Once again, we were so busy we barely had the time to leave our booth: people were very interested in the Librem 5 devkit hardware, in the latest version of the Librem laptops and PureOS, on having the same apps for the Librem laptops and the Librem 5 phone… so we got to do the full pitch. On a less technical note, our swag was quite a success. People told us they loved our paper notebook and carpenter pencil, and asked questions about the pencils – which, according to Kyle Rankin, Chief Security Officer of Purism, have a section that is “kind of shaped like our logo”, and being carpenter pencils “are designed so you can sharpen them without having to use a proprietary pencil sharpener.” Visitors (and team) loved them for being beautiful, unusual and useful.
Above all, our audience wanted to see the PureBoot demos (apart from an inspirational young attendee, who asked his grandmother to take him to SCaLE specifically so he could meet Todd Weaver, our founder and CEO) – and each time we thought we could take a break, someone else came up and asked about PureBoot. We had constant demonstrations of PureBoot on a Librem 13v4 and Librem Key, and got lots of excitement from the security community and enterprise customers – national and international.
PureBoot, as introduced earlier, is a combination of hardware – a trusted platform module (TPM) inside a Librem laptop – with a disabled Management Engine. It boots using a coreboot BIOS and a Heads payload, that verifies it hasn’t been tampered with, using a Librem Key. This combination is the strongest security available in computing devices. Unlike other secured boot processes, this combination also allows you to control and sign with your own keys. We were frequently asked to demonstrate PureBoot for enterprise use cases – specifically, what the best-practices would be for an enterprise to secure their fleet of laptops; these same enterprise best-practices may also be applied to an individual, whether a beginner or a security expert.
During the in-person demonstration, Purism team members showcased for the first time the complete PureBoot solution from start to finish (and we are about to get technical):
The best practices for enterprise using Pureboot were also described to a regular audience at the Purism booth in Pasadena, and here they are, for reference:
This offers the best in class enterprise control, measuring single-bit detection and tampering on a signed image – while subscribing to the usable computing practice of “boot not brick” of devices in the field.
It was really nice meeting you at SCaLE, and we hope to see you next time.