Language Selection

English French German Italian Portuguese Spanish


Syndicate content Purism
High-quality laptops that protect your freedom and privacy
Updated: 16 hours 58 min ago

Librem 14 Enhancements

Wednesday 12th of August 2020 04:29:13 PM

Here is a quick overview of a few of the new features coming to the Librem 14.

The Hardware kill switches have seen a number of enhancements. This is also the first Purism laptop to ship with a BIOS write protection switch and all M.2 key-E interfaces implemented.

The Librem 14 is our most powerful and most secure laptop yet. If you want full control over your computer with cutting-edge, powerful hardware, the Librem 14 is the best (some would say the only) choice. Make it yours here.


The post Librem 14 Enhancements appeared first on Purism.

The Massive Privacy Loopholes in School Laptops

Tuesday 11th of August 2020 07:06:11 PM

It’s back to school time and with so many school districts participating in distance learning, many if not most are relying on computers and technology more than ever before. Wealthier school districts are providing their students with laptops or tablets, but not all schools can afford to provide each student with a computer which means that this summer parents are scrambling to find a device for their child to use for school.

Geoffery Fowler wrote a guide in the Washington Post recently to aid parents in sourcing a computer or tablet for school. Given how rough kids can be with their things, many people are unlikely to give their child an expensive, premium laptop. The guide mostly focuses on incredibly low-cost, almost-disposable computers, so you won’t find a computer in the list that has what I consider a critical feature for privacy in the age of video conferencing: hardware kill switches. Often a guide like this would center on Chromebooks as Google has invested a lot of resources to get low-cost Chromebooks into schools yet I found Mr. Fowler’s guide particularly interesting because of his opinion on Chromebooks in education:

But I’ll be blunt: I don’t love Chromebooks, because Google is increasingly more interested in harvesting our data than in helping us. In February, New Mexico’s attorney general sued Google for child privacy violations. (Tip: Be sure your kid is using his or her school-supplied address to log in to theirs because Google isn’t allowed to track them as much with that account.)

Traditionally tech companies have provided schools with technology both for altruistic reasons, and also so that students learn their technology while they are young in the hopes that brand recognition will continue into adulthood. More recently there has been an even more powerful motivation–harvesting student data for marketing purposes. This is a major revenue source for companies and helps them sell hardware and software at steeper discounts as the product gets subsidized by years of student data.

The Washington Post article links to a few articles that highlight the privacy risks with Google in particular and provides a good tip [emphasis mine]: “Be sure your kid is using his or her school-supplied address to log in to theirs because Google isn’t allowed to track them as much with that account.” The author is referencing privacy laws that attempt to restrict how tech companies can capture and sell student data. Unfortunately there are massive loopholes in these laws and in this article I will highlight a few based on California Education Code 49073.1 because California is at the forefront for privacy legislation in the US and one would expect its legislation to be among the strictest.

Loophole 1: “Pupil Records”

The first loophole has to do with dividing student data into two different categories, each with a different level of restriction. When you read through the privacy legislation, you will see what appear to be strong privacy controls that protect student data:

(1) A statement that pupil records continue to be the property of and under the control of the local educational agency.

(3) A prohibition against the third party using any information in the pupil record for any purpose other than those required or specifically permitted by the contract.

(9) A prohibition against the third party using personally identifiable information in pupil records to engage in targeted advertising.

But upon a closer look you will notice that these protections only apply to a very specific type of student data classified as pupil records. This is defined as:

(i) Any information directly related to a pupil that is maintained by the local educational agency.

(ii) Any information acquired directly from the pupil through the use of instructional software or applications assigned to the pupil by a teacher or other local educational agency employee.

At first glance this seems very comprehensive, at least until you read the next section which defines what information does not qualify as “pupil records” according to the law:

(i) Deidentified information, including aggregated deidentified information, used by the third party to improve educational products, for adaptive learning purposes, and for customizing pupil learning.

(ii) Deidentified information, including aggregated deidentified information, used to demonstrate the effectiveness of the operator’s products in the marketing of those products.

(iii) Deidentified information, including aggregated deidentified information, used for the development and improvement of educational sites, services, or applications.

So the above protections only apply to a small subset of data that explicitly identifies a particular student. What does this mean in practice? That Google can capture all of a student’s web browsing data and all of their activity on the computer and beyond that, they can use this data in targeted advertising and profit from it as long as they “deidentify” it.

There is incredible value in this data even if it isn’t explicitly linked to a student, because it provides demographic data on a demographic (children) that is otherwise difficult (and in some cases illegal) to capture. Many parents would be upset to learn that Hasbro (hypothetically) provided free or heavily-discounted educational products to schools, in exchange for the ability to go on school campuses, put children into focus groups, and conduct market research for new toys under development. Yet schools give tech companies this exact privilege today, in exchange for cheap computers and software.

Loophole 2: Restrictions Limited to School Services

When a school enters a contract with a tech company, the restrictions in the privacy law only apply to the services that company is directly providing the school. As an example, if a school signs a contract with Google to use Chromebooks and Google G Suite for Education, the data privacy restrictions would apply to that suite of cloud tools including docs, email and the other parts of G Suite. The restrictions would not apply to the other properties that Google owns, such as Youtube. So if a student uses their school-provided Chromebook to visit Youtube, whether for a class assignment or outside of school hours, Google is free to capture and use that data without restriction.

Loophole 3: Account Transfers

So it’s clear that tech companies are allowed to capture and use student data in advertising as long as it’s deidentified, but what about pupil records? It turns out there is also a large loophole for it as well, that’s triggered when a student is no longer in school. It starts with the reasonable requirement that a student be able to keep their school projects when they are no longer in school:

(2) Notwithstanding paragraph (1), a description of the means by which pupils may retain possession and control of their own pupil-generated content, if applicable, including options by which a pupil may transfer pupil-generated content to a personal account.

There is even a requirement that tech companies get rid of pupil records when they are no longer in school:

(7) (A) A certification that a pupil’s records shall not be retained or available to the third party upon completion of the terms of the contract and a description of how that certification will be enforced.

Immediately after that paragraph is the loophole:

(B) The requirements provided in subparagraph (A) shall not apply to pupil-generated content if the pupil chooses to establish or maintain an account with the third party for the purpose of storing that content pursuant to paragraph (2).

Remember the tip from the Washington Post article: “Be sure your kid is using his or her school-supplied address to log in to theirs because Google isn’t allowed to track them as much with that account.” If a student graduates and wants to keep essays, pictures, or other school work they can transfer it from their school Google account to a personal Google account. The moment they do that, all protections are gone and Google can use that data how they please. Equally important, those two accounts would then be linked, and there is nothing in the law to prevent Google from migrating years of “deidentified” data including web browsing history and other data to the personal account and “reidentifying” it.

Protecting Student Privacy

Schools are at a disadvantage this summer in having the kind of leverage they would need to push for more privacy protections for students given the short timelines and requirements they have in many cases to provide all students with the ability to participate in distance learning. Yet if they have a choice in their vendors, picking one that doesn’t have a financial interest in capturing student data would be a great start.

Beyond that, most remedies will have to come in the form of legislation. The above loopholes could be closed by putting tight restrictions on what companies could do with “deidentified” data including explicitly prohibiting them from using this data for targeted advertising. Incentives matter and so if you want companies to stop collecting this data you must remove the financial incentive. There should also be an explicit requirement that the company delete all data it has collected on the student once they cancel their school account except for any specific documents the student wants to transfer.

If you are a parent who cares about privacy and is concerned with the amount of personal data school-provided computers are capturing, you can also invest in Purism products and have peace of mind that your child’s data is protected while they access school services over the web, and that they aren’t being watched through their webcams when the school day is done.


The post The Massive Privacy Loopholes in School Laptops appeared first on Purism.

How Librem 5 Solves NSA’s Warning About Cellphone Location Data

Tuesday 4th of August 2020 10:18:15 PM

The NSA has published new warnings for military and intelligence personnel about the threats from location data that is captured constantly on modern cellphones (originally reported by the Wall Street Journal). While privacy advocates (including us at Purism) have long warned about these risks, having the NSA publish an official document on the subject helps demonstrate that cellphone tracking is a real privacy and security problem for everyone.

We have been thinking about the danger of location data on cellphones for a long time at Purism and have designed the Librem 5 from scratch specifically to address this risk. The NSA document describes and confirms a number of the threats I wrote about almost a year and a half ago when I introduced our “lockdown mode” feature on the Librem 5–a feature that disables all sensors on the Librem 5. In this post I’ll describe the threats the NSA presents in their document and how we address them with the Librem 5.

Cellular Location Data

The first threat the NSA highlights is with cellular location data:

Using a mobile device–even powering it on–exposes location data. Mobile devices inherently trust cellular networks and providers, and the cellular provider receives real-time location information for a mobile device every time it connects to the network … If an adversary can influence or control the provider in some way, this location data may be compromised. Public news articles have reported that providers have been known to sell data, including near-real time location data, to third-parties [1].

In my lockdown mode post I describe how we designed the Librem 5 with a removable cellular modem and a hardware kill switch to mitigate this threat:

Putting a kill switch in the Librem 5 meant a design unlike many of the existing phones out there that combine the CPU and cellular modem into a single chip. We intentionally split out the baseband onto a replaceable M.2 card. This not only lets you physically remove the baseband altogether, but lets you power it off with a kill switch. If you want to know for sure that your cellphone isn’t tracking you, you can flip the switch and know for certain that it’s off.

Dogwood with the new cover removed, showing the slots for the Wifi card, cellular modem, and battery. Stingrays

The NSA goes on to describe the risk from cell site simulators (aka “Stingrays”):

Location data from a mobile device can be obtained even without provider cooperation. These devices transmit identifying information when connecting to cellular networks. Commercially available rogue base stations allow anyone in the local area to inexpensively and easily obtain real-time location data and track targets. This equipment is difficult to distinguish from legitimate equipment, and devices will automatically try to connect to it, if it is the strongest signal present.

As I mention in my Taking the Sting out of Stingray post:

With the Librem 5 hardware kill switches, you have a convenient way to shut down the cellular modem completely and quickly, yet retain the ability to use the rest of the phone as normal.

GPS, WiFi and Bluetooth Tracking

The cellular modem isn’t the only device in a phone that presents a risk in terms of tracking. An important fact the NSA highlights in their document is the difference between location services on a phone and the GPS hardware and the fact that WiFi and Bluetooth devices still present a threat even if GPS and cellular data are disabled:

Perhaps the most important thing to remember is that disabling location services on a mobile device does not turn off GPS, and does not significantly reduce the risk of location exposure…

Also important to remember is that GPS is not the same as location services. Even if GPS and cellular data are unavailable, a mobile device calculates location using Wi-Fi and/or BT…

Even if cellular service is turned off on a mobile device, Wi-Fi and BT can be used to determine a user’s location. Inconspicuous equipment (e.g., wireless sniffers) can determine signal strength and calculate location, even when the user is not actively using the wireless services.

Or put a different way in my lockdown mode post, this is why the Librem 5 has a hardware kill switch to disable WiFi and Bluetooth:

Like with the camera and microphone, the WiFi and Bluetooth kill switch has even greater significance on a phone than on a laptop. Disabling WiFi and Bluetooth can protect you from external over-the-air attacks if you are in a high-risk area (or a vulnerability comes out for your WiFi or Bluetooth card). Protecting against remote attacks isn’t the only benefit of this kill switch though, disabling WiFi in particular can also protect you from tracking.

Since your phone is in your pocket, your WiFi hardware detects compatible networks nearby as you move around. Even if you don’t associate with the networks around you, the mere fact that your hardware can see them allows the phone (and apps on it) to know you are near those devices. As you move, your distance to those devices changes, which changes the strength of the signal and helps triangulate where you are for any company like Google that has a database of WiFi access points, along with their location. By removing power from your WiFi hardware, you can ensure that any applications that might try to track your location with WiFi are blocked.

Tracking with Sensors

The NSA went on to describe the risk that all of the sensors have in a cellphone with respect to tracking:

Even if all wireless radios are disabled, numerous sensors on the device provide sufficient data to calculate location. Disabling BT completely may not be possible on some devices, even when a setting to disable BT exists. When communication is restored, saved information may be transmitted.

In my lockdown mode article I elaborate on some of the specific ways sensors can be used to track you, and how lockdown mode makes it convenient to turn your Librem 5 into a usable portable computer without any sensors:

To trigger Lockdown Mode, just switch all three kill switches off. When in Lockdown Mode, in addition to powering off the cameras, microphone, WiFi, Bluetooth and cellular baseband we also cut power to GNSS, IMU, and ambient light and proximity sensors. Lockdown Mode leaves you with a perfectly usable portable computer, just with all tracking sensors and other hardware disabled. If you switch any of the hardware kill switches back on, the hardware that corresponds to that switch powers on along with GNSS, IMU, and ambient light and proximity sensors.

Software Settings Aren’t Enough

While the NSA describes a number of software mitigations as part of their guidance, they also make it perfectly clear why relying on software to protect you from tracking is flawed:

If a mobile device has been compromised, the user may no longer be able to trust the setting indicators. Detecting compromised mobile devices can be difficult or impossible; such devices may store or transmit location data even when location settings or all wireless capabilities have been disabled.

This is precisely why even though the Librem 5 lets you disable hardware with software settings, we also provide you with full control over all security- and privacy-sensitive hardware with hardware kill switches.

Privacy Problems in the App Ecosystem

The NSA even outlines the fundamental privacy and security problems with the data-grabbing app ecosystem:

Apps, even when installed using the approved app store, may collect, aggregate, and transmit information that exposes a user’s location. Many apps request permission for location and other resources that are not needed for the function of the app.

As I describe in Mobile App Stores and the Power of Incentives, we are addressing this problem with the Librem 5 too:

A large part of our work at Purism is focused on creating a healthy, ethical, privacy-preserving alternative to the current mobile app ecosystem. This is one of many reasons why the Librem 5 doesn’t run Android nor iOS but instead runs PureOS–the same secure, privacy-preserving, Free Software Foundation-endorsed operating system that we use on our Librem Laptops and Librem Mini.

While users are free to install any third-party applications they want, applications in our PureOS Store must be free software and protect user privacy. As Purism’s founder and CEO Todd Weaver says: “Every line of code is a moral decision.” Making privacy and free software a default changes the incentives to encourage ethical behavior by developers. It’s much harder to hide tracking features in your application if anyone can inspect the code and create a version that removes those features.


The NSA document ends with a list of mitigations targeted at Android and iOS that revolve around tweaking location settings and app permissions in software and disabling devices in software when they aren’t being used. As the NSA acknowledges, this is imperfect because if the software is compromised, you can’t necessarily trust that those mitigations are taking effect. This is why we think the best mitigation to protect yourself from tracking is with all of the security features of the Librem 5–a phone designed from scratch to protect your privacy, security and freedom.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

The post How Librem 5 Solves NSA’s Warning About Cellphone Location Data appeared first on Purism.

Librem 5 Web Apps

Tuesday 4th of August 2020 10:01:46 PM

Applications have proven to be a major obstacle to bringing a new smartphone platform to market. Our approach leverages our core apps, thousands of native desktop apps, and web apps. In the future, we will also be adding virtualized apps, and cloud emulated apps, all of which will help secure and isolate applications that you may need while keeping them far away from the main device.

To add a web app, simply navigate to a web page, select the top-right menu in the browser, then “Install Site as Web Application”. This will create an Icon and a container to isolate passwords and settings.

We at Purism uphold your software freedoms, and as such, we won’t condone data mining applications in our store, but we certainly won’t make it hard for you to choose how you want to use your own hardware. Many proprietary services maintain web applications, these often work out of the box on the Librem 5’s browser and can be isolated and made convenient as a web app.

We have native apps and web apps. As we move toward virtualized and emulated applications, we hope to ease the transition to a freedom-respecting tomorrow.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

.column-6:after { content: ""; min-height: 225px; /* padding-bottom: 30%; */ display: block; } .column-6 img { bottom: -0px; } @media only screen and (min-width: 600px) { .column-6:after { display: none; } .column-6 img { bottom: 0px; } }

The post Librem 5 Web Apps appeared first on Purism.

Librem 5 June 2020 Software Development Update

Monday 3rd of August 2020 03:36:35 PM

This is another incarnation of the software development progress for the Librem 5. This time for June 2020 (weeks 23-26). Some items are covered in more detail in separate blog posts at The idea of this summary is to have a closer look at the coding and design side of things. It also shows how much we’re standing on the shoulders of giants reusing existing software and how contributions are flowing back and forth between upstream and downstream projects. This quickly gets interesting since we’re upstream for some projects (e.g. calls, phosh, chatty) and downstream for others (e.g Debian, Linux kernel, GNOME). So these reports are usually rather link heavy pointing to individual merge requests on or to the upstream side (like e.g. GNOME’s gitlab).

Adaptive Apps

This section features improvements on adaptive apps, GTK, and underlying GTK based widget libraries like libhandy:

Short and instant messaging

Chats (aka Chatty) handles SMS via ModemManager and instant messaging via XMPP. It has experimental support for various other formats via libpurple. Sadiq’s cleanups and bug fixes continued during June:

purple-mm-sms plugin

Purple-mm-sms is the libpuruple plugin to handle SMS via ModemManager:

Phone Calls

Calls (the app handling phone calls) has seen a UI improvement to anonymous callers.

Compositor and Shell

This section highlights progress in Librem 5’s GTK based graphical shell named Phosh and its wlroots based compositor Phoc:

Phosh Phoc wlroots GTK Librem5 Base

The librem5-base package contains configuration data and meta packages that pull in the needed software:


The image-builder is responsible for creating bootable disk images:


gnome-usage shows CPU and disk usage:


Feedbackd is responsible for haptic, audio (and later) LED based feedback:

Linux Kernel

The process of upstreaming our Linux kernel work progress is covered in a separate report. The current one is for Linux 5.7 so this is mostly about downstream improvements:


These were the releases during may for projects we’re upstream:


If you made it down here and want to start contributing join us on matrix. We welcome you to join a discussion or submit patches on If you want to grab an issue and can’t think of a particular problem, check the easy and helpwanted tags in our GitLab instance. See you next month.

The post Librem 5 June 2020 Software Development Update appeared first on Purism.

Librem 14 Features Enhanced WiFi M.2 Key-E Slot

Friday 31st of July 2020 08:30:47 AM

In the quest to make the Librem 14 our dream laptop we have focused not just on maxing out CPU resources, RAM, and security features, but we’ve also looked to expand the flexibility for hardware hackers to extend the laptop for their own projects.

As with our previous Librem laptops, on the Librem 14 WiFi and Bluetooth will be implemented as an M.2 add-on card which can also be removed completely (useful for those who want an “air gapped” computer). The M.2 slot follows the PCI M.2 specification for 2230 cards (22mm wide, 30mm long) key-E, i.e. the key used for WiFi, Bluetooth and other radio cards.

While the PCI M.2 key-E specification supports many different interfaces, in practice many are not actually connected. Most commonly in PCs and laptops only PCIe (x1) and USB are connected, everything else stays unconnected.

In the Librem 14 we want to provide our customers with as much flexibility as we can and have decided to implement as many interfaces as possible, so in the Librem 14 the M.2 2230 key-E slot for WiFi/Bluetooth will support:

  • PCIe x1
  • USB2.0
  • SDIO
  • UART

This can enable a broad new range of use cases and interfaces, like for instance ZigBee and Thread. Also, it opens up the possibility for all kinds of self-made M.2 cards using one of these interfaces. Other radio applications remain of course limited to the frequency bands supported by the built-in antennas: 2.4GHz and 5GHz.

We are pretty excited to see which creative use cases people will come up with!

Our Most Flexible Librem Laptop Yet

The Librem 14 is our most powerful, most flexible and most secure laptop yet. If you want free software, flexible interfaces, and cutting-edge, powerful hardware, the Librem 14 is the best (some would say the only) choice. Be sure to pre-order the Librem 14 before our $300 off early bird discount expires on August 7th!

The post Librem 14 Features Enhanced WiFi M.2 Key-E Slot appeared first on Purism.

Why the GRUB2 Secure Boot Flaw Doesn’t Affect Purism Computers

Thursday 30th of July 2020 06:03:11 PM

Whenever a new security issue gets announced one of the first questions we all ask ourselves is: am I vulnerable? We have started to get questions from our customers after the announcement of a series of major security bugs in GRUB2 so I felt that it was appropriate to write up a quick post to explain why, even though we use GRUB2 in PureOS, that Purism hardware is unaffected by the vulnerability. In summary, it’s because we rely on our own PureBoot boot firmware, not UEFI Secure Boot, to secure the boot process.

GRUB2 and UEFI Secure Boot

To understand why this flaw does not affect Purism computers, it helps to understand why UEFI Secure Boot exists to begin with, and how it and the security exploit works. Attacks on the boot process are particularly nasty as they occur before the system’s kernel gets loaded. Attackers who have this ability can then compromise the kernel before it runs, allowing their attack to persist through reboots while also hiding from detection. UEFI Secure Boot is a technology that aims to protect against these kinds of attacks by signing boot loaders like GRUB2 with private keys controlled ultimately by Microsoft. UEFI Firmware on the computer contains the public certificate counterparts for those private keys. At boot time UEFI Secure Boot checks the signatures of the current GRUB2 executable and if they don’t match, it won’t allow the executable to run.

If you’d like to understand the GRUB2 vulnerability in more detail, security journalist Dan Goodin has a great write-up at Ars Technica. In summary, an attacker can trigger a buffer overflow in GRUB2 as it parses the grub.cfg configuration file (this file contains settings for the GRUB2 menu including which kernels to load and what kernel options to use). This buffer overflow allows the attacker to modify GRUB2 code in memory and execute malicious code of their choice, bypassing the protection UEFI Secure Boot normally would have to prevent such an attack.

Unfortunately, UEFI Secure Boot doesn’t extend its signature checks into configuration files like grub.cfg. This means you can change grub.cfg without triggering Secure Boot and the attack exploited that limitation to modify grub.cfg in a way that would then exploit the running GRUB2 binary after it had passed the signature check.

Further complicating the response to this vulnerability is the fact that it’s not enough to patch GRUB2. Because the vulnerable GRUB2 binaries have already been signed by Microsoft’s certificate, an attacker could simply replace a patched GRUB2 with the previous, vulnerable version. Patching against this vulnerability means updating your UEFI firmware (typically using reflashing tools and firmware provided by your vendor) so that it can add the vulnerable GRUB2 binary signatures to its overall list of revoked signatures.

How Purism Computers Avoid This Vulnerability

Purism computers aren’t affected by this GRUB2 vulnerability in two main ways. First, we don’t use UEFI Secure Boot on our Librem laptops, Librem Mini, Librem Server or any other products. We do this for philosophical reasons as I explain in my post introducing PureBoot:

Unfortunately, most of the existing approaches to protect the boot process also conveniently (conveniently for the vendor, of course) remove your control over your own system. How? By using software signing keys that only let you run the boot software that the vendor approves on your hardware. Your only practical choices, under these systems, are either to run OSes that get approval from the vendor, or to disable boot security altogether. In Purism, we believe that you deserve security without sacrificing control or convenience: today we are happy to announce PureBoot, our collection of software and security measures designed for you to protect the boot process, while still holding all the keys.

So whether your Librem computer uses our default coreboot firmware or PureBoot, UEFI Secure Boot is not enabled or used.

PureBoot Can Also Detect This Vulnerability

Second, because of how PureBoot works, even if an attacker were to attempt this vulnerability on one of our systems, PureBoot would detect it. This is because in addition to detecting tampering in the boot firmware itself, PureBoot uses your own keys to look for changes in every file in the /boot directory. This includes not only your GRUB2 executables, but extends into every kernel you have installed, their corresponding initrd files and even includes your grub.cfg file. So if an attacker modifies your grub.cfg file, PureBoot will detect the attack the next time you boot.


Boot security is challenging but it’s also fundamental to the security of your whole system. Trust starts with the first code your CPU executes and until you can trust your boot firmware (UEFI, coreboot, or PureBoot) and your boot code (GRUB2) you can’t trust the integrity of the rest of the system. This is why we have invested so much effort into a solution like PureBoot so you can have a secure boot process where you hold the keys, and that doesn’t rely on Microsoft, Purism, or any other vendor for your security.

The post Why the GRUB2 Secure Boot Flaw Doesn’t Affect Purism Computers appeared first on Purism.

Librem 14 Thoughts From a CG Artist

Wednesday 29th of July 2020 04:35:34 PM

In this post, I wish to explain why I am so excited about the upcoming Librem 14, and why I am proud to have been involved in its conception. This is only a subjective point of view related to what I personally like in computers and so, I will start with telling about where my interest for computers comes from.

Getting into computer graphics

It all started in 1984 when my dad came back home with an Apple Macintosh. I was only 5 years old and I was amazed by the graphical capabilities of the machine along with the fact that I could actually use it! A few years later, I started to build a great interest for graphics arts. I loved drawing and inventing imaginary worlds where I could escape away from reality.

I quickly made a link between visual creation and computing. I was seeing more and more Computer Graphics around me in the late 80s and during the 90s. The technology grew so quickly that it fascinated me. I dreamed about doing my own CG illustrations, my own 3D cartoons or my own movies.

Experimenting digital animations in 1993, as a teenager, with VideoWorks on my dad’s Macintosh SE/30.

Choosing my tools

Therefore, I kept being attracted by Apple products because they made computers with a beautiful, clean design that combined a great integration between hardware and software. They also managed to go even further with the user experience by having a very nice integration with 3rd party creative software from Adobe (and Macromedia at the time) that made the Mac the perfect platform for visual creativity. What more would I ever want ?

It is only after working as a professional in visual creation, that I understood that this perfect platform wasn’t that perfect after all. After being forced to upgrade my OS in order to keep running my expensive Adobe CC subscription, my slightly aging, but still powerful Mac Pro decided I would not get the nice experience anymore. It became extremely slow and I had to tweak the system heavily for it to become usable again. I knew that was a temporary solution until the next upgrade, or worse, until the next OS version refused to run because my hardware is not supported anymore, and I am forced to change my perfectly working hardware because some companies decided so.

This event made me understand that I never owned that hardware and how important it is to be in control of my own tools. That was in 2015.

Moving to ethical solutions

I discovered that Purism came up with an answer to the issue of hardware control and I had the chance to be involved in the promotion of the Librem 13 laptop that same year. I love the Librem 13, which is my current daily driver and it keeps reminding me that it is possible to do professional creative work with hardware that I have full control over.

A test animation I made in 2017 with Krita on my Librem 13.

Toward a dream laptop

After a few years working to improve its laptop line in term of security, privacy, convenience, and ethics, Purism is coming up with the Librem 14 and I see in this laptop almost everything that I would expect in a laptop:

  • It lets me be in control of the hardware. It has the same privacy and security features as the Librem 13 with better convenience with the hardware kill switches.
  • It lets me be in control of the software. It can run any FSF certified distribution out of the box and ships with PureOS by default, which integrates well with the hardware and makes it so easy to install and use. I love PureOS. It has the stability of Debian and the simplicity and beauty brought by the GNOME desktop. It is also slowly moving toward an amazing convergent experience with the great work from the Librem 5 team in that direction.
  • It has the clean aesthetics that I like with Apple products and even goes further with featuring the same ethical branding approach as the rest of the Librem line, which I described in a previous post.Look at this beauty! A picture says more than a 1000 words.
  • Most of all, the Librem 14 is taking a huge leap from the Librem 13 in terms of performance and that is very important when it comes to video editing and 3D rendering. It now features a latest generation high end Intel CPU, with 6 cores (12 threads!), which makes it 3 times faster than the fastest Librem 13. It can also run two M.2. drives and go up to 64GB of RAM. In terms of graphics, it is capable of driving two 4K monitors, which will seriously make my day when editing videos!

I think that the Librem 14 represents the Librem laptop coming to maturity. As a professional CG artist, I am looking for a computer that is able to run resource intensive software at good speed. As a person wishing for a respectful society, I am looking for a computer that remains humble in its branding, as well as respecting the people’s fundamental rights to privacy, security and control over a machine. I am also attached to the visual aspect and visual harmony of things and I think that the Librem 14 has all of that.

I am so excited, I can’t wait for it to arrive!

Our Most Secure Librem Laptop Yet

The Librem 14 is our most powerful and most secure laptop yet. If you want full control over your software with cutting-edge, powerful hardware, the Librem 14 is the best (some would say the only) choice. Be sure to pre-order the Librem 14 before our $300 off early bird discount expires on August 7th!

The post Librem 14 Thoughts From a CG Artist appeared first on Purism.

Librem 14 Adds Microphone Kill Switch Enhancements

Tuesday 28th of July 2020 06:12:10 PM

Last week we announced that the Librem 14 would feature a special “kill switch” of sorts on the motherboard that would write-protect the BIOS and EC chips. We’re pleased to announce another enhancement that will be in the Librem 14: the microphone kill switch will also kill microphones connected through the headphone jack.

Our camera/microphone hardware kill switch has long been a unique feature on our laptops. While covering your webcams with tape is better than nothing (even if Apple has no tolerance for webcam covers), that only solves half of your privacy issues. Even if a snoop can’t watch you through a webcam cover, they could still listen to you so we’ve made sure our camera/microphone kill switch disables the webcam at the top of the laptop screen and the embedded microphone.

With the Librem 14 we have enhanced this kill switch so that it also disables the microphone in the headphone jack while leaving audio out unaffected. That way if you happen to leave a headset plugged in–which is common in the age of quarantined video chats–you can use the hardware kill switch to disable all microphones, even ones connected through the headphone jack.

Our Most Secure Librem Laptop Yet

The Librem 14 is our most powerful and most secure laptop yet. If you want full control over your microphone and camera with cutting-edge, powerful hardware, the Librem 14 is the best (some would say the only) choice. Be sure to pre-order the Librem 14 before our $300 off early bird discount expires on August 7th!

The post Librem 14 Adds Microphone Kill Switch Enhancements appeared first on Purism.

Dogwood Thermals and Battery Life

Monday 27th of July 2020 08:31:46 PM

This is a quick overview of the improved thermals and battery life in the Dogwood batch.

Flipping the CPU to the other side of the PCB means that under heavy load, Dogwood’s screen heats up a bit more, while Chestnut heats the back cover. The way Dogwood manages heat is much more efficient, resulting in the hottest spot being 4 degrees Celsius cooler than in Chestnut.

The CPU also benefits from its new placement on the PCB.

Chestnut vs Dogwood

Dogwood comes with a 75% bigger battery than Chestnut. Taking into account for a slightly higher power draw in dogwood, this comes out to around 60% more runtime.

Uses case runtimes

How long a full charge lasts depends on what the Librem 5 is doing.

We are actively working on improving in use runtimes. In the future, we are also planning to support suspend to RAM. Since software won’t be running continually while suspended, standby time will increase drastically.


Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

.column-6:after { content: ""; min-height: 225px; /* padding-bottom: 30%; */ display: block; } .column-6 img { bottom: -0px; } @media only screen and (min-width: 600px) { .column-6:after { display: none; } .column-6 img { bottom: 0px; } }

The post Dogwood Thermals and Battery Life appeared first on Purism.

Librem 14 Features BIOS and EC Write Protection

Friday 24th of July 2020 06:32:27 PM

As we have said a few times already, we set out to build our dream laptop with the Librem 14. We approached our flagship Librem 13 laptop with a wishlist of features to fit into the reimagined Librem 14. As we have been able to confirm certain features with a strong degree of confidence (like having 2 SO-DIMM slots to double the max RAM to 64Gb) we have updated our specs and made new posts and today I’m excited to announce another item from our wishlist that we will be able to fit into the first generation Librem 14: BIOS and EC flash chip write protection with a hardware switch!

Purism’s History with BIOS Security

We have been focused on BIOS security at Purism since the beginning, starting with our initiative to replace the proprietary BIOS on our first generation laptops with the open source coreboot project. This was a great first step as it not only meant customers could avoid proprietary code in line with Purism’s social purpose, it also meant the BIOS on Purism laptops could be audited for security bugs and possible backdoors to help avoid problems like the privilege escalation bug in Lenovo’s AMI firmware.

Our next goal in BIOS security was to eliminate, replace or otherwise bypass the proprietary Intel Management Engine (ME) in our firmware. We have made massive progress on this front and our Librem laptops, Librem Mini, and Librem Server all ship with an ME that’s been disabled and neutralized.

After that we shifted focus to protecting the BIOS against tampering. We started by adding TPM chips to our laptops and began work on integrating the Heads tamper-evident firmware project into our overall boot security package we call PureBoot. Now customers can choose between our default coreboot BIOS or our “PureBoot Bundle” when they place an order. The PureBoot Bundle also enabled us to enhance our anti-interdiction services and change it from a secret menu option to a drop-down choice both for customers facing stronger threats and those who just want more peace of mind.

Write Protection Adds Even Stronger BIOS Security

On the Librem 14 we will further improve BIOS (technically AP) and EC firmware security with the addition of a write-protect dip switch on the motherboard. For regular coreboot users this means you can flip the switch and know that your BIOS is safe from remote tampering without installing PureBoot. You would also get additional protection from in-person attackers who would now need to remove the bottom of the laptop to modify the firmware.

For PureBoot users this provides even more security on top of the tamper-detection you already have in place. With write protection on, you can rest assured that PureBoot will only change when you open the case and flip the switch and if PureBoot does report BIOS tampering when you have enabled write protection, you know to physically inspect your motherboard for tampering.

Enhanced Anti-Interdiction A close-up of the unique pattern of blue glitter nail polish on the center screw.

In combination with anti-interdiction tamper-detection measures like painting screws with glitter nail polish, write-protect switches dramatically increase the difficulty for even a sophisticated attacker to modify your BIOS undetected during shipping. This protection extends to whenever the laptop is out of your possession provided you inspect the case screws.

Our Most Secure Librem Laptop Yet

The Librem 14 is our most powerful and most secure laptop yet. If you want full control over your own BIOS security with cutting-edge, powerful hardware, the Librem 14 is the best (some would say the only) choice. Be sure to pre-order the Librem 14 before our $300 off early bird discount expires on August 7th!

The post Librem 14 Features BIOS and EC Write Protection appeared first on Purism.

Apple Has No Tolerance For Webcam Covers

Tuesday 21st of July 2020 05:30:31 PM

We sell laptops and phones with hardware kill switches at Purism, so we clearly have strong opinions about webcam security. It shouldn’t come as a surprise that we raised an eyebrow when Apple posted an update to their support page titled “Don’t close your MacBook, MacBook Air, or MacBook Pro with a cover over the camera” where they advise against using a webcam cover on MacBooks because:

If you close your Mac notebook with a camera cover installed, you might damage your display because the clearance between the display and keyboard is designed to very tight tolerances. Covering the built-in camera might also interfere with the ambient light sensor and prevent features like automatic brightness and True Tone from working. As an alternative to a camera cover, use the camera indicator light to determine if your camera is active, and decide which apps can use your camera in System Preferences.

This support page addition was picked up in the media and as some media outlets have reported, apparently enough customers have damaged their screen by closing it with a webcam cover that the issue justified this public guidance.

On one hand it’s encouraging to see that enough people are concerned about their privacy, and webcam covers are so ubiquitous, that it’s an issue worthy of its own support page. What’s discouraging is Apple’s security advice on the issue, which is to rely on MacOS webcam software permissions to restrict what apps can access the webcam and combine that with a hard-wired green LED that should always turn on when the webcam is in use. While this advice is consistent with Apple’s overall “just trust us” approach to security, it completely misses the point of why people used webcam covers to begin with: to claw back the tiniest bit of control over their privacy from hardware and software companies.

It’s this issue of control that I want to discuss in this post. Apple and Purism take completely different approaches to security. Apple’s approach is to require customers to hand over all trust and control to Apple and depend upon Apple for all of their security. Purism’s approach is to give customers control over their own computers and provide security without depending upon Purism. Webcam security is a great lens through which to view these completely opposite approaches.

Why Webcam Security Matters

Before I discuss different webcam security measures, it’s worth talking about why webcam security is such a big deal to begin with and why so many people ranging from privacy advocates to executives of billion-dollar companies started covering their webcams. The simple answer is the prevalence of Remote Access Trojan (RAT) software that grants an attacker access to a computer over the Internet including control of its webcam and microphone. Many people leave their laptops open at a desk, table or nightstand which means their camera is aimed into their room. Someone who could install a RAT on your computer might then be able to grab compromising pictures or video of you in addition to any files they might be able to steal. This software spawned an entire creepy underground community of “ratters” where people share nude pictures of victims and tips on how best to use RATs for extortion. Webcam security has even been dramatized into a disturbing Hollywood thriller.

What has been especially troubling with RATs is the fact that attackers are able to watch and record people through their webcams without their knowing. For the longest time people assumed that their webcam was only on if the LED was on. Unfortunately webcam LEDs are controlled by software so the RATs simply modified the software to leave the LED off.

Since the computer, its software, and the webcam LED couldn’t be trusted, many privacy advocates resorted to covering their webcams with everything from tape to bandages to Post-it notes. At first people who did this were dismissed as paranoid but eventually this has become a common enough practice that webcam covers have even become popular swag at conferences. While webcam covers don’t protect against someone snooping on you with your microphone, if you don’t have a Purism computer with a hardware kill switch it’s the next best way for a person to take control over their own privacy without having to rely on their laptop vendor.

Apple: Just Trust Us

Apple has responded to webcam security concerns by putting it more firmly in their control. First on the software side they have set up webcam permissions similar to what you’d see on a phone. Applications must request permission before the OS allows them to use the webcam. For this approach to work, you must fully trust Apple and the security of the software behind these controls. If an attacker can bypass this software like RATs have done in the past, or if they could convince a user to grant permissions to an app, the attacker could still spy on you through your webcam. Alternatively, an attacker can compromise an application that already has access to the camera, like happened last year with a major Zoom security flaw on Macs.

Apple’s second approach is on the hardware side. On past laptops they had the same software-controlled webcam LED as other vendors. On recent laptops they have hardwired the webcam LED so that it turns on whenever the webcam receives power. To protect your privacy with this kind of security measure you must check the webcam whenever you walk past your computer and make sure the green LED isn’t on. Beyond that you are left hoping that the LED won’t turn on when you aren’t there to see it. If the LED does turn on, you might know that some program is using the webcam, but other than shutting the laptop lid, you don’t have much control–after all you might damage the laptop if you cover up the webcam!

The fundamental flaw with Apple’s approach is that it takes all control over security and privacy away from you. To be secure you must fully trust Apple and their security measures and if anything ever happens to violate that trust, such as a security exploit, there isn’t much you can do about it.

Purism: You Are In Control

We approach security from a completely different standpoint than most security companies. If you were to ask most security engineers to design a security measure, they would inevitably come up with a system that requires you to delegate all trust and control to them. This would also conveniently make you dependent on their company and product for your security.

I have written in the past about how with Purism products, you are in control. When we design a security measure we start from a standpoint of giving you the maximum amount of control over your own computer without having to hand over trust to Purism. When we looked into how to solve the problem of webcam security, we opted for a simple but powerful approach in the form of hardware kill switches. With hardware kill switches, you can completely remove power from the webcam and microphone just by flipping a switch. This puts you in complete control over your own privacy as you can leave the webcam and microphone off most of the time and only turn it on when you actually need to use the hardware. Since it’s a convenient switch, you aren’t left fumbling through software settings buried inside of a program.

Webcam Privacy On Your Phone

When we designed our Librem 5 phone from scratch, we made sure to add and expand our hardware kill switches to that hardware. With the Librem 5 you can control your cameras and microphone, WiFi and Bluetooth, and even the cellular modem with kill switches. You can also flip all of the switches and enable “lockdown mode” to disable all sensors on the device.

Kill Switch Improvements on the Librem 14

With the Librem 14 we went back to the drawing board to design our dream laptop and in addition to many other improvements we revisited how we implement hardware kill switches. For starters we moved the kill switches from the side of the laptop back above the keyboard and added an LED. This not only solves the problem of switches getting flipped accidentally when you put the laptop into a backpack or sleeve, it also allows you to audit the state of the switches quickly without craning your neck to the side of the laptop. I’ve found myself forgetting I left the webcam on after a video call so I’m looking forward to the new-and-improved kill switch location.

Switch How You Protect Your Privacy

In the end, your privacy and your computer should belong to you, not the vendor that sold it. If you want real privacy, it’s not enough to entrust it to someone else, especially when that requires you to trust software that no one can audit. As last year’s Zoom flaw shows, even if you do trust your laptop vendor, you could still lose your privacy from a bug in third-party software. Instead of giving up control in exchange for privacy, switch to products that respect your privacy and your control.

The post Apple Has No Tolerance For Webcam Covers appeared first on Purism.

Dogwood What to Expect

Friday 17th of July 2020 07:11:25 PM

In this blog, we will describe what will be included in the dogwood batch. We will go over what’s in the box, and what software works from the moment you power on this version of the Librem 5.

Aside from the Librem 5 itself, you should also receive the quick start guide, charger and wall adapters, USB-C cable, headphones, and sim card extractor.

We have also included a number of software improvements that will be shipping with Dogwood. New splash screens and app thumbnails are just the start. Take a look at this video for a breakdown of what’s new in Dogwood. Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

.column-6:after { content: ""; min-height: 225px; /* padding-bottom: 30%; */ display: block; } .column-6 img { bottom: -0px; } @media only screen and (min-width: 600px) { .column-6:after { display: none; } .column-6 img { bottom: 0px; } }

The post Dogwood What to Expect appeared first on Purism.

Investing in Real Convergence

Wednesday 15th of July 2020 07:58:47 PM

Like “privacy” and “security” the word “convergence” has become a popular term these days. When words like these become popular, companies tend to redefine them to match whatever they happen to sell. For instance when Google says they protect your privacy they mean “from everyone but us.” When Apple says they are secure, they mean “as long as you give us full trust and total control.”

When most people think of the promise of convergence they think of what I’ll refer to as “real convergence”–the idea of a single, portable computer that has your data and applications and that can be a desktop computer, a laptop or a pocket computer. To summarize: real convergence means taking your desktop computer with you in your pocket wherever you go. Fake convergence is the opposite: stretching a phone to fit on a larger screen.

The Folly of Fake Convergence Motorola Atrix Laptop Dock

Convergence isn’t a new idea. Almost a decade ago I connected a Motorola Droid 4 to an Atrix laptop dock and the screen changed to Android tablet mode: apps were stretched and a little dock appeared along the bottom of the screen. I even wrote an article in Linux Journal about how I hacked together a Linux desktop over VNC that ran in a VM on the Android phone complete with a green-on-black terminal and dark hacker theme:

XFCE Desktop running in a VM on Android back in 2012

I actually bought my Atrix dock on a closeout sale because it was discontinued due to lack of demand. After awhile I stopped using the VM (it would never be usable in phone mode), fell back to the normal Android tablet mode (so I could easily access data when docked or not), and eventually stopped using the laptop dock altogether. Why did I and everyone else abandon this solution? Because it was fake convergence disguised as real convergence.

For the last decade we have had phones that can connect to a display and show a larger version of the phone screen. Sometimes the applications can even take advantage of the larger screen, although in many cases “tablet mode” just means doubling the phone UI to fill up the screen. Fake convergence doesn’t live up to the promise. It doesn’t solve the problem convergence was supposed to solve because it approaches it backwards. As a result we are all left unsatisfied having never realized the dream of a desktop in our pocket. Instead we have a phone connected to a monitor.

What Real Convergence Looks Like

Real convergence means bringing your desktop computer with you wherever you go. When we talk about how we have invested in convergence at Purism with PureOS we start with the desktop OS and shrink it down to your pocket.

PureOS on the Librem 5 is the same OS we use on our other products with the same applications as our desktop–just with a special kernel, shell, compositor, and a small set of other tools needed to run the OS on the phone hardware. Firefox isn’t some custom mobile fork, it’s just desktop Firefox. If you want to know more, this post does a good job of explaining the unique pieces in PureOS on the Librem 5 and how all these pieces fit together.

Avoiding Fragmentation

Fake convergence promises on other platforms has led to a common misconception that PureOS on the Librem 5 is yet another custom “mobile Linux OS” to add to the list of fragmented platforms developers have to port applications to. Developers who are already in the mobile ecosystem and used to fragmentation often ask us: “How do I port my Linux desktop application to the Librem 5?” The answer is “You don’t have to.” Instead, just make sure your desktop application works when resized to the phone’s screen resolution. No need to maintain a separate “mobile only” version of your code.

We want the whole Linux desktop ecosystem to be convergent, and so much of the investment Librem 5 backers have put into Purism has gone directly into innovations that bring convergence to the Linux desktop. We developed libhandy so that Linux application developers would have a common set of GTK libraries they can use to make their own desktop applications adaptive. We developed phosh and phoc so that applications would have a lightweight desktop shell and compositor that adapts to a phone screen. If you are familiar with the Linux mobile ecosystem, you have already seen the huge impact and wide adoption these tools now find in our community.

How Many Apps?

We often get asked “How many apps does the Librem 5 have?” One way of answering the question is how we answered it last year with an Application Compatibility Chart–a list of desktop applications that are either already adaptive, or otherwise fit on the Librem 5 screen.

Yet that answer is also misleading. Because we are focusing on real convergence, the actual answer is that we have thousands of applications on the Librem 5, today, many of them simply don’t yet fit on the small screen. Even the applications that don’t yet fit run fine when you either scale the screen or connect to a monitor.

Investing in Real Convergence

At Purism we believe real convergence is the future of personal computing: a single, portable computer that has your data and applications and that can be a desktop computer, a laptop or a pocket computer. We have invested in this future heavily and the Librem 5 is the realization of the convergence promise so many others have failed to keep. If you believe in real convergence, invest in the future you want to see. Help us continue to advance adaptive applications to bring desktop Linux to your pocket.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

The post Investing in Real Convergence appeared first on Purism.

Purism Librem 14

Wednesday 15th of July 2020 04:57:23 PM

The next generation of Librem laptop brings a lot to the table. Gigabit throughput over native RJ45 enables you to enjoy blazing-fast download speeds, security, and reliability. Compared to the Librem 13, the Librem 14 has a similar device footprint while the Intel 10th Gen Comet Lake i7 is much more powerful.

The Librem 14 is expected to ship early Q4 2020, preorder now, and save $300.

The post Purism Librem 14 appeared first on Purism.

Librem 5 Dogwood Update 3

Friday 10th of July 2020 05:39:49 PM

The Librem 5 Dogwood batch has finished our manufacturing and is finalizing testing and fulfillment all from Purism headquarters before shipping to those who are part of this batch.

With this launch of Dogwood, we see user-facing software improvements. One of the biggest visual differences is app thumbnails are displayed when switching between apps.

The cellular network can now be configured directly from the top drop-down menu.

On startup, you’ll be greeted with a new splash screen.

Dogwood has seen the most hardware changed of any batch. The CPU has been flipped to the opposite side of the PCB (now facing the screen). This change has improved heat dissipation and charging reliability.

Dogwood PCB CPU side up

The battery shipping with dogwood is 3600mAh, roughly 80% more battery than previous batches. Combined with early kernel optimizations usage is now measured in multiple hours, and with additional kernel work will continue to see leaps forward.

A diffuser has been added between the screen and the indicator light. This makes notifications easier to notice at extreme viewing angles and provides an overall better appearance.

The volume buttons have been replaced with a volume rocker, increasing usability.

In previous versions, the headphone jack was recessed and not centered. In Dogwood it’s now flush with the top of the phone and centered in the frame.

Once we finish the verification process and ship out Dogwood, we can focus on the delivery and production of the Evergreen batch and Librem 5 USA.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

.column-6:after { content: ""; min-height: 225px; /* padding-bottom: 30%; */ display: block; } .column-6 img { bottom: -0px; } @media only screen and (min-width: 600px) { .column-6:after { display: none; } .column-6 img { bottom: 0px; } }

The post Librem 5 Dogwood Update 3 appeared first on Purism.

Mobile App Stores and the Power of Incentives

Thursday 9th of July 2020 09:23:24 PM

Recently I was reading an article on Vox by Sara Morrison that explained how some of the hidden trackers in modern smartphones work and how they are used to capture and sell your data. This article was written in the context of the growing awareness of location data tracking in smartphones as that data has been used to map COVID-19 responses by the public:

In the earlier days of the coronavirus pandemic, an animated map from a company called Tectonix went viral. It showed spring breakers leaving a Florida beach to return to their homes across the US, as a series of tiny orange dots congregating on a beach in early March scattered across the country over the following two weeks.

“It becomes clear just how massive the potential impact of just one single beach gathering can have in spreading this virus across our nation,” the video’s narrator said. “The data tells the stories we just can’t see.”

But there was another story there that most of us can’t see: how trackers hidden in smartphone apps are the source of incredible amounts of specific data about us, much of which gets sent to companies you’ve never heard of. This has been going on for years and is an essential part of the mobile app economy. But it took the Covid-19 pandemic to bring some of these companies, and what they’re capable of, to the forefront.

The whole article is a fascinating read and I recommend checking it out, but I wanted to spend some time in this article talking about a sentence that jumped out at me in the above quote:

This has been going on for years and is an essential part of the mobile app economy.

The Power of Incentives

If you want to understand how a system works and especially if you want to change how a system works, look to the incentives. Human behavior is driven by a series of rewards and punishments, carrots and sticks, and the same holds true for business. While you can certainly look to regulations or user education to change behavior, ultimately those measures just factor in to the risk/reward calculations a business or user takes.

For instance, delivery drivers in big cities routinely flout parking regulations. Why would they do that when it’s against the law and can cause a fine? Enforcement isn’t guaranteed (you only get fined if you get caught) and the added cost of complying with the law is much greater than the cost of the occasional ticket.

This means if you want to change how businesses treat privacy, you have to change the incentives that drive them. Applied to the mobile app ecosystem, even with privacy regulation, privacy settings, and user prompts, companies will weigh the risks and costs of getting caught against the reward of capturing and selling user data and as long as the reward is enough, many will take the risk.

The Most Powerful Incentive: Money

The fact is, the current app ecosystem on Android and iOS is designed to facilitate the collection and selling of user data. Every incentive points a developer in this direction. This ecosystem is full of free (as in cost) but proprietary software that makes money either by showing you targeted third party ads (customized based on your shared personal data) or by collecting and selling your data to third parties to add to their own databases. In particular with Android the (free to vendors) OS itself along with the complete Google software suite (which vendors are required to install to be part of the ecosystem) are also funded by collecting and selling user data.

Users also find money to be a powerful incentive. When browsing through the hundred different apps that all perform the same function, there is a strong incentive to pick the free app with ads over the $1.99 one, even if the free app might capture your data (after all, there’s no guarantee the $1.99 app won’t too). Of course, since the applications are almost universally proprietary software, you can’t really know for sure what data they collect, only whether they ask for permission.

The Second Most Powerful Incentive: Laziness

The path of least resistance provides a powerful incentive. User interface designers understand the power of defaults and the same goes for software development. The above Vox article goes into quite a bit of detail on the various Software Development Kits (SDKs) that companies have provided to make it easy to develop mobile apps. Most applications have a common set of features, and using an existing SDK means you don’t have to reinvent the wheel.

Of course these SDKs also make spying on users the path of least resistance, as it’s much easier to just request full permissions for your app on a user’s phone than it is to start with no permissions and figure out which ones you truly need. Why does a flashlight app need access to your location and contact list? Since so many applications are designed with selling user data in mind, even a well-meaning, ethical, privacy-conscious developer might find it hard to identify and remove all third party tracking if they base their application on existing examples and popular SDKs.

Users also find laziness to be a powerful incentive. Many application developers take advantage of this by requiring users to opt-out of tracking, often via hard-to-find settings buried deep within the application. Many if not most users don’t bother to tweak their privacy settings, and many companies share your data without your consent.

Fixing the Incentives

A large part of our work at Purism is focused on creating a healthy, ethical, privacy-preserving alternative to the current mobile app ecosystem. This is one of many reasons why the Librem 5 doesn’t run Android nor iOS but instead runs PureOS–the same secure, privacy-preserving, Free Software Foundation-endorsed operating system that we use on our Librem Laptops and Librem Mini.

While users are free to install any third-party applications they want, applications in our PureOS Store must be free software and protect user privacy. As Purism’s founder and CEO Todd Weaver says: “Every line of code is a moral decision.” Making privacy and free software a default changes the incentives to encourage ethical behavior by developers. It’s much harder to hide tracking features in your application if anyone can inspect the code and create a version that removes those features.

Todd testifying to California Assembly

Purism is also working to change incentives through targeted regulation. Requiring applications to make tracking “opt-in” instead of “opt-out” would go a long way toward protecting privacy by default. Purism is part of a group of organizations including the EFF and DuckDuckGo who have asked the California legislature to require companies to get consent before using user data.

Of course, the strongest way to change the current app ecosystem is by changing the financial incentive. That’s where you come in. Each technology choice you make is a vote for the future you want to see. Voting with your dollar to support companies like Purism that are building hardware and software that protect your privacy sends a message to other companies that privacy matters to you and if they want you as a customer, it should matter to them too.

The post Mobile App Stores and the Power of Incentives appeared first on Purism.

Librem 14 Launch FAQ

Tuesday 7th of July 2020 09:45:36 AM

There has been a lot of excitement ever since we announced the Librem 14 last week. There has also been quite a few questions. In this post we’ll go through some of the most Frequently Asked Questions for those of you still deciding whether to pre-order and take advantage of our discount:

Q: When will the Librem 14 ship?
Early Q4 2020

Q: How long will the sale continue? Are there coupon codes?
A: We haven’t set an official date yet, but will make an announcement on social media and on this site at least a few days before the sale ends. The discount is automatically applied at the shop while the sale is active, no coupon codes are necessary.

Q: How many RAM slots are there?
A: Two. There is a small chance during final mechanical design testing that we have to drop back to one, but we are confident from our early MD testing it will work so are offering two RAM slots, up to 64GB of RAM.

Q: What about international keyboard layouts?
A: At the moment we will only be providing the Librem 14 with the current keyboard layout. We might consider other keyboard layouts at some point in the future if there is sufficient demand to justify keeping a large number of that layout in stock.

Q: What is the screen brightness? How far can you open the screen lid?
A: The screen brightness is 300 cd/m2 and you can open the screen lid almost 180°.

Q: What are the video out options? What about Thunderbolt?
A: The Librem 14 will be able to drive up to two 4k displays using the HDMI2 port and the USB-C port. The USB-C port will have power delivery and DisplayPort support but will not be a Thunderbolt port.

Q: What is replaceable?
A: Like with previous Librem laptops, the RAM, disk, WiFi module and battery are replaceable. The WiFi module is the same one we’ve used in past laptops.

Q: Will there be other CPU options (such as cheaper, less powerful i5 CPUs) for the Librem 14?
A: All Librem 14s will use the i7 10710U CPU.

Q: Does each M.2 socket have its own x4 PCIe-3.0 connection?
A: Yes!

Q: Will Coreboot, PureBoot and the Librem Key work on the Librem 14 like on the Librem 13 and 15?
A: Yes.

Q: What about my very specific question about other specifications?
A: We are working to squeeze as much power and as many features as we can into the Librem 14. We will provide more detailed specifications on anything we haven’t yet put on the Librem 14 product page as final specifications are confirmed.

The post Librem 14 Launch FAQ appeared first on Purism.

Getting Started with the Librem Mini

Monday 6th of July 2020 11:36:38 PM

With the Librem Mini shipping, we put together this short quickstart guide so you can know your hardware before it arrives. Dive into how the Librem Mini protects your digital freedom as well as look at the technical specs here.

In the box, you should expect to see the Mini itself, as well as a power adapter. All of which are covered by a one-year warranty. Enjoy the peace of mind that comes from expert support staff ready to ensure your Mini runs well. PureBoot

For those that need a tamper-evident way to power-on their Mini, the PureBoot bundle secures your freedom and boot process. In addition to the Mini and power adapter, you’ll receive a Librem Key and a Librem Vault.

If you’re still thinking about buying a Librem Mini, take a look at what you can do with the hardware and order your Librem Mini now.

The post Getting Started with the Librem Mini appeared first on Purism.

Librem Mini Shipping with Active Cooling

Friday 3rd of July 2020 05:44:07 PM

There’s nothing like making a public announcement to ensure that a situation will change. That’s certainly been true in the case of our Librem Mini. Just over a week ago we announced the Librem Mini was ready to ship and highlighted one issue we intended to solve with a future software update:

If you ordered a Librem Mini, you will receive an email confirming your order status and shipping information. As with any newly brought to market product, the Librem Mini running PureOS will have software updates to apply as we continue to refine the firmware. One forthcoming software update that we want to bring to your attention concerns the fan speed control, as currently the CPU is passively cooled and may throttle down under heavy load. Full active cooling will be coming in a firmware update so we highly recommend following our published announcements. If you are uncomfortable with applying a firmware update using our coreboot firmware update tool, you also have the option for Purism to hold the order until we release that software update. If you desire that, let us know when we contact you to confirm shipping information, otherwise you will be enjoying your Librem Mini soon!

Well it turns out that while we were contacting all of the Mini customers to determine whether they wanted their Mini immediately, or whether they wanted to wait for a firmware update, we resolved the fan speed control issue! As we ship out all of the Librem Mini orders, they will all have fully-updated firmware and active cooling.

Thank you everyone for your patience and if you were waiting for active cooling to place your own Librem Mini order, order now!

The post Librem Mini Shipping with Active Cooling appeared first on Purism.

More in Tux Machines

Ubuntu MATE 20.04.1 for Raspberry Pi Now Has a Second Beta Ready for Testing

Martin Wimpress published a new beta version of the upcoming Ubuntu MATE 20.04.1 images for Raspberry Pi devices, which you can download and test right now on the tiny computer. Ubuntu MATE 20.04.1 for Raspberry Pi promises major new features, such as support for the latest Raspberry Pi 4 SCBs, better graphics, experimental USB booting, basic rendering for the Firefox web browser by default, support for the rpi-eeprom utility for updating the Raspberry Pi 4 bootloader EEPROM, and a new configuration tool. Based on the recently released Ubuntu 20.04.1 LTS (Focal Fossa) operating system, the upcoming Ubuntu MATE 20.04.1 for Raspberry Pi release is now in its latest stages of development, with a second beta version ready for public testing. Since beta 1, the team fixed Wi-Fi issues that occurred on the first boot during the initial setup wizard and dropped the gpu_mem memory option that lets you specify how much memory the GPU can use from the config.txt file for better performance. The beta 2 is also powered by the same Linux 5.4 LTS kernel used in Ubuntu 20.04.1 LTS, and uses the latest MATE 1.24 desktop environment and most the core apps that are also available in the Ubuntu MATE 20.04.1 LTS release for PCs. Read more

Android Leftovers

Video/Audio: Feren OS 2020.07, Curl, Command Line Heroes and More Red Hat

  • Feren OS 2020.07 Run Through

    In this video, we are looking at Feren OS 2020.07. Enjoy!

  • Daniel Stenberg: Video: Landing code in curl

    A few hours ago I ended my webinar on how to get your code contribution merged into curl.

  • Command Line Heroes - Season 5, episode 3: What Kind of Coder Will You Become?

    The 10x Coder is often positioned as a mythical developer who can always save the day. Saron Yitbarek and Clive Thompson investigate how much of that myth is grounded in truth.

  • How Quarkus fits into the Red Hat Runtimes formula

    There are plenty of new features to talk about in the world of Red Hat Runtimes. When I recently had the chance to speak with James Falkner, technical product manager for Red Hat Runtimes, he zeroed in on the Quarkus framework, or more specifically, the Red Hat branded build of Quarkus.

  • What the Dev?

    This week, we spoke to Eric Schabell, the portfolio architect director at Red Hat, about Agile integration. A lot of enterprises are moving in the direction of Agile teams all with an eye on the digital transformation story where they're headed towards delivering things in a cloud native fashion. You'll hear some of the best ways in which to achieve that Agile integration.

Fedora: Kernel Testing, OpenShift OKD and Project Intern

  • Contribute at the Fedora Test Week for Kernel 5.8

    The kernel team is working on final integration for kernel 5.8. This version was just recently released and will arrive soon in Fedora. As a result, the Fedora kernel and QA teams have organized a test week from Monday, August 17, 2020 through Monday, August 24, 2020. Refer to the wiki page for links to the test images you’ll need to participate. Read below for details.

  • OpenShift OKD on Fedora CoreOS on DigitalOcean Part 1: Deployment

    This blog post is the second in a series that illustrates how to set up an OpenShift OKD cluster on DigitalOcean. The first post in the series covered some background information and pre-requisites needed for deploying a cluster. At this point you should have chosen the domain for your cluster, set up your registrar to point to DigitalOcean nameservers, installed all necessary software (doctl, openshift-install, oc, aws cli, etc..), and configured appropriate credentials in your environment (DIGITALOCEAN_ACCESS_TOKEN, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY).

  • Closing in on the end of the Summer

    Can you believe we’re two weeks through August already! And I’m so happy that my internship has been extended so last week isn’t my last week, even if it is the last full time week for awhile.