Tag: Newsletter and status updates

Inventory shipping in June 2017: case designs and final assembly

For the past few weeks, the new Librem 13 and 15 have been undergoing stage 1 production with our case modifications and silkscreening. We had some back and forth between us and the printer to finally have clearly identified killswitches:

…and our certification marks and model identification on the underside:

At first the screenprinters had trouble with the font we’re using (as you can see above, if you have a keen eye), but we got that corrected as you can see further below. We were not so lucky with the keyboard’s “Purism logo” key as the aspect ratio was squashed a little bit by the backlit keyboard supplier and we found out too late, but at this stage the #1 priority is getting these machines delivered to you as fast as possible, so we’re hoping you don’t mind the Purism rectangle logo being in “ultra-wide” cinema format just this once 😉

As the laptops are now at stage 2 production, we have some teaser photos of the completed case work. These were shot a bit hurriedly, the lighting and compression is not flattering, but this at least provides a rough idea. We’ll take the time to shoot proper studio photos when the first new wave of shipments is mailed out in June.

Here is what the underside of the Librem 13 looks like:

Here are the silkscreened killswitch labels:

Note: the IPS display panels we source for the Librems are matte (as they should be!) The reason why the screen in the picture above seems reflective is that a glossy protective film is applied to protect the laptops during shipping.

For the curious among you, here is a bare view of the case’s interior, with only the multitouch trackpad and backlit keyboard (underneath the black electrical isolating layer) installed:

With this, we are confident that we will be able to begin shipping out finalized units to customers in roughly two weeks. Afterwards, we will have stock on hand allowing new orders to be fulfilled within a week. If you were reluctant to preorder and were were waiting for the presence of rapidly-shipping stock to purchase a Librem, this will be a deal changer for you.

Spring 2017 product design update and operations report

Let’s recap recent progress with a summary of where we stand and where we’re going next on the “operations” front.

We have begun production of the two new revisions of Librem laptops. As we narrowed down on component choices and successfully raised additional funds, we have now made great steps towards our “zero outstanding orders” milestone and our goal of creating our first inventory to ship future orders from.

  • Last month, we ordered a batch of supplies to begin production of the new Librem 13 “v2” units. We have also tested and evaluated three prototype units, the latest of which we will use to extend our coreboot work.
  • Two weeks ago, we also ordered parts for the new Librem 15 “v3” units. So far we have evaluated one prototype unit for this new batch (which will also be used for our coreboot work), and will evaluate a second one soon.
  • We are currently working to leverage investment to make the Librem 11 batch order happen sooner and create an inventory directly; we will let you know of any progress on that front. In the meantime, we thank you for your patience. And please spread the word about the Librem 11 to those around you looking for a nice security-oriented and freedom-respecting convertible tablet with stylus support (especially interesting for visual artists who want to use the plethora of free creative tools such as MyPaint, Krita, Inkscape, GIMP, etc.)! The more people know about it, the sooner we should be able to put it into production.

Revised products specifications

For the upcoming Librem 13 v2 and the Librem 15 v3, we evaluated various prototypes, including different cases and keyboard models, alongside various possible CPU, GPU, RAM and storage combinations. With the newer motherboards, we aimed to keep the same flexibility in terms of storage: one M.2 slot and one standard SATA slot. As usual, the RAM and SSDs are all user-replaceable, not soldered.

The Librem 13 gets a whole slew of improvements for version 2:

  • Intel Core i7An Intel Core i7 processor (one of the most often requested features), using the 14 nanometers lithography of the Skylake generation, bringing additional performance (over our previous i5 processor) and great power savings over previous generations.
  • A backlit keyboard (the other most often requested feature)
  • Newer Intel graphics as part of the Skylake chipset
  • DDR4 memory
  • One USB 3.0 “type C” connector
  • A much better trackpad (sourced from Elantech instead of BYD), which works better out of the box. It supports vertical and horizontal two-finger scrolling, allows changing workspaces with a simple four-finger swipe gesture, has smoother scrolling, and various multitouch gestures (dependent on applications support).

Those who have ordered the Librem 15 also get the free update to Skylake, newer graphics, DDR4, and improved trackpad. The Librem 15 already had a backlit keyboard and USB-C.

As you can see, when you pre-order a Purism device, you don’t need to worry about the specs becoming outdated by the time of production & delivery. For all our products, we strike a balance as per our manufacturing & sourcing approach, yet strive to stay close to the latest technology out there. We aim to please our supporters by bundling these updates at no additional cost whenever possible.

Upgrading from the Broadwell microarchitecture for this round, we chose to go with Skylake (rather than Kabylake) in order to service orders more quickly without bringing on delays in supplies or testing. To provide the best user experience, we prefer to test more thoroughly before moving on to a new chipset (for instance, we’ll be able to provide coreboot support more quickly with Skylake as part of our current roadmap). We expect to upgrade the chipsets/microachitecture again for the next production run (planned for the second half of 2017 once we complete this batch), which will involve a revised motherboard design, as we will also be adding new hardware features in prevision of full support for Heads.

The power of the Dark Side comes as a duo

We chose to keep the same overall chassis, although the location of Librem 15’s killswitches will be different this time (all on the hinge cover, like the Librem 13).

A notable aesthetic improvement for the Librem 15 v3 is that it will be anodized black just like the Librem 13. The temptation of the Dark Side was strong! Here you can see an anodized aluminium extrusion sample of the Librem 15 v3, next to an existing Librem 13 v1:

As we are beginning to have quite a bit of hardware revisions and models to keep track of, the laptops will now also feature some subtle branding underneath the backplate for model identification and to show the appropriate certification marks (we are FCC and CE certified). The publicly visible parts such as the screen bezel, palmrests, or the back of the screen lid, all remain unbranded.

Better power connectors

We are now sourcing power supplies with L-shaped coaxial connectors, so they keep a low profile when plugged into the side of your Librem:

This is particularly useful if you like to sit cross-legged with your laptop on a sofa, for example! (or for those who like to meditate with a computer on their lap)

Wrapping up

We are well on our way to provide a great new set of laptops this summer. We should be receiving the final components around the end of May, at which point we will do the final assembly and shipping throughout June. We will then be able to celebrate having cleared all the existing Librem 13 and 15 orders (including the recent big spike in orders). After that point, we will be able to ship within days and weeks (not months), which will be a huge relief for everybody looking to buy a Librem “in a pinch”. We hope you’re as excited as we are about that!

As always, thank you for your support, and feel free to contact us with your thoughts and encouragements, or to spread the good news around you!

Security Researcher Trammell Hudson and Device Maker Purism Join Forces to Set a New Standard for Security-Focused Laptops

Hudson’s security firmware Heads will be built into Purism Librem hardware to further protect users from cybersecurity threats, privacy invasion, identity theft, and more.

SAN FRANCISCO, CA — APRIL 12, 2017 — One of the foremost security researchers in the infosec community, Trammell Hudson, is working with secure device maker Purism to integrate his free and open-source “Heads” firmware into the company’s Librem laptop line. Purism will be the first hardware company to integrate Heads into its products, and the partnership will push the industry standard with unprecedented protection for end-user devices. Testing has already begun for the integration of the two platforms. Read more

Purism Warrant Canary Updated April 1st 2017

[Please note: warrant canaries being posted on April 1st are not April Fools’ jokes.]

Before (or on) the first day of each quarter, Purism, following the general rules of warrant canaries, will update its own Warrant Canary page if none of the listed items occurs.

warrant-canary-64x70px

Warrant Canary, April 1st 2017

  1. We have not placed any backdoors into our software or hardware, and we have not complied with any requests to do so.
  2. We have not received, nor complied with any National Security Letters or FISA court orders.
  3. We have not been subject to any gag order by a FISA court.

The next statement will be published on the first day of each quarter (January 1st, April 1st, July 1st, October 1st). Please refer to the Warrant Canary page for details and digital signatures.

Getting ready for LibrePlanet and the new Librem 15 v3

This year, we’re attending and sponsoring LibrePlanet, which is being held this week-end in Boston. Todd and I arrived one day early, as we wanted to seize the opportunity to spend a full day coworking to align our plans (regarding communications, product design and supply chain management), confirm product specifications, and test some new prototypes we have on hand. Todd recently (yesterday!) received sample parts and prototype units from suppliers, so we spent some time checking the aesthetic and functional aspect of the next revision of the Librem 13 (v2) and Librem 15 (v3), including the chips, killswitches, and removable components.

I also brought with me some older units I had gathered from others, including the Librem 11 prototype (which we bricked during testing) and the previous revision of the Librem 15.

Oh, “But what is that mysterious black plate in the center of the table”, you ask? Well, that’s one of the sample parts our suppliers sent us: the upper aluminium plate of the upcoming Librem 15 v3, which will be anodized black like our lovely Librem 13.

Here you can see Todd’s Librem 13 on the left (which looks brand new even after 2 years of intensive use) and the Librem 15 v3’s anodized aluminium extrusion sample on the right (resting on top of the old Librem 15 production model for comparison).

We chose a matte finish to avoid fingerprints from showing up (disclaimer: if you’re worried about someone lifting your invisible fingerprints from your laptop, you probably want to type with gloves like this guy–except you’ll be way cooler, because you’ll be using a Librem instead of some old plastic junk 😉

We’re still finalizing details when it comes to the final specs, but from the looks of it, those with outstanding orders may benefit from a free upgrade to a newer generation of CPU and graphic chipsets, in addition to the black aluminium chassis.

Today we have placed a batch order through our supply chain for the Librem 15 v3, so we hope to provide you with an update on specifications and estimates soon. In the meantime, if any of you are attending LibrePlanet, we look forward to meeting you this week-end!

Releasing the beta of PureOS 3

After our alpha release in November, we are today releasing the beta for PureOS 3.0, which we intend to release as a final release in time for our upcoming new laptop batch shipment (more news on that soon).

As PureOS uses a rolling release model, software all across the stack continued to receive updates since our first alpha some months ago, even though the core of our work has been to improve and deploy new infrastructure to support efficient development of this operating system and to make the PureOS experience more pleasant for users, too. The PureOS infrastructure is now better at exposing migration/update issues, which means that we iron out broken or missing package dependencies more quickly (with the goal of preventing them from ever being encountered by users, although such occurrences are already rare). Building this infrastructure for PureOS is some very ambitious—and often invisible—work that we are accomplishing as the foundation for all PureOS development.

We are also in the final stages of preparing proper developer documentation, closely modeled on Debian’s contributors documentation and procedures, but pointing to the right bits and pieces when it comes to PureOS.

FSF endorsement is work in progress: we are working with the FSF and addressing any concerns or requests they may have. As per the FSF’s requests:

  • The new PureOS website is now fully separate and works with LibreJS.
  • Iceweasel/Firefox was removed from the archive (its presence there was actually due to a repository synchronization bug) and we modified the add-ons system to avoid the possibility of installing non-free add-ons by mistake. That said, this is one of the reasons why PureBrowser exists, and PureBrowser will continue to be the default. The forced removal of Firefox/Iceweasel caused some trouble with the PureOS package repositories archive but this will be fixed before the final release.
  • TorBrowser is now torbrowser-launcher, a package that downloads and installs the official Tor browser with updates being applied as soon as the Tor project publishes them.

On the security front:

  • A Wayland-based GNOME 3 experience remains what we ship by default.
  • We have started preparing our Linux kernel to be based on the grsecurity kernel. This is available as a package in the beta’s repositories but is not enabled by default, as we consider it requires more testing (you can help!) so we can use it as the default Linux kernel in the future (for PureOS 3.0’s final release, hopefully!)… so feel free to install and try it out (don’t forget to install paxctld as well)! This will be a huge step forward in terms of security. While most regular GNU/Linux distributions are more secure and privacy-respecting than proprietary OSes, having the grsecurity patchset in PureOS’ Linux kernel by default will bring PureOS far above the norm in terms of desktop GNU/Linux security practices.
  • We look forward to integrating flatpak in the future to benefit from its sandboxing capabilities

As you can see, we’re making some nice progress and PureOS has great plans ahead to achieve a great user experience that balances security and usability. This is quite a bit better than running OSes that work against you or that strip you of control over the applications layer!

Neutralizing the Intel Management Engine on Librem Laptops

In my last blog post, I have spoken of the completion of the Purism coreboot port for the Librem 13 v1 and mentioned that I had some good news about the Intel Management Engine disablement efforts (to go further than our existing quarantine) and to “stay tuned” for more information. Since then I got a little side-tracked with some more work on coreboot (more below), but now it’s time to share with you the good news! Read more

The Librem 13 v1 coreboot port is now complete

Here are the news you’ve been waiting for: the coreboot port for the Librem 13 v1 is 100% done! I fixed all of the remaining issues, it is now fully working and is stable, ready for others to enjoy. I fixed the instability problem with the M.2 SATA port, finished running all the tests to ensure coreboot is working correctly, fixed the headphone jack that was not working, made the boot prettier, and started investigating the Intel Management Engine issue. Read on for details. Read more