Category: Additional Press Information

Intended for PR – used to filter out posts intended for the press

Introducing the Librem Key

A few months ago we announced that we were partnering with Nitrokey to produce a new security token: the Librem Key and I’m pleased to announce that today the Librem Key is available for purchase on our site for $59.

What is a USB Security Token?

In case you haven’t heard of USB security tokens before, they are devices typically about the size of a USB thumb drive that can act as “something you have” for multi-factor authentication. With so many attacks on password logins, most security experts these days recommend adding a second form of authentication (often referred to as “2FA” or “multi-factor authentication”) in addition to your password so that if your password gets compromised the attacker still has to compromise your second factor. USB security tokens work well as this second factor because they are “something you have” instead of “something you know” like a password is, and because they are portable enough you can just keep them in your pocket, purse, or keychain and use them only when you need to login to a secure site.

In addition to multi-factor authentication, security tokens can also often store your private GPG keys in a tamper-proof way so you can protect them from attackers who may compromise your laptop. With your private keys on the security token, you can just insert the key when you need to encrypt, decrypt, sign, or authenticate and then type in your PIN to unlock the key. Since your private keys stay on the security token, even if an attacker compromises your computer, they can’t copy your keys (and even if you leave the key plugged in, they need to know your PIN to use it).

Why Make a Librem Key?

There are many other vendors out there who offer their own security tokens, so why make our own? The first reason is that few security tokens out on the market align with our values here at Purism, in particular with respect to freedom. I’ve explained in a previous post why freedom is essential to security and privacy and this is especially true for a device that is holding some of your most sensitive secrets. We wanted a security token that used open hardware, free software firmware, and free software user applications and that is why we partnered with Nitrokey to produce a security token that respected your freedom from the beginning.

We also wanted to make the Librem Key because of all of the integration possibilities with our existing products that would make customers more secure in a way that’s also more convenient. When you can bundle a security token with your own laptop and operating system, there are so many interesting possibilities, especially when the firmware and user applications are free software so we can easily modify them to add even more features.

In addition to the standard features of a security token (GPG key storage and multi-factor authentication) that the Librem Key can perform on any computer, here are some of the interesting integration options with our Librem laptops we are already looking into with the Librem Key that will make security much more convenient for users who are facing average threats:

  • Insert the Librem Key at boot and automatically decrypt your hard drive
  • Automatically lock your laptop whenever you remove the Librem Key
  • Use your Librem Key to log in

Provable Security, Made Easy

One of the most exciting opportunities the Librem Key opens up to us is in integrating with our tamper-evident Heads BIOS to provide cutting-edge tamper-evident security but in a convenient package that doesn’t exist anywhere else.

Currently with Heads, when you want to prove that the BIOS hasn’t been tampered with, you need to set up a TOTP application on your phone and scan a QR code from within Heads. Then at each boot you compare the 6-digit code Heads displays on the screen with the code in your phone. If the codes match, the BIOS is safe. This method works but is a bit cumbersome and with the Librem Key we can do better.

We have worked with Nitrokey to add a custom feature to our Librem Key firmware specifically for Heads. This custom firmware along with a userspace application allows us to store the shared secret from the TPM on the Librem Key instead of on a phone app. Then when Heads boots, if the BIOS hasn’t been tampered with the TPM will unlock its copy of the shared secret, and Heads will send the 6-digit code over to the Librem Key. If the code matches what the Librem Key itself generated, it flashes a green light. If the codes don’t match, it flashes a red light.

So if you are concerned about someone tampering with your computer when you aren’t around, just boot with the Librem Key inserted. If it blinks green you are safe, if it blinks red you’ve been tampered with. There is no other product on the market today that offers this kind of simple but strong tamper-evident protection, much less one that respects your freedom where the keys are fully in your control.

Even Stronger Anti-Interdiction Protection

The Librem Key opens up possibilities for even stronger anti-interdiction protection for customers who need it. We will be able to link a Librem Key with a laptop running Heads at our facility and then ship them separately. Then when each package arrives you can immediately test for tampering with an easy “green is good, red is bad” test.

Convenient Security for the Enterprise

Many companies have already incorporated 3rd party security tokens into their engineering teams as a way for software engineers to sign their code pushes securely or as convenient multi-factor token. The Librem Key offers enterprises a way to combine all of the other features they are used to with other security tokens along with our cutting-edge tamper-evident boot process on our Librem laptops in an easy and convenient package where all of the keys are fully under their control.

Since the firmware and userspace tools are free software, that means enterprises can also easily customize these tools to suit their own internal policies whether with their own software teams or by working with Purism. That could mean anything from providing a customized error page to employees when Heads detects tampering to actively preventing employees from booting a tampered-with machine.

Only the Beginning

Knowing that our customers have a secure and freedom-respecting security token opens up all sorts of other possibilities and today we are only scratching the surface on what we will be able to do with Librem Key both for new customers and those that have been with us from the beginning. Stay tuned for future posts where I will dive deeper into some of the Librem Key’s features and explain how to get the most out of it. In the mean time you can order your own Librem Key from the Librem Key product page.

Why Freedom is Essential to Security and Privacy

This post is based off of “Freedom, Security and Privacy” a keynote I gave at OpenWest 2018. You can see the full video of the talk here.

Freedom, security and privacy are interrelated. The relationship between these three concepts is more obvious in some cases than others, though. For instance, most people would recognize that privacy is an important part of freedom. In fact, studies have shown that being under surveillance changes your behavior such as one study that demonstrates that knowing you are under surveillance silences dissenting views. The link between privacy and security is also pretty strong, since often you rely on security (encryption, locked doors) to protect your privacy.

The link between freedom and security may be less obvious than the others. This is because security often relies on secrecy. You wouldn’t publish your password, safe combination or debit card PIN for the world to see, after all. Some people take the idea that security sometimes relies on secrecy to mean that secrecy automatically makes things more secure. They then extend that logic to hardware and software: if secret things are more secure, and proprietary hardware and software are secret, therefore proprietary hardware and software must be more secure than a free alternative.

The reality is that freedom, security and privacy are not just interrelated, they are interdependent. In this post I will analyze the link between these three concepts and in particular how freedom strengthens security and privacy with real world examples.

Do Many Eyes Make Security Bugs Shallow?

A core tenet of the Free Software movement is “many eyes make bugs shallow.” This statement refers to the fact that with proprietary software you have a limited amount of developers who are able to inspect the code. With Free Software, everyone is free to inspect the code and as a result you end up with more people (and more diverse people) looking at the code. These diverse eyes are more likely to find bugs than if the code were proprietary.

Some people extend this idea to say that many eyes also make security bugs shallow. To that I offer the following counterpoint: OpenSSL, Bash and Imagemagick. All three of these projects are examples where the code was available for everyone to inspect, but each project had critical security bugs hiding inside of the code for years before it was found. In particular in the case of Imagemagick, I’m all but certain that security researchers were motivated by the recent bugs in OpenSSL and Bash to look for bugs in other Free Software projects that were included in many embedded devices. Now before anyone in the proprietary software world gets too smug, I’d also like to offer a counter-counterpoint: Flash, Acrobat Reader and Internet Explorer. All three of these are from a similar vintage as the Free Software examples and all three are great examples of proprietary software projects that have a horrible security track record.

So what does this mean? For security bugs, it’s not sufficient for many eyes to look at code–security bugs need the right eyes looking at the code. Whether the researcher is fuzzing a black box, reverse engineering a binary, or looking directly at the source code, security researchers will find bugs if they look.

When Security Reduces Freedom

At Purism we not only develop hardware, we also develop the PureOS operating system that runs on our hardware. PureOS doesn’t have to run on Purism hardware, however, and we’ve heard from customers who use PureOS on other laptops and desktops. Because of this, we sometimes will test out PureOS on other hardware to see how it performs. One day, we decided to test out PureOS on a low-end lightweight notebook, yet when we went to launch the installer, we discovered that the notebook refused to boot it! It turns out that Secure Boot was preventing the PureOS installer from running.

What is Secure Boot and why is it problematic?

Secure Boot is a security feature added to UEFI systems that aims to protect systems from malware that might attack the boot loader and attempt to hide from the operating system (by infecting it while it boots). Secure Boot works by requiring that any code it runs at boot time be signed by a certificate from Microsoft or from vendors that Microsoft has certified. The assumption here is that an attacker would not be able to access the private keys from Microsoft or one of its approved vendors to be able to sign its own malicious code. Because of that, Secure Boot can prevent the attacker from running code at boot.

When Secure Boot was first announced, the Linux community got in quite an uproar over the idea that Microsoft would be able to block Linux distributions from booting on hardware. The counter-argument was that a user could also opt to disable Secure Boot in the UEFI settings at boot time and boot whatever they want. Some distributions like Red Hat and Ubuntu have taken the additional step of getting their boot code signed so you can install either of those distributions even with Secure Boot enabled.

Debian has not yet gotten their boot code signed for Secure Boot and since PureOS is based off of Debian, this also means it cannot boot when UEFI’s Secure Boot is enabled. You might ask what the big deal was since all we had to do is disable Secure Boot and install PureOS. Unfortunately, some low-cost hardware saves costs by loading a very limited UEFI configuration that doesn’t give you the full range of UEFI options such as changing Secure Boot. That particular laptop fell into this category so we couldn’t disable Secure Boot and as a result we couldn’t install our OS–we were limited to operating systems that partnered with Microsoft and its approved vendors.

Secure Booting: Now with Extra Freedom

It’s clear that protecting your boot code from tampering is a nice security feature, but is that possible without restricting your freedom to install any OS you want? Isn’t the only viable solution having a centralized vendor sign approved programs? It turns out that Free Software has provided a solution in the form of Heads, a program that runs within a Free Software BIOS to detect the same kind of tampering Secure Boot protects you from, only with keys that are fully under your control!

The way that Heads works is that it uses a special independent chip on your motherboard called the TPM to store measurements from the BIOS. When the system boots up, the BIOS sends measurements of itself to the TPM. If those measurements match the valid measurements you set up previously, it unlocks a secret that Heads uses to prove to you it hasn’t been tampered with. Once you feel confident that Heads is safe, you can tell it to boot your OS and Heads will then check all of the files in the /boot directory (the OS kernel and supporting boot files) to make sure they haven’t been tampered with. Heads uses your own GPG key signatures to validate these files and if it detects anything has been tampered with, it sends you a warning so you know not to trust the machine and not to type in any disk decryption keys or other secrets.

With Heads, you get the same kind of protection from tampering as Secure Boot, but you can choose to change both the TPM secrets and the GPG keys Heads uses at any time–everything is under your control. Plus since Heads is Free Software, you can customize and extend it to behave exactly as you want, which means an IT department could customize it to tell the user to turn the computer over to IT if Heads detects tampering.

When Security without Freedom Reduces Privacy

Security is often used to protect privacy, but without freedom, an attacker can more easily subvert security to exploit privacy. Since the end-user can’t easily inspect proprietary firmware, an attacker who can exploit that firmware can implant a backdoor that can go unseen for years. Here are two specific examples where the NSA took advantage of this so they could snoop on targets without their knowing.

  • NSA Backdoors in Cisco Products: Glenn Greenwald was one of the reporters who initially broke the Edward Snowden NSA story. In his memoir of those events, No Place to Hide, Greenwald describes a new NSA program where the NSA would intercept Cisco products that were shipping overseas, plant back doors in them, then repackage them with the factory seals. The goal was to use those back doors to snoop on otherwise protected network traffic going over that hardware. Update: Five new backdoors have been discovered in Cisco routers during the beginning of 2018, although whether they were intentional or accidental has not been determined.
  • NSA Backdoors in Juniper Products: Just in case you are on Team Juniper instead of Team Cisco, it turns out you weren’t excluded. The NSA is suspected in a back door found in Juniper firewall products within its ScreenOS that had been there since mid-2012. The backdoor allowed admin access to Juniper firewalls over SSH and also enabled the decryption of VPN sessions within the firewall–both very handy if you want to defeat the privacy of people using those products.

While I picked on network hardware in my examples, there are plenty of other examples outside of Cisco, Juniper, and the NSA where because of a disgruntled admin, a developer bug, or paid spyware, a backdoor or default credentials showed up inside proprietary firmware in a security product. The fact is, this is a difficult if not impossible problem to solve with proprietary software because there’s no way for an end user to verify that the software they get from their vendor matches the source code that was used to build it, much less actually audit that source code for back doors.

When Freedom Protects Security and Privacy

The Free Software movement is blazing the trail for secure and trustworthy software via the reproducible builds initiative. For the most part, people don’t install software directly from the source code but instead a vendor takes code from an upstream project, compiles it, and creates a binary file for you to use. In addition to a number of other benefits, using pre-compiled software saves the end user both the time and the space it would take to build software themselves. The problem is, an attacker could inject their own malicious code at the software vendor and even though the source code itself is Free Software, their malicious code could still hide inside the binary.

Reproducible builds attempt to answer the question: “does the binary I get from my vendor match the upstream source code that was used to build it?” This process uses the freely-available source code from a project to test for any tampering that could have happened between the source code repository, the vendor, and you making sure that a particular version of source code will generate the same exact output each time it is built, regardless of the system that builds it. That way, if you want to verify that a particular piece of software is safe, you can download the source code directly from the upstream developer, build it yourself, and once you have the binary you can compare your binary with the binary you got from your vendor. If both binaries match, the code is safe, if not, it could have been tampered with.

Debian is working to make all of its packages reproducible and software projects such as Arch, Fedora, Qubes, Heads, Tails, coreboot and many others are also working on their own implementations. This gives the end user an ability to detect tampering that would be impossible to detect with proprietary software since by definition there’s no way for you to download the source code and validate it yourself.

Freedom, Security and Privacy in Your Pocket

Another great example of the interplay between freedom, security and privacy can be found by comparing the two operating systems just about everyone carries around with them in their pockets: iOS and Android. Let’s rate the freedom, security and privacy of both of these products on a scale of 1 to 10.

In the case of iOS, it’s pretty safe to say that the general consensus puts iOS security near the top of the scale as it often stands up to government-level attacks. When it comes to privacy, we only really have Apple’s marketing and other public statements to go by, however because they don’t seem to directly profit off of user data (although apps still could), we can cut them a bit of a break. When it comes to freedom, however, clearly their walled garden approach to app development and their tight secrecy around their own code gives them a low rating so the end result is:

  • Security: 9
  • Privacy: 6
  • Freedom: 1

Now let’s look at Android. While I’m sure some Android fans might disagree, the general consensus among the security community seems to be that Android is not as secure as iOS so let’s put their security a bit lower. When it comes to freedom, if you dig far enough into Android you will find a gooey Linux center along with a number of other base components that Google is using from the Free Software community such that outside parties have been able to build their own stripped-down versions of Android from the source code. While you have the option to load applications outside of Google’s Play Store, most of the apps you will find there along with almost all of Google’s own apps are proprietary, so their freedom rating is a mixed-bag. When it comes to privacy though, I think it’s pretty safe to rate it very low, given the fundamental business model behind Android is to collect and sell user data.

  • Security: 7
  • Freedom: 5
  • Privacy: 1

Over the long run, the Librem line of products aims to address these concerns.

Why Not All Three?

To protect your own security and privacy, you need freedom and control. Without freedom, security and privacy require the full trust of vendors. However, vendors don’t always have your best interests at heart; in fact, in many cases vendors have a financial incentive to violate your interests, especially when it comes to privacy. The problem is, with proprietary software it can be difficult to prove a vendor is untrustworthy and if you do prove it, it’s even harder to revoke that trust.

With Free Software products, you have control of your trust. You also have the ability to verify that your Free Software vendors are trustworthy. With reproducible builds, you can download the source code and verify it all yourself.

In the end, freedom results in stronger security and privacy. These three concepts aren’t just interrelated, but they are interdependent. As you increase freedom, you increase security and privacy and when you decrease freedom, you put security and privacy at risk. This is why we design all of our products with freedom, security and privacy as strict requirements and continue to work toward increasing all three in everything we do.

What is PureOS and how is it built?

PureOS is a general purpose operating system that is based on the Linux kernel and is focused on being an entirely Free (as in freedom) OS. It is officially endorsed by the Free Software Foundation. We adhere to the Debian Social Contract and the GNU FSDG.

PureOS aims to match and surpass mainstream operating systems (such as Windows and macOS) by striking the balance between security and usability, to provide the best possible out-of-the-box experience paired with the best privacy, security, and software freedom protections possible. The idea is to make it easy to feel safe and secure with an operating system you can trust from the ground up and with appropriate tools. Read more

Last Call for Librem 5 Dev Kit: order yours before June 1st 2018

Purism has finalized the specifications for the Librem 5 development kit and will be placing all the component parts order and fabrication run the first week of June 2018. If you want to have early access to the hardware that will serve as the platform for the Librem 5 phone, you must place your dev kit order before June 1st, 2018. The price for the development kit is now $399, up from the early-bird pricing that was in effect during the campaign and until today. The dev kit is a small batch, “limited edition” product. After this batch, we are not planning for a second run (as the production of the phone itself will replace the dev kit in 2019).

Improved specifications

We decided to wait to get the latest i.MX 8M System On Module (SOM), rather than utilizing the older i.MX 6 SOM, therefore having the dev kit align nicely with the ending phone hardware specifications. This means the dev kits will begin delivery in the latter part of August for the earliest orders while fulfilling other dev kits in September. Choosing to wait for the i.MX 8M SOM also means our hardware design for the Librem 5 phone is still on target for January 2019 because we are pooling efforts rather than separating them as two distinct projects. Our dev kit choices and advancements benefit the Librem 5 phone investment and timeline.

The current dev kit specification is (subject to minor changes during purchasing):

  • i.MX 8M system on module (SOM) including at least 2GB LPDDR4 RAM and 16GB eMMC (NOTE: The Librem 5 phone will have greater RAM and storage)
  • M.2 low power WiFi+Bluetooth card
  • M.2 cellular baseband card for 3G and 4G networks
  • 5.7″ LCD touchscreen with a 18:9 (2:1) 720×1440 resolution
  • 1 camera module
  • 1 USB-C cable
  • Librem 5 dev kit PCB
    • Inertial 9-axis IMU sensor (accel, gyro, magnetometer)
    • GNSS (aka “GPS”)
    • Ethernet (for debugging and data transfer)
    • Mini-HDMI connector (for second screen)
    • Integrated mini speaker and microphone
    • 3.5mm audio jack with stereo output and microphone input
    • Vibration motor
    • Ambient light sensor
    • Proximity sensor
    • Slot for microSD
    • Slot for SIM card
    • Slot for smartcard
    • USB-C connector for USB data (host and client) and power supply
    • Radio and camera/mic hardware killswitches
    • Holder for optional 18650 Li-poly rechargeable battery with charging from mainboard (battery not required and not included!)

The dev kit will be the raw PCB without any outer case (in other words, don’t expect to use it as a phone to carry in your pocket!), but the physical setup will be stable enough so that it can be used by developers. As we finalize the designs and renders we will publish images.

Librem adds tamper-evident features, now most secure laptop under full customer control

Protecting customer privacy, security and freedom is so fundamental to Purism’s mission that we codified it in our Social Purpose Corporation charter. We believe that these three concepts of privacy, security, and freedom are not just important by themselves but are also dependent on each other. For example, it’s obvious that by improving your security, we help protect your privacy. What might be less obvious is how dependent your privacy is on your freedom. True privacy means your computer and data are under your control, not controlled by unethical big-tech corporations. When your digital life is under your control you have the freedom to share your data only when you want to. So as we consider ways to improve your security, it can’t be at the cost of privacy or freedom.

As part of our goal to improve security we are excited to announce that we have successfully integrated Heads into our TPM-enabled coreboot-running Librem laptops. This integration effort began in April 2017 with the partnership of Purism and Trammell Hudson’s Heads project, which required hardware design changes, coreboot modifications, and operating system updates to reach where we are with this announcement today. We now have a tamper-evident boot process starting with the BIOS all the way through verifying that the kernel, initrd, and boot configuration files haven’t been changed in any way. Soon Heads will be enabled by default on all our laptops and this critical piece combined with the rest of our security features will make Librem laptops the most secure laptop you can buy where you hold the keys.

In this post we will describe why Heads is such an integral part of our security and how it combines with the rest of our features to create a unique combination of security, privacy and freedom that don’t exist in any other laptop you can buy today.

Heads booting on a Librem 13v2 TPM
Heads booting on a Librem 13 with TPM

Why Tamper-Evident Software Matters

For your computer to be secure, you need to be able to trust that your software hasn’t been modified to run malicious code instead. This is one of many reasons why it’s so important that you can see the source code for all of the software on your system from your web browser to your hardware drivers to the kernel and up to your BIOS. We’ve gone to great lengths to choose hardware that can run with free software drivers, load our laptops with the FSF-endorsed PureOS, use coreboot as our Free/Libre and Open Source BIOS, and have neutralized and disabled the Intel Management Engine.

Unfortunately being able to see the source code isn’t enough. All of the software you run trusts the kernel, and the kernel trusts the BIOS. Without tamper-evident features that start the moment the computer turns on, an attacker can inject malicious code into your BIOS or kernel with no way to detect it. Once started, that malicious software could capture your encrypted disk or login passwords along with any other secrets or other personal information on your computer. By running tamper-evident software at boot, you get peace of mind that your system can be trusted before you start using it. With Purism’s combined approach the first bit loaded into the CPU is measured and signed by the user to prove nothing has been tampered with.

Heads Above the Rest

There are a number of different technologies we could have chosen to protect the boot process, but unfortunately very few of them are Free/Libre and Open Source and almost all of them work by taking control away from you and putting it into a vendor that owns the keys that determine what software you can run at boot. We have witnessed first-hand unethical laptops that ship with “Secure Boot” enabled (a technology that only allows software signed with pre-approved (e.g. paid-for) corporate controlled keys to run at boot). The very limited BIOS on this machine offered no way to disable Secure Boot so it is impossible to install Debian, PureOS or any other distribution that hadn’t gotten the BIOS vendor and Microsoft’s (paid) approval.

Heads has a lot of advantages over all of the other boot verification technologies that make it perfect for Librem laptops. First, it is Free Software that works with the Open Source coreboot BIOS so you don’t have to take our word for it that it is backdoor-free–anybody is free to inspect the code and build and install it (and customize it) themselves.

Second, the way it uses the TPM on your system to provide tamper-evidence puts the keys under your control, not ours. The fact that you retain control over the keys that secure your system is incredibly important. While we intend to make the secure boot process painless, we also don’t think you should have to trust us for it to work–you can change your keys any time.

Enterprise Level Security, Easily

If you manage a fleet of machines, this means with Purism Librem laptops that include TPM and Heads, you now have the ideal platform that you can tailor for your specific enterprise needs with custom features and your own trusted company keys. You can provide a trusted boot environment that protects your users from persistent malware and detects tampering while they travel, while still integrating with your custom in-house laptop images. And you can do this without having to ask us to sign your software.

The IT Security department’s dream of self-signed, tamper-evident, persistent-malware-detecting, laptop computer is now a reality with Purism Librem laptops.

Part of a Bigger Story

Having a secure boot process is the foundation of security on a modern laptop but it’s only part of the reason why Librem laptops are so secure. Here we will review some of the other security features that when combined with Heads puts Librem laptops in a totally different league.

Snitches get Switches

One of the first security features that set us apart was our hardware kill switches. Unlike a software switch that asks the hardware to turn off politely and hopes it listens, our hardware kill switches sever the circuit at the hardware level. This means you don’t have to worry about Remote Access Trojan malware that can disable your webcam LED to spy on you more easily. When you hit the radio kill switch, your WiFi is completely off, and when you hit the webcam/mic kill switch, the webcam is truly powered off–no webcam stickers needed.

 

Extra Security with Qubes

Our laptops default to PureOS because we feel it provides the best overall desktop experience for every type of user while still protecting your privacy, security and freedom. For customers who want an even higher level of security, Qubes uses virtualization features to provide extra security through compartmentalization. In 2015, our Librem 13 (version 1) was the first (and currently only) hardware to have received Qubes certification. Our current line of laptops remains compatible, and we recently announced that our current generation of Librem 13 and 15 laptops now fully work with Qubes 4.0.

We are also investigating ways to incorporate some of the compartmentalization features of Qubes into PureOS so you can still have good security but with an easier learning curve. Disposable web browsers and protected USB ports are just some of the features we are considering.

We Won’t Stop There

When you combine tamper-evident secure booting with Heads, an Open Source coreboot BIOS, a neutered and disabled Intel Management Engine, hardware kill switches, and the advanced security features of Qubes, Librem laptops have a security advantage over any other laptop you can buy. Equally important, they have extra security without sacrificing your privacy, freedom, or control. While we are excited to hit this major milestone, and can’t wait to have Heads on by default for all our laptops, we aren’t stopping there.

A secured boot process opens the possibility for even stronger tamper-evidence that extends further into the file system. From there you can move past tamper-evidence into tamper-resistance or even tamper-proofing in some advanced applications. We are also investigating better ways to incorporate hardware tokens with our products to provide more convenient authentication and encryption while still leaving the keys in your hands.

Ultimately, our goal is to provide you with the most secure computer you can buy that protects your privacy while also respecting your freedom. Since these values are inter-dependent, each milestone that improves one ultimately strengthens them all, and we will continue to work to raise the bar on all of them.

New Inventory with TPM by Default, Free International Shipping

In November, we announced the availability of our Trusted Platform Module as a $99 add-on for early adopters, something that would allow us to cover the additional parts & labor costs, as well as test the waters to see how much demand there might be for this feature. We thought there would be “some” interest in that as an option, but we were not sure how much, especially since it was clearly presented as an “early preview” and offered at extra cost.

Well, it turns out that a lot of people want this. We were pleasantly surprised to see that, with orders placed since that time, 98% of customers chose to have a TPM even at extra cost. This proved there is very strong market demand for the level of security this hardware add-on can provide.

2018’s first new batch is in stock—with TPM

Thanks to the investment of those early TPM adopters who voted with their wallets and gave us the necessary “business case” and resources to work it out, we are extremely proud to announce that we now include the TPM chip in all new Librem 13 and Librem 15 orders by default, as a standard feature of our newest hardware revision shipping out this month.

All the rest of the chip specifications remain the same.

It is still costing us money to add the TPM feature, but we decided to eat the cost, as the greater public benefit is more important than profits (and that is in line with our social purpose status and mission). Adding a TPM by default without increasing the base price is a major accomplishment toward having security by default, and paves the way for convenient security and privacy protection for everyone. In addition to the previous announcement, you can read Kyle’s post to understand the security implications.

Wait, there’s more!

  • We are now offering Free International Shipping on all orders. This is essentially a permanent rebate of approximately 100 USD to all new international customers! As we have grown we have been able to leverage more standardized shipping options, and are now in a position to pass on that savings to Purism customers. Please note, however, that shipping insurance, local taxes, customs fees and import duties are still your responsibility as customers.
  • Thanks to popular demand, we are now offering Librem 13 and Librem 15 laptops with the backlit German keyboard layout. They are available for purchase in our store now, and will begin rolling out in mid-March.

Only a few non-TPM laptops remain in stock with the UK keyboard layout, so we are making a sale today to clear out that portion of the inventory. If you were looking for a Librem 13 with the UK physical key layout and no TPM, you can grab one of the few remaining ones and get an additional $99 off the previous no-TPM base price. In other words, instead of paying $1,478 “plus shipping” for the base configuration of the Librem 13 UK, you now pay $1,379 with free shipping!

We would like to thank all our users of Librem laptops and FSF endorsed PureOS, as well as all those that have backed the Librem 5 phone, and of course all those people who support us by feedback, kind words, and spreading the word. It is with this unified education approach that we can change the future of computing and digital rights for the better.

We have more great news in the pipeline. Next month, we hope to announce another major milestone in our inventory management & shipping operations. Stay tuned!

Dark Caracal: State-Sponsored Spyware for Rent

Spyware has long been a privacy and security risk for personal computers and has been used by a number of groups—ranging from creeps who spy on and blackmail people through Remote Access Trojans, to marketers who want ever more data about you for targeted ads (such as through the Superfish malware we’ve seen preinstalled on some “big brands” computers), to government intelligence agencies.

The Register recently reported on an investigation by the EFF and Lookout into the “Dark Caracal” spyware network. According to the EFF, this spyware has already captured hundreds of gigabytes of data. More troubling, this spyware network is being rented out to nation states that may not be able to develop this capability in-house. Who knew government spies had their own international app store?

The Dark Caracal toolkit contains malware that targets Windows and Android platforms. In particular, Lookout discovered that Dark Caracal uses a particular piece of Android malware called Pallas that disguises itself as a legitimate Signal or WhatsApp app and tricks the unsuspecting user into installing it. Instead of relying on a rootkit, it just uses the fact that chat apps usually have access to a wide variety of permissions on your phone, so most people don’t question all the permissions the malware wants. Once installed, it uses those permissions to get audio, text messages, files, and other data via completely legitimate means and uses the network connection to send it back to the attacker.

Purism, Post-Its and Personal Privacy

Dark Caracal relies on Windows and Android malware, so you might wonder why I’m writing about it at Purism given not only is our Librem 5 phone not out yet, but PureOS is a completely different platform and isn’t vulnerable to this spyware toolkit. What makes spyware like this relevant is that we have focused on protecting customer privacy from the beginning (it’s even part of our corporate charter). Stories like this give us an opportunity to audit the privacy and security protections we put in our products to see how they’d fare if we had been a target.

By performing a tabletop thought exercise against spyware in the wild even if we aren’t vulnerable ourselves, we can rate the protections we have in place against a real-world attack and proactively harden things further based on any gaps we might find. It’s always easier if you start with security as a focus from the beginning instead of tacking it on at the end, so this exercise is not just useful for our existing Librem laptops but is particularly helpful as we develop the Librem 5.

Software Delivery

The first thing to examine is the software delivery mechanism. Malicious lookalike applications are a constant problem in mobile app stores, even more so if you add third party stores into the mix. One advantage GNU/Linux distributions have long had against other operating systems is that all of a particular distribution’s applications come from its own official repository and are signed by its developers. It’s much more difficult for a malicious application to end up in the official repository and pass the signature check, so when you use your distribution’s tool to install LibreOffice, you can be assured you are getting the real thing.

We get an additional advantage due to our dedication to Free Software. Like with other GNU/Linux distributions, all applications in PureOS come from a central PureOS repository and are signed with official PureOS keys. Unlike many GNU/Linux distributions, PureOS is a FSF-endorsed distribution so all of the software in PureOS must be Free Software. PureOS doesn’t include packages that download proprietary codecs, unsigned Flash plugins or any other binary-only code from elsewhere on the Internet. This means you can examine the source for every package in PureOS to check for malware or backdoors.

This is why it’s important to be extra careful when adding third-party repositories or installing software with curl | sh because you bypass trusted code signing and lose many of the protections built into a GNU/Linux distribution’s native packages. Fortunately, because PureOS is derived in part from Debian, it can take advantage of the vast number of packages available in Debian’s free repository, so you are much less likely to need to install software from a third party.

Hardware Privacy Protections

For most vendors you would focus only on software protections against spying because that’s your only option. Fortunately we can go one step further because we also build privacy protections into the hardware itself in the form of kill switches. Purism devices include hardware switches that allow you to cut power to radio hardware (WiFi) and to the webcam and microphone. Unlike a software hot key, these hardware switches disconnect power from the hardware so it can’t be bypassed by malicious software. Dark Caracal attacked both desktops and phones and so we should consider what effect our hardware privacy features would have on the spyware in both cases.

Desktop Protections

On a traditional laptop infected with Dark Caracal, the attacker would be able to stream video from the webcam. Depending on the sophistication of the spyware, it could possibly capture video with the LED light off, a phenomenon that has been demonstrated multiple times in recent years. Even if the victim added the high-tech spying countermeasure of covering the webcam with tape, the attacker could still capture audio off of the microphone and stream it along with the rest of the data over the WiFi connection.

On Librem laptops, the radio kill switch disables WiFi and the webcam/mic kill switch—you guessed it—disables the webcam and microphone together. We recommend users take advantage of the kill switches, in particular the webcam/mic switch, to disable the hardware when you aren’t using it. With the webcam/mic kill switch, even if spyware found its way on your machine, the attacker wouldn’t be able to capture any video or audio from the machine as long as the switch was off.

Customers especially concerned about their privacy or in a high-risk environment could take the additional precaution of using the radio kill switch to keep WiFi powered off and only turning it on briefly when they needed a network connection. In that case the attacker would have to wait until a network connection showed up and use that limited window to upload the data.

Phone Protections

Like with the Librem laptops, the Librem 5 phone will have kill switches, but as you’ll see, they impact a phone’s privacy even more dramatically than on a laptop. For example, the webcam/mic kill switch will protect you in much the same way as in a laptop, but unlike with a laptop, it gives you spyware protection you just wouldn’t have with a traditional phone because most phones just don’t have a good way to disable the microphone (in fact they rely on it being always on for voice commands). While you could tape over the camera like in a laptop, almost no one does. With a kill switch, you can leave your camera and mic off and conveniently turn it on when you need to take a selfie or make a call.

The radio kill switch would protect you in a similar way as on a laptop, but the Librem 5 also has an additional baseband kill switch. This switch powers off the cellular radio completely, not using software like in traditional airplane mode but using hardware so you know for sure it’s off. With the baseband off, you also prevent spyware from using your cellular beacon to track your location or your cellular network to send out your personal data and rack up a large cellphone bill.

Conclusion

It’s hard to add security and privacy protections after the fact—even harder if your company relies on customer data for its revenue. Because we value customer privacy, we continually work to increase privacy protections in our products not just in a reactive way based on a specific threat but in a proactive and general-purpose way that applies to all kinds of threats. Even though Purism products weren’t vulnerable to Dark Caracal, you can see how some of the additional protections we put in place would help keep you safer even if they were.

While this government-sponsored spyware was interesting because of its scope and because it was rented out to other governments, spyware like it is sadly not unique. Everyone from governments to tech companies to hackers to creepy stalkers all want a piece of your personal data and they all use different kinds of spyware to get it. Some of the greatest minds in our generation are focused on the problem of how to capture and store more and more of your data. At Purism we recognize that this data is your data, and we work every day to protect it.

Meltdown, Spectre and the Future of Secure Hardware

Meltdown and Spectre are two different—but equally nasty—exploits in hardware. They are local, read-only exploits not known to corrupt, delete, nor modify data. For local single user laptops, such as Librem laptops, this is not as large of a threat as on shared servers—where a user on one virtual machine could access another user’s data on a separate virtual machine.

As we have stated numerous times, security is a game of depth. To exploit any given layer, you go to a lower layer and you have access to everything higher in the stack.

Meltdown and Spectre are not just hardware exploits, they are the processor and microprocessor exploits. Meltdown is an exploit against the CPU which has a patch in progress, while Spectre is an exploit against the design of microprocessors which has a “possibility to patch upon each exploit as it is identified” in a never ending game of cat-and-mouse.

Protecting from Meltdown and Spectre with PureOS

  • Purism’s PureOS, a Free Software Foundation endorsed distribution, is releasing a patch to stop the Meltdown attack, with thanks to the quick and effective actions of the upstream Linux kernel development team.
  • Like the patch for Meltdown, PureOS will continue to release patches against any Spectre exploits as they are found and fixed, which highlights the importance of keeping up-to-date on software updates.

Countermeasures in Purism Librem hardware

Purism continues to advance security in hardware through a combination of techniques, including the inclusion of TPM in Librem laptops, where we are progressing towards a turn-key TPM+Heads solution. This will allow us to provide Librem users with a strong defensive stance making future exploits less scary.

While these countermeasures are not direct solutions for Meltdown and Spectre, they help work towards a larger scope of measurement and indication of “known good” states. In this case, this would mean only running a Linux kernel version which has good patches applied for Meltdown and Spectre exploits. Flagging or stopping any modifications that could be exploits adds another layer of security to protect users’ devices and sensitive information.

The Future of Secure Hardware

Intel, AMD, and ARM seem to suffer from the same issues that proprietary software suffers from: a lack of transparency that results in an unethical design which shifts us further away from an ethical society. RISC-V is something we are closely following in the hopes that it can create a future where processor hardware can be as ethical as Free Software—meaning that the user is in control of their own hardware and software, not the developer.

Purism, as a Social Purposes Corporation, will continue to advance along the best paths possible to offer high-end hardware that is as secure as possible, in alignment with our strict philosophy of ethical computing.

Measuring the Intel Management Engine to Create a More Secure Computer

A modern computer has many different avenues for attack—ranging from local user-level exploits to root and kernel exploits, all the way down to exploits that compromise the boot loader or even the BIOS—but for over ten years the Intel Management Engine—with its full persistent access to all computer hardware combined with its secretive code base—has offered the theoretical worst-case scenario for a persistent invisible attack. The recent exploit from the talented group of researchers at Positive Technologies moves that worst-case scenario from “theoretical” to reality. While the proof-of-concept exploit is currently limited to local access, it is only a matter of time before that same style of stack smash attack turns remote by taking advantage of systems with AMT (Advanced Management Technology) enabled.

At its core, Purism fights for ethical computing and believes that free software is the best way to protect a user’s freedom, security, and privacy. This belief has meant investing in removing software that fails to provide these protections (due to their proprietary/non-free nature). From the beginning, Purism has seen the ethical issues and potential for abuse in the ME, and fought against the inclusion of the ME in CPUs starting with petitioning Intel for an ME-less design in 2016, then reverse engineering parts of the ME in 2017, to collaborating and cooperating with the other groups cleaning the ME—resulting in Purism being the first manufacturer to disable the Intel ME in modern hardware.

The recent Intel Management Engine exploit has left many wondering how they can protect themselves, not just from this attack but also any future ones that exploit software sitting at such a fundamental level on their computer.

Purism offers one of the most advanced approaches by combining secure hardware, TPM, coreboot, Heads, and the FSF-compliant PureOS in its Librem laptops, helping protect against a wide variety of ME, BIOS, and boot-loader attacks beyond just wiping ME code from the computer. Below we will discuss how Librem laptops can help protect against the current ME exploit and describe some of the limitations of these countermeasures. Read more

Happy New Year! Purism Goals for 2018

Purism has set out to change the future of computing for the better. We care about your freedom and security and we prove that by working hard to offer you convenient ethical products and services. In our relatively short existence since forming, we have achieved the following milestones:

    1. Released 3 revisions of the Librem 15 laptop.
    2. Released 2 revisions of the Librem 13 laptop.
    3. Persevered in our efforts and upheld our promise to port coreboot to all our devices.
    4. We have been the first manufacturer to disable the Intel Management Engine (and we are currently still the only vendor of brand new devices doing this with devices shipping out today…).
    5. Received FSF endorsement for PureOS.
    6. Exceeded our funding goal by almost 50% for our Librem 5 phone campaign.
    7. Partnered with Matrix, Nextcloud, Monero, GNOME and KDE

Purism has some lofty goals that seem more attainable with each advancement that we make. Our pace for these achievements is already impressive, and we plan on maintaining and exceeding that pace in 2018. This coming year, we plan to:

  • Release the development board for the Librem 5 phone.
  • Produce great documentation for developers to write applications into PureOS (or any GNU/Linux based OS) for the Librem 5 phone.
  • Attend significantly more conferences and events; this lets us meet long-standing collaborators, improves our own knowledge, and also lets us raise awareness about our ideals and approaches to solving long-standing challenges in the industry.
  • Release our Purist Ethical Services offering (more news on this later).
  • Advance the Librem 15 and Librem 13 laptops into a version 4 model.
  • Release the much-awaited Librem tablet.
  • Release TPM + Heads as a “turn-key” product on our devices.

Things are off to a great start in 2018 and we hope you are as excited as we are to push forward the causes of freedom, security and privacy—principles that we hold as dearly as you do.

Happy New Year from your friends at Purism SPC!