Secure Boot is not something that should be part of a consumer computer at all, in my opinion. Enterprises might have some use for it, but for a consumer who wants to be able to do anything they want with their computer, it doesn't make sense.
If stuff like the Raptor Talos can exist, surely the community can come together to support a company building an x86-64 motherboard that is completely binary-blob free...
The UEFI shells are generally built from open source upstream code. IMO the real issue is that there is something quite wrong with a security model that thinks it’s a problem that someone can run a UEFI shell and modify memory but does not consider it a problem that one can boot their favorite Windows or Linux kernel and act as LocalSystem or root.
There is a very, very good reason we don't have homebrew x86 boards. They're incredibly difficult and expensive to design, produce, and verify. Modern hardware has crazy high clock rates and even tighter timing tolerances. Beyond that, you have to convince whichever OEM to sell you the chipset in small quantities. And then you have to write miles of drivers and firmware and a BIOS.
And then you need to acquire and test every combination of CPU and RAM that any customer might conceivably use, then patch your miles of firmware to support each chip.
Oh and also you have to ensure your firmware can never, ever fail in such a way that cuts off fans or cranks up CPU voltage.
It's an incredibly involved process, which is why only big companies have the resources to pull it off. It's not impossible for a community board to be made, but it's something that would take years of work and a lot of money.
But don't most of the design issues apply to Talos as well?
And if it's security focussed, I think it's acceptable to say "It's AM4 (not 5), and only works with this RAM brand with these times and costs 5 times as much". It's a niche, and when people are into a niche they take the tradeoffs they get.
"Alignment with the far right" is a complete misrepresentation.
Framework sponsors a few open source Linux projects, some of which have contributors with controversial opinions. Describing these projects as "far right" is completely unfair to the hundreds of people who have worked on them.
The common refrain is that companies should sponsor more open source projects. Apparently they also need to be the "correct" open source projects.
I mean, it shouldn't be morally objectionable to not support people who think that certain classes of people are sub-human, deserving of deportation, harassment, arrest and abuse, or outright murder.
It should be morally objectionable to support and promote such people regardless of their product. If think the "wrong" people don't deserve human rights, you don't get to play with the other kids.
Human rights overrides this asshole's privilege of being promoted. It overrides your right to participate in civilized society because you have chosen to be an uncivilized and antisocial person.
I think this "backdoor" could be just a mistake as eclypsium disclosed it to framework and they fixed it as per the article. Does that still warrant them to be in your never buy list? I personally think it makes them reputable as they swiftly fix problems that arise. I do own a framework so im obviously biased as I've had a good experience with it. What is this far right alignment you mentioned?
Secure Boot is not something that should be part of a consumer computer at all, in my opinion. Enterprises might have some use for it, but for a consumer who wants to be able to do anything they want with their computer, it doesn't make sense.
Secure boot-enabled devices allow you to do anything you want, even enrolling your own keys. What's stopping you from doing that?
The article's title unfortunately makes it sound like this is a problem unique to Framework laptops.
However, they do mention in the article that "this situation is not unique to Framework"
I really admire what Framework has been trying to build. Glad that they were able to fix this issue promptly!
I really love their hardware (13" 11th gen is my rig), imagine if they made a phone!
If stuff like the Raptor Talos can exist, surely the community can come together to support a company building an x86-64 motherboard that is completely binary-blob free...
The UEFI shells are generally built from open source upstream code. IMO the real issue is that there is something quite wrong with a security model that thinks it’s a problem that someone can run a UEFI shell and modify memory but does not consider it a problem that one can boot their favorite Windows or Linux kernel and act as LocalSystem or root.
There is a very, very good reason we don't have homebrew x86 boards. They're incredibly difficult and expensive to design, produce, and verify. Modern hardware has crazy high clock rates and even tighter timing tolerances. Beyond that, you have to convince whichever OEM to sell you the chipset in small quantities. And then you have to write miles of drivers and firmware and a BIOS.
And then you need to acquire and test every combination of CPU and RAM that any customer might conceivably use, then patch your miles of firmware to support each chip.
Oh and also you have to ensure your firmware can never, ever fail in such a way that cuts off fans or cranks up CPU voltage.
It's an incredibly involved process, which is why only big companies have the resources to pull it off. It's not impossible for a community board to be made, but it's something that would take years of work and a lot of money.
But don't most of the design issues apply to Talos as well?
And if it's security focussed, I think it's acceptable to say "It's AM4 (not 5), and only works with this RAM brand with these times and costs 5 times as much". It's a niche, and when people are into a niche they take the tradeoffs they get.
> UEFI-level anti-cheat bypasses
Anyone have a hash? I would love to reverse engineer one of these.
[flagged]
"Alignment with the far right" is a complete misrepresentation.
Framework sponsors a few open source Linux projects, some of which have contributors with controversial opinions. Describing these projects as "far right" is completely unfair to the hundreds of people who have worked on them.
The common refrain is that companies should sponsor more open source projects. Apparently they also need to be the "correct" open source projects.
I mean, it shouldn't be morally objectionable to not support people who think that certain classes of people are sub-human, deserving of deportation, harassment, arrest and abuse, or outright murder.
It should be morally objectionable to support and promote such people regardless of their product. If think the "wrong" people don't deserve human rights, you don't get to play with the other kids.
Human rights overrides this asshole's privilege of being promoted. It overrides your right to participate in civilized society because you have chosen to be an uncivilized and antisocial person.
I think this "backdoor" could be just a mistake as eclypsium disclosed it to framework and they fixed it as per the article. Does that still warrant them to be in your never buy list? I personally think it makes them reputable as they swiftly fix problems that arise. I do own a framework so im obviously biased as I've had a good experience with it. What is this far right alignment you mentioned?
El Reg has a good summary of the sponsorship controversies:
https://www.theregister.com/2025/10/14/framework_linux_contr...
[flagged]