Buying a Framework without Intel Boot Guard or AMD PSB enabled?
Buying a Framework without Intel Boot Guard or AMD PSB enabled?
Is there any progress regarding buying a Framework without Intel Boot Guard or AMD PSB enabled?
There is a dead discussion on the framework community form where framework talked about
exploring the idea of shipping a version of the mainboard with boot guard disabled for those who want to run their own firmware
back in 2021 but nothing since.
https://community.frame.work/t/intel-boot-guard-coreboot/1178
how does boot guard work? can you not just flash new firmware using a ch341a programmer?
Intel Boot Guard stores the public signing key in OTP fuses inside the PCH. Meaning that you need the private key to sign new BIOS firmware. This "feature" has existed since Haswell 4th gen processors.
This is a simplified description of how it works because it's still beyond my full understanding.
More info here: https://github.com/corna/me_cleaner/wiki/Intel-Boot-Guard