Who is reading this wall of text?
1 Like
I did
3 Likes
Me too.
3 Likes
Communication is not the problem. Leaving vulnerabilities unadressed on a brand new device is the problem. No amount of communication makes it OK to drop support for a $1000+ laptop the day it launches. These laptops were sold as finished products but were supported like dev kits.
The only communication that could have saved this would be if they had clearly sold these laptops as dev kits from the start.
1 Like
Finally, some criticism from the industry, I hope FW are embarrassed. Repairable and upgradeable doesnāt mean jack if the heart is abandoned before it hits your doorstep. Powerfully bad showing by FW, and I really regret giving them a single cent, never mind tens of thousands of them.
5 Likes
How am I supposed to update my BIOS to support the 61Wh battery that I just ordered and protect myself against CVE-2023-22615?
2 Likes
Chiming in to say Iām having the issue of my 12th gen system not being recognized as 12th gen as well. Although reading through this thread it sounds like thatās probably a blessing in disguise as this update seems to break and trash the system as often as it manages to succeed.
1 Like
I disagree, proper communication would have set expectations and reduced the blowback they have gotten for their handling of this. Not communicating is what leads people to believe the platform has been abandoned along with missing communicated goals. Communication is everything here. I criticize but I wonāt be hyperbolic in that criticism if I can avoid it.
3 Likes
To each their own I guess. Iād personally still be just as upset with frequent communication because the upsetting thing to me was simply not having stable securty patches. The only communication that would have made me feel better is pre-sale communication.
My expectations were set when I placed my order, so better comms after that point wouldnt change anything for me personally.
4 Likes
Somewhere in the middle of this epic thread, they posted an updated windows installer which fixed this! But then they recently posted the original version as the stable release on the support pages, not the fixed version 
1 Like
Post #21. So far, their PR machine has not paused to rethink that release before announcing it at ever more placesā¦
And also, the 2nd issue I also reported here was that the ReTimer can still fail to update as it was a Known Issue for the 3.06 betaā¦ So that is also in the āfinalā release. Although I have no idea how likely that is to happen. Might be caused by specific power supplies or the weather or anything elseā¦
Yep, which is exactly why Iām holding off still anyway. Thereās no indication that the 3.08b release is ārelease-readyā as well, so Iām just going to wait for FW to (hopefully) get their act together on this one. Really disappointing seeing all this, as I couldnāt support FWās overarching concept more.
5 Likes
Chiming in, Iād just like to maybe bring this back to earth a bit.
Perhaps you are all the small margin that need BIOS security updates to defend against vulnerabilities that typically require in-person access. I can say that Iām certainly not.
Yes, itās somewhat disappointing that we havenāt received frequent BIOS updates for our laptops, but I would like to perhaps reflect on how much we value BIOS updates, and what exactly we need them for. I am confident that most people (based on my anecdotal experience) do not benefit from BIOS updates as much as this thread may imply.
Maybe to offer an alternative perspective. I have had my 11th gen for a couple years now and have been on 3.17 for a while now (as Iām on Linux). I am a student, there are far better ways to hack me than via Logofail or the like. For instance, social engineering, interrogation etc. So before we decide our laptops are paperweights because theyāre not on the bleeding edge of security updates, I would encourage us to discuss what exactly we need from BIOS updates and why we need them.
Hopefully this can dampen the echo chamber a bit by offering another perspective.
Of course if anyone has opposing opinions Iād be happy to hear them!
Just try not to forget why you got your Framework in the first place. The repairability Iāve already benefited from far outweighs a delayed BIOS update for me at least.
11 Likes
I have a ticket open with support for the 3.08 not running on my machine. I just got an email from them, theyāve updated the bios page (Framework Laptop BIOS and Driver Releases (12th Gen IntelĀ® Coreā¢)). Looks like they have the 3.08b available there now.
Running it nowā¦
2 Likes
Were they smart enough to warn about the other known problem with that update? Or do they want that to be a surprise for the unlucky ones?
Because they did not fix the other issues with the page / info yet.
1 Like
Welp. 3.08b runs, tells me to reboot and comes right back to windows, never updates the bios. Iām still on 3.05.
2 Likes
I am not sure, if the old battery charging bug still affects current versions, or when in the Windows update process this is checked, if it applies there at all.
At least on older versions, they had the problem, that the EC determined having a power supply as charging the battery right this moment.
So to reliably register a plugged in power supply it needed to be below 90% battery, so it would definitely be charging and not currently be in a discharge cycle to prolong battery life:
1 Like
FWIW, Iām generally in the same camp. As far as Iām concerned, if a person with malicious intent has your machine, thereās only so much you can do, right?
However, there are also those of us patiently waiting for these updates because theyāll bring additional functionality or stability (namely for me, the larger battery support). This is directly influencing a purchase decision for me. Iām just not willing to risk my machine or put more money down on what is essentially a beta.
I can only offer that additional perspective personally, but I wouldnāt begrudge anyone for wanting security updates as a priority either.
For many, this is also directly tied in with Frameworkās stated mission. Part of repairable hardware is longevity. If weāre gonna have this hardware awhile (as we hope), it should have support for as long as is reasonable (and comparable to other manufacturers).
How we all use our devices varies and the needs are different. It doesnāt let them off the hook.
Like many I hope they do better. Hopefully they will.
7 Likes
Iād agree most people donāt need most bios vulnerabilities patched same-day or even same-week. I think the industry standard of 90 days reflects that reality.
However, being a year and a half out of date should worry most people. The fact that most people donāt pay much attention to their security is a big part of what makes this whole thing so bad; the average user doesnāt even know theyāre vulnerable. And normal people aside, these devices are being marketed to businesses too.
I think this thread is already pretty down to earth. People are calling it bad because yeah, it is actually just bad. For many of us, an insecure device really is a paperweight and thatās the crappy truth of it.
1 Like
Iād like a fix for the issue where, under vaguely moderate load, my laptop will throttle all CPU cores down to 400MHz and hold them there for 5-15 minutes, even though core temperatures are well below the danger zone within seconds of throttling. Since this happens on multiple OSes, Iāve seen it on two different mainboards, and others have experienced it as well, this is most likely a firmware issue (possibly the EC, though, and maybe not the UEFI bits).
If 3.08 (well, 3.06) had gotten the attention it needed over a year ago, I would hope that it would have been released long ago, and Framework could have been working on serious bugs like mine, rather thanā¦ whatever it is theyāve been doing.
2 Likes