Hudson’s security firmware Heads will be built into Purism Librem hardware to further protect users from cybersecurity threats, privacy invasion, identity theft, and more.
SAN FRANCISCO, CA — APRIL 12, 2017 — One of the foremost security researchers in the infosec community, Trammell Hudson, is working with secure device maker Purism to integrate his free and open-source “Heads” firmware into the company’s Librem laptop line. Purism will be the first hardware company to integrate Heads into its products, and the partnership will push the industry standard with unprecedented protection for end-user devices. Testing has already begun for the integration of the two platforms.
When integrated into Purism Librem hardware, Heads will provide cryptographic verification of the system’s firmware and operating system—using CPU features like Bootguard, flash protection and a TPM—to provide a strong hardware “root of trust” while also allowing more advanced users to modify their own systems and securely install their own custom firmware.
Purism coreboot-enabled hardware is already immune to widespread attacks against EFI/UEFI firmware (threats that have been documented in the “Vault 7” CIA documents leak); adding Heads enables cryptographically signing the lowest levels, allowing users to protect their devices against third-party modification. Conventional security approaches such as antivirus and malware detection programs are no longer enough to keep out attackers and criminals in today’s online world. Purism’s vision in working with Hudson to integrate Heads is to increase the safety of individuals and organizations through this technological advancement.
The imperative for computer makers to implement better stewardship models to increase individuals’ protection is evident, as 2017 has been a hallmark year for privacy and security concerns and individuals’ protection rollbacks:
This demonstrates a clear need for both increased education about these topics, and devices that put users first and empower use of security measures to give them peace of mind about engaging online.
“Purism’s Librem laptops are ideally suited for the philosophy of the Heads firmware project—Purism is manufacturing modern hardware designed to allow the users to have control of their own systems” said Trammell hudson, well-known information security researcher and founder of the Heads project. “They are the only vendor that allows users to establish their own hardware root of trust with CPU features like Bootguard, and their support for coreboot and Heads improves security by being open, auditable, flexible and measured.”
“We are ecstatic about the partnership between Purism and Heads, especially being able to work closely with Trammell who has proven himself an unadulterated security expert. We have begun co-developing a solution to advance our goals of privacy and security for everyone. This union represents the ideal approach to protecting users by default, without sacrificing convenience or usability,” said Todd Weaver, CEO of Purism. “Including Heads is a natural fit with both the functionality and ideology of the Purism Librem laptops.”
Purism’s goal with the Librem laptop is to offer a high-end computer with a simple, out-of-the-box, secure computing environment usable by ordinary users with ease.
Librem laptops feature customized components designed to increase security and freedom for end-users, including coreboot, a neutralized Intel Management Engine, an Intel CPU shipped unfused in “manufacturing mode” and without vPro, Intel AMT avoidance, and many other features that make this partnership possible on a technical level.
Heads is a free and open-source custom firmware and OS configuration, intended to provide physical security and protection for data on laptops and servers. Heads is the result of several years of firmware vulnerability research and collaboration in the infosec community. Combining physical hardening of specific hardware platforms and flash security features, Heads allows moving the “root of trust” into the write-protected ROM and preventing further modifications to the bootup code.
As it controls the first instruction the CPU executes, Heads can measure every step of the boot process using a Trusted Platform Module, making it possible to attest to the user that the firmware has not been tampered with. Once the system is in a known good state, the TPM can be used as a hardware key storage to decrypt the main storage drives.
Additionally, Heads allows the hypervisor, kernel and initrd images to be signed by keys controlled by the user, in addition to the ability of the operating system to use a signed, immutable root filesystem so that any software exploits attempting to gain persistence will be detected.
Trammell has been researching hardware and firmware security topics for many years, such as the “Thunderstrike” (and “Thunderstrike 2“) firmware rootkits on Apple Macbooks, as well as techniques for reducing the functionality of the Intel Management Engine. He also started the “Magic Lantern” project, an open runtime for the Canon DSLR cameras that allows users to take control of their own devices.