I am looking for a new laptop right now and want to go the privacy route.
I was looking at this YCombinator Thread (NovaCustom – Framework Laptop alternative focusing on privacy | Hacker News), and started wondering if there are plans to do the following:
Framework isn’t the laptop for you. I’ll tell you that right now. If you are paranoid enough to want tamper evident screws and packaging, buy purism or something like that.
There has been little official movement on open sourcing the firmware as well.
Privacy screens can be applied as a film to any laptop. I purchased one for my FW13 when I owned it and was satisfied.
What do you mean by “little movement on open-sourcing the firmware?” The EC firmware source is right here on their GitHub, and there’s a table of codename → product translations for each branch (original post here):
(Admittedly it is easy to read but hard to customize. I just wanted to change some PL1 TDP constants in the source code once and couldn’t even get to reproduce the default firmware for the FW12. The build system is so confusing, and I asked for help in multiple places months ago and got no help.)
They’re probably more referring to [RESPONDED] Coreboot on the Framework Laptop
Sorry, I don’t understand. What other firmware is there beyond the EC?
The UEFI firmware. Currently Framework runs proprietary Insyde firmware and arguably it’s more important to be open as it boots and runs before a bootloader, it can also run code in System Management Mode giving it control over the running OS. However it’s also much more complicated as it’s responsible for memory training and all sorts of stuff that happens before the computer has properly booted.
That would be exactly what I was referring to, yes. I am well aware that the EC is open source. And I specifically said official movement as there has been some progress in very recent days from some enterprising individuals to bring Coreboot and OpenSIL to the FW16 and potentially the AMD FW13 after that.
Framework has not shown any interest in core boot over many years. It simply won’t happen. It would cost between 10-15K for the initial port according to someone knowledgeable of such things in the main coreboot thread. That’s pocket change to Framework. They aren’t interested, end of story.
if you want to read the main thread, I have linked it above. It spans almost 5 years now.
Thanks for link.
If it’s only 15k, it seems so ridiculous they haven’t done it yet, that it’s suspicious.
That being said, maybe the opportunity cost is way higher than 15k. Eg. all other work their engineers could be doing is more impactful.
Cute idea, but maybe we need to start working there, or raise a lot more money (Assuming a 3 letter org isn’t pushing the other direction)
I think the lack of coreboot support directly from Firmware might also have something to do with the ‘low’ risk appititae Framework has, they certainly know the customer base (tinkerers, pro privacy, pro opensource…etc in various mixes / priorities) to some extent. “Can’t boot mainboard” will be an even more so of an issue… Warranty coverage has to first determine if it’s due to flashing coreboot or flashing official bios in order to void / not void the warranty. This step costs resources…better not go there to begin with.
I’d go as far as saying they still have gaps even with their own official BIOS update process.. So, until that becomes robust enough, having additional BIOS update pathways is just adding another risk channel.
Framework has not shown any interest in core boot over many years. It simply won’t happen.
That’s not true. The job listings are not there anymore (hooray!) but there were two listings for firmware developer which specified coreboot and tianocore experience/familiarity.
Just because no one from FW gets involved in threads about it doesn’t mean they aren’t interested in it.
And they could’ve just taken the listings down. We have no insight as to if the positions were actually filled.
Read the Coreboot thread. They said they weren’t interested. It was years ago, yes but there have been zero statements/actions to the contrary since then. I’m not saying Framework is actively hostile, they aren’t. But they aren’t visibly actively working on it either.
@Second_Coming is right. Completely. I have no more to add to that.
