I love how capable these tiny N150 machines are. I've got one running Debian for my home media and backup solution and it's never stuttered. I'd be curious about exactly what machine they're testing with. I've got the Beelink ME mini running that media server. And I use a Beelink EQ14 as a kind of jump box to remote into my work desktop.
I'm not the author but my parents have pretty much decided they will never use a game console newer than the nintendo wii, but so far two of their wiis have died. Since no one is making wiis anymore, I decided to future-proof their gaming by setting them up with a mele quieter 4c [0], with the official wii bluetooth module attached over USB for perfect wiimote compatibility, running the dolphin emulator. Not every game runs perfectly, but every game they want to play runs perfectly AND it is smaller, silent, and consumes less power than the real wii.
[0] My experience with that mini computer: I bought two. The first one was great, but the 2nd one had coil whine so I had to return it. Aside from the whine, I love the box. If I could guarantee I wouldn't get whine I'd buy another today.
Would you mind sharing the Linux hardware platform security report ("fwupdmgr security") for those Beelink boxes, e.g. what is enabled/disabled by the OEM? N150 SoC supports Intel TXT, which was previously limited to $800+ vPro devices, but it requires BIOS support from OEMs like Beelink. Depending on HSI status, OSS coreboot might be feasible on some N150 boxes.
Happy to share the report from the ME Mini box (below). But the other one is running Windows so I can't help there. Thanks to this I was able to find I'd initially left off secure boot and was able to fix a couple of its suggestions at least, but if I'm understanding the HSI status and coreboot needs, there's fuses flipped that would prevent it.
WARNING: UEFI capsule updates not available or enabled in firmware setup
See https://github.com/fwupd/fwupd/wiki/PluginFlag:capsules-unsupported for more information.
Host Security ID: HSI:0! (v2.0.8)
HSI-1
csme override: Locked
csme v0:16.50.15.1515: Valid
Platform debugging: Disabled
SPI write: Disabled
Supported CPU: Valid
TPM empty PCRs: Valid
TPM v2.0: Found
UEFI bootservice variables: Locked
UEFI secure boot: Enabled
BIOS firmware updates: Disabled
csme manufacturing mode: Unlocked
SPI lock: Disabled
SPI BIOS region: Unlocked
UEFI platform key: Invalid
HSI-2
Intel BootGuard: Enabled
IOMMU: Enabled
Platform debugging: Locked
TPM PCR0 reconstruction: Valid
Intel BootGuard ACM protected: Invalid
Intel BootGuard OTP fuse: Invalid
Intel BootGuard verified boot: Invalid
HSI-3
CET Platform: Supported
Intel BootGuard error policy: Invalid
Pre-boot DMA protection: Disabled
Suspend-to-idle: Disabled
Suspend-to-ram: Enabled
HSI-4
SMAP: Enabled
Encrypted RAM: Not supported
Runtime Suffix -!
fwupd plugins: Untainted
Linux kernel lockdown: Enabled
Linux kernel: Untainted
CET OS Support: Not supported
Linux swap: Unencrypted
UEFI db: Invalid
This system has a low HSI security level.
» https://fwupd.github.io/hsi.html#low-security-level
This system has HSI runtime issues.
» https://fwupd.github.io/hsi.html#hsi-runtime-suffix
