alt Hacker NewsMy main worry about all the Minisforum, Beelink, etc. PCs is: potential lack of UEFI firmware updates (does anyone have experience with how good they are with updates?) and potential backdoors in the UEFI firmware (either intentionally or unintentionally). A China-aligned/sponsored group has made an UEFI rootkit targetting ASUS/Gigabyte mainboards: https://www.spiceworks.com/it-security/vulnerability-managem... Why not require/compel certain companies to implement them directly?
Replies
I bought 3 Minisforum machines for a Kubernetes cluster and they didn't make it 11 months. They weren't even powered on most of that time. They just completely freeze with a black screen, and randomly enough to where every time I think maybe I figured out a fix it just crashes again a day later.
Even if there aren't backdoors, things like this[1] affecting AMD Zen CPUs, where microcode signing keys changed and thus the firmware needs to be updated to allow the new keys, would prevent machines from using new microcode updates.
[1] https://github.com/divestedcg/real-ucode?tab=readme-ov-file#...
As a Framework 13 owner, their firmware update history isn't that great either.