Tag: PureOS

GNOME Foundation Partners with Purism to Support Its Efforts to Build the Librem 5 Smartphone

Orinda, CA/San Francisco, September 19, 2017 – The GNOME Foundation has provided their endorsement and support of Purism’s efforts to build the Librem 5, which if successful will be the world’s first free and open smartphone with end-to-end encryption and enhanced user protections. The Librem 5 is a hardware platform the Foundation is interested in advancing as a GNOME/GTK phone device. The GNOME Foundation is committed to partnering with Purism to create hackfests, tools, emulators, and build awareness that surround moving GNOME/GTK onto the Librem 5 phone. Read more

GNOME & KDE: The Purism Librem 5 phone is building a shared platform, not walled gardens

You might have heard about our Librem 5 phone campaign that we recently launched and that has now crossed the $300,000 milestone. If you are reading this particular blog post, it is quite probably because you are a member of the great GNOME/KDE/freedesktop community, and if you were expecting the Librem 5 to be only “a GNOME phone” and exclusionary of others you will be happy to know that Purism is working with both KDE e.V. and the GNOME Foundation, and will continue to do so.

As a matter of fact, to the question “Will you be running GNOME, Plasma, or your own custom UI?”, our campaign page’s FAQ stated, from the beginning:

“We will be working with both GNOME/GTK and KDE/Plasma communities, and have partnered with the foundations behind them for the middleware layer. PureOS currently is GNOME-based and our great experience with working with GNOME as an upstream as well as GNOME’s OS and design-centric development model; however we will also test, support, and develop with KDE and the KDE community, and of course we will support Qt for application development. We will continue to test GNOME and Plasma, and should have a final direction within a month after funding success. Whatever is chosen, Purism will be working with both communities in an upstream-first fashion.”

As a point of clarification, Purism is supporting GNOME/GTK and will continue to do so; Purism is also supporting KDE/Plasma and will continue; forming partnerships with these great communities is a way to establish our long-term commitment to those goals.

Likewise, Purism will ship PureOS by default on the Librem 5, but will support and work with other GNU/Linux distributions wishing to take advantage of this device.

The Librem 5 is about users reclaiming their rights to freedom, privacy and security on their mobile communication devices (also known as pocket computer, smartphone, etc.) with a platform that they love and trust. It is not about creating walled gardens, erecting barriers and division in the free desktop community, and reigniting the Desktop Wars of the past:

We are planning to empower users to run both GNOME, KDE, or whatever they see fit, on their GNU+Linux phone—just like we can have both GNOME and KDE on the same desktop/laptop today. The fact that we are going to be making an integrated convenient product that may or may not be a vanilla or heavily modified version of one of these two desktops as the “official recommended turnkey product choice for customers” takes away nothing from the value of these environments or from the ability to run and tinker with whatever Free and Open-Source software you see fit on your device—a device that you can truly own.

What we are providing here is a reference platform that is not Android, for both GNOME and KDE communities—we just so happen to need to provide it as a turnkey usable product for less tech-savvy customers as well, while doing it 100% in the open, upstream-first, like a true Free Software project should be. Right now, the exact set of software technologies we will base our “integrated product” on—whether closely based on KDE, or GNOME—is something we are still evaluating and will decide along the way. There is no “us” vs “them” here. The two projects are in different states of advancement when it comes to mobile and touch technologies, and both communities have their specificities, expertise, and strengths. No matter which project we pick as the basis to invest most of our technical resources in, both projects will win:

  • Even if one project is not chosen as the reference product user interface, it gains a hardware reference platform that community members can standardize on, and thus improve itself however they see fit.
  • This is not the nineties. GNOME and KDE have had a healthy collaboration relationship for the better part of a decade now!
  • We light up a competitive fire again in the hearts of contributors in both communities—and beyond. We can now fight for a platform we truly own, from the backend and middleware to the graphical user interface. No more proprietary UIs, no more “fork everything in middleware!”
  • We will still provide support to developers and testers across the board, everybody is welcome.

From a higher perspective, we believe this campaign is vital to the relevance of Free Software and the viability of GNU+Linux (vs Android+Linux) beyond the desktop, and to protect ourselves from pervasive surveillance and data capitalism. We hope you will see it in this light as well.

A new boot splash for PureOS

A quick update about PureOS… from the design team this time! 😉

For the new version of PureOS (codenamed “Prometheus”), I am working with the developers to make a very smooth and pleasant user experience when installing and launching the system. We want to make sure that PureOS is not only secure, but also a beautiful and enjoyable experience, designed for everyone. No exceptions!

So, I am currently working hard on polishing the visuals. The video below shows an example of the animation that will now take place at boot time in PureOS.

Every new Librem ordered with PureOS pre-installed should ship with this beautiful PureOS update in the coming weeks (we’re working hard to make the PureOS release on time for factory installs!) If you already are using PureOS, a software update will also arrive soon for you.

If you like it so much that you can’t wait for it to be released with PureOS, or if you want to customize its look to make it yours, you can download the source files here.

Releasing the beta of PureOS 3

After our alpha release in November, we are today releasing the beta for PureOS 3.0, which we intend to release as a final release in time for our upcoming new laptop batch shipment (more news on that soon).

As PureOS uses a rolling release model, software all across the stack continued to receive updates since our first alpha some months ago, even though the core of our work has been to improve and deploy new infrastructure to support efficient development of this operating system and to make the PureOS experience more pleasant for users, too. The PureOS infrastructure is now better at exposing migration/update issues, which means that we iron out broken or missing package dependencies more quickly (with the goal of preventing them from ever being encountered by users, although such occurrences are already rare). Building this infrastructure for PureOS is some very ambitious—and often invisible—work that we are accomplishing as the foundation for all PureOS development.

We are also in the final stages of preparing proper developer documentation, closely modeled on Debian’s contributors documentation and procedures, but pointing to the right bits and pieces when it comes to PureOS.

FSF endorsement is work in progress: we are working with the FSF and addressing any concerns or requests they may have. As per the FSF’s requests:

  • The new PureOS website is now fully separate and works with LibreJS.
  • Iceweasel/Firefox was removed from the archive (its presence there was actually due to a repository synchronization bug) and we modified the add-ons system to avoid the possibility of installing non-free add-ons by mistake. That said, this is one of the reasons why PureBrowser exists, and PureBrowser will continue to be the default. The forced removal of Firefox/Iceweasel caused some trouble with the PureOS package repositories archive but this will be fixed before the final release.
  • TorBrowser is now torbrowser-launcher, a package that downloads and installs the official Tor browser with updates being applied as soon as the Tor project publishes them.

On the security front:

  • A Wayland-based GNOME 3 experience remains what we ship by default.
  • We have started preparing our Linux kernel to be based on the grsecurity kernel. This is available as a package in the beta’s repositories but is not enabled by default, as we consider it requires more testing (you can help!) so we can use it as the default Linux kernel in the future (for PureOS 3.0’s final release, hopefully!)… so feel free to install and try it out (don’t forget to install paxctld as well)! This will be a huge step forward in terms of security. While most regular GNU/Linux distributions are more secure and privacy-respecting than proprietary OSes, having the grsecurity patchset in PureOS’ Linux kernel by default will bring PureOS far above the norm in terms of desktop GNU/Linux security practices.
  • We look forward to integrating flatpak in the future to benefit from its sandboxing capabilities

As you can see, we’re making some nice progress and PureOS has great plans ahead to achieve a great user experience that balances security and usability. This is quite a bit better than running OSes that work against you or that strip you of control over the applications layer!

What the CIA Vault 7 Documents Mean

WikiLeaks has recently released a treasure trove of documents, codenamed Vault 7, that will take weeks to digest. And we will digest it all. But before we go document by document, we wanted to address top-level concerns users have, and how our philosophy and business model are the only ones that can withstand the test of time against this type of user device control. Read more

A new PureOS website

2017 new pureos websiteI’m happy to announce that I have put together a new website dedicated to PureOS, with its own domain name: https://pureos.net

I created the PureOS website from scratch and made sure that not only is PureOS freedom-and privacy-respecting, its website would be as well.

  • It enforces HTTPS.
  • It is Icecat and Tor friendly.
  • There is no javascript at all—the interactive top menu that is displayed on small screens (mobile / tablets) is only made of CSS (with the checkbox trick)!
  • At the moment it doesn’t use any backend/framework (it is pure HTML), but I am also working on a small PHP backend that would handle very simple freedom-respecting templates as well as translations, following LibreJS rules for JavaScript usage. This backend is not complete yet but it will be released under a GPLv3 license.

Don’t hesitate to download and try PureOS! Your feedback is more than welcome as we want this fully free distribution to be as user-friendly and freedom respecting as possible. Those two goals are compatible.

I believe the world is reaching a point where the lack of freedom is starting to become noticeably less comfortable than the virtual comfort promoted by restrictive software makers. More and more people feel concerned about privacy, freedom and ethics in general. Most of them are beginning to understand why Free Software is so important (I was/am one of them!) The problem is that many people out there are under the impression that they are not “technical” enough to run a free OS like GNU/Linux, and so, they just give up… we must convince them that things are moving forward in the world of software freedom and that PureOS is as respectful of their freedom & privacy as it is modern, full-featured and easy to use by everyone.

Bits about PureOS

There are were some questions floating around our community regarding PureOS compared to other distros, and I feel it is time to address them all in one go.

PureOS compared to other distros

Do PureOS and Tails have the same goals?

Yes and no. We both want to make secure, private and anonymous OSes but we approach the problem differently:

  • Tails has longer development cycles.
  • Tails is more focused on pure anonymity, privacy and security, not tailoring towards average end-users (by “average” we mean “average computer user” and not “average GNU/Linux user”). While Tails is not as complicated to use as Qubes, there still is very little attention paid to user experience.
  • Tails is a system that you don’t install onto a hard drive (last time I talked to Tails developers, they said they were writing code that even prevents you from installing it onto the hard drive).

On other hand, PureOS comes preinstalled on Purism’s devices and takes all security/privacy/anonymity aspect tailored towards a broader set of end-users.

  • PureOS will not take security measures that would, for example, make 99% of the web browsing experience almost impossible (Tails also doesn’t do this, but this mention is just an example to reflect our philosophy).
  • PureOS aims to be easy to switch from Windows/Mac as well for any other OS, while increasing security and privacy in great amounts compared to the two most popular desktop OSes.
  • PureOS doesn’t require any account, doesn’t send any feedback/telemetry to Purism (or any other company) and doesn’t spam with add-ons.
  • The combination is therefore meant to be easy to use (and pleasant to the eye) while being a very big step forwards in terms of freedom, privacy, security and anonymity.

SubgraphOS is an example of an OS that is more aligned with PureOS’ ideas.

What are the differences between Debian and PureOS?

Hopefully I don’t need to explain the long standing giant Debian. PureOS will tend to have least possible amount of deltas compared to Debian and it will try to forward upstream (and to Debian) all changes we make that make sense for wider community (Matthias and myself are also Debian Developers and we understand the importance of this). Said that, we have some differences: PureOS hosts only Free software – while Debian is officially only main, it does host and allows an option of having non-free software. PureOS will have more frequent changes and for now it will not have an real stable release in Debian sense (we consider PureOS stable for everyday usage as most of users experience the same with Debian Testing). PureOS already defaults to Wayland as default while Debian will still stay with X for at least one release. For final PureOS 3.0 release, the plan is also to switch from Debian Installer to Calamares and also PureOS will have kernel with grsecurity enabled (and of course our own configuration).

What package formats is PureOS going to use?

PureOS is based on Debian and thus we use the famous deb format for core system packages. Besides that, our plan is to have Flatpak as a convenient and secure complement to deb packages in the future. Flatpak is pretty advanced, is gaining momentum among application makers, and has a lively community.

Where are PureOS sources (to code)?

They are at repo.puri.sm/pureos/pool/main but the easiest way to get any code is to just do:

apt source <packagename>

How to upgrade to the latest stable version?

PureOS is in essence a rolling release and if you keep it up-to-date you’re already at the latest version. We release point releases (like now with the upcoming PureOS 3.0) to have better testing of features as well as having an image for our OEM ISO. There is no need to download every ISO we release if you update frequently, but it helps us with testing.

Why can’t I search apps in GNOME Software and why doesn’t installation work for some packages?

GNOME Software requires Appstream metadata to work properly, and we are in the process of implementing that machine. It will soon be ready, probably by our next “beta” release of PureOS 3.

The installation issue comes out because of migrations issues. Short explanation: our packages get synced from Debian into our archive called “landing”, there from landing they migrate to “green” which is what you have in your sources.list. So we basically have an additional testing step during this migration, but as those parts are new in our archive they sometimes might get broken. We are improving this daily so bear in mind that all can be resolved in your next update.

Why does PureOS default to GNOME?

We consider GNOME the most technically advanced and polished Desktop Environment out there. It also has the best support for Wayland and touchscreen devices, which is important for PureOS’ path. Those who need more features or a different look & feel can either go to extensions.gnome.org or install any other DE they need (you’re always just an “apt install” away from anything you want).

How can I contribute?

Talking about PureOS, sharing to your and wider community, sending bug reports, code, art and coffee to developers, all helps.

Update from the trenches – operations, research and development for Q4 2016

Since our previous status update on manufacturing & shipping operations in August 2016, we had to tackle a lot of challenges in parallel: changing some of our suppliers, preparing new hardware, processing refunds, preparing PureOS 3, deploying new public infrastructure, seeking additional funds to enable us to ship “from stock” in the future, etc. The puzzle had so many moving parts that we really had to wait for dust to settle at the end of November to know where we stand and to provide you with this report.

In this blog post, we’ll be providing a global shipping status update, a quick update on R&D, and we’ll be sharing some great news for those interested in the Librem 13. Read more

Apple’s Collecting User Calls and Messages, and How Purism Avoids This Type of Threat

Another day, another corporate surveillance story; this time it is Apple who decides to secretly send users’ call history, as well as messages, to the “cloud” (which in this case is iCloud servers, owned and controlled by Apple).

This brings up a number of issues we have spoken about before, that users who buy Apple products think they own the device, until the realization—through near daily stories reporting on Apple undermining the privacy of user data—that Apple actually owns the iPhone device, and that iOS users are simply renting it as well as the software and services that run on it.

The Problem

Apple, like Google and Microsoft, controls the software that runs on your phone. Those companies will not relinquish control of their devices nor software because users continue to buy and finance their bad practices of exploiting users.

The Solution

Use, support, and buy products that are completely free software, where the source code is available, so that all the software on your device can be controlled by the user, not the software giants who undermine digital rights.

Purism ships PureOS with its products, which is completely free software. Customers can also elect to have Qubes preinstalled, or to install their own operating sytsem. Purism hopes to get PureOS officially endorsed by the Free Software Foundation very soon. Additionally, in the long term Purism is working towards its ambitious goal to fully free its hardware and get hardware certification by the FSF, becoming the first manufacturer of “brand new” high-performance laptops to achieve this.