Intel dropped a fairly large bombshell on the world May 1st, 2017, when they published a security advisory that explains how nearly every single Intel chip since 2008 is now vulnerable to a remote exploit through AMT, even when powered off.
Purism, which uses Intel chips, happens to be immune to this very nasty threat. Purism happens to also be the only manufacturer where all products are designed specifically to be immune to this very substantial threat. Purism is able to accomplish this thanks to its strict belief in digital rights for users and adherence to its social purpose; it is this philosophy that brings Purism to systematically remove exploitable firmware from the computers it makes, and users are all the better for it.
We already published a lengthy article on the potential of this type of threat, which you can find at How Purism Avoids Intel AMT, but in case you wanted the shorter version:
- We choose Intel CPUs that do not have the hardware enabled to be exploitable (no vPro/AMT)
- We avoid Intel networking, to remove this exact threat (no Intel networking, no remote exploit from exploitable firmware)
- We neutralize the exploitable firmware
The larger message rings true; if you can’t control the computer, the computer controls you. This turn of events highlights that fact clearly; this exploitable Intel firmware is a binary at the lowest level of the CPU, outside the view of the user, allowing for anybody to use it to gain full control of the computer, even when the device is powered off. This represents the worst of all possible security vulnerabilities, and we are very proud to have a philosophy that makes our products the only high-end current hardware offering that can safely avoid this Intel security exploit.
Recently, WikiLeaks unloaded another lot of Vault 7 documents, under the “Dark Matter” codename. In there, other tools and techniques used by the CIA to gain persistent remote exploits on Apple devices (including Macs and iPhones) are revealed.
Most of these attacks target Apple’s EFI/UEFI firmware, therefore such infections persist even if the operating system is re-installed. This collection of threats, including Sonic Screwdriver, Triton, Der Starke, and Dark Sea Skies, all utilize the same general principle: to attack a device at the BIOS level depth, in order to seize control of all shallower levels including the operating system, applications, networking, and web access.
Night Skies is a tool that operates in the background and does not exhibit user-alerting behavior, providing upload, download and execution capability on the device. NightSkies will attempt to use any available Internet connection to beacon. Once user activity is detected, it will monitor specific directories on the phone such as the browser history file, YouTube video cache, map files cache, or mail files metadata. Night Skies can then:
- retrieve files from the iPhone including the address book, SMSes, call logs, etc.;
- send files and binaries to the iPhone (such as additional hacking tools);
- execute arbitrary commands on the iPhone;
- grant full remote command and control;
- masquerade as the standard HTTP protocol for communications;
- use XXTEA block encryption to provide secure communications;
- provide self-upgrade capability.
Sea Pea, on the other hand, is a rootkit designed for Mac OS X’s kernel, that will remain on the system unless one of the following conditions are met: the hard drive is reformatted, an upgrade is made to the next major version of OS X (i.e. 10.6), or an error is encountered (at which point SeaPea may remove itself).
What these threats continue to showcase is that EFI/UEFI is an ideal low-level backdoor to control a user’s device without their knowledge, and the leaked documents shows how widespread these threats are against any user running a EFI/UEFI BIOS.
Purism is working hard to make its products immune against these threats by designing its devices to be able to run coreboot instead EFI/UEFI. Purism also utilizes PureOS (a GNU/Linux based distribution that does not contain any mystery binaries), so the entire source code stack can be audited.
These documents continue to reinforce the fact that security is a game of depth, and the deeper you go with releasing free software where the source code can be audited, the better.
Purism has future plans of including hardware encryption tools to verify the entire boot chain, putting the entire system under a user’s control, rather than that of a bad corporation, government, spying agency, criminals, or ISPs.
Let’s recap recent progress with a summary of where we stand and where we’re going next on the “operations” front.
We have begun production of the two new revisions of Librem laptops. As we narrowed down on component choices and successfully raised additional funds, we have now made great steps towards our “zero outstanding orders” milestone and our goal of creating our first inventory to ship future orders from.
- Last month, we ordered a batch of supplies to begin production of the new Librem 13 “v2” units. We have also tested and evaluated three prototype units, the latest of which we will use to extend our coreboot work.
- Two weeks ago, we also ordered parts for the new Librem 15 “v3” units. So far we have evaluated one prototype unit for this new batch (which will also be used for our coreboot work), and will evaluate a second one soon.
- We are currently working to leverage investment to make the Librem 11 batch order happen sooner and create an inventory directly; we will let you know of any progress on that front. In the meantime, we thank you for your patience. And please spread the word about the Librem 11 to those around you looking for a nice security-oriented and freedom-respecting convertible tablet with stylus support (especially interesting for visual artists who want to use the plethora of free creative tools such as MyPaint, Krita, Inkscape, GIMP, etc.)! The more people know about it, the sooner we should be able to put it into production.
Revised products specifications
For the upcoming Librem 13 v2 and the Librem 15 v3, we evaluated various prototypes, including different cases and keyboard models, alongside various possible CPU, GPU, RAM and storage combinations. With the newer motherboards, we aimed to keep the same flexibility in terms of storage: one M.2 slot and one standard SATA slot. As usual, the RAM and SSDs are all user-replaceable, not soldered.
The Librem 13 gets a whole slew of improvements for version 2:
- An Intel Core i7 processor (one of the most often requested features), using the 14 nanometers lithography of the Skylake generation, bringing additional performance (over our previous i5 processor) and great power savings over previous generations.
- A backlit keyboard (the other most often requested feature)
- Newer Intel graphics as part of the Skylake chipset
- DDR4 memory
- One USB 3.0 “type C” connector
- A much better trackpad (sourced from Elantech instead of BYD), which works better out of the box. It supports vertical and horizontal two-finger scrolling, allows changing workspaces with a simple four-finger swipe gesture, has smoother scrolling, and various multitouch gestures (dependent on applications support).
Those who have ordered the Librem 15 also get the free update to Skylake, newer graphics, DDR4, and improved trackpad. The Librem 15 already had a backlit keyboard and USB-C.
As you can see, when you pre-order a Purism device, you don’t need to worry about the specs becoming outdated by the time of production & delivery. For all our products, we strike a balance as per our manufacturing & sourcing approach, yet strive to stay close to the latest technology out there. We aim to please our supporters by bundling these updates at no additional cost whenever possible.
Upgrading from the Broadwell microarchitecture for this round, we chose to go with Skylake (rather than Kabylake) in order to service orders more quickly without bringing on delays in supplies or testing. To provide the best user experience, we prefer to test more thoroughly before moving on to a new chipset (for instance, we’ll be able to provide coreboot support more quickly with Skylake as part of our current roadmap). We expect to upgrade the chipsets/microachitecture again for the next production run (planned for the second half of 2017 once we complete this batch), which will involve a revised motherboard design, as we will also be adding new hardware features in prevision of full support for Heads.
The power of the Dark Side comes as a duo
We chose to keep the same overall chassis, although the location of Librem 15’s killswitches will be different this time (all on the hinge cover, like the Librem 13).
A notable aesthetic improvement for the Librem 15 v3 is that it will be anodized black just like the Librem 13. The temptation of the Dark Side was strong! Here you can see an anodized aluminium extrusion sample of the Librem 15 v3, next to an existing Librem 13 v1:
As we are beginning to have quite a bit of hardware revisions and models to keep track of, the laptops will now also feature some subtle branding underneath the backplate for model identification and to show the appropriate certification marks (we are FCC and CE certified). The publicly visible parts such as the screen bezel, palmrests, or the back of the screen lid, all remain unbranded.
Better power connectors
We are now sourcing power supplies with L-shaped coaxial connectors, so they keep a low profile when plugged into the side of your Librem:
This is particularly useful if you like to sit cross-legged with your laptop on a sofa, for example! (or for those who like to meditate with a computer on their lap)
We are well on our way to provide a great new set of laptops this summer. We should be receiving the final components around the end of May, at which point we will do the final assembly and shipping throughout June. We will then be able to celebrate having cleared all the existing Librem 13 and 15 orders (including the recent big spike in orders). After that point, we will be able to ship within days and weeks (not months), which will be a huge relief for everybody looking to buy a Librem “in a pinch”. We hope you’re as excited as we are about that!
As always, thank you for your support, and feel free to contact us with your thoughts and encouragements, or to spread the good news around you!
[Please note: warrant canaries being posted on April 1st are not April Fools’ jokes.]
Warrant Canary, April 1st 2017
- We have not placed any backdoors into our software or hardware, and we have not complied with any requests to do so.
- We have not received, nor complied with any National Security Letters or FISA court orders.
- We have not been subject to any gag order by a FISA court.
The next statement will be published on the first day of each quarter (January 1st, April 1st, July 1st, October 1st). Please refer to the Warrant Canary page for details and digital signatures.
Continuing on our previous post on this topic, another EFI/UEFI BIOS exploit theoretically known–and even proven to work by Trammel hudson some years ago–that resurfaced through the Vault 7 documents, is the EFI/UEFI exploit that can write to NVRAM or persistent storage. This means that this exploit cannot be detected from hard drive inspection, and can survive through a complete OS reinstall if you’re using EFI/UEFI (which is not a problem for Purism users running coreboot).
The CIA documents describe it best:
“These variables present interesting opportunities for our tools since they will survive a OS reinstall and are invisible to a forensic image of the hard drive. What’s also interesting is that there is no way to enumerate NVRAM variables from the OS… you have to know the exact GUID and name of the variable to even determine that it exists.” — the CIA, as leaked through the Vault 7 Persistent Storage Document
This line also summarizes intent for the exploit:
“This might be a good place to put either implants or encryption keys. If every implant deployment used a different GUID/name pair, it would make the variables a bit more difficult to discover.” — the CIA, from the Vault 7 Persistent Storage Document
This continues to reinforce that our philosophy and beliefs are the only way to have long-term products that respects users’ digital rights.
We’re continuing with a second report (many more coming!) on the “Vault 7” Documents we started digesting recently. There is an extensive section dedicated to EFI/UEFI exploitations. While this threat has been known from a theoretical standpoint from the moment the non-free BIOS replacement–EFI/UEFI–came into existence, the Vault 7 documents published recently now confirm that these threats are real and these weaknesses are actively being exploited.
One interesting read we’re focusing on today is the EFI/UEFI “ExitBootServices Hooking” exploit and sample copy-and-paste code to inject a hook into the last execute state of the EFI/UEFI process (the “ExitBootServices”).
Copy-and-paste code was included in the leaks which allow for the exploitation of UEFI-based boot systems by altering the operating system’s kernel which is loaded into memory before exiting the UEFI boot sequence. The copy-and-paste code allows for an attacker to insert a custom hook which can be used to arbitrarily alter the operating system’s kernel in memory immediately before execution control is handed to the kernel. — Wikipedia’s summary.
It is trivial to utilize this exploit:
Because the ExitBootServices service can be found by getting its pointer from the global EFI_BOOT_SERVICES table, hooking the ExitBootServices call is trivial. […] When you’re running in UEFI, that EFI_BOOT_SERVICES table isn’t protected by anything, so you can just write directly to it. — Vault 7 ExitBootServices Hooking
The result is that the entire system is compromised. As the page highlights, “At this point, you can do whatever you want.”
This type of exploit once-again highlights that security is a game of depth. This exploit is one level below the kernel, which means it has complete control of every level above it, such as the kernel, the entire operating system, any and all applications, network traffic, web application usage, and all user interaction.
The good news is, Purism recently completed the port of coreboot to the Librem 13 v1 (with more ports to come for the rest of our devices), providing a free/libre and open source replacement for EFI/UEFI which avoids all of the exploits mentioned within the documents.
The only long-term approach to protect oneself is to have complete control of the device. Control is the key word, and there is no other way to have complete control than to have as much of the software released under free software licenses where the source code is available to confirm it operates in your best interest and not that of criminals, spies, bad hackers, nations, or thieves.
Confirming that EFI/UEFI has a known and trivial exploit that is built into the standard also confirms that there is no depth too deep to exploit, and the only defense against unwanted stripping of a users’ digital rights is to use hardware and software that you control. Purism does just that by releasing all software under a free software license where the source code is available to be audited, reviewed, and scrutinized making a user control their device not the device controlling the user.
After our alpha release in November, we are today releasing the beta for PureOS 3.0, which we intend to release as a final release in time for our upcoming new laptop batch shipment (more news on that soon).
As PureOS uses a rolling release model, software all across the stack continued to receive updates since our first alpha some months ago, even though the core of our work has been to improve and deploy new infrastructure to support efficient development of this operating system and to make the PureOS experience more pleasant for users, too. The PureOS infrastructure is now better at exposing migration/update issues, which means that we iron out broken or missing package dependencies more quickly (with the goal of preventing them from ever being encountered by users, although such occurrences are already rare). Building this infrastructure for PureOS is some very ambitious—and often invisible—work that we are accomplishing as the foundation for all PureOS development.
We are also in the final stages of preparing proper developer documentation, closely modeled on Debian’s contributors documentation and procedures, but pointing to the right bits and pieces when it comes to PureOS.
FSF endorsement is work in progress: we are working with the FSF and addressing any concerns or requests they may have. As per the FSF’s requests:
- The new PureOS website is now fully separate and works with LibreJS.
- Iceweasel/Firefox was removed from the archive (its presence there was actually due to a repository synchronization bug) and we modified the add-ons system to avoid the possibility of installing non-free add-ons by mistake. That said, this is one of the reasons why PureBrowser exists, and PureBrowser will continue to be the default. The forced removal of Firefox/Iceweasel caused some trouble with the PureOS package repositories archive but this will be fixed before the final release.
- TorBrowser is now torbrowser-launcher, a package that downloads and installs the official Tor browser with updates being applied as soon as the Tor project publishes them.
On the security front:
- A Wayland-based GNOME 3 experience remains what we ship by default.
- We have started preparing our Linux kernel to be based on the grsecurity kernel. This is available as a package in the beta’s repositories but is not enabled by default, as we consider it requires more testing (you can help!) so we can use it as the default Linux kernel in the future (for PureOS 3.0’s final release, hopefully!)… so feel free to install and try it out (don’t forget to install paxctld as well)! This will be a huge step forward in terms of security. While most regular GNU/Linux distributions are more secure and privacy-respecting than proprietary OSes, having the grsecurity patchset in PureOS’ Linux kernel by default will bring PureOS far above the norm in terms of desktop GNU/Linux security practices.
- We look forward to integrating flatpak in the future to benefit from its sandboxing capabilities
As you can see, we’re making some nice progress and PureOS has great plans ahead to achieve a great user experience that balances security and usability. This is quite a bit better than running OSes that work against you or that strip you of control over the applications layer!
WikiLeaks has recently released a treasure trove of documents, codenamed Vault 7, that will take weeks to digest. And we will digest it all. But before we go document by document, we wanted to address top-level concerns users have, and how our philosophy and business model are the only ones that can withstand the test of time against this type of user device control. Read more
True to the promise we have made last month, we are thrilled to announce that today, February 15th, 2017, we are placing orders throughout our supply chain for all components needed for the Librem 13 v2 to begin shipping-from-inventory in April-May onwards! This comes after months of efforts to:
- upgrade parts of our supply chain, case, backlit keyboard, kill switches, and battery;
- close investment to place a large-enough order that we can have inventory to ship directly from.
This is a critical step. Future Librem 13 orders, from May onwards, will only take days to fulfill. Incrementally throughout 2017, this will become the way we fulfill orders for all our existing products. Read more