Librem 5 progress report #15

These last few weeks, the Librem 5 team has been hard at work improving the current software stack as well as making great strides towards finalizing the development kit schematic. Here are the highlights of the exciting progress that has been made.

Software Work

Images

The images produced for the i.MX6 board now have phosh as the default shell and we are experimenting with PureOS as the base OS (instead of Debian buster). There is also now an x86_64 raw VM image being produced and you can follow these instructions on getting a copy of the image and running it. The VM image uses the same screen resolution that the actual Librem5 phone will use.

While the i.MX6 images have been developed for the current hardware in the team’s hands, work continues on the image to be used on the i.MX8-based development board and actual phone. Note that during the investigation of the i.MX8 CPU, there were freedom issues that needed to be addressed. To read more about this, checkout the Solving the first FSF RYF hurdle for the Librem 5 blog post.

The image built for the i.MX8 board can now boot a very basic mainline kernel (instead of the vendor kernel offered up by the manufacturer). The next steps are to bring more components (like the display) online and to upstream these changes. All in all though, this i.MX8 image is really coming together!

Phosh/wlroots

At some point, most people will likely use their Librem 5 at night so having redshift in place makes the screen easier on the eyes. There was some work done to implement some of Mutter‘s DBus API in phosh, needed for e.g. display configuration and redshift. So now, phosh can detect the attached outputs and supported video modes and report them in a mutter/gnome-shell compatible way so they show up in gnome-settings and gnome-settings-daemon is happy. This is the base for future gamma control work (redshift). This depends on a patch to wlroots which is currently under discussion.

Other phosh usability improvements have been made as well. The lock screen timeout has been increased to allow for a bit more time to log in. Also, the favorites / home screen handling has been corrected to properly wrap columns and add scroll bars when necessary.

Since phosh is the shell and it works hand-in-hand with wlroots, they both are key areas for the image development. There have been frequent updates to wlroots to stay current with the upstream snapshots. A minor issue was fixed in upstream wlroots to improve the error handling of compiling for armhf. Also support for adding custom video modes has been added to wlroots. Work on Gcr system-prompt integration is being done in phosh. This  will solve a heap of authentication and modal dialog issues with PINs, PUKs, passwords, smart cards and keyrings by leveraging what’s already in GNOME.

Keyboard

There has been ongoing work into the onscreen keyboard (virtboard) which has led to virtboard being included in the images. In order for virtboard to show/hide when needed, merging of an input method (text-input) into wlroots was needed and GTK+ upstream was contacted about upstreaming the input method code. We are working on a patch securing the input method in our compositor. There has also been continued feedback from upstream on upstreaming the virtual keyboard protocol. The keyboard scales much better now too!

Calls

The calls application has also been added to the images for easy access. Within the calls app, the sending of DTMF tones has been added so that you can now hear those familiar sounds when touching a number on the keypad.

To make calls more robust, the possibility of doing unit tests of Calls’ oFono provider backend using the phonesim simulator were explored but unfortunately running ofonod requires root privileges in order to  take ownership of the well-known name, org.ofono, which makes testing a massive headache if not impractical. Still though, unit tests for the Calls Provider interface using the dummy implementation, as well as tests for Origin and Call interfaces have been added.

Libhandy

The libhandy GTK+ widget has seen some growth too. HdyColumn has been added to help out with dynamic column resizing. There have also been some unit tests added for HdyArrows (used for directional swiping). A first version of libhandy has been released and v0.0.1 has even been uploaded to Debian experimental!

Epiphany/GNOME Web

The web browser on the Librem 5 will be Epiphany so adaptive changes have been merged upstream to improve the usability on small screens. An in-window app-menu for Epiphany has started to be implemented and is still a work in progress.

Messaging

A demo app for libpurple has been drafted and an XMPP conversation has been established between the demo app and Dino. For encryption, an OMEMO conversation running with libpurple and the Lurch plugin was established. There has also been a conversation-view that pulls avatar/account data from a buddy list stored in xml. The ofono interface in SMS/XMPP was implemented into the demo app as well.

Hardware Work

External factors have caused our development board schedule to slip beyond our initial June projected ship date. While developing the schematic for the development board, not all information was readily available so investigations were needed on various components (e.g. cameras, WLAN+BT, batteries, switches, push buttons, etc), and circuits needed to be added before the schematic is considered ready for review by the third party that will print the boards. The Librem 5 hardware team has done all of these required tasks and are in the process of ordering parts to be sent to the manufacturer of the boards. Our current rough estimate for shipment of the development boards is August 2018 but stay tuned for a more detailed blog post on the subject.

Community Outreach

The Librem 5 matrix chat rooms have really exploded with lots of fantastic feedback and questions. Some community members have even stepped up to help find new issues, fix some issues, and  add to the documentation. Due to the demand from the community, there is now an x86_64 VM raw image available that looks just like what the team is installing on the i.MX6 boards.

The Purism collaboration with the Plasma community continues as well. There are now some arm and aarch64 flatpaks of Plasma software. The Purism team is also actively investigating building a Plasma image for the i.MX6 boards as well.

Developer documentation changes have also been made to better guide everyone to the right places:

  • The volunteers page has been updated with more clear instructions on how to participate.
  • Regardless of the type of board (whether physical or emulated), common steps have been added to a first steps page.
  • There are now instructions on setting up the x86_64 VM image.
  • Contribution guidelines have been posted to demonstrate the preferred communication processes
  • A GTK+ page has been added with example apps and includes documentation on adaptive labels.
  • A phone constraints page has been added to outline some specific constraints that should be considered when developing apps for the Librem 5 phone.

We also recently attended the GUADEC conference in Spain where we got to interact with a lot of wonderful folks excited about the Librem 5. More on the GUADEC conference to com in a future progress report.

A big Thanks goes out to all of the external teams that have helped review and merge changes into upstream projects. Everyone’s time and contribution is much appreciated!

That’s all for now folks. Stay tuned for more exciting updates to come!

Warehouse Clearance Sale! Librem laptops starting at $999

We sometimes get asked whether we will sell previous Librem models at a discount. The fact is that we normally don’t have a lot of Librem laptops lying around–the current stock sells out quickly and we order new batches. However, we also sometimes offer more than one type of Librem 13 or 15 laptop so customers can pick which hardware appeals most to them. Most recently this happened when we offered you the choice of i5 vs. i7 CPU and the choice of adding on a TPM chip. The demand for the i7 CPU and TPM chips were overwhelming to the point that both the i7 and TPM chip are now standard on our entire product line.

Standardizing on i7 and TPM means that we still have some laptops in the warehouse that either have an i5 CPU or don’t feature TPM so we will be offering these models at a significant discount! As you might expect, supplies are limited–when we run out of these models they are gone for good so you have to act fast. Like our current Librem 13 and Librem 15 laptops these are new in box and have our standard warranty and free international shipping.

Here’s what’s on sale:

  • Librem 13 (i5 CPU) US keyboard, no TPM: starting at $999
  • Librem 13 (i5 CPU) UK keyboard, no TPM: starting at $999
  • Librem 13 (i7 CPU) US keyboard, no TPM: starting at $1199
  • Librem 13 (i7 CPU) UK keyboard, no TPM: starting at $1199
  • Librem 15 (i7 CPU) US keyboard, no TPM: starting at $1399
  • Librem 15 (i7 CPU) UK keyboard, no TPM: starting at $1399

All of these models are now available for sale on our warehouse clearance page while supplies last!

Why Freedom is Essential to Security and Privacy

This post is based off of “Freedom, Security and Privacy” a keynote I gave at OpenWest 2018. You can see the full video of the talk here.

Freedom, security and privacy are interrelated. The relationship between these three concepts is more obvious in some cases than others, though. For instance, most people would recognize that privacy is an important part of freedom. In fact, studies have shown that being under surveillance changes your behavior such as one study that demonstrates that knowing you are under surveillance silences dissenting views. The link between privacy and security is also pretty strong, since often you rely on security (encryption, locked doors) to protect your privacy.

The link between freedom and security may be less obvious than the others. This is because security often relies on secrecy. You wouldn’t publish your password, safe combination or debit card PIN for the world to see, after all. Some people take the idea that security sometimes relies on secrecy to mean that secrecy automatically makes things more secure. They then extend that logic to hardware and software: if secret things are more secure, and proprietary hardware and software are secret, therefore proprietary hardware and software must be more secure than a free alternative.

The reality is that freedom, security and privacy are not just interrelated, they are interdependent. In this post I will analyze the link between these three concepts and in particular how freedom strengthens security and privacy with real world examples.

Do Many Eyes Make Security Bugs Shallow?

A core tenet of the Free Software movement is “many eyes make bugs shallow.” This statement refers to the fact that with proprietary software you have a limited amount of developers who are able to inspect the code. With Free Software, everyone is free to inspect the code and as a result you end up with more people (and more diverse people) looking at the code. These diverse eyes are more likely to find bugs than if the code were proprietary.

Some people extend this idea to say that many eyes also make security bugs shallow. To that I offer the following counterpoint: OpenSSL, Bash and Imagemagick. All three of these projects are examples where the code was available for everyone to inspect, but each project had critical security bugs hiding inside of the code for years before it was found. In particular in the case of Imagemagick, I’m all but certain that security researchers were motivated by the recent bugs in OpenSSL and Bash to look for bugs in other Free Software projects that were included in many embedded devices. Now before anyone in the proprietary software world gets too smug, I’d also like to offer a counter-counterpoint: Flash, Acrobat Reader and Internet Explorer. All three of these are from a similar vintage as the Free Software examples and all three are great examples of proprietary software projects that have a horrible security track record.

So what does this mean? For security bugs, it’s not sufficient for many eyes to look at code–security bugs need the right eyes looking at the code. Whether the researcher is fuzzing a black box, reverse engineering a binary, or looking directly at the source code, security researchers will find bugs if they look.

When Security Reduces Freedom

At Purism we not only develop hardware, we also develop the PureOS operating system that runs on our hardware. PureOS doesn’t have to run on Purism hardware, however, and we’ve heard from customers who use PureOS on other laptops and desktops. Because of this, we sometimes will test out PureOS on other hardware to see how it performs. One day, we decided to test out PureOS on a low-end lightweight notebook, yet when we went to launch the installer, we discovered that the notebook refused to boot it! It turns out that Secure Boot was preventing the PureOS installer from running.

What is Secure Boot and why is it problematic?

Secure Boot is a security feature added to UEFI systems that aims to protect systems from malware that might attack the boot loader and attempt to hide from the operating system (by infecting it while it boots). Secure Boot works by requiring that any code it runs at boot time be signed by a certificate from Microsoft or from vendors that Microsoft has certified. The assumption here is that an attacker would not be able to access the private keys from Microsoft or one of its approved vendors to be able to sign its own malicious code. Because of that, Secure Boot can prevent the attacker from running code at boot.

When Secure Boot was first announced, the Linux community got in quite an uproar over the idea that Microsoft would be able to block Linux distributions from booting on hardware. The counter-argument was that a user could also opt to disable Secure Boot in the UEFI settings at boot time and boot whatever they want. Some distributions like Red Hat and Ubuntu have taken the additional step of getting their boot code signed so you can install either of those distributions even with Secure Boot enabled.

Debian has not yet gotten their boot code signed for Secure Boot and since PureOS is based off of Debian, this also means it cannot boot when UEFI’s Secure Boot is enabled. You might ask what the big deal was since all we had to do is disable Secure Boot and install PureOS. Unfortunately, some low-cost hardware saves costs by loading a very limited UEFI configuration that doesn’t give you the full range of UEFI options such as changing Secure Boot. That particular laptop fell into this category so we couldn’t disable Secure Boot and as a result we couldn’t install our OS–we were limited to operating systems that partnered with Microsoft and its approved vendors.

Secure Booting: Now with Extra Freedom

It’s clear that protecting your boot code from tampering is a nice security feature, but is that possible without restricting your freedom to install any OS you want? Isn’t the only viable solution having a centralized vendor sign approved programs? It turns out that Free Software has provided a solution in the form of Heads, a program that runs within a Free Software BIOS to detect the same kind of tampering Secure Boot protects you from, only with keys that are fully under your control!

The way that Heads works is that it uses a special independent chip on your motherboard called the TPM to store measurements from the BIOS. When the system boots up, the BIOS sends measurements of itself to the TPM. If those measurements match the valid measurements you set up previously, it unlocks a secret that Heads uses to prove to you it hasn’t been tampered with. Once you feel confident that Heads is safe, you can tell it to boot your OS and Heads will then check all of the files in the /boot directory (the OS kernel and supporting boot files) to make sure they haven’t been tampered with. Heads uses your own GPG key signatures to validate these files and if it detects anything has been tampered with, it sends you a warning so you know not to trust the machine and not to type in any disk decryption keys or other secrets.

With Heads, you get the same kind of protection from tampering as Secure Boot, but you can choose to change both the TPM secrets and the GPG keys Heads uses at any time–everything is under your control. Plus since Heads is Free Software, you can customize and extend it to behave exactly as you want, which means an IT department could customize it to tell the user to turn the computer over to IT if Heads detects tampering.

When Security without Freedom Reduces Privacy

Security is often used to protect privacy, but without freedom, an attacker can more easily subvert security to exploit privacy. Since the end-user can’t easily inspect proprietary firmware, an attacker who can exploit that firmware can implant a backdoor that can go unseen for years. Here are two specific examples where the NSA took advantage of this so they could snoop on targets without their knowing.

  • NSA Backdoors in Cisco Products: Glenn Greenwald was one of the reporters who initially broke the Edward Snowden NSA story. In his memoir of those events, No Place to Hide, Greenwald describes a new NSA program where the NSA would intercept Cisco products that were shipping overseas, plant back doors in them, then repackage them with the factory seals. The goal was to use those back doors to snoop on otherwise protected network traffic going over that hardware.
  • NSA Backdoors in Juniper Products: Just in case you are on Team Juniper instead of Team Cisco, it turns out you weren’t excluded. The NSA is suspected in a back door found in Juniper firewall products within its ScreenOS that had been there since mid-2012. The backdoor allowed admin access to Juniper firewalls over SSH and also enabled the decryption of VPN sessions within the firewall–both very handy if you want to defeat the privacy of people using those products.

While I picked on network hardware in my examples, there are plenty of other examples outside of Cisco, Juniper, and the NSA where because of a disgruntled admin, a developer bug, or paid spyware, a backdoor or default credentials showed up inside proprietary firmware in a security product. The fact is, this is a difficult if not impossible problem to solve with proprietary software because there’s no way for an end user to verify that the software they get from their vendor matches the source code that was used to build it, much less actually audit that source code for back doors.

When Freedom Protects Security and Privacy

The Free Software movement is blazing the trail for secure and trustworthy software via the reproducible builds initiative. For the most part, people don’t install software directly from the source code but instead a vendor takes code from an upstream project, compiles it, and creates a binary file for you to use. In addition to a number of other benefits, using pre-compiled software saves the end user both the time and the space it would take to build software themselves. The problem is, an attacker could inject their own malicious code at the software vendor and even though the source code itself is Free Software, their malicious code could still hide inside the binary.

Reproducible builds attempt to answer the question: “does the binary I get from my vendor match the upstream source code that was used to build it?” This process uses the freely-available source code from a project to test for any tampering that could have happened between the source code repository, the vendor, and you making sure that a particular version of source code will generate the same exact output each time it is built, regardless of the system that builds it. That way, if you want to verify that a particular piece of software is safe, you can download the source code directly from the upstream developer, build it yourself, and once you have the binary you can compare your binary with the binary you got from your vendor. If both binaries match, the code is safe, if not, it could have been tampered with.

Debian is working to make all of its packages reproducible and software projects such as Arch, Fedora, Qubes, Heads, Tails, coreboot and many others are also working on their own implementations. This gives the end user an ability to detect tampering that would be impossible to detect with proprietary software since by definition there’s no way for you to download the source code and validate it yourself.

Freedom, Security and Privacy in Your Pocket

Another great example of the interplay between freedom, security and privacy can be found by comparing the two operating systems just about everyone carries around with them in their pockets: iOS and Android. Let’s rate the freedom, security and privacy of both of these products on a scale of 1 to 10.

In the case of iOS, it’s pretty safe to say that the general consensus puts iOS security near the top of the scale as it often stands up to government-level attacks. When it comes to privacy, we only really have Apple’s marketing and other public statements to go by, however because they don’t seem to directly profit off of user data (although apps still could), we can cut them a bit of a break. When it comes to freedom, however, clearly their walled garden approach to app development and their tight secrecy around their own code gives them a low rating so the end result is:

  • Security: 9
  • Privacy: 6
  • Freedom: 1

Now let’s look at Android. While I’m sure some Android fans might disagree, the general consensus among the security community seems to be that Android is not as secure as iOS so let’s put their security a bit lower. When it comes to freedom, if you dig far enough into Android you will find a gooey Linux center along with a number of other base components that Google is using from the Free Software community such that outside parties have been able to build their own stripped-down versions of Android from the source code. While you have the option to load applications outside of Google’s Play Store, most of the apps you will find there along with almost all of Google’s own apps are proprietary, so their freedom rating is a mixed-bag. When it comes to privacy though, I think it’s pretty safe to rate it very low, given the fundamental business model behind Android is to collect and sell user data.

  • Security: 7
  • Freedom: 5
  • Privacy: 1

Over the long run, the Librem line of products aims to address these concerns.

Why Not All Three?

To protect your own security and privacy, you need freedom and control. Without freedom, security and privacy require the full trust of vendors. However, vendors don’t always have your best interests at heart; in fact, in many cases vendors have a financial incentive to violate your interests, especially when it comes to privacy. The problem is, with proprietary software it can be difficult to prove a vendor is untrustworthy and if you do prove it, it’s even harder to revoke that trust.

With Free Software products, you have control of your trust. You also have the ability to verify that your Free Software vendors are trustworthy. With reproducible builds, you can download the source code and verify it all yourself.

In the end, freedom results in stronger security and privacy. These three concepts aren’t just interrelated, but they are interdependent. As you increase freedom, you increase security and privacy and when you decrease freedom, you put security and privacy at risk. This is why we design all of our products with freedom, security and privacy as strict requirements and continue to work toward increasing all three in everything we do.

Solving the first FSF RYF hurdle for the Librem 5

While investigating using the i.MX 8 for the Librem 5 phone we found an issue that would have been problematic for us to obtain the Free Software Foundation’s “Respects Your Freedom” (RYF) hardware endorsement:

  • In U-Boot there are a number of firmware blobs that need to be loaded into the DDR PHY so that it can be trained to work with DDR4. This training is done on every boot.
  • The normal boot sequence for the i.MX 8 is that the internal ROM loader loads the Secondary Program Loader (SPL) which, in this case, is a small version of U-Boot that can initialize the DDR and load the full U-Boot into DDR to finish the boot process. Very early in the SPL, the training blobs get loaded into the DDR PHY and the training sequence is run. The DDR training procedure is completely un-documented so re-writing the firmware blobs with free/libre or open source versions would be an arduous process.
  • We can’t ignore the DDR PHY because it is interface between the i.MX 8 internal buses and the DDR4 chips outside of the SOC. The DDR PHY is also part of the i.MX 8 silicon so we can’t just replace the DDR PHY with a different one. It also appears that all DDR PHY’s required this training to work with DDR4, so going to a different SOC wouldn’t solve it either.

The RYF has a “secondary processor” exclusion that can be granted on a case by case basis. We will leverage this exclusion to load and train the DDR PHY on the i.MX 8. We will use a secondary processor to keep binary blobs out of u-boot and the kernel. Read more

What is PureOS and how is it built?

PureOS is a general purpose operating system that is based on the Linux kernel and is focused on being an entirely Free (as in freedom) OS. It is officially endorsed by the Free Software Foundation. We adhere to the Debian Social Contract and the GNU FSDG.

PureOS aims to match and surpass mainstream operating systems (such as Windows and macOS) by striking the balance between security and usability, to provide the best possible out-of-the-box experience paired with the best privacy, security, and software freedom protections possible. The idea is to make it easy to feel safe and secure with an operating system you can trust from the ground up and with appropriate tools. Read more

Librem 5 progress report #14

There has been some exciting work done on the Librem 5 project and while there is still plenty of work left, we would like to highlight the accomplishments the team has achieved over the last couple of weeks. So here please enjoy a brief update on our recent efforts and victories.

Software Work

There is so much that goes into the software stack of the Librem 5. There’s the underlying infrastructure like the UI shell and newly developed libraries and protocols. But then there’s the familiar apps that are necessary.

On the nuts and bolts level, our phone shell (phosh) has seen several usability improvements mostly around the lockscreen. One important change is that the lockscreen unlocking has been switched to PAM to better handle the PIN to lock the device. There have also been some additions to the code to better handle multiple outputs (screens). Also, Libhandy is our “handy” UI library for developing GTK+ apps. There has been a recent addition of an arrows widget (HdyArrows) to indicate swiping direction which will be very useful to many applications, especially the lockscreen. Additionally, libhandy has seen some bug fixes and a slight rework of the keyboard handling support. Since graphics are important, we have added Etnaviv support to weston-simple-dmabuf (a Wayland client to test Linux DMA-BUF protocol implementations). We also extended it’s NV12 format support. It’s being used over here to test wlroot’s linux-dmabuf implementation which we wrote a couple of weeks ago. We’d like to especially thank the wlroots and Weston projects for their code reviews, recommendations, and support.

Since you can’t have a phone that doesn’t make phone calls, there have been great strides made on the Calls app and the Calls app can successfully place phone calls now! (And if you missed it, we encourage you to go read the exciting blog post about it.) Along with all of the great work it took to get to this point, the interfaces have been documented in the code. Debian packaging is being put together and we’ve been working to include Flatpak packaging contributed by a member of the community.

Every smart phone needs an On-Screen Keyboard (OSK), so there has been significant development on writing some necessary protocols and getting them upstream. So far the virtual-keyboard protocol has been accepted for inclusion in upstream wlroots. The text-input protocol has also been submitted upstream. To test virtual-keyboard protocol, we created a prototype client based on weston-keyboard. You can read more about the OSK developments in Dorota’s initial blog post on the matter.

Hardware Work

Identifying and testing the individual hardware components that will be present on the dev kit and eventual phone is a non-trivial task. After identifying a component as a potential fit for our needs and receiving a couple of them to test, often kernel modules need to be modified or written before the testing can begin. This was the case when evaluating and testing a low power WiFi card/module, which is still underway. Vibration motors are also being gathered for evaluation and battery chargers are being tested. We are also looking into various camera options.

Community Outreach

The community continues to be at the front of our thoughts. So we have created a general PureOS wiki at wiki.puri.sm that still doesn’t have much details yet but will eventually be a place to look for both general and technical information on PureOS and Purism products. We’ve also fixed an issue with the community email lists so that they are functional now and opened up our Matrix rooms so that you can join our discussions with your already existing Matrix ID. For more information on both the email lists and Matrix rooms, have a look at our volunteer page.

We have been so happy to receive some initial volunteers that are doing fantastic work to help the Librem 5 become awesome. If you’ve been following and contributing to our code repositories, please note that we just moved the hosting from Gogs to GitLab – the new location can be found at source.puri.sm.

That’s all for now folks. Stay tuned for more exciting updates to come!

Last Call for Librem 5 Dev Kit: order yours before June 1st 2018

Purism has finalized the specifications for the Librem 5 development kit and will be placing all the component parts order and fabrication run the first week of June 2018. If you want to have early access to the hardware that will serve as the platform for the Librem 5 phone, you must place your dev kit order before June 1st, 2018. The price for the development kit is now $399, up from the early-bird pricing that was in effect during the campaign and until today. The dev kit is a small batch, “limited edition” product. After this batch, we are not planning for a second run (as the production of the phone itself will replace the dev kit in 2019).

Improved specifications

We decided to wait to get the latest i.MX 8M System On Module (SOM), rather than utilizing the older i.MX 6 SOM, therefore having the dev kit align nicely with the ending phone hardware specifications. This means the dev kits will begin delivery in the latter part of August for the earliest orders while fulfilling other dev kits in September. Choosing to wait for the i.MX 8M SOM also means our hardware design for the Librem 5 phone is still on target for January 2019 because we are pooling efforts rather than separating them as two distinct projects. Our dev kit choices and advancements benefit the Librem 5 phone investment and timeline.

The current dev kit specification is (subject to minor changes during purchasing):

  • i.MX 8M system on module (SOM) including at least 2GB LPDDR4 RAM and 16GB eMMC (NOTE: The Librem 5 phone will have greater RAM and storage)
  • M.2 low power WiFi+Bluetooth card
  • M.2 cellular baseband card for 3G and 4G networks
  • 5.7″ LCD touchscreen with a 18:9 (2:1) 720×1440 resolution
  • 1 camera module
  • 1 USB-C cable
  • Librem 5 dev kit PCB
    • Inertial 9-axis IMU sensor (accel, gyro, magnetometer)
    • GNSS (aka “GPS”)
    • Ethernet (for debugging and data transfer)
    • Mini-HDMI connector (for second screen)
    • Integrated mini speaker and microphone
    • 3.5mm audio jack with stereo output and microphone input
    • Vibration motor
    • Ambient light sensor
    • Proximity sensor
    • Slot for microSD
    • Slot for SIM card
    • Slot for smartcard
    • USB-C connector for USB data (host and client) and power supply
    • Radio and camera/mic hardware killswitches
    • Holder for optional 18650 Li-poly rechargeable battery with charging from mainboard (battery not required and not included!)

The dev kit will be the raw PCB without any outer case (in other words, don’t expect to use it as a phone to carry in your pocket!), but the physical setup will be stable enough so that it can be used by developers. As we finalize the designs and renders we will publish images.

Introducing Calls on the Librem 5

Introduction

Arguably the most critical functionality in a phone is the ability to make and receive calls through the Public Switched Telephone Network (PSTN), that is normal cellular calls using phone numbers. While at Purism we are eager to implement communication systems that enable much greater privacy and security than one can expect from PSTN calls, the PSTN is still the most ubiquitous network and for the time being we can’t very well go around selling a phone that isn’t able to make PSTN calls. Read more