Purism announces advisory board, and one of the members is Linux firmware security expert Matthew Garrett, which is good news:
Purism started making laptops, but have now extended to tablets. Their current IndieGoGo-based funding effort only has 3 days left!
Here is where to sign:
I hope someone does a petition to get the Stateless Laptop built. If Intel builds a new ME-less system, it should also be building this Stateless system as part of it.
AND… I don’t understand why OEMs are dancing around with tamper resistant screws. IMO, a system needs a lock, a good one, since lockpicking is a normal hacker sport, most locks are useless. A good laptop should have a lock to prevent casual evil maids. The Google Chromebox Pixel Developer Mode scew is nice, but an evil maid could also use that, no lock. Cars have locks. Houses have locks. Computer server rooms have locks. Data contained in laptops are often worth more than cars and houses. Why do modern expensive computers have no locks? Cost? Governments would not want them, harder to access boxes going through customs? I want a Stateless Laptop, with a secure metal enclosure and a good quality lock. Then I’ll keep the key and thumbdrives with me, and just deal with rubberhose attacks, not evil maid attacks.
coreboot is nearing it’s 4.3 release. Their last post shows stats of project activity for a single week this month, especially 36 contributors, 11 of them new. The week before there were 13 new contributors!
– Total commits: 111
– New authors: 11
– Total authors: 36
– Total lines added: 10885
– Total lines removed: -604
– Delta: 10281
Two new mainboards – the Google Tidus board (Lenovo ThinkCentre Chromebox), and the Purism Librem 13 laptop are added.
There’s even Ada compiler support added to the toolchain. There are many other changes, not mentioned here, see the full post:
Purism has announced a partnership with Qubes OS, users will be able to order Qubes OS preinstalled on the Librem 13.
Excerpted quotes from press release:
“We are pleased to partner with the Purism team both in offering a certified Qubes OS laptop today, and in the future improving the functionality and security of Purism laptops to ensure that users can have the best of freedom, security and privacy in one convenient package,” said Joanna Rutkowska, well-known security researcher and founder of the Qubes OS project.
“We are ecstatic about the partnership between Purism and Qubes so we can bring together our goals of privacy, security and freedom in hardware with the best approach in software security. This union represents the ideal approach to protecting users by default, without sacrificing convenience or usability,” said Todd Weaver, CEO of Purism. “Qubes OS is a natural fit with the Purism Librem laptops in both functionality and ideology.”
I was originally wondering why not use Qubes instead of PureOS in the first place, so I’m happy with their use of Qubes for OS solution.
I’m unclear about status of PureOS, is it mothballed or is it another OS option for Librem? Given use of Qubes, what does this say about future hardware architecture choices by Purism? AFAICT, Qubes is an Intel/AMD-centric OS, will PureOS still be used on ARM-based tablets/smartphones? Will Qubes have any ARM port?
According to this tweet, Purism got their Librem13 laptop funded. Congratulations!
Looking at the above ‘thread’, it mentions two other items of Purism news.
It sounds like that after Notebooks, they’re going to target Tablets, then Smartphones.
“First privacy respecting Librem notebooks. Next: Tablets. And then: Smartphone.”
Also, it looks like they’ll have some more news on their firmware efforts, specifically related to their efforts fighting the Intel Management Engine (ME):
“we have big news soon on freeing the ME. All firmware updates will be provided”
The already have semi-regular posts on their blog by their firmware developer, with some more news that I’ve not covered. I’m not sure what the second sentence above means. Other OEMs currently provide firmware updates to ME already. Providing full source updates would be impressive, but I doubt they meant that.
Purism gets a bit of criticism from some people because their marketing department claims that their BIOS is “almost free”, but they’re using a modern Intel system, which has many blobs and out-of-band activities. Other documentation from Purism clarifies that the “BIOS is not yet free”. Use of FSP is not a 100% requirement for modern Intel systems, it isn’t clear what the mainstream BIOS vendors are using it or alternate code. One recent BIOS vendor, I forget their name, they’re based in Sweden, released a BIOS solution for the Intel Minnowboard, which was not based on FSP. I presume, but am not sure, that anyone who does a FSP alternative codebase would still need some NDA for some specifications from Intel.
The Purism web site says:
While the BIOS is not yet free, the Librem will be the first laptop ever manufactured to ship a modern Intel CPU fused to run unsigned BIOS code, allowing for a future where free software can replace the proprietary, digitally signed BIOS binaries. This marks one of the largest hurdles to a BIOS that runs 100% free software and firmware. Recognizing the importance of this critical step toward consumer freedom, Dr. Richard M. Stallman, president of the Free Software Foundation (FSF), states:
“Getting rid of the signature checking is an important step. While it doesn’t give us free code for the firmware, it means that users will really have control of the firmware once we get free code for it.” – Dr. Richard M. Stallman
There are also hardware components, like the HD or SSD, that are flashable, and therefore upgradeable, but that currently run firmware that is not yet freed. We are working to get freed versions of this firmware! Being the first manufacturer to care about privacy, security, and freedom, we are pushing this message upstream.
Bluntly, I’m not I understand or agree with RMS’s above statements, unclear of the context. Offhand, it seems to me that RMS isn’t considering security at all, only personal freedoms. I want both, and I don’t see why I need to chose just one. I want code to be checked, but I want to be able to control what is run. I get a little worried about some privacy enthusiasts, they sometimes only focus on technology choices that give them personal freedom, and completely ignore the use case of an attacker, who doesn’t care if the binaries were backed by open source or not.
[I want a box with a kill switch, like Purism has. And two-factor authentication required to boot firmware, locally or remotely. And a Developer Mode, like Google ChromeBook Pixel has, to override BIOS and let me do what I want. I want a metal enclosure that covers all ports (Thunderbolt, etc.) when closed, and I want a quality lock integrated into system, to deter Evil Maid from accessing ports or developer mode firmware override. I expect a good key won’t be viable, TSA checkpoints will want the ability to Evil Maid people and a good lock may slow them down.]
This quote from Joanna of Invisible Things Lab summarizes my trust of Purism exactly:
“I agree there are redflags in the @Puri_sm marketing lang. There are also positives, such as @ioerror being on board.”
Purism has a tough job trying to remove blobs from firmware, make system flexible enough for users to install new boot-time software, yet prevent attackers from attacking system, while removing protections that Intel has been adding to deter attackers. With some AMD systems, they may have less firmware to worry about blobs, but will have entirely new silicon attacks, and unlike Intel, ARM doesn’t provide any firmware vulnerability assessment tools. I’m unclear about AMD64 firmware and their AGESA, which is somewhat similar to Intel’s FSP; unclear about blob-removable potential by Purism. Also, AMD, like ARM systems, doesn’t have CHIPSEC or similar tools. Overly slick marketing aside, they’re the only OEM that’s trying to solve this problem — arguably the 2nd, after Bunnie, perhaps — which is nice to see.
It’ll be interesting to see what ISA they choose for their tablet and smartphone devices!