Author: Jeff

Trusted Platform Module now available as an add-on for Librem laptops

Over the past few months, we have been busy with a plethora of great projects being set afoot. We have been incrementally building a laptop inventory to ship from, we have been continuing the coreboot enablement work on our laptops, neutralizing—and then disabling—the Intel Management Engine, and launching our much awaited Librem phone campaign, which ended in a very motivating success—involving many great organizations part of the Free Software community, such as Matrix, KDE e.v., the GNOME Foundation, Nextcloud, and Monero.

It really has been a whirlwind of events, and this has been happening in parallel to us continuing our existing R&D and operations work, such as preparing a new batch of laptops—namely the much anticipated Librem 13 with i7 processor.

One particular security R&D project dear to our hearts has been the beginning of our collaboration with “Heads” developer Trammell Hudson, a project that has been quietly going on behind the scenes for the past few months. We are very pleased to announce today that we are making a positive step to make this effort within reach of early adopters, with the availability of a Trusted Platform Module (TPM) as an optional component for currently pending and near-future laptop orders. Read more

Purism Librem Laptops Completely Disable Intel’s Management Engine

SAN FRANCISCO, Calif., October 19, 2017 — Purism’s Librem Laptops, running coreboot, are now available with the Intel Management Engine completely and verifiably disabled.

“Disabling the Management Engine, long believed to be impossible, is now possible and available in all current Librem laptops, it is also available as a software update for previously shipped recent Librem laptops.” says Todd Weaver, Founder & CEO of Purism.

The Management Engine (ME), part of Intel AMT, is a separate CPU that can run and control a computer even when powered off. The ME has been the bane of the security market since 2008 on all Intel based CPUs, with publicly released exploits against it, is now disabled by default on all Purism Librem laptops.

Disabling the Management Engine is no easy task, and it has taken security researchers years to find a way to properly and verifiably disable it. Purism, because it runs coreboot and maintains its own BIOS firmware update process has been able to release and ship coreboot that disables the Management Engine from running, directly halting the ME CPU without the ability of recovery.

“Purism Librem laptops were already the most secure current Intel based computers available on the market today, but disabling the management engine solidifies that statement clearly.” says Zlatan Todoric, CTO of Purism.

The Librem 13 and Librem 15 products can be purchased today and will arrive with the Management Engine disabled by default, and it can be verified to be disabled with the source code released to confirm the disablement is accurate. Showing “ME: FW Partition Table : BAD; ME: Bringup Loader Failure : YES”

“Purism, in the long-term pursuit of liberating hardware at the lowest levels, still has more work to do. Removing the management engine entirely is the next step beyond just disabling it. Coreboot also includes another binary, the Intel FSP, a less worrisome but still important binary to liberate, incorporating a free vBIOS is another step Purism plans to take. The road to a completely free system on current Intel CPUs is not over, but the largest step of disabling the Management Engine is arguably the largest milestone to cross.” says Youness Alaoui, Hardware Enablement Developer at Purism.

See also: our technical write-up on disabling the Management Engine on Purism laptops.


About Purism

Purism is a Social Purpose Corporation devoted to bringing security, privacy, software freedom, and digital independence to everyone’s personal computing experience. With operations based in San Francisco (California) and around the world, Purism manufactures premium-quality laptops, tablets and phones, creating beautiful and powerful devices meant to protect users’ digital lives without requiring a compromise on ease of use. Purism designs and assembles its hardware in the United States, carefully selecting internationally sourced components to be privacy-respecting and fully Free-Software-compliant. Security and privacy-centric features come built-in with every product Purism makes, making security and privacy the simpler, logical choice for individuals and businesses.

Media Contact

Marie Williams, Coderella / Purism
+1 415-689-4029
pr@puri.sm
See also the Purism press room for additional tools and announcements.
 

Purism Collaborates with Cryptocurrency Monero to Enable Mobile Payments

Purism plans to utilize Monero’s privacy respecting platform to build a cash-like, digital payment system for Librem 5 smartphone users

SAN FRANCISCO, Calif., October 13, 2017 — Purism, maker of security focused hardware and software, today announced a collaboration with Monero, the only secure decentralized currency that is private by default. Purism recently started accepting Monero for payments in its online store, and this is a continuation of the company’s support for the cryptocurrency.

As more central services like Equifax are hacked, exposing vulnerable user data in unprecedented ways that cause permanent damage to people’s privacy, it has become clear that centralized, individually identifiable, historic, and permanent digital footprints create a serious threat to digital privacy and human rights. Purism, on the heels of its successful smartphone crowdfunding campaign which has raised more than $1.5 million, is looking to address this threat by incorporating cryptocurrencies by default into its mobile phone design, beginning with Monero.

“We must proactively plan for and address digital rights issues in the here and now, because by the time we face them in the future the damage will be irreversible,” said Todd Weaver, Founder & CEO of Purism. “Collaboration with Monero allows us to offer users a much lower barrier to entry for leveraging the benefits of a cryptocurrency, and our aim is to make it incredibly simple to use your Librem 5 smartphone to make secure, cash-like payments that safeguard your private information.”

Monero’s cryptocurrency offers a fungible, decentralized, private currency that is created to be identical to centuries of physical world transaction processes, primarily that cash given for goods or services is a one-time, non-recorded, mutual transaction.

“Collaborating with Purism addresses a major pain point for Monero. The Librem 5 makes it easy for the average user to use Monero for real world transactions on a mobile platform. In addition, the Librem 5, by using Free Libre Open Source Software provides the user with the opportunity to verify to a very high level its end point security, privacy and decentralization. This is in sharp contrast to many mobile platforms where the user has to trust a proprietary implementation. I am very excited to see the Librem 5 planning to have Monero support by default,” Francisco Cabañas, Core Team Member, The Monero Project.

“Creating a future where a person can buy or sell digital goods or services and still respect their privacy, similarly to cash but on the Internet, is a long-time dream that we plan to make a reality,” says Weaver.

Integrating Monero into Purism’s Librem 5 smartphone as part of its default mobile payment system can solve the problems plaguing the online transaction space, removing banks from the transaction, removing all central storage of private user data, keeping transactions private between two parties, all backed by the strength of an immutable cryptographic blockchain ledger.

About Monero

The Monero Project is a grassroots, community-driven initiative that advocates for privacy on a global scale by producing several free libre open source software projects, with the flagship offering being Monero, a fungible and decentralized cryptocurrency. The important guiding philosophies of Monero are security (ensuring that users are able to trust Monero with their transactions, without risk of error or attack), privacy (ensuring that users can transact Monero without fear of coercion, censorship, or surveillance), and decentralization (ensuring that no single person or group can control the network or reverse transactions). The goal is to provide a level of fungibility and privacy that is analogous to that of cash for the digital world.

About Purism

Purism is a Social Purpose Corporation devoted to bringing security, privacy, software freedom, and digital independence to everyone’s personal computing experience. With operations based in San Francisco (California) and around the world, Purism manufactures premium-quality laptops, tablets and phones, creating beautiful and powerful devices meant to protect users’ digital lives without requiring a compromise on ease of use. Purism designs and assembles its hardware in the United States, carefully selecting internationally sourced components to be privacy-respecting and fully Free-Software-compliant. Security and privacy-centric features come built-in with every product Purism makes, making security and privacy the simpler, logical choice for individuals and businesses.

Media Contact

Marie Williams, Coderella / Purism
+1 415-689-4029
pr@puri.sm
See also the Purism press room for additional tools and announcements.
 

Over $1.6 million raised for the Librem 5 — What this means for you

This Monday, 14 days early, we have crossed a historic milestone. By helping us reach our $1.5M goal early, you have secured your future and freed yourself from the chains of privacy-stripping mobile platforms and allowed us to continue upholding your digital rights with a convenient product made “by the people and for the people”; you have proven that there is a market demand for in-depth security & privacy-focused smartphones that can withstand the test of credibility, by virtue of true community ownership and auditability of the code.

With this milestone comes not only rejoicing about our collective achievement (and the potential of an even greater achievement in weeks to come, as contributions continue to add-up), but also the assurance that the Librem 5 phone project, as a product, will happen. The dreams of a generation will finally come to reality with a convenient smartphone hardware offering that you can truly own and control.

The $1.5 million milestone allows us to do a couple of things as it relates to the production of the physical product:

  • Immediately resume negotiations with component suppliers, with a much stronger hand (with money on the table to enter contractual relationships)
  • Produce more complete prototypes to evaluate, in order to begin development now
  • Move into hardware production as soon as possible, for the development kit
  • Begin developing the base software platform with the help of the community (fully in the open, upstream-first approach) to bring the product’s software to first stage “usable state” for early adopters.
  • Move into hardware production for finalized hardware products, begin order fulfillment for those who want their devices early (and are ready to help us smooth out the rough edges from the software side, in the beginning).

This will also allow us to seek additional partnerships and investment in parallel to amplify and speed-up our project.

…let’s go above and beyond: to stretch goals!

The goals above already represent a groundbreaking step for users around the world who have been clamoring—for years—for a mobile platform they can truly trust and own. But it’s only the beginning! As we are writing this, we are already at $1.6 million and counting, but we need to push further to accomplish more.

Indeed, to make this hardware product an even more compelling offer beyond early-adopters, we should go beyond the “base platform” and make it into an “awesome user experience”, as much as possible. This is something we hope to achieve by reaching a number of stretch goals in this campaign:

  1. $4m = VoIP phone number, call-in, call-out features: what this means is that we need to reach the $4 million milestone to hire the Matrix team to implement calls to/from the POTS/PSTN, to complement the existing VoIP features.
  2. $6m = Reverse engineering faster WiFi/Bluetooth firmware
  3. $8m = Free encrypted VPN tunnel service for all backers for 1 year
  4. $10m = Run Android applications in isolation on the Librem 5

Let’s do this!

Purism Meets Its $1.5 Million Goal for Security Focused Librem 5 Smartphone One Week After Surging Past the 50% Mark

Self-hosted crowdfunder out grosses combined funding of Purism’s previous three campaigns

SAN FRANCISCO, Calif., October 9, 2017 — Purism, the social purpose corporation which designs and produces popular privacy conscious hardware and software, has reached its $1.5 million crowdfunding goal to create the world’s first encrypted, open smartphone ecosystem that gives users complete device control, the Librem 5. After amassing incredible support from GNU/Linux enthusiasts and the Free/Open-Source community at large, forging partnerships with KDE and the GNOME Foundation in the process, Purism plans to use the remaining two weeks of the campaign to push for its stretch goals and start working on the next steps for bringing the phone to market.

Reaching the $1.5 million milestone weeks ahead of schedule enables Purism to accelerate the production of the physical product. The company plans to move into hardware production as soon as possible to assemble a developer kit as well as initiate building the base software platform, which will be publicly available and open to the developer community.

Breaking away from the iOS/Android OS duopoly, the Librem 5’s isolation-based security-focused PureOS will offer basic communication services: phone, email, messaging, voice, camera, browsing, and will expand after shipment and over time to update with more free software applications, through shared collaboration with the developer community (not “read-only open source”, but true free software collaboration). In addition to the ability to integrate with both GNOME and Plasma Mobile, the $599 Librem 5 will come equipped with hardware kill switches, a popular feature in Purism’s laptops, that allow for users to turn on and off the camera, microphone, WiFi and Bluetooth at will.

“We are thrilled that the community has supported us in making this goal a reality, and now comes the real work of bringing the Librem 5 to production and into the hands of our backers,” says Todd Weaver, Founder and CEO, Purism. “We believe we’ve demonstrated a growing interest in technologies that proactively protect and secure our digital identities, and are proud to be a part of catalyzing this movement.”

The impressive milestone has already generated celebration in the community:

About Purism

Purism is a Social Purpose Corporation devoted to bringing security, privacy, software freedom, and digital independence to everyone’s personal computing experience. With operations based in San Francisco (California) and around the world, Purism manufactures premium-quality laptops, tablets and phones, creating beautiful and powerful devices meant to protect users’ digital lives without requiring a compromise on ease of use. Purism designs and assembles its hardware in the United States, carefully selecting internationally sourced components to be privacy-respecting and fully Free-Software-compliant. Security and privacy-centric features come built-in with every product Purism makes, making security and privacy the simpler, logical choice for individuals and businesses.

Media Contact

Marie Williams, Coderella / Purism
+1 415-689-4029
pr@puri.sm
See also the Purism press room for additional tools and announcements.
 

Librem 5 Campaign Surges Past One Million Dollars

Purism Raises $1 Million to Deliver KDE, GNOME Foundation and Matrix Endorsed Security Phone to Crowdfunding Backers

Support for Encrypted, Privacy Smartphone Librem 5 Reaches Two-Thirds Mark With 2.5 Weeks To Go

SAN FRANCISCO, Calif., October 4, 2017 — As overwhelming support continues to pour in from the people wanting to have an ethical mobile phone that avoids Google Android and Apple iOS, Purism, the manufacturer that builds high-quality, top of the range and freedom-respecting devices, earlier today surpassed the $1 million milestone in their current crowdfunding campaign which will allow the company to build the Librem 5: the first truly privacy and security focused smartphone that has been endorsed by Matrix.org, KDE and the GNOME Foundation.

Purism, no stranger to successful crowdfunding campaigns, has built and established a strong reputation from programmers, security experts, and people wanting to protect their digital life by delivering on their promise to manufacture and distribute high-end privacy and security focused laptops that are the most secure high-end current computing devices on the market today. Crowdfunded campaigns for the Librem 15 and Librem 13 laptops in 2015 both doubled their funding goals and was delivered to backers. Reception and demand for both laptops fueled Purism to manufacture more units which were made accessible for General Availability earlier this summer.

One of the more popular features from the Librem 15 and Librem 13 that will be included in the $599 Librem 5 is the hardware kill switches that allow users to turn on and off the camera, microphone, WiFi and Bluetooth at will.

Providing a new alternative outside of the iOS/Android OS duopoly, the Librem 5’s isolation-based security-focused PureOS, upon shipment, in addition to the having the ability to integrate with both GNOME and Plasma Mobile, will offer basic communication services: phone, email, messaging, voice, camera, browsing, and will expand after shipment and over time to update with more free software applications, through shared collaboration with the developer community. Key to providing this in the Librem 5, Purism is partnering with open​ ​source​ ​communications​ ​project​ ​Matrix.org to enable end-to-end​ ​encrypted​, ​decentralized communication​ ​in​ the ​dialler​ ​and​ ​messaging​ ​app.

The crowdfunding campaign raised $100,000 in the first 100 hours and raised over $200,000 in each of the last three weeks, reaching $1 million in individual preorders, enterprise sales and community support with just under three weeks left to go.

News of the proposed phone has been met with enthusiasm and excitement for the hope of this new fully free/libre and open-source GNU/Linux phone hitting the market:

Librem 5, GNU/Linux-powered smartphone w/Privacy features – Lunduke Show

Why you should support the Librem 5 phone. (IT RUNS GNU/LINUX)

Purism’s Librem 5 Phone – Count Me In 🙂

Matrix Live – Purism Librem 5 Special!

“Crossing $1 million in funding this early with the help of uniting many ethical communities and security-conscious parties has been really exciting,” says Todd Weaver, Founder and CEO, Purism. “We are on our way to the $1.5m goal allowing us to deliver a phone that finally frees us from the shackles of the Android and iOS smartphone duopoly.”

About Purism

Purism is a Social Purpose Corporation devoted to bringing security, privacy, software freedom, and digital independence to everyone’s personal computing experience. With operations based in San Francisco (California) and around the world, Purism manufactures premium-quality laptops, tablets and phones, creating beautiful and powerful devices meant to protect users’ digital lives without requiring a compromise on ease of use. Purism designs and assembles its hardware in the United States, carefully selecting internationally sourced components to be privacy-respecting and fully Free-Software-compliant. Security and privacy-centric features come built-in with every product Purism makes, making security and privacy the simpler, logical choice for individuals and businesses.

Media Contact

Marie Williams, Coderella / Purism
+1 415-689-4029
pr@puri.sm
See also the Purism press room for additional tools and announcements.
 

Librem 5 Surges Past 50 Percent of its $1.5 Million Funding Goal To Deliver Encrypted, Privacy Smartphone That Won’t Track Users

Crowdfunding support for GNOME Foundation and KDE backed security phone from Purism tops $900,000 with 3 weeks to go

SAN FRANCISCO, Calif., October 2, 2017 — With overwhelming support from the Free/Libre, Open Source and GNU/Linux communities in addition to recent partnerships with KDE and the GNOME Foundation, Purism, the manufacturer that builds high-quality, top of the range and freedom-respecting devices, has surpassed the 50 percent mark of their $1.5 million goal in their current crowdfunding campaign which will allow the company to build the first fully free/libre and open source smartphone: the Librem 5.

Breaking away from the iOS/Android OS duopoly, the Librem 5’s isolation-based security-focused PureOS, upon shipment, will offer basic communication services: phone, email, messaging, voice, camera, browsing, and will expand after shipment and over time to update with more free software applications, through shared collaboration with the developer community (not “read-only open source”, but true free software collaboration). In addition to the ability to integrate with both GNOME and Plasma Mobile, the $599 Librem 5 will come equipped with hardware kill switches, a popular feature in Purism’s laptops, that allow for users to turn on and off the camera, microphone, WiFi and Bluetooth at will.

With just under four weeks to go, the crowdfunding campaign raised $100,000 in the first 100 hours and raised over $200,000 in each of the last two weeks, increasing their total to over $900,000 with just over 3 weeks left to go.

News of the proposed phone has been met with enthusiasm and excitement for the hope of this new fully free open-source Linux phone hitting the market:

“Getting endorsements for the Librem 5 hardware from both KDE and the GNOME Foundation took us a huge step towards creating a phone that frees us from the handcuffs of Android and iOS, and we hope this continues as we get closer to reaching our goal,” says Todd Weaver, Founder and CEO, Purism.

About Purism

Purism is a Social Purpose Corporation devoted to bringing security, privacy, software freedom, and digital independence to everyone’s personal computing experience. With operations based in San Francisco (California) and around the world, Purism manufactures premium-quality laptops, tablets and phones, creating beautiful and powerful devices meant to protect users’ digital lives without requiring a compromise on ease of use. Purism designs and assembles its hardware in the United States, carefully selecting internationally sourced components to be privacy-respecting and fully Free-Software-compliant. Security and privacy-centric features come built-in with every product Purism makes, making security and privacy the simpler, logical choice for individuals and businesses.

Media Contact

Marie Williams, Coderella / Purism
+1 415-689-4029
pr@puri.sm
See also the Purism press room for additional tools and announcements.
 

GNOME Foundation Partners with Purism to Support Its Efforts to Build the Librem 5 Smartphone

Orinda, CA/San Francisco, September 19, 2017 – The GNOME Foundation has provided their endorsement and support of Purism’s efforts to build the Librem 5, which if successful will be the world’s first free and open smartphone with end-to-end encryption and enhanced user protections. The Librem 5 is a hardware platform the Foundation is interested in advancing as a GNOME/GTK phone device. The GNOME Foundation is committed to partnering with Purism to create hackfests, tools, emulators, and build awareness that surround moving GNOME/GTK onto the Librem 5 phone. Read more

GNOME & KDE: The Purism Librem 5 phone is building a shared platform, not walled gardens

You might have heard about our Librem 5 phone campaign that we recently launched and that has now crossed the $300,000 milestone. If you are reading this particular blog post, it is quite probably because you are a member of the great GNOME/KDE/freedesktop community, and if you were expecting the Librem 5 to be only “a GNOME phone” and exclusionary of others you will be happy to know that Purism is working with both KDE e.V. and the GNOME Foundation, and will continue to do so.

As a matter of fact, to the question “Will you be running GNOME, Plasma, or your own custom UI?”, our campaign page’s FAQ stated, from the beginning:

“We will be working with both GNOME/GTK and KDE/Plasma communities, and have partnered with the foundations behind them for the middleware layer. PureOS currently is GNOME-based and our great experience with working with GNOME as an upstream as well as GNOME’s OS and design-centric development model; however we will also test, support, and develop with KDE and the KDE community, and of course we will support Qt for application development. We will continue to test GNOME and Plasma, and should have a final direction within a month after funding success. Whatever is chosen, Purism will be working with both communities in an upstream-first fashion.”

As a point of clarification, Purism is supporting GNOME/GTK and will continue to do so; Purism is also supporting KDE/Plasma and will continue; forming partnerships with these great communities is a way to establish our long-term commitment to those goals.

Likewise, Purism will ship PureOS by default on the Librem 5, but will support and work with other GNU/Linux distributions wishing to take advantage of this device.

The Librem 5 is about users reclaiming their rights to freedom, privacy and security on their mobile communication devices (also known as pocket computer, smartphone, etc.) with a platform that they love and trust. It is not about creating walled gardens, erecting barriers and division in the free desktop community, and reigniting the Desktop Wars of the past:

We are planning to empower users to run both GNOME, KDE, or whatever they see fit, on their GNU+Linux phone—just like we can have both GNOME and KDE on the same desktop/laptop today. The fact that we are going to be making an integrated convenient product that may or may not be a vanilla or heavily modified version of one of these two desktops as the “official recommended turnkey product choice for customers” takes away nothing from the value of these environments or from the ability to run and tinker with whatever Free and Open-Source software you see fit on your device—a device that you can truly own.

What we are providing here is a reference platform that is not Android, for both GNOME and KDE communities—we just so happen to need to provide it as a turnkey usable product for less tech-savvy customers as well, while doing it 100% in the open, upstream-first, like a true Free Software project should be. Right now, the exact set of software technologies we will base our “integrated product” on—whether closely based on KDE, or GNOME—is something we are still evaluating and will decide along the way. There is no “us” vs “them” here. The two projects are in different states of advancement when it comes to mobile and touch technologies, and both communities have their specificities, expertise, and strengths. No matter which project we pick as the basis to invest most of our technical resources in, both projects will win:

  • Even if one project is not chosen as the reference product user interface, it gains a hardware reference platform that community members can standardize on, and thus improve itself however they see fit.
  • This is not the nineties. GNOME and KDE have had a healthy collaboration relationship for the better part of a decade now!
  • We light up a competitive fire again in the hearts of contributors in both communities—and beyond. We can now fight for a platform we truly own, from the backend and middleware to the graphical user interface. No more proprietary UIs, no more “fork everything in middleware!”
  • We will still provide support to developers and testers across the board, everybody is welcome.

From a higher perspective, we believe this campaign is vital to the relevance of Free Software and the viability of GNU+Linux (vs Android+Linux) beyond the desktop, and to protect ourselves from pervasive surveillance and data capitalism. We hope you will see it in this light as well.