I wonder if they will also control manufacturing process, ensuring that there is no additional chip implanted on production line.
They should add a physical slider that cuts off power AND covers both the webcam and mic. https://www.crowdsupply.com/purism/librem-laptop That'd be the real edge there, otherwise it'd just be another laptop that just ships with a Linux distro. I really wish there'd be more progress with open source BIOS. The way it is now you're lucky to get a handful of BIOS updates over 3 years, and the last release is always left with unfixed bugs, or even lack of CPU support. Looking at the video the prototype seems easy enough to take apart and work on, and I like that.
https://www.crowdsupply.com/purism/librem-laptop/updates I have to admit, it's really tempting. It's like a dream laptop.
This really sounds great. Just entertaining the notion that this would create a substantial opportunity to "honeypot" privacy activists. Even if the product leaves their production facility perfectly fine, what measures are being used (if any) to make certain there is no adversarial interception in route? I must be a strange one but I think along these lines. This laptop is being created for someone just like me, and consequently an adversarial interception in route must be considered. If I had a wish list item it would be for a slot where I could install something like an Intel 1350 T4 NIC card. Lots of us want to use pfsense and VM's to chain VPN providers. Laptops really suck at their NIC capabilities. This would add 4 ports and with the ethernet already there it would mean 5 individual ports to use on a high end machine with 32 Gig of Ram. Wow, that would be exactly what I would build if I was designing something for myself!!
One thing that was proposed (by a security expert) was to have us release an X-ray of the device, so a user could conduct their own X-ray and compare no changes were made. Would this suffice for your requirement, or do you have another idea?
Most users don't have X-ray equipment. Maybe they could have images made using medical X-ray equipment. But the resolution would be inadequate. One would need nm-scale X-ray holography for that, and a way to compare the holograms. Monolithic focused reference beam X-ray holography http://www.nature.com/ncomms/2014/140107/ncomms4008/full/ncomms4008.html
Agreed, but for those that do care, would an X-ray to verify against actually be useful? (it sounds as if that isn't useful even for those that do care). What alternative should we consider to verify the device arrived as intended?
There's probably other methods that someone could come up with, but personally, I think picking it up in person would be the only way. I mean honestly, I can't name one other manufacture that can guarantee their product hasn't been tampered with after it ships out. At that level you'd have to be checking your smoke detectors for bugs. I mean, it is obviously a concern is this age, but... I think that's why people who are already monitored at the Snowden level just walk into a computer shop and buy whatever is in the shop. That's the only way and chance I see. edit Let's just hope your laptops get popular enough that they end up selling like hotcakes in shops. (I'm half serious, that'd be a reality that if they were made on a larger scale someday, it'd help reduce that risk)
As long as everything isn't backdoored by default, I agree with Veeshush that buying stuff in person with cash from a randomly selected non-local retailer is the best option. And the existence of NSA's program for intercepting stuff in transit does imply that everything isn't backdoored by default. As I understand Purism's plan, they'll be integrating good components and using mostly open-source software. But given their goals, it would be very tempting for the NSA to feed them malicious hardware. They could get around that by getting hardware components as I've described, but that doesn't scale very well. And even if we can trust Purism, and they can get honest hardware, there's no way to protect it during shipping. Their shipments would be an obvious target for the NSA, and the NSA has compromised shipping channels. Could the NSA substitute malicious hardware components that were not distinguishable from honest stuff using medical X-rays? I don't know. Maybe a better plan would be for Purism to sell just mechanical stuff, plus a parts list, using mass-market components. Then users could buy the rest in person with cash from randomly selected non-local retailers, and assemble the laptops themselves.
I could imagine a few things, but as Mirimir stated above the "scale" on some ideas may present an issue. Gov't Interdiction is a bonafide issue to combat. My first thought (without any regard to scale) is to use PGP/GPG and Bitcoins accordingly: A user decides to order a laptop after visiting your https site and "customizing" his machine with options as desired from those available. We are not children here so obviously he needs to be "adult" with connecting anonymously (VPNs, TOR, or combinations of both). 1. He would actually correspond with you in your website (via https) using PGP/gpg wherein you would receive the shipping address (could be any designated drop point) in fully encrypted form along with his public key to conduct any needed communication. You agree on the price as per the current BTC conversion and then a bitcoin transfer to your wallet can be instantly made if desired. So now you have been paid with no payment trail leading to the buyer (unless he is clueless). 2. When you ship you send out from multiple and varying locations and in such a way that INTERDICTION becomes almost impossible because no tracking info comes directly back to you. It can be done, and at the same time you have the needed tracking info if there is ever a legitimate loss in route. Both parties are covered with full tracking and yet it doesn't really come back to you so that interdiction is a realistic possibility. The one thing about this model is that it means a buyer has FULL trust in you, by proceeding with this purchase. Its alot to ask for (and I am not saying this was your idea) but it would allow for an anonymous purchase, a semi-anonymous drop point, and almost certainly no interdiction. You will have to decide if your organization can handle the "scale" with this method. You asked, I answered. Thanks.
Crowdfunding, open source, whatever, establishing trust will ultimately cost the end user. The NSA buys laptops but I'm sure they contract with a specific manufacturer and require inspections of the manufacturing process, and audit the BIOS and all other firmware source code. They may even audit employees to see if they have direct connections to China, Russia, etc. They are willing and able to pay a high premium for such confidence in a vendor. To create trust that an individual user would be willing to live with at a sane price point is the challenge here.
Does anybody know whether the coreboot BIOS even has support for Intel VT-x? Because without it, it's not going to be of much use for the VM setup, even with an i7. Very little information on that unfortunately.