even so I like the sustainable concept of framework a lot, security and fail-safe are major points.
to make it a more secure laptop
- use (core-) boot-env to disable the infamous IME
- the masterkey of the TPM chip must only be known to/programmable by the user
- a second M2 nvme for Raid 1 for the OS
- a power-off switch for the wireless BT/WIFI card
for me, the next challenge & therefore HW, needs to run QubeOS, due to sensitive information which will be processed.