Why the Salt Typhoon Hacks Make Our Public Networks Vulnerable

Liberty Phone, Made in USA Electronics, N79, Post Quantum Cryptography, PureOS, Quantum Safe, Security / / / / / / /
Purism

Purism

Beautiful, Secure, Privacy-Respecting Laptops, Tablets, PCs, and Phones
Purism

Latest posts by Purism (see all)

The recent Salt Typhoon hacks by the People’s Republic of China (PRC) have exposed significant vulnerabilities in our public networks. These hacks, which targeted major telecommunications providers like Verizon, AT&T, Lumen Technologies, Charter Communications, Consolidated Communications, Windstream, and T-Mobile (although the later says that they prevented access to PII data) have shown just how susceptible our public communication systems are to sophisticated cyber threats. The hackers exploited weaknesses in unencrypted messages and phone calls, allowing them to gain access to sensitive data and even geolocate individuals. The compromise to the public networks may indeed have follow-on repercussions such as muti-factor authentication (MFA) via SMS texts but that is a subject for a future post.

The Importance of Encryption and Private Networks

At Purism, we take a holistic approach to security from Layer 1 through Layer 7. Saying that we can prevent any attack is naïve. However, unlike many of our competitors who make unfounded claims of being “unhackable” devices, we have taken a logical and systemic approach to harden our posture from the baseband cellular radio (which is physically separated from the phones CPU and memory on our circuit board) at the physical layer, to address possible exploits on the network layer, all the way through to our PureOS and application layer (layer 7).

Open Standards Encrypted Messaging

Purism leverages free/libre and open source code, open and standard protocols, all of which are enhanced for secure, decentralized communication, and supporting various user-friendly applications built on top of these standards. Nextcloud, Matrix, XMPP have active installations with our customer base and ever expanding within the PureOS ecosystem.

Post Quantum Cryptography

Additionally, Purism has successfully implemented Post Quantum Cryptography (PQC) for data at rest and data in transit (DAR and DIT). We are leveraging one of the newer NIST PQC certified algorithms – ML-KEM – and have active deployments around the world. As of this writing, we are the first OEM/ODM to offer this protection in device and in a complete solution.

The Role of Private Networks

In addition to using encrypted applications, employing a private network such as an N79 PCN (Private Cellular Network) can provide an extra layer of security. Private networks offer enhanced control over your data and communications, making it much harder for hackers to intercept and exploit your information. We believe Salt Typhoon and similar attempts to weaken our public infrastructure have ushered in a paradigm shift for very security conscious enterprises and governments. While there was a past, heavy reliance on public networks, we believe that going forward, private cellular networks owned and operated by the customer themselves (or outsourced to a System Integrator) will be more readily accepted as an industry standard for information assurance.

Conclusion

By combining post quantum cryptography with private networks, enterprises and governments alike can significantly reduce the risk of falling victim to cyber-attacks like Salt Typhoon.

The recent attacks serve as a stark reminder of the vulnerabilities in our public networks. To safeguard our data and communications, it’s imperative to adopt encrypted applications and private networks. By doing so, we can protect ourselves from the ever-evolving threats posed by cybercriminals and state-sponsored hackers.

Purism Products and Availability Chart

 ModelStatusLead Time 
USB Security Token Purism Librem KeyLibrem Key

(Made in USA)		In Stock
($59+)		10 business days
Learn More Buy Now
Librem 5In Stock
($699+)
3GB/32GB		10 business days
Learn More Buy Now
Librem 5 COMSEC BundleIn Stock
($1299+)
Qty 2; 3GB/32GB		10 business days
Learn More Buy Now
Purism Liberty Phone with Made in USA ElectronicsLiberty Phone
(Made in USA Electronics)		Backorder
($1,999+)
4GB/128GB		Estimated fulfillment April
Learn More Buy Now
Librem 5 + SIMple
(3 GB Data)		In Stock
($99/mo)		10 business days
Learn More Buy Now
Librem 5 + SIMple Plus
(5 GB Data)		In Stock
($129/mo)		10 business days
Learn More Buy Now
Librem 5 + AweSIM
(Unlimited Data)		In Stock
($169/mo)		10 business days
Learn More Buy Now
Librem 11Backorder
($999+)
8GB/1TB		Estimated fulfillment April
Learn More Buy Now
Most Secure Server Purism Librem ServersLibrem ServerIn Stock
($2,999+)		45 business days
Learn More Buy Now
The current product and shipping chart of Purism products, updated on February 18, 2025

Recent Posts

Related Content

Tags

Advanced readers AweSIM Battery life Boot and BIOS Chipsets and components CISO Communications infrastructure Consumer Privacy Crowdfunding Customer Feedback cybersecurity Enterprise FLOSS applications Giving and contributing back Graphics infosec Laptops Liberty Phone librem 5 Librem 5 USA Librem 14 Linux kernel Made in USA Electronics most secure computer most secure laptop most secure pc most secure phone Newsletter and status updates Phones Press Privacy Product or service launch PureOS secure computing Secure Supply Chain Security Software freedom Supply chain Testimonials and user stories Tips and tricks User empowerment User experience design User interaction design Videos Website
Purism

3D renders are artist renderings, for illustration purposes. Images and specifications are subject to change depending on manufacturing requirements.

Unless otherwise noted, contents created by the Purism team on this website are copyleft with a CC-by-SA 4.0 license.