Purism has finalized the specifications for the Librem 5 development kit and will be placing all the component parts order and fabrication run the first week of June 2018. If you want to have early access to the hardware that will serve as the platform for the Librem 5 phone, you mustplace your dev kit order before June 1st, 2018. The price for the development kit is now $399, up from the early-bird pricing that was in effect during the campaign and until today. The dev kit is a small batch, “limited edition” product. After this batch, we are not planning for a second run (as the production of the phone itself will replace the dev kit in 2019).
We decided to wait to get the latest i.MX 8MSystem On Module (SOM), rather than utilizing the older i.MX 6 SOM, therefore having the dev kit align nicely with the ending phone hardware specifications. This means the dev kits will begin delivery in the latter part of August for the earliest orders while fulfilling other dev kits in September. Choosing to wait for the i.MX 8M SOM also means our hardware design for the Librem 5 phone is still on target for January 2019 because we are pooling efforts rather than separating them as two distinct projects. Our dev kit choices and advancements benefit the Librem 5 phone investment and timeline.
The current dev kit specification is (subject to minor changes during purchasing):
i.MX 8M system on module (SOM) including at least 2GB LPDDR4 RAM and 16GB eMMC (NOTE: The Librem 5 phone will have greater RAM and storage)
M.2 low power WiFi+Bluetooth card
M.2 cellular baseband card for 3G and 4G networks
5.7″ LCD touchscreen with a 18:9 (2:1) 720×1440 resolution
Holder for optional 18650 Li-poly rechargeable battery with charging from mainboard (battery not required and not included!)
The dev kit will be the raw PCB without any outer case (in other words, don’t expect to use it as a phone to carry in your pocket!), but the physical setup will be stable enough so that it can be used by developers. As we finalize the designs and renders we will publish images.
We are excited about the future of Heads on Librem laptops and the extra level of protection it can give customers. As a result we’ve both been writing about it a lot publicly and working on it a lot privately. What I’ve realized when I’ve talked to people about Heads and given demos, is that many people have never seen a tamper-evident boot process before. All of the concepts around tamper-evident boot are pretty abstract and it can be difficult to fully grasp how it protects you if you’ve never seen it work.
We have created a short demo that walks through a normal Heads boot process and demonstrates tamper detection. In the interest of keeping the demo short I only briefly described what was happening. In this post I will elaborate on what you are seeing in the video.
Step One: Normal Boot
The normal boot process for a computer that uses Heads is much like with any other computer, at least from a user experience standpoint. Like with other computers, you can bring up a full menu of different items to boot, but you can also pick one to set as your default. Once you set a boot option as a default, at boot time you can just press Enter and it will boot into your operating system just like with any other system.
Unlike with other systems, Heads is providing extra levels of security during the boot process. At that default boot screen, you will see a 6-digit number above the menu options. That is a TOTP (Time-based One Time Password) code that Heads uses to prove to you that it hasn’t been tampered with and can be trusted. If you’ve ever used a TOTP code in the past, normally it’s so you can authenticate yourself to a website using Two-Factor Authentication. In this case it’s the reverse: the computer (specifically Heads) is authenticating itself to you! If that code matches the code on your phone, you know it’s safe to proceed.
Once you hit Enter during a normal boot, Heads then verifies the signatures of all of its configuration files stored in /boot based on the copy of your public GPG key it has within it. These configuration files include a file that contains sha256 checksums for the rest of the files in /boot. Once it verifies your signature for that file, Heads can trust it hasn’t been modified so it uses it to make sure the rest of the files in /boot haven’t changed. Since all of them match, they weren’t tampered with so Heads proceeds with the boot process.
Step Two: Hack The Computer
Once the computer boots, I put my black hat on and “hack” my computer by defacing my /boot/grub/grub.cfg file with a comment. This is a benign hack for demonstration purposes, but the attacker could have just as easily modified grub.cfg to boot from an older kernel on your system that has a known security vulnerability, added a single user mode, or otherwise altered the boot process to make it easier to launch another attack.
An attack that changes a plain text configuration file leaves a trail that might be easier for a user to detect if they happened to edit the file themselves. A more sophisticated hacker would put a back door into your default initrd file (the initial file system your kernel uses when it boots) or even replace your kernel with a compromised version. Both of these kinds of attacks are almost impossible to detect without a system like Heads. Because all of these files are stored in /boot, and Heads checks all of them, it is able to detect all of these types of tampering.
Step Three: Detect Tampering
When the system reboots, it returns back to the main Heads boot screen. First I hit Enter to select the default boot option but this time when Heads scans all of the files in /boot, it detects that grub.cfg has been changed! Along with the warning, I also get the option to re-sign all of the files in /boot. This option exists because there are a number of perfectly legitimate reasons why your grub.cfg, initrd, kernel, or other /boot files might change either because you edited them yourself or you updated software that changed them. Otherwise if you don’t want to re-sign files you can return to the main menu.
If you choose to re-sign all of the files, you will get an additional warning screen that explains what Heads is about to do and another chance to exit out to the main menu. If you did choose to re-sign all of the files you would then insert a USB GPG smart card that held your private keys so you could re-sign the Heads configuration files in /boot.
Since I knew that I didn’t want to keep that “hacked” grub.cfg file, instead of signing the files I returned to the main menu. By default Heads used to error out to a recovery shell if it detected a file was tampered with. The assumption is that the expert user could then investigate and remedy the problem from within that shell. If you aren’t an expert user in this situation you might not know how to recover and would end up being locked out of your computer!
We understand that there are a number of situations where a user might legitimately or accidentally change files in /boot and while it’s not advisable to boot into a system that is actually tampered with by an attacker (because among other reasons, an attacker might be able to get your disk encryption or login passwords), we also don’t want to lock you out. We’ve added an “insecure boot mode” to Heads for these circumstances. When you select that option, Heads will ignore any tamper warnings and present you with a GRUB-style menu of boot options. You can then select a boot option and Heads will boot into your system. To make sure you know that this is an unsafe option, in addition to the warnings in the user interface, we also disable the splash screen and change the console to have a red background.
Step Four: (Optionally) Investigate Tampering
So what should you do if Heads alerts you to tampering? Exactly how you respond to a potentially legitimate tampering alert depends on a number of factors including what kind of user you are. I’ll step through three of the most common categories of Heads user and describe how they might respond to a legitimate tampering alert.
Category 1: Enterprise User
In the event of tampering, enterprise users would just hand the laptop over to their IT team and pick up a replacement while the IT team investigates. Some organizations might want to go a step further and work with us to customize their Heads image with branded and customized warning messages with their custom policies or direct the employee to an internal wiki or other resources. Some enterprises may even want to go even further and remove the ability to boot a machine that sets off tampering alerts. This would also be useful for employees who take their machine overseas to ensure the machine is in a safe state before they reconnect it to the corporate network.
Once the IT team receives the laptop, they can then inspect the laptop for tampering using their in-house tools and procedures, and then reflash the system back to their secure, internal image. For smaller organizations who may not have those capabilities, Purism also provides support services to bring the laptop back to a clean factory state.
Category 2: Expert-level End User
The expert level user will likely want to inspect the system themselves in the event of a legitimate tamper alert. While I demonstrate the insecure forced boot mode in the demo, the expert user would likely use the Heads recovery shell or boot into a USB recovery disk instead (like the PureOS live install disk) to investigate from there. Otherwise, when they boot their compromised system, they will be prompted for their disk decryption passphrase and login password and risk turning those secrets over to the attacker.
While the Heads recovery shell is limited to a small subset of Linux command-line tools, it has enough tools for the expert user to inspect files in /boot including a text editor to inspect grub.cfg and tools to mount the encrypted root file system from a trusted environment. Provided you trust Heads itself hasn’t been tampered with, you could inspect quite a bit just from this recovery shell alone.
If the Heads recovery shell didn’t provide enough tools, the expert user could also boot from a USB disk, mount the /boot partition and inspect the changed files. In the case of a modified grub.cfg they would just use a text editor for this. In the case of a modified initrd they would need to extract the file and inspect the extracted file system. From there they could also decide to mount the root file system and inspect it for rootkits as well. For users who may suspect Heads itself was tampered with, they would be able to use flashrom to pull down a copy of the version of Heads on the system and inspect it directly.
Category 3: Everyone Else
The average user is unlikely to put on their forensics hat and inspect a compromised system. While for the most part any alerts an average user will see will likely be a direct result of package updates or other changes they know they made, there’s a possibility that sometimes they might get an alert they weren’t expecting. For instance, if you took your laptop overseas on a trip and didn’t update it or otherwise change it during the trip, a tampering alert when you got home would be much more suspicious.
So what’s the average user to do? No matter what, you can always fall back to the insecure boot mode so you won’t lose access to their system or files. In that case even if you couldn’t inspect or fix the errors yourself, you could at least backup your personal files and reinstall the OS to get back to a safe state. Alternatively like with enterprise users you could also take advantage of Purism support services to reflash your system to a factory state.
Hopefully watching Heads in action has helped make it a bit more clear just how it will protect you from tampering. In future posts I will walk through other Heads features and workflows including registering a new TOTP code and completely resetting the TPM.
Over the past few months, we have been busy with a plethora of great projects being set afoot. We have been incrementally building a laptop inventory to ship from, we have been continuing the coreboot enablement work on our laptops, neutralizing—and then disabling—the Intel Management Engine, and launching our much awaited Librem phone campaign, which ended in a very motivating success—involving many great organizations part of the Free Software community, such as Matrix, KDE e.v., the GNOME Foundation, Nextcloud, and Monero.
It really has been a whirlwind of events, and this has been happening in parallel to us continuing our existing R&D and operations work, such as preparing a new batch of laptops—namely the much anticipated Librem 13 with i7 processor.
One particular security R&D project dear to our hearts has been the beginning of our collaboration with “Heads” developer Trammell Hudson, a project that has been quietly going on behind the scenes for the past few months. We are very pleased to announce today that we are making a positive step to make this effort within reach of early adopters, with the availability of a Trusted Platform Module (TPM) as an optional component for currently pending and near-future laptop orders.Read more
The Librem 5 crowdfunding campaign is still cranking along nicely, while it is going on we wanted to provide a progress report on the hardware selection as well as the advancements with our existing development boards.
The base hardware with i.MX 6 is demonstrably working.
i.MX 8M, Etnaviv, full HD, are the likely hardware combination candidates for the Librem 5 phone.
Development Hardware Proving Positive
Showing photos of low-level progress is always a challenge, however showing Wayland and applications running on development hardware by definition means that the lower level parts are working! Booting from microSD into a Debian GNU/Linux unstable with most of the UI installed…
What led us to choose i.MX 6/i.MX 8
We have tested nearly every combination of CPU (and GPU, see further below), Purism’s goals of creating hardware that is ethical, runs free software, can separate baseband from main CPU, and the ability to run GNU/Linux (not Android), quickly narrowed our scope to i.MX 6 as one of the only viable options.
We have been testing and working with i.MX 6 and are pleased to report healthy progress with that hardware, as you can see from the photos, we have the Linux kernel booting, Wayland running, and in these photos GNOME/GTK and even Gnome Settings showing.
Heading towards i.MX 8
We have been making some progress that makes us confident to say we will likely be able to use i.MX 8 for the Librem 5 phone hardware, primarily because:
We will be able to evaluate a i.MX 8M pre-production board November 2017
Our extended community can evaluate a handful of i.MX 8M sample chips in November 2017
More evaluation boards should be available before year-end 2017
In Q1 of 2018 we can get i.MX 8M into production. This is well ahead of our required hardware selection date of April 2018, so we will very likely be using the i.MX 8M in the Librem 5.
State of the GPUs… or “Why we chose i.MX 6/8 + Vivante”
GPU drivers have been a big issue for a long time in the free software world. Manufacturers would typically not release any specification or documentation but only binary-only drivers. For PC hardware this problem has somewhat been resolved, which is why Purism uses Intel GPUs on our Librem products, since Intel has free drivers merged in mainline Linux kernel. But for ARM SOCs, the situation is not ideal.
MALI: One of the biggest players in the ARM field is MALI. The MALI core was originally developed by Falanx Microsystems until ARM bought their patents and copyrights and is now licensing the MALI core for ARM designs. ARM is not releasing any specs about the MALI GPU cores and does not provide any free software drivers for them. (The MALI400 is e.g. also used in the Allwinner A64 chip which again is used on Pine64 and in the Pinebook). There is an effort to develop a free driver by reverse engineering existing code, which is called LIMA, but its functionality and support is still limited.
Adreno: another big one is the Adreno GPU core, found in many Qualcomm Snapdragon SOCs. For this one also, no documentation exists although a reverse engineering project produced a pretty well working driver, called freedreno, which is also supported by current Mesa versions.
PowerVR: the PowerVR GPU cores are found mostly in embedded PowerPCs and Texas Instruments “OMAP” CPUs. As of today, we are not aware of any free development for these, only some binary-only drivers are available. There is an effort started by the Free Software Foundation but it seems that the project has stalled for some time now.
Tegra: the first generation nVIDIA “Tegra” SOCs has Linux kernel mainline support since 2012. The latest Tegra SOCs use the same GPU building blocks as the desktop PC graphics cards and can be used with the Nouveau GPU driver.
i.MX 6 Vivante: since Linux kernel 4.8, a new set of DRM/GPU drivers has been incorporated into the mainline Linux kernel, the so-called Etnaviv. Etnaviv support is also included in Mesa, starting with Mesa 17. We have successfully been operating a prototype for our phone using a mainline Linux kernel 4.12.4 with Etnaviv support. From microSD we booted into a Debian GNU/Linux unstable with most of the UI stuff installed. It works! We can safely say that upstream OpenGL hardware GPU support for i.MX 6 has landed in major Linux distributions, which is great news since hardware GUI acceleration is badly needed for any type of modern mobile GUI.
With the Librem 5, we are very excited to be advancing the mobile phone space to be ethical, respect digital rights, run GNU/Linux, be secure, and create a future that we are proud to be part of. We will be posting regular development updates as we progress with the hardware, software, and partners.
For the past few weeks, the new Librem 13 and 15 have been undergoing stage 1 production with our case modifications and silkscreening. We had some back and forth between us and the printer to finally have clearly identified killswitches:
…and our certification marks and model identification on the underside:
At first the screenprinters had trouble with the font we’re using (as you can see above, if you have a keen eye), but we got that corrected as you can see further below. We were not so lucky with the keyboard’s “Purism logo” key as the aspect ratio was squashed a little bit by the backlit keyboard supplier and we found out too late, but at this stage the #1 priority is getting these machines delivered to you as fast as possible, so we’re hoping you don’t mind the Purism rectangle logo being in “ultra-wide” cinema format just this once 😉
As the laptops are now at stage 2 production, we have some teaser photos of the completed case work. These were shot a bit hurriedly, the lighting and compression is not flattering, but this at least provides a rough idea. We’ll take the time to shoot proper studio photos when the first new wave of shipments is mailed out in June.
Here is what the underside of the Librem 13 looks like:
Here are the silkscreened killswitch labels:
Note: the IPS display panels we source for the Librems are matte (as they should be!) The reason why the screen in the picture above seems reflective is that a glossy protective film is applied to protect the laptops during shipping.
For the curious among you, here is a bare view of the case’s interior, with only the multitouch trackpad and backlit keyboard (underneath the black electrical isolating layer) installed:
With this, we are confident that we will be able to begin shipping out finalized units to customers in roughly two weeks. Afterwards, we will have stock on hand allowing new orders to be fulfilled within a week. If you were reluctant to preorder and were were waiting for the presence of rapidly-shipping stock to purchase a Librem, this will be a deal changer for you.
Let’s recap recent progress with a summary of where we stand and where we’re going next on the “operations” front.
We have begun production of the two new revisions of Librem laptops. As we narrowed down on component choices and successfully raised additional funds, we have now made great steps towards our “zero outstanding orders” milestone and our goal of creating our first inventory to ship future orders from.
Last month, we ordered a batch of supplies to begin production of the new Librem 13 “v2” units. We have also tested and evaluated three prototype units, the latest of which we will use to extend our coreboot work.
Two weeks ago, we also ordered parts for the new Librem 15 “v3” units. So far we have evaluated one prototype unit for this new batch (which will also be used for our coreboot work), and will evaluate a second one soon.
We are currently working to leverage investment to make the Librem 11 batch order happen sooner and create an inventory directly; we will let you know of any progress on that front. In the meantime, we thank you for your patience. And please spread the word about the Librem 11 to those around you looking for a nice security-oriented and freedom-respecting convertible tablet with stylus support (especially interesting for visual artists who want to use the plethora of free creative tools such as MyPaint, Krita, Inkscape, GIMP, etc.)! The more people know about it, the sooner we should be able to put it into production.
Revised products specifications
For the upcoming Librem 13 v2 and the Librem 15 v3, we evaluated various prototypes, including different cases and keyboard models, alongside various possible CPU, GPU, RAM and storage combinations. With the newer motherboards, we aimed to keep the same flexibility in terms of storage: one M.2 slot and one standard SATA slot. As usual, the RAM and SSDs are all user-replaceable, not soldered.
The Librem 13 gets a whole slew of improvements for version 2:
A newer i5 processor, using the 14 nanometers lithography of the Skylake generation, bringing additional performance and power savings over previous generations
A backlit keyboard (the most often requested feature)
Newer Intel graphics as part of the Skylake chipset
One USB 3.0 “type C” connector
A much better trackpad (sourced from Elantech instead of BYD), which works better out of the box. It supports vertical and horizontal two-finger scrolling, allows changing workspaces with a simple four-finger swipe gesture, has smoother scrolling, and various multitouch gestures (dependent on applications support).
Those who have ordered the Librem 15 also get the free update to Skylake, newer graphics, DDR4, and improved trackpad. The Librem 15 already had a backlit keyboard and USB-C.
As you can see, when you pre-order a Purism device, you don’t need to worry about the specs becoming outdated by the time of production & delivery. For all our products, we strike a balance as per our manufacturing & sourcing approach, yet strive to stay close to the latest technology out there. We aim to please our supporters by bundling these updates at no additional cost whenever possible.
Upgrading from the Broadwell microarchitecture for this round, we chose to go with Skylake (rather than Kabylake) in order to service orders more quickly without bringing on delays in supplies or testing. To provide the best user experience, we prefer to test more thoroughly before moving on to a new chipset (for instance, we’ll be able to provide coreboot support more quickly with Skylake as part of our current roadmap). We expect to upgrade the chipsets/microachitecture again for the next production run (planned for the second half of 2017 once we complete this batch), which will involve a revised motherboard design, as we will also be adding new hardware features in prevision of full support for Heads.
The power of the Dark Side comes as a duo
We chose to keep the same overall chassis, although the location of Librem 15’s killswitches will be different this time (all on the hinge cover, like the Librem 13).
A notable aesthetic improvement for the Librem 15 v3 is that it will be anodized black just like the Librem 13. The temptation of the Dark Side was strong! Here you can see an anodized aluminium extrusion sample of the Librem 15 v3, next to an existing Librem 13 v1:
As we are beginning to have quite a bit of hardware revisions and models to keep track of, the laptops will now also feature some subtle branding underneath the backplate for model identification and to show the appropriate certification marks (we are FCC and CE certified). The publicly visible parts such as the screen bezel, palmrests, or the back of the screen lid, all remain unbranded.
Better power connectors
We are now sourcing power supplies with L-shaped coaxial connectors, so they keep a low profile when plugged into the side of your Librem:
This is particularly useful if you like to sit cross-legged with your laptop on a sofa, for example! (or for those who like to meditate with a computer on their lap)
We are well on our way to provide a great new set of laptops this summer. We should be receiving the final components around the end of May, at which point we will do the final assembly and shipping throughout June. We will then be able to celebrate having cleared all the existing Librem 13 and 15 orders (including the recent big spike in orders). After that point, we will be able to ship within days and weeks (not months), which will be a huge relief for everybody looking to buy a Librem “in a pinch”. We hope you’re as excited as we are about that!
As always, thank you for your support, and feel free to contact us with your thoughts and encouragements, or to spread the good news around you!
Edit: post updated to reflect the processor models available as of June 2017. For the time being, the Librem 13 will still feature an i5 processor instead of the i7, albeit with the newer Skylake chipset.
A few days ago we gave you a very quick sneak peek of the Librem 15 v3’s anodized black finish as we were doing final preparations for our LibrePlanet 2017 attendance. We were very happy to support the Free Software Foundation by sponsoring LibrePlanet! On Saturday morning, we started setting up our booth slowly, thinking there would not be much activity going on at the beginning of the day. We were proved wrong:
There was a crowd around our booth at pretty much all times (except lunchtime) throughout the day Saturday, during which it was revealed that Todd is possibly a cyborg, as he stood there answering questions for eight hours straight, without needing to eat, drink, or sit:
Great discussions were had. James was also present, attending talks and officially winning our photobomber of the year award, as you can see him in the lower-right corner of this photo:
New passions bloomed among attendees:
@Puri_sm Todd is the one who started my new love affair, I will make sure to drop by again. He’s really great at sharing info I want to know
Some of the frequent comments we heard were “Wow. They’re even better than on the photos!”, “When can I buy one?” and “I was a Purism skeptic, but I see you are delivering on your promises and making the impossible possible.”
Upcoming coreboot work
While we were hard at work answering thousands of questions at LibrePlanet, our coreboot developer Youness was on vacation while waiting for some more testing hardware. This week he will be resuming his work on preparing/packaging coreboot for release, and with the two new prototype units I brought back from Boston he will also be able to begin the coreboot port for these devices. We hope to do that in time to factory-flash them for the next batch of deliveries in May-June, but we’ll see how the development work pans out. If it’s not ready within that short timespan, we will provide coreboot as an update that you can flash yourself.
Youness has also made some additional progress on the Intel ME, thanks to information and data that Igor Skochinsky was able to share with us. Stay tuned for Youness’ next report!
This year, we’re attending and sponsoring LibrePlanet, which is being held this week-end in Boston. Todd and I arrived one day early, as we wanted to seize the opportunity to spend a full day coworking to align our plans (regarding communications, product design and supply chain management), confirm product specifications, and test some new prototypes we have on hand. Todd recently (yesterday!) received sample parts and prototype units from suppliers, so we spent some time checking the aesthetic and functional aspect of the next revision of the Librem 13 (v2) and Librem 15 (v3), including the chips, killswitches, and removable components.
I also brought with me some older units I had gathered from others, including the Librem 11 prototype (which we bricked during testing) and the previous revision of the Librem 15.
Oh, “But what is that mysterious black plate in the center of the table”, you ask? Well, that’s one of the sample parts our suppliers sent us: the upper aluminium plate of the upcoming Librem 15 v3, which will be anodized black like our lovely Librem 13.
Here you can see Todd’s Librem 13 on the left (which looks brand new even after 2 years of intensive use) and the Librem 15 v3’s anodized aluminium extrusion sample on the right (resting on top of the old Librem 15 production model for comparison).
We chose a matte finish to avoid fingerprints from showing up (disclaimer: if you’re worried about someone lifting your invisible fingerprints from your laptop, you probably want to type with gloves like this guy–except you’ll be way cooler, because you’ll be using a Librem instead of some old plastic junk 😉
We’re still finalizing details when it comes to the final specs, but from the looks of it, those with outstanding orders may benefit from a free upgrade to a newer generation of CPU and graphic chipsets, in addition to the black aluminium chassis.
Today we have placed a batch order through our supply chain for the Librem 15 v3, so we hope to provide you with an update on specifications and estimates soon. In the meantime, if any of you are attending LibrePlanet, we look forward to meeting you this week-end!
Since our previous status update on manufacturing & shipping operations in August 2016, we had to tackle a lot of challenges in parallel: changing some of our suppliers, preparing new hardware, processing refunds, preparing PureOS 3, deploying new public infrastructure, seeking additional funds to enable us to ship “from stock” in the future, etc. The puzzle had so many moving parts that we really had to wait for dust to settle at the end of November to know where we stand and to provide you with this report.
In this blog post, we’ll be providing a global shipping status update, a quick update on R&D, and we’ll be sharing some great news for those interested in the Librem 13. Read more
Today we learned once more why utilizing pure free software where the source code is available is critical to protect users’ rights to privacy, security, freedom, and anonymity.
The New York Times points out that this latest security breach “shows how companies throughout the technology supply chain can compromise privacy, with or without the knowledge of manufacturers or customers.”
Let’s examine the problem and see what can be done about it. It’s not too late to stand up for your rights.
The Fundamental Problem
All phones and tablets on the market today suffer from the same problem: the code that operates those devices are a mystery to the users. In this specific case Google’s Android, but the same problem exists with Apple devices and Windows devices, where the operating system, software-updated firmware, and most software that runs on those devices do not have the source code available to verify that there are no backdoors sending your private data to unwanted third parties.
What this means is there is absolutely no way, for a user of Android, iOS, OSX, Windows, or any operating system that does not release all the source code, to guarantee he/she is not being illegally spied upon for nefarious reasons, corporate surveillance, government spying, and/or private data mining.
The tracking built into mobile devices is at every level imaginable. We need to create a better, digital rights respecting future for computing.
The Future of Computing
If we, as users, continue to morally and financially support Android, iOS, OSX, Windows or any other operating system that strip away the digital rights of users, we continue to advance a future where:
users are controlled for profit;
private data is mined for advertising revenue;
governments spy on people;
corporations capitalize on every user interaction;
security breaches involve staggering amounts of personal data, with enormous consequences for individuals—even worse than what we’ve been seeing in recent years.
Every time you purchase a device from hardware companies that pre-install Android, iOS, OSX, Windows, and other nonfree operating systems, you are contributing to the erosion of your rights. Buying an HTC device benefits HTC, Google, the carrier, and all software companies that preinstall their privacy-stripping binaries. Similarly, buying Apple benefits Apple, the carrier, and all software apps preinstalled or even later installed.
The Upcoming Purism Phone and services infrastructure
Subscribe to our newsletter (simply send an email to firstname.lastname@example.org to subscribe automatically) or follow us (see website footer for social links), then you will be notified when Purism launches the first freedom, security, and privacy respecting phone.