Securing Firmware
Securing boot firmware ensures that your servers are starting from a foundation of trust. Coreboot on servers, such as all three of the Librem Servers from Purism, means you are running the most secure servers available today.
PureBoot adds tamper-detection to Coreboot
PureBoot with the Librem Key enhances coreboot to include tamper-detection where its possible to cryptographically detect any changes to signed firmware, kernel, or software with keys that are under your complete control.
Stopping low-level threats with Coreboot on Servers
There are a great number of threats that attack the lower levels of BIOS and boot process, these are particularly nasty since they outlive the higher level operating system (re)installation process. With coreboot as the thin (thus smaller exploit footprint) boot firmware, the most common known boot exploits are avoidable. By adding PureBoot’s tamper detection with a USB security token, the Librem Key you will gain the ability to notice any changes to your system separate from your boot firmware, putting you in the best position to stop low level threats.
PureBoot Best Practices
Read the PureBoot Best Practices where we describe Purism’s cutting-edge secured boot process that combines a number of technologies including: Neutralized and Disabled Intel Management Engine, Coreboot, Trusted Platform Module (TPM) chip, Heads, kernel, and GRUB config.
Adding the Librem Key to alert the user to tampering with an easy “green light good, red light bad” process, and even integration between the Librem Key and LUKS disk encryption so you can unlock your disk with your Librem Key.
Coreboot on Servers with PureBoot
Coreboot is a key component of PureBoot, so every server offered form Purism includes Coreboot as part of the overall PureBoot secure tamper-detecting boot firmware.
Coreboot is an extended firmware platform that delivers a lightning fast and secure boot experience on modern computers, servers, and embedded systems. Coreboot, like PureBoot, is a Free/Librem and Open Source project therefore it provides auditability and maximum control over technology.
Learn more about Librem Servers and how you can have a secure foundation using PureBoot that includes Coreboot on Servers.