Purism Librem laptops are immune to such threats because of a deeply rooted philosophical difference about security
SAN FRANCISCO, CA—July 5th, 2017—Purism, the social purpose corporation which designs and produces security focused hardware and software, has released a new report on the latest cybersecurity threats and why nearly all devices are vulnerable to such attacks. The very design of modern hardware and software invites a host of threats, from sophisticated attacks, criminal activity, to hobbyist attempts, and reactive software patches simply cannot be released quickly enough to plug security holes. All manufacturers beside Purism are reactive to security threats only. Being proactive about security comes down to philosophy, business model, and reducing the attack surface to begin with.
There are 4 key factors as to why popular devices produced by large manufacturers are susceptible to rising security concerns:
The best security in software follows a simple set of rules that the largest manufacturers fail because of their business models:
WannaCry, Petya, and NotPetya, are increasing in complexity in a whack-a-mole, distributed criminals vs centralized corporation software battle where the users are the victim. The current proposed solutions from proprietary software vendors is reactive to these threats, which by definition means they will continue to happen in increasing frequency and potency. There is real motive for criminals to create ransomware, wreak havoc, and upset markets, and the reactive proprietary software patching approach is unacceptable as a security story.
Lower level threats a lot released with Vault 7, like Dark Matter, Intel AMT, EFI/UEFI exploits highlight that criminals are going deeper than software and operating systems, where even the reactive approach does not help, since proprietary operating system vendors do not release EFI/UEFI updates, and BIOS, EFI/UEFI updates are not commonly done by users.
In a proactive model, where the source code is released, making the attack surface small, and sharing the code for audit, has been the philosophical difference as to why Purism Librem laptops have been immune to all these threats.
“Protecting our digital life is a growing concern for individuals, reactive patching does not provide the peace of mind that users want” said Todd Weaver, CEO and Founder at Purism. “We provide that peace of mind by making security protection easy and the default for users.”
Purism’s Librem laptop line has been specifically designed to address these gaping security issues that big box manufacturers are unable and unwilling to combat due to being reactive and not releasing the source code. To date, Librems have been completely immune from the following cybersecurity attacks: Wannacry, Intel AMT, Petya, Dark Matter, All Vault 7 EFI/UEFI exploits, and NotPetya.