PGP Fingerprint: B8CA ACEA D949 30F1 23C4 642C 23CF 2E3D 2545 14F7
Latest posts by Todd Weaver (see all)
- GNOME and KDE in PureOS: diversity across devices - January 31, 2018
- Meltdown, Spectre and the Future of Secure Hardware - January 5, 2018
- Happy New Year! Purism Goals for 2018 - January 3, 2018
WikiLeaks has recently released a treasure trove of documents, codenamed Vault 7, that will take weeks to digest. And we will digest it all. But before we go document by document, we wanted to address top-level concerns users have, and how our philosophy and business model are the only ones that can withstand the test of time against this type of user device control.
The Vault 7 Documents highlight an important fact that is often overlooked: security is a game of depth. “How deep do you go” is how we commonly compare hardware, products, and software. As an example, Whatsapp, Signal, Telegram, Weibo, Confide and Cloakman—each specifically mentioned in the Vault 7 documents—are just “applications” that run on an Operating System. While we may take issue with the fact that most of these encrypted communication applications mentioned use non-free software (so we have no way of knowing if they, themselves, are compromised or even operate the users’ best interest), the important point to drive home is that if the Operating System is controlled by the CIA, other nation states, or anybody with ill intentions who grabbed the leaked code, then the applications themselves are by definition fully compromised. Let’s be clear, the CIA is a spying agency, it’s what they do, likewise Russia, China, and other sophisticated nations also conduct espionage, it’s what they do. We as people from around the world should not offer our digital lives wholesale so easily to anybody foreign or domestic, this is one of the many reasons Purism exists, to offer products, tools, software, and services that protect you and your digital rights by default.
On any platform, the levels of security go in reverse order, like this:
- web access
- operating system
From Snowden’s revelations, through the newly released Vault 7 documents, we have learned that the above list is under full-scale attack, not just by the CIA or NSA, but also from non-US nations states, bad hackers, and criminals. At the “web access” level, having third-party trackers blocked in your web browser, while helpful, does not come remotely close to making sure your data is safe, secure and under your control. Likewise, if we go down one level to “networking”: if your wireless card is compromised or the source code is not available, everything sent and received can be under the control of somebody other than you.
The next level is the applications, where as mentioned above all the “encrypted communication applications” live. If you were to ask us, “How would I gain access to all encrypted communication across all applications?” We would answer it simply by saying “Go any level lower, like the OS, and take over that—you will then own everything in any of the levels above.” Which is why we, at Purism, work so hard to have every level controlled by the user, not by any other person or entity. The approach utilized by the CIA, according to the documents, was a simple “go a level deeper” to own all levels shallower.
At Purism, we release the source code, and also do not allow non-free or binary applications anywhere within the web access, networking, applications, operating system, kernel, nor bootloader. We go deeper than any hardware manufacturer by at least 6 layers. We continue to dig deeper and deeper, and will not stop until all 11 levels mentioned above are completely freed.
- At the BIOS/UEFI level we will be releasing (and will be preloading) coreboot and a neutralized Intel ME for all our products, which ensures most of the BIOS/UEFI level operates in a user’s best interest. There are a few more binaries we are working to free within coreboot, and are making great progress there.
- At the firmware level, we are completely freed, except the remaining firmware binaries mentioned at the BIOS/UEFI level.
- At the hardware level, we are completely freed, and we offer an additional solution to threats that were brought up in the Vault 7 documents, primarily remote access of microphone and camera feeds. On Purism products a user can physically sever the connection for webcam and microphone, avoiding the “Weeping Angel” threat of “Fake-off” where the device appears off, but is actually still listening or watching.
- As we grow, we can free deeper and deeper into the levels, getting to the point where even our schematics can be released and verified.
Purism is the only manufacturer who you know is advancing toward a goal where users’ control their own devices. All other manufacturers are undermining users’ digital rights, by not releasing their source code, or by having a business model where corporate surveillance is how they profit. Purism’s long-term goal is to have user-signed and user-encrypted devices—once we have that, a user can finally rest easier that their device is owned and controlled by them. Purism is well on our way, and are happy to be changing the world for the better.