Flipping the Script: Exploring New Paradigms in Secure Mobile Computing

• About
• Latest Posts

Randy Siegel

Government and Business Development at Purism, SPC

Latest posts by Randy Siegel (see all)

• Freedom of Choice vs. Oppression of Big Tech - November 6, 2024
• The Case for Free/Libre and Open-Source Software: Enhancing Security and Privacy in the Digital Age - October 22, 2024
• RIP RSA AES: The Immediate Need of Quantum-Resistant Cryptography - October 22, 2024

Secure Networking Infrastructure + Secure Smartphones

Last month, Purism announced a collaboration with Abside to deliver secure mobile solutions for the U.S. government and NATO countries. This solution leverages private cellular networks (PCNs) owned and operated by government entities rather than the traditional dependence on Public Switched Network Providers (PSNs) such as AT&T, Verizon, Vodafone, Orange and others around the world.

Traditionally and before widespread privatization, these large, public providers were broadly known as PTTs, an acronym for Postal, Telephone, and Telegraph companies. These companies were typically government-owned and operated, providing essential communication services to a country.

In many countries, PTTs have evolved over time, with some privatizing or merging with other companies. For instance, I spent a seminal part of my earlier career in telecom working for MCI which was the prime mover in breaking up AT&T in 1984 (with the modified final judgment coming in 1986). The acronym PTT is often still used in many contexts to refer to these historical, government run and operated organizations. Their cousins or the new iteration of these companies are often referred to as facilities-based network operators, mobile operators, or just plain cellular carriers.

Facilities Based Public Operators vs. Government Owned Infrastructure

Due to a powerful mix of legislation that led to privatization, technological innovation, and other factors, it’s now very feasible to own, run and operate one’s own network (or have a managed service provider do so on your behalf). By leveraging government and/or public spectrum, agencies can in effect become their own network operators. Once in this position, they can better dictate role-based access control as well as specify the manner and type of data flowing over their networks (and where and when).

Purism devices play the role of trusted End User Devices (EUDs), or secure client compute devices that consume both private network data and can be enabled to also interoperate with PTT/Public Cellular network data. In essence, agencies can better control their own environments by both controlling Layer 3 network transmissions and by Layer 7 mobile applications.

When you are on the private agency network, you have a work profile and when you are outside of the agency network, you will default to another, public profile which enables end-users to take advantage of public, cellular carriers.

Best of Both Worlds

From a Concept of Operations (CONOP) and operational security perspective, government agencies can mandate where and how devices are used. For instance, when users enter Secure Spaces or even SCIFs (Secure Compartmentalized Information Facility), polices could be enforced that disable baseband radios and/or mandate the use of a trusted network, remotely enforce camera and microphone restrictions and more.

Since agencies will be in control of these networks, they would be operationally aware of all users physical whereabouts and might contextually mandate certain policies in an automated manner. For instance, once a user leaves a building, certain feature functionality such as ability to reach social media, might be remotely restored on the device. (Conversely, when in an office environment or secure environment, social media and/or other popular applications including web browsing might be denigrated and/or not operative.)

Since most smartphones these days – The Librem 5 included – are capable of support multiple profiles, its trivial for centralized IT to mandate end-users be on the private network at work and switch over to public, Cellular Networks while away from work – on the same device.

By controlling both the infrastructure and the PED/EUD, government can greatly reduce the cyber risk profile of the entire agency and simultaneously control costs of networking spend. All of this results in a more secure government with taxpayers saving money.

Purism’s Role

Purism is actively teaming with network equipment providers, cloud service providers, 5G and LTE specialists and many others of multiple stripes.

Physical components of a 5G Open RAN (Radio Access Network) architecture are designed to be modular and interoperable, allowing for a mix-and-match approach from different vendors. Here are many of the key components:

• Radio Unit (RU)
  • Function: The RU handles the transmission, reception, amplification, and digitization of radio frequency signals.
  • Location: Typically located near or integrated into the antenna.
• Distributed Unit (DU)
  • Function: The DU is responsible for baseband processing, scheduling, radio link control, medium access control, and the upper part of the physical layer.
  • Location: Usually situated closer to the cell site to handle real-time processing.
• Centralized Unit (CU)
  • Function: The CU manages the packet data convergence protocol layer and other higher-layer functions.
  • Location: Can be located further from the cell site, often in a centralized data center.
• O-RAN Intelligent Controller (O-RIC)
  • Function: The O-RIC gathers information from the network and performs optimization tasks, enhancing network performance and efficiency.
  • Location: Typically, part of the centralized infrastructure.
• Antennas
  • Function: Antennas transmit and receive radio signals to and from user devices.
  • Location: Mounted on towers, buildings, or other structures.
• Fronthaul and Backhaul
  • Function: These are the transport networks connecting the RU to the DU (fronthaul) and the DU to the CU (backhaul).
  • Location: These connections can be fiber optic, microwave, or other high-speed links.
• User Equipment (UE)
  • Function: Devices like Purism smartphones, tablets and laptops and IoT devices that connect to the 5G network.
  • Location: Used by end-users to access the network.
    These components work together to create a flexible and efficient 5G network, allowing government operators to optimize performance, reduce costs, and enhance security.

n79 Band

Purism, Abside and others are producing devices today that leverage the n79 band. The n79 band is a frequency band designated for 5G New Radio (NR) and is commonly referred to as the 4.5 GHz 5G band or C-band 5G. It’s frequency range is 4400 MHz to 5000 MHz supporting 600 MHz bandwidth which allows for wide channel widths and high capacity applications.

Applications and Benefits

• High Capacity: The n79 band supports large blocks of contiguous spectrum, making it ideal for high-capacity applications such as Fixed Wireless Access (FWA) for rural areas.
• Advanced Technologies: Utilizes advanced processing techniques like massive MIMO, beamforming, and beam-tracking to mitigate the propagation limitations of higher frequencies.
• Compact Antennas: The shorter wavelength allows for more compact and feasible deployment of complex antenna technologies.

Deployment

• Popularity: The n79 band is popular due to its relatively common availability and the need to reallocate higher cellular bands for 5G as lower bands are already in use by 3G and 4G networks.
• Challenges: Some countries may need to vacate existing spectrum to reallocate it for 5G services.

The n79 band is an excellent vehicle for achieving the performance objectives of 5G, providing high capacity and supporting advanced technologies to enhance network efficiency and user experience.

Purism’s Electronics Made-in-America

Purism is known for its commitment to privacy, security, and freedom for its users. One of Purism’s standout products is the Liberty Phone. This device is notable for its Made in USA components and manufacturing process. Here are some key points about it:

1. Electronics Fabrication: All electronics for the Liberty Phone are fabricated at Purism’s facility in the USA. This includes the mainboard PCB and Type-C PCB.
2. Assembly: The entire phone is assembled in the USA, ensuring a secure supply chain and reducing the risk of hardware tampering.
3. Component Sourcing: While Purism sources individual components from various countries, they prioritize US-based suppliers whenever possible. For example, the mainboard and modem PCBs are made in the USA, while some integrated circuits come from countries like South Korea and Japan.
4. Secure Supply Chain: By controlling the supply chain within the US, Purism can oversee each stage of production, enhancing the security and integrity of their devices.
5. Privacy and Security: The Liberty Phone runs on PureOS, a free and open-source operating system designed to protect user privacy. This aligns with Purism’s broader mission to offer alternatives to big tech companies that prioritize user data.

Further Information on the Librem 5 and Liberty Phone:

• Hardware Kill Switches: It features three hardware kill switches to physically disconnect the cellular modem, Wi-Fi/Bluetooth, and camera/microphone.
• Open-Source Software: Runs on PureOS, a fully free and open-source operating system, ensuring transparency and control over the software.
• Secure Supply Chain: Assembled in the USA with a secure supply chain to minimize risks of hardware tampering.
• User Control: Offers user-replaceable batteries and components, allowing for greater control and longevity.

Purism Products and Availability Chart

	Model	Status	Lead Time
	Librem Key (Made in USA)	In Stock ($59+)	10 business days	Learn More Buy Now
	Librem 5	In Stock ($699+) 3GB/32GB	10 business days	Learn More Buy Now
	Librem 5 COMSEC Bundle	In Stock ($1299+) Qty 2; 3GB/32GB	10 business days	Learn More Buy Now
	Liberty Phone (Made in USA Electronics)	Backorder ($1,999+) 4GB/128GB	Estimated fulfillment February	Learn More Buy Now
	Librem 5 + SIMple (3 GB Data)	In Stock ($99/mo)	10 business days	Learn More Buy Now
	Librem 5 + SIMple Plus (5 GB Data)	In Stock ($129/mo)	10 business days	Learn More Buy Now
	Librem 5 + AweSIM (Unlimited Data)	In Stock ($169/mo)	10 business days	Learn More Buy Now
	Librem 11	In Stock ($999+) 8GB/1TB	10 business days	Learn More Buy Now
	Librem 14	Backorder ($1,370+)	Estimated fulfillment December	Learn More Buy Now
	Librem Mini	Backorder ($799+)	10 business days	Learn More Buy Now
	Librem Server	In Stock ($2,999+)	45 business days	Learn More Buy Now