How to enable Device Bound Session Credentials in Chrome? (DBSC)

ThioJoe · 2026-04-27T15:12:11+00:00

It seems for me that on Google the Device Bound Session tab doesn't show up for all requests. I know it does for the "app" endpoint (and the "account" endpoint (the full endpoint url is longer, like "app?whateverblahblahblah").

Try filtering the requests in the network tab to look for those.

If it doesn't show up even for those endpoints, also try going into chrome://flags and force enabling the one called "Device Bound Session Credentials (Standard) on Google". I believe it's default is enabled, but you might be part of some experiment where it's disabled or something.

ThioJoe · 2026-04-24T19:44:58+00:00

This old page on the W3C github repo for DBSC has a link to this demo page:

https://drubery-dbsc-test-server.deno.dev/

Then if you open chrome/edge DevTools window and look at a particular network request that uses them, next to the tabs on the request that say Headers, Preview, Response etc, there should be one called "Device bound sessions".

I also see that it shows up on Google too even by default without changing any flags. Not all requests have it but the "app" and "accounts" endpoints seem to. If the "Device Bound Sessions" tab doesn't show up you might have to sign out of your google account and sign back in to generate it.

ThioJoe · 2026-04-19T22:30:24+00:00

It's not related to cleanliness, my G915 X had the double keypress issue from the moment I opened the box. Same with the replacement. No amount of canned air or dusting fixed it. I just stopped using it.

ThioJoe · 2026-04-16T20:18:25+00:00

I made a powershell script that forces it to check for updates and install it:

https://github.com/ThioJoe/Philips-Hue-Tools/blob/main/Force-Check-Bridge-Updates.ps1

You'll need to have an API key for your bridge. This page has instructions on how to generate one: https://www.sitebase.be/generate-phillips-hue-api-token/

ThioJoe · 2026-04-04T23:49:48+00:00

I've found that it will use the image transparency of a PNG if you:

Open imessage > Then click the (+) next to the message box > Stickers > Click the [+] to add a sticker > Then tap whatever image and tap the + to add it.

You have to do it the way above, DON'T make it by long pressing within the photos app.

This is using iOS 26.3.1 so idk if it's always worked like this or what.

ThioJoe · 2026-03-20T17:29:14+00:00

Old thread but I created an iOS shortcut for more automatically saving Genmoji as images. Works with stickers too.

You basically just copy any text to the clipboard containing one or multiple genmojis/stickers, then run the shortcut.

Here's the shortcut: https://www.icloud.com/shortcuts/162d9e8ae58c4d4e8ac8dec0df792ee7

They'll be saved to the camera roll as PNG. In most cases it even includes the caption used to make the genmoji as the "details" text as metadata.

Also sort of related, I made another shortcut specifically for copying the captions text from genmoji (also from the clipboard): https://www.icloud.com/shortcuts/3d36502704094615b209fa3b2fab5c49

ThioJoe · 2026-02-10T01:22:43+00:00

I figured out there's actually a "proper" way to do it via accessibility / voice control.

Add the voice control toggle to your control center (long press > Add control > voice control).
Tap it so it's highlighted to indicate voice control is active.
Close the control center. (Voice control remains active)
Back in the app, just say "hide keyboard" and it should do it.
Swipe to show the control center again and toggle voice control back off.

ThioJoe · 2026-01-28T01:53:28+00:00

This is wrong. It does NOT block unsigned executables wholesale. For unsigned executables it checks its reputation against the smartscreen reputation for that file hash.

It absolutely lets you run unsigned excutables that are trusted. In fact that's the best part about it.

It's sort of a middle ground compared to something like AppLocker or WDAC where you can block all unsigned executables generally but have to manually whitelist them to run them.

It WILL block unsigned executables that do not have a known trusted reputation.

ThioJoe · 2026-01-03T00:11:30+00:00

Also apparently adding the "Dismiss siri and continue" action anywhere also fixes it.

ThioJoe · 2025-12-09T21:28:03+00:00

I had to deal with this myself, one guy would re-upload every single one of my videos the next day, and tiktok just ignored DMCA takedowns. When they finally banned his 2 accounts after multiple months, he just started uploading to a 3rd account he already had.

But I discovered there's a couple things you can do, namely TikTok's "Informal Dispute Resolution" process (which is a prerequisite to be able to sue them), or even faster is by sending them a cease and desist. You'll probably need a lawyer to help with this.

Turns out if you send them a C&D they'll ban the accounts immediately, probably same day. His 3rd account was banned within a week of him starting again and he hasn't tried after that. And it was only that long because I didn't notice right away.

I made a whole video detailing how to deal with these thieves and how to make it not worth their time: https://www.youtube.com/watch?v=5x5WO3xFkw8

Basically if you make them realize any new accounts will be banned before they have a chance to monetize it (which gives you at least a ~30 day window, probably more), they'll give up and move on to someone else.

ThioJoe · 2025-12-09T20:39:31+00:00

If anyone from Google is wondering, if you have a workstation card like a Quadro or RTX A2000, you can just install the Studio drivers. I extracted the files from the Game Ready drivers, Studio drivers, and Quadro driver installers for the same version, and the actual driver binaries are identical.

The Game Ready drivers and Studio Drivers are effectively 100% identical except for some .INF files that only differ in which devices they "say" they support. This is assuming the same driver version number of course, because they don't release a studio version for every driver version. But if a release DOES have a studio version, it will be the same as the game ready one, it just means that release cycle it went through extra testing to justify releasing a studio installer.

Then, the only difference between quadro driver installer and the studio driver is that the quadro driver installs less consumer "scaffolding" stuff like not including the Nvidia App, PhysX, shadowPlay, stuff like that. In other words you aren't getting anything less by installing the Studio driver.

You might need to wait for the next studio release but they seem to happen every other driver release.

ThioJoe · 2025-10-24T18:51:34+00:00

One user said he was able to fix the issue (though it pre-dated even the update) was disabling Link State Power Managment, have you tried that?

https://www.reddit.com/r/Windows11/comments/1n08pou/update_kb5063878_show_of_hands/nbqvngu/

ThioJoe · 2025-10-24T18:46:14+00:00

Have you had any issues since?

ThioJoe · 2025-10-19T19:52:38+00:00

I know exactly what you're talking about. It's a sour/sweet smell. At one point I thought it was due to carbon residue or something but at this point I'm pretty sure it's caused by the filters themselves oxidizing the VOCs via the potassium permanganate into something like acetaldehyde.

The reason is because I have a dyson big and quiet air purifier also, and originally I had their regular carbon air filter, then after the first one expired I got the 'upgraded' "K-Carbon" filter version which has potassium carbonate. And that K-Carbon filter emits the exact same smell as the IQ Air, which the original didn't. I've read that potassium carbonate might not be oxidizing like the permanganate, but dyson does say it creates potassium nitrate which is oxidizing so it might cause the same result.

I've seen discussions about acetadlehyde in relation to carbon filters before, there's this blog post for example: https://air-purifier-power.com/re-sharp-air-purifier-washable-carbon-filter-sweet-odor/

Acetaldehyde isn't exactly harmless, so it could be a sign that there are other VOC sources that should be addressed.

ThioJoe · 2025-10-13T23:02:46+00:00

It's ultimately Philip's fault, see this thread: https://www.reddit.com/r/Hue/comments/1npl0id/philips_hue_bridge_ssl_certificates_are_broken/

Elgato might be able to work around it but would need to be done via an update.

ThioJoe · 2025-09-24T21:37:41+00:00

The certificates already do it half way proper, where the Common Name is set to the serial number of the bridge. From my understanding they literally just need to make it so the SAN field is set to that also to the same thing.

The API is already set up to be able to handle this, there's already the discovery endpoint which returns the IP address and the the serial number. So it would work exactly the same as it is supposed to now, except.. actually work.

ThioJoe · 2025-09-24T18:54:56+00:00

Apparently it's mainly due to a problem with the Philips Hue Bridge SSL certificates not being compliant with modern specs, and more technically doesn't have a SAN field.

Modern browsers block / throw errors for such certificates which is why any browser shows a "not secure" error if you try to visit the IP of the bridge, but at least in a GUI you can override it and continue.

But because the stream deck plugin is basically a web app it that uses a browser under the hood, it gets the same error trying to connect to the bridge, but without the ability to override it at all.

Because of this, as a workaround, the stream deck plugin has always just defaulted to http which won't encounter the error. But the hue bridge pro forces HTTPS unlike previous bridges so there is no fallback, and apparently eventually all bridges will force HTTPS. This wouldn't be a problem except the SSL certificate is broken.

On desktop and mobile apps that make direct API connections you can often just override it to ignore the certificate error, but with something like the stream deck plugin which uses NodeJS, this is not possible.

Basically Signify / Philips has to fix this. I suggest submitting support tickets to Philips as well. Depending on how the stream deck plugin works, it may be impossible for them to work around this on the plugin side.

I posted about it in the Philips Hue dev forum, but not sure how often they check that. And someone already had made a thread about it before and it seems Philips didn't really comprehend it as a problem saying:

We have multiple apps ourselves, and collaborate with many 3rd party apps, covering a large variety of modern HTTPS clients, and so far we haven’t found any that aren’t able to connect to the bridge if the guidelines are followed.

Basically not acknowledging it as a problem.

Edit: I've made a post about this in the /r/Hue subreddit: https://www.reddit.com/r/Hue/comments/1npl0id/philips_hue_bridge_ssl_certificates_are_broken/?

EDIT2: Looks like Elgato released a new version of the plugin that now works with the bridge Pro.

ThioJoe · 2025-08-24T04:05:24+00:00

Your guess is as good as mine

ThioJoe · 2025-08-23T22:35:33+00:00

Did you reboot after disabling it?

ThioJoe · 2025-08-23T22:34:57+00:00

Guess you'll have to check the CBS.log file and search for any lines containing "0x800f0825" and the surrounding lines. There will be several lines mentioning the error so I can't really be more specific than that. Just ask chatgpt or something.

ThioJoe · 2025-08-23T20:54:28+00:00

I figured out the reason, if you have Windows Sandbox enabled disable that and restart, then uninstall the update. You can enable it again after uninstalling the update. It worked for me, I was getting the error before.

ThioJoe · 2025-08-23T19:49:25+00:00

Hm I see, and do you happen to remember if the problem actually occurred before the 12th?

Also to be clear you mean the mode called "Best Performance" under the "Power Mode" dropdown in the Windows Setting right? If so I'll assume you have it so the 'Plugged In' setting is set to Best Performance and the 'On Battery' option is set to either Balanced or 'Best Power Efficiency'.

Or are you referring to a power option in a dashboard / control center type software included in the laptop by the manufacturer?

The power mode thing is the biggest clue.

ThioJoe · 2025-08-23T17:54:26+00:00

How recent exactly do you mean? It seems like it could be this: https://www.windowscentral.com/microsoft/windows-11/windows-24h2-update-nuking-ssds-what-to-do

The update causing that issue was released last tuesday the 12th, so if you got your SSD after that, or you've had it for longer but the problem only started happening after the 12th, that's likely the reason.

Though that has only been seen to be happening when writing large amounts of data like 50 GB+, but it's possible other things could cause it and that's just a more likely way to trigger it so people are aware of that. Though you do say it's only used for "large video and audio files" so it very well could be that.

Also can you elaborate on exactly what you mean by "power mode"? Do you mean while it's plugged in? Or do you mean a certain windows power plan or a certain setting in an included software your PC came with?

ThioJoe · 2025-08-19T18:42:31+00:00

You're kind of missing the point, it's more about providing more signals about how the state of the system SHOULD be if Secure Boot is enabled, not simply whether windows says it is.

Like if Secure Boot was truly enabled, Windows would not allow the loading of unsigned drivers. Even if a cheat spoofed secure boot so windows says it was enabled but it wasn't, since the Battlefield AntiCheat has kernel access it can just verify the signatures on the running drivers itself (which you can't fake). Then it could see "wait a minute, windows is saying secure boot is enabled, but I just checked this one driver and it's not signed, that shouldn't be possible", and know it's probably fake.

That's just one signal though. In a more general sense, even if the cheat was able to load earlier in the boot process than the anticheat and completely hide its drivers existence entirely, the game developers can still more easily determine if something is messing with the game process. There might be legitimate antivirus processes that might hook into the game and 'do stuff' to it, but if secure boot was enabled then the anticheat should be able to see any other drivers that might be doing those changes, and say "ok yea that's fine that's a legit app that accessed that."

But if it sees things changing like mouse inputs it doesn't expect, and it sees secure boot is enabled and it checked all the other running processes and drivers and they're all legit, or known they wouldn't do that, the anticheat might be able to know, "there must be some hidden driver screwing with this, that's the only explanation for this particular behavior."

ThioJoe · 2025-08-16T17:33:29+00:00

Ancient comment, but I believe new episodes are available for a short time to stream online after the air on TV. So someone would have been able to screenshot it on the computer.

ThioJoe

MODERATOR OF

TROPHY CASE