Roku’s OS lives on low-priced smart TVs, streaming sticks, and projectors. To make up the losses from cheaply priced hardware, Roku is dependent on selling advertisements throughout its OS, including screensavers and its home screen.

That business model has pushed Roku to experiment with new ways of showing ads that test users’ tolerance. The company claims that it doesn’t want ads on its platform to be considered intrusive, but there are reasons to be skeptical about Roku’s pledge.

Non-“interruptive” ads

In an interview with The Verge this week, Jordan Rost, Roku’s head of ad marketing, emphasized that Roku tries to only deliver ads that don’t interrupt viewers.

“Advertisers want to be part of a good experience. They don’t want to be interruptive,” he told The Verge.

Rost noted that Roku is always testing new ad formats. Those tests include doing “all of our own A/B testing on the platform” and listening to customer feedback, he added.

“We’re constantly tweaking and trying to figure out what’s going to be helpful for the user experience,” Rost said.

For many streamers, however, ads and a better user experience are contradictory. In fact, for many, the simplest way to improve streaming is fewer ads and a more streamlined access to content. That’s why Apple TV boxes, which doesn’t have integrated ads and is good at combining content from multiple streaming subscriptions, is popular among Ars Technica staff and readers. An aversion to ads is also why millions pay extra for ad-free streaming subscriptions.

Roku tech, patents prove its potential for delivering “interruptive” ads Read More »

Nintendo Switch 2’s gameless Game-Key cards are going to be very common

gaming, Nintendo, Nintendo Switch, nintendo switch 2, Tech / Mike M. / April 24, 2025

US preorders for the Nintendo Switch 2 console went live at Best Buy, Target, and Walmart at midnight Eastern time last night (though the rush of orders caused problems and delays across all three retailers’ websites). The console listings came with a wave of other retail listings for games and accessories, and those listings either fill small gaps in our knowledge about Switch 2 game packaging and pricing or confirm facts that were previously implied.

First, $80 Switch 2 games like Mario Kart World will not cost $90 as physical releases. This is worth repeating over and over again because of how pernicious the rumors about $90 physical releases have been; as recently as this morning, typing “Switch 2 $90” into Google would show you videos, Reddit threads, news posts, and even Google’s own AI summaries all confidently and incorrectly proclaiming that physical Switch 2 releases will cost $90 when they actually won’t.

Google’s AI-generated search summary about $90 Switch 2 games as of this morning. Credit: Andrew Cunningham

While physical game releases in the EU sometimes cost more than their digital counterparts, there was actually no indication that US releases of physical games would cost $90. The Mario Kart World website listed an $80 MSRP from the start, as did early retail listings that were published before preorders actually began, and this price didn’t change when Nintendo increased accessory pricing in response to import tariffs imposed by the Trump administration.

But now that actual order confirmation emails are going out, we can (even more) confidently say that Switch 2 physical releases cost the same amount as digital releases, just like original Switch games and most physical releases for other consoles. For example, the physical release for the upcoming Donkey Kong Bananza is $70, also the same as the digital version.

Third-party releases run a wider pricing gamut, from as little as $40 (Square Enix’s Bravely Default remaster) to as much as $100 (a special edition release of Daemon X Machina: Titanic Scion, also available at $70 for the standard release).

Lots of third-party games are getting Game-Key card releases

A Game-Key card disclaimer. It tells you you’ll need to download the game and approximately how large that download will be. Credit: Nintendo/Sega

When preorders opened in Japan yesterday, all physical releases of third-party games had Nintendo’s Game-Key card disclaimer printed on them. And it looks like a whole lot of physical third-party Switch 2 game releases in the US will also be Game-Key cards, based on the box art accompanying the listings.

These have been controversial among physical media holdouts because they’re not physical game releases in the traditional sense—they don’t have any actual game data stored on them. When you insert them into a Switch 2, they allow you to download the game content from Nintendo’s online store, but unlike a pure digital release, you’ll still need to have the Game-Key card inserted every time you want to play the game.

Nintendo Switch 2’s gameless Game-Key cards are going to be very common Read More »

Review: Ryzen AI CPU makes this the fastest the Framework Laptop 13 has ever been

AMD, AMD Ryzen, Features, framework, framework laptop 13, Reviews, Ryzen, ryzen ai, ryzen ai 300, Tech / Shannon Garcia / April 24, 2025

With great power comes great responsibility and subpar battery life.

The latest Framework Laptop 13, which asks you to take the good with the bad. Credit: Andrew Cunningham

At this point, the Framework Laptop 13 is a familiar face, an old friend. We have reviewed this laptop five other times, and in that time, the idea of a repairable and upgradeable laptop has gone from a “sounds great if they can pull it off” idea to one that’s become pretty reliable and predictable. And nearly four years out from the original version—which shipped with an 11th-generation Intel Core processor—we’re at the point where an upgrade will get you significant boosts to CPU and GPU performance, plus some other things.

We’re looking at the Ryzen AI 300 version of the Framework Laptop today, currently available for preorder and shipping in Q2 for people who buy one now. The laptop starts at $1,099 for a pre-built version and $899 for a RAM-less, SSD-less, Windows-less DIY version, and we’ve tested the Ryzen AI 9 HX 370 version that starts at $1,659 before you add RAM, an SSD, or an OS.

This board is a direct upgrade to Framework’s Ryzen 7040-series board from mid-2023, with most of the same performance benefits we saw last year when we first took a look at the Ryzen AI 300 series. It’s also, if this matters to you, the first Framework Laptop to meet Microsoft’s requirements for its Copilot+ PC initiative, giving users access to some extra locally processed AI features (including but not limited to Recall) with the promise of more to come.

For this upgrade, Ryzen AI giveth, and Ryzen AI taketh away. This is the fastest the Framework Laptop 13 has ever been (at least, if you spring for the Ryzen AI 9 HX 370 chip that our review unit shipped with). If you’re looking to do some light gaming (or non-Nvidia GPU-accelerated computing), the Radeon 890M GPU is about as good as it gets. But you’ll pay for it in battery life—never a particularly strong point for Framework, and less so here than in most of the Intel versions.

What’s new, Framework?

This Framework update brings the return of colorful translucent accessories, parts you can also add to an older Framework Laptop if you want. Credit: Andrew Cunningham

We’re going to focus on what makes this particular Framework Laptop 13 different from the past iterations. We talk more about the build process and the internals in our review of the 12th-generation Intel Core version, and we ran lots of battery tests with the new screen in our review of the Intel Core Ultra version. We also have coverage of the original Ryzen version of the laptop, with the Ryzen 7 7840U and Radeon 780M GPU installed.

Per usual, every internal refresh of the Framework Laptop 13 comes with another slate of external parts. Functionally, there’s not a ton of exciting stuff this time around—certainly nothing as interesting as the higher-resolution 120 Hz screen option we got with last year’s Intel Meteor Lake update—but there’s a handful of things worth paying attention to.

Functionally, Framework has slightly improved the keyboard, with “a new key structure” on the spacebar and shift keys that “reduce buzzing when your speakers are cranked up.” I can’t really discern a difference in the feel of the keyboard, so this isn’t a part I’d run out to add to my own Framework Laptop, but it’s a fringe benefit if you’re buying an all-new laptop or replacing your keyboard for some other reason.

Keyboard legends have also been tweaked; pre-built Windows versions get Microsoft’s dedicated (and, within limits, customizable) Copilot key, while DIY editions come with a Framework logo on the Windows/Super key (instead of the word “super”) and no Copilot key.

Cosmetically, Framework is keeping the dream of the late ’90s alive with translucent plastic parts, namely the bezel around the display and the USB-C Expansion Modules. I’ll never say no to additional customization options, though I still think that “silver body/lid with colorful bezel/ports” gives the laptop a rougher, unfinished-looking vibe.

Like the other Ryzen Framework Laptops (both 13 and 16), not all of the Ryzen AI board’s four USB-C ports support all the same capabilities, so you’ll want to arrange your ports carefully.

Framework’s recommendations for how to configure the Ryzen AI laptop’s expansion modules. Credit: Framework

Framework publishes a graphic to show you which ports do what; if you’re looking at the laptop from the front, ports 1 and 3 are on the back, and ports 2 and 4 are toward the front. Generally, ports 1 and 3 are the “better” ones, supporting full USB4 speeds instead of USB 3.2 and DisplayPort 2.0 instead of 1.4. But USB-A modules should go in ports 2 or 4 because they’ll consume extra power in bays 1 and 3. All four do support display output, though, which isn’t the case for the Ryzen 7040 Framework board, and all four continue to support USB-C charging.

The situation has improved from the 7040 version of the Framework board, where not all of the ports could do any kind of display output. But it still somewhat complicates the laptop’s customizability story relative to the Intel versions, where any expansion card can go into any port.

I will also say that this iteration of the Framework laptop hasn’t been perfectly stable for me. The problems are intermittent but persistent, despite using the latest BIOS version (3.03 as of this writing) and driver package available from Framework. I had a couple of total-system freezes/crashes, occasional problems waking from sleep, and sporadic rendering glitches in Microsoft Edge. These weren’t problems I’ve had with the other Ryzen AI laptops I’ve used so far or with the Ryzen 7040 version of the Framework 13. They also persisted across two separate clean installs of Windows.

It’s possible/probable that some combination of firmware and driver updates can iron out these problems, and they generally didn’t prevent me from using the laptop the way I wanted to use it, but I thought it was worth mentioning since my experience with new Framework boards has usually been a bit better than this.

Internals and performance

“Ryzen AI” is AMD’s most recent branding update for its high-end laptop chips, but you don’t actually need to care about AI to appreciate the solid CPU and GPU speed upgrades compared to the last-generation Ryzen Framework or older Intel versions of the laptop.

Our Framework Laptop board uses the fastest processor offering: a Ryzen AI 9 HX 370 with four of AMD’s Zen 5 CPU cores, eight of the smaller, more power-efficient Zen 5c cores, and a Radeon 890M integrated GPU with 16 of AMD’s RDNA 3.5 graphics cores.

There are places where the Intel Arc graphics in the Core Ultra 7/Meteor Lake version of the Framework Laptop are still faster than what AMD can offer, though your experience may vary depending on the games or apps you’re trying to use. Generally, our benchmarks show the Arc GPU ahead by a small amount, but it’s not faster across the board.

Relative to other Ryzen AI systems, the Framework Laptop’s graphics performance also suffers somewhat because socketed DDR5 DIMMs don’t run as fast as RAM that’s been soldered to the motherboard. This is one of the trade-offs you’re probably OK with making if you’re looking at a Framework Laptop in the first place, but it’s worth mentioning.

A few actual game benchmarks. Ones with ray-tracing features enabled tend to favor Intel’s Arc GPU, while the Radeon 890M pulls ahead in some other games.

But the new Ryzen chip’s CPU is dramatically faster than Meteor Lake at just about everything, as well as the older Ryzen 7 7840U in the older Framework board. This is the fastest the Framework Laptop has ever been, and it’s not particularly close (but if you’re waffling between the Ryzen AI version, the older AMD version that Framework sells for a bit less money or the Core Ultra 7 version, wait to see the battery life results before you spend any money). Power efficiency has also improved for heavy workloads, as demonstrated by our Handbrake video encoding tests—the Ryzen AI chip used a bit less power under heavy load and took less time to transcode our test video, so it uses quite a bit less power overall to do the same work.

Power efficiency tests under heavy load using the Handbrake transcoding tool. Test uses CPU for encoding and not hardware-accelerated GPU-assisted encoding.

We didn’t run specific performance tests on the Ryzen AI NPU, but it’s worth noting that this is also Framework’s first laptop with a neural processing unit (NPU) fast enough to support the full range of Microsoft’s Copilot+ PC features—this was one of the systems I used to test Microsoft’s near-final version of Windows Recall, for example. Intel’s other Core Ultra 100 chips, all 200-series Core Ultra chips other than the 200V series (codenamed Lunar Lake), and AMD’s Ryzen 7000- and 8000-series processors often include NPUs, but they don’t meet Microsoft’s performance requirements.

The Ryzen AI chips are also the only Copilot+ compatible processors on the market that Framework could have used while maintaining the Laptop’s current level of upgradeability. Qualcomm’s Snapdragon X Elite and Plus chips don’t support external RAM—at least, Qualcomm only lists support for soldered-down LPDDR5X in its product sheets—and Intel’s Core Ultra 200V processors use RAM integrated into the processor package itself. So if any of those features appeal to you, this is the only Framework Laptop you can buy to take advantage of them.

Battery and power

Battery tests. The Ryzen AI 300 doesn’t do great, though it’s similar to the last-gen Ryzen Framework.

When paired with the higher-resolution screen option and Framework’s 61 WHr battery, the Ryzen AI version of the laptop lasted around 8.5 hours in a PCMark Modern Office battery life test with the screen brightness set to a static 200 nits. This is a fair bit lower than the Intel Core Ultra version of the board, and it’s even worse when compared to what a MacBook Air or a more typical PC laptop will give you. But it’s holding roughly even with the older Ryzen version of the Framework board despite being much faster.

You can improve this situation somewhat by opting for the cheaper, lower-resolution screen; we didn’t test it with the Ryzen AI board, and Framework won’t sell you the lower-resolution screen with the higher-end chip. But for upgraders using the older panel, the higher-res screen reduced battery life by between 5 and 15 percent in past testing of older Framework Laptops. The slower Ryzen AI 5 and Ryzen AI 7 versions will also likely last a little longer, though Framework usually only sends us the highest-end versions of its boards to test.

A routine update

This combo screwdriver-and-spudger is still the only tool you need to take a Framework Laptop apart. Credit: Andrew Cunningham

It’s weird that my two favorite laptops right now are probably Apple’s MacBook Air and the Framework Laptop 13, but that’s where I am. They represent opposite visions of computing, each of which appeals to a different part of my brain: The MacBook Air is the personal computer at its most appliance-like, the thing you buy (or recommend) if you just don’t want to think about your computer that much. Framework embraces a more traditionally PC-like approach, favoring open standards and interoperable parts; the result is more complicated and chaotic but also more flexible. It’s the thing you buy when you like thinking about your computer.

Framework Laptop buyers continue to pay a price for getting a more repairable and modular laptop. Battery life remains OK at best, and Framework doesn’t seem to have substantially sped up its firmware or driver releases since we talked with them about it last summer. You’ll need to be comfortable taking things apart, and you’ll need to make sure you put the right expansion modules in the right bays. And you may end up paying more than you would to get the same specs from a different laptop manufacturer.

But what you get in return still feels kind of magical, and all the more so because Framework has now been shipping product for four years. The Ryzen AI version of the laptop is probably the one I’d recommend if you were buying a new one, and it’s also a huge leap forward for anyone who bought into the first-generation Framework Laptop a few years ago and is ready for an upgrade. It’s by far the fastest CPU (and, depending on the app, the fastest or second-fastest GPU) Framework has shipped in the Laptop 13. And it’s nice to at least have the option of using Copilot+ features, even if you’re not actually interested in the ones Microsoft is currently offering.

If none of the other Framework Laptops have interested you yet, this one probably won’t, either. But it’s yet another improvement in what has become a steady, consistent sequence of improvements. Mediocre battery life is hard to excuse in a laptop, but if that’s not what’s most important to you, Framework is still offering something laudable and unique.

The good

Framework still gets all of the basics right—a matte 3:2 LCD that’s pleasant to look at, a nice-feeling keyboard and trackpad, and a design
Fastest CPU ever in the Framework Laptop 13, and the fastest or second-fastest integrated GPU
First Framework Laptop to support Copilot+ features in Windows, if those appeal to you at all
Fun translucent customization options
Modular, upgradeable, and repairable—more so than with most laptops, you’re buying a laptop that can change along with your needs and which will be easy to refurbish or hand down to someone else when you’re ready to replace it
Official support for both Windows and Linux

The bad

Occasional glitchiness that may or may not be fixed with future firmware or driver updates
Some expansion modules are slower or have higher power draw if you put them in the wrong place
Costs more than similarly specced laptops from other OEMs
Still lacks certain display features some users might require or prefer—in particular, there are no OLED, touchscreen, or wide-color-gamut options

The ugly

Battery life remains an enduring weak point.

Andrew is a Senior Technology Reporter at Ars Technica, with a focus on consumer tech including computer hardware and in-depth reviews of operating systems like Windows and macOS. Andrew lives in Philadelphia and co-hosts a weekly book podcast called Overdue.

Review: Ryzen AI CPU makes this the fastest the Framework Laptop 13 has ever been Read More »

OpenAI wants to buy Chrome and make it an “AI-first” experience

AI, antitrust, chrome, Google, openai, Tech / Shannon Garcia / April 23, 2025

According to Turley, OpenAI would throw its proverbial hat in the ring if Google had to sell. When asked if OpenAI would want Chrome, he was unequivocal. “Yes, we would, as would many other parties,” Turley said.

OpenAI has reportedly considered building its own Chromium-based browser to compete with Chrome. Several months ago, the company hired former Google developers Ben Goodger and Darin Fisher, both of whom worked to bring Chrome to market.

Close-up of Google Chrome Web Browser web page on the web browser. Chrome is widely used web browser developed by Google. — Credit: Getty Images

It’s not hard to see why OpenAI might want a browser, particularly Chrome with its 4 billion users and 67 percent market share. Chrome would instantly give OpenAI a massive install base of users who have been incentivized to use Google services. If OpenAI were running the show, you can bet ChatGPT would be integrated throughout the experience—Turley said as much, predicting an “AI-first” experience. The user data flowing to the owner of Chrome could also be invaluable in training agentic AI models that can operate browsers on the user’s behalf.

Interestingly, there’s so much discussion about who should buy Chrome, but relatively little about spinning off Chrome into an independent company. Google has contended that Chrome can’t survive on its own. However, the existence of Google’s multibillion-dollar search placement deals, which the DOJ wants to end, suggests otherwise. Regardless, if Google has to sell, and OpenAI has the cash, we might get the proposed “AI-first” browsing experience.

OpenAI wants to buy Chrome and make it an “AI-first” experience Read More »

Google won’t ditch third-party cookies in Chrome after all

advertising, browser cookies, chrome, cookies, Google, Tech / Kelly Newman / April 23, 2025

Maintaining the status quo

While Google’s sandbox project is looking more directionless today, it is not completely ending the initiative. The team still plans to deploy promised improvements in Chrome’s Incognito Mode, which has been re-architected to preserve user privacy after numerous complaints. Incognito Mode blocks all third-party cookies, and later this year, it will gain IP protection, which masks a user’s IP address to protect against cross-site tracking.

What is Topics?

Chavez admits that this change will mean Google’s Privacy Sandbox APIs will have a “different role to play” in the market. That’s a kind way to put it. Google will continue developing these tools and will work with industry partners to find a path forward in the coming months. The company still hopes to see adoption of the Privacy Sandbox increase, but the industry is unlikely to give up on cookies voluntarily.

While Google focuses on how ad privacy has improved since it began working on the Privacy Sandbox, the changes in Google’s legal exposure are probably more relevant. Since launching the program, Google has lost three antitrust cases, two of which are relevant here: the search case currently in the remedy phase and the newly decided ad tech case. As the government begins arguing that Chrome gives Google too much power, it would be a bad look to force a realignment of the advertising industry using the dominance of Chrome.

In some ways, this is a loss—tracking cookies are undeniably terrible, and Google’s proposed alternative is better for privacy, at least on paper. However, universal adoption of the Privacy Sandbox could also give Google more power than it already has, and the supposed privacy advantages may never have fully materialized as Google continues to seek higher revenue.

Google won’t ditch third-party cookies in Chrome after all Read More »

Google Messages can now blur unwanted nudes, remind people not to send them

Apps, Google, messaging, Tech / 9u50fv / April 22, 2025

Google announced last year that it would deploy safety tools in Google Messages to help users avoid unwanted nudes by automatically blurring the content. Now, that feature is finally beginning to roll out. Spicy image-blurring may be enabled by default on some devices, but others will need to turn it on manually. If you don’t see the option yet, don’t fret. Sensitive Content Warnings will arrive on most of the world’s Android phones soon enough.

If you’re an adult using an unrestricted phone, Sensitive Content Warnings will be disabled by default. For teenagers using unsupervised phones, the feature is enabled but can be disabled in the Messages settings. On supervised kids’ phones, the feature is enabled and cannot be disabled on-device. Only the Family Link administrator can do that. For everyone else, the settings are available in the Messages app settings under Protection and Safety.

To make the feature sufficiently private, all the detection happens on the device. As a result, there was some consternation among Android users when the necessary components began rolling out over the last few months. For people who carefully control the software installed on their mobile devices, the sudden appearance of a package called SafetyCore was an affront to the sanctity of their phones. While you can remove the app (it’s listed under “Android System SafetyCore”), it doesn’t take up much space and won’t be active unless you enable Sensitive Content Warnings.

Google Messages can now blur unwanted nudes, remind people not to send them Read More »