Language Selection

English French German Italian Portuguese Spanish


Syndicate content Purism
High-quality laptops that protect your freedom and privacy
Updated: 10 hours 2 min ago

Purism & Linux 5.3

Wednesday 25th of September 2019 09:09:29 AM

Following up on our report for Linux 5.2, here’s a list of Purism’s contributions for the 5.3 cycle Linux kernel. We contributed 12 patches, which include the Librem 5 devkit device tree and a driver for the i.MX8MQs D-PHY.

Librem 5 devkit device tree

Besides the kernel sources, the Linux git repository contains device tree files for all different kinds of hardware. These are not only used by the kernel itself, but also incorporated in other projects like U-Boot: they let the software know what the hardware looks like. We need it to bind the correct drivers, initialize clocks, assign the correct address ranges, interrupts, pin muxes, pad configs–and lots of other things. As of Linux 5.3, the Librem 5 devkit hardware description is supported in mainline Linux:

Device tree parts are usually only added to components that have working drivers. Since not all display subsystem drivers are merged yet (see below), the current device tree does not (yet) describe the display hardware; it will be added once the drivers are merged. However, the current device tree is enough to boot the board from eMMC or network and supports WiFi, modem and different kinds of sensors.

Following the initial merge, we enabled the power key in device tree:

Support the i.MX8MQ’s MIPI D-PHY

Getting a picture out of an LCD panel, on a modern smartphone like the Librem 5 using MIPI DSI, involves several components. The driver for the MIPI DSI LCD panel sits at the very bottom of the stack, and is panel-specific (it was mainlined last month). The other components usually reside on the SoC itself; in the case of the Librem5 and its devkit, an i.MX8MQ. These components are:

  • The MIPI D-PHY, that interfaces with the panel–in the i.MX8MQ, the IP core comes from Mixel.
  • The MIPI DSI host controller driver, an IP core from Northwest Logic; it outputs to the D-PHY.
  • The display controller, that feeds the display data to the DSI host controller. i.MX8MQ has two of them: the Display Controller Subsystem (DCSS)–which can also handle DisplayPort and HDMI–and the simpler eLCDIF.

From the above components, only the eLCDIF had a mainline driver (called mxsfb) and so, in order to get the LCD going, we contributed the Mixel D-PHY driver for 5.3:

Which leaves us only with the MIPI DSI host controller driver (currently under review) and some i.MX8MQ patches (specific to mxsfb) to get a picture on the LCD with a mainline kernel. Many thanks to Robert Chiras, Fabio Estevam, Sam Ravnborg and Kishon Vijay Abraham I for reviewing, testing and merging this driver! Robert is also the author of the D-PHY driver in NXPs BSP, on which we based this driver.

The above is not enough for 3D acceleration, though; we need the etnaviv kernel driver for the Vivante GPU, but the necessary changes will be the topic of another blog post.

Mainlining the DCSS driver will also be a huge effort… but NXP wants to look at it, so hopefully we will get both display port and HDMI support in mainline Linux in a not too distant future.

More hardware support

We added support for the BroadMobi BM818 M.2 card, one of the possible modems for the Librem 5:

We fixed a typo in the docs:

And added irqsteer to the i.MQ8MQ device tree, a component needed for DCSS (see above):

 We also contributed two reviews to published patches.

Again, many thanks to all the reviewers so far! And stay tuned, for there is more coming soon concerning the Linux 5.4 kernel.

The post Purism & Linux 5.3 appeared first on Purism.

First Librem 5 Smartphones are Shipping

Tuesday 24th of September 2019 08:46:35 PM

SAN FRANCISCO, Calif., September 24, 2019 — The first Librem 5 smartphones roll off the assembly line and ship to customers.

Earlier this month, Purism announced an iterative, transparent shipping schedule for the highly anticipated Librem 5, security and privacy focused smartphone. Today’s shipment marks the beginning of that process, with more Librem 5s to ship in the coming shipment batches.

“This is a big moment,” stated Todd Weaver, founder and CEO of Purism. “Not just for us as a company, but for everyone concerned about issues of privacy, security, and user freedom. The Librem 5 represents years of work, building the software and hardware required to make this phone a reality.”

Everyone who pre-ordered the Librem 5 smartphone will be receiving an email letting them know which shipping batch — and what shipping date window — they are scheduled for, before we prepare each batch for shipment.  You can find more details in the batch shipping announcement and the FAQ.

“Seeing the amazing effort of the Purism team, and holding the first fully functioning Librem 5, has been the most inspirational moment of Purism’s five year history,” stated Todd Weaver.  “It has taken nothing short of each and every teammate devoting their expertise in earnest to get to where we are, plus a community of remarkable people who understand that we must succeed in creating a phone that offers society complete control and ownership to fully respect them as humans. This is what the Librem 5 stands for and in my humble view is a phone that represents the largest of visions shouting from the rooftops, ‘I will not give up my freedom!’  This is a personal note of thanks to the Purism team, the backers who have supported us overwhelmingly every step of the way, and the community who has volunteered from spreading the word, shared ideas, bought phones, and developed immense amounts of code.”

About Purism:

Purism is a Social Purpose Corporation devoted to bringing security, privacy, software freedom, and digital independence to everyone’s personal computing experience. With operations based in San Francisco, California, and around the world, Purism manufactures premium-quality laptops and phones, creating beautiful and powerful devices meant to protect users’ digital lives without requiring a compromise on ease of use. Purism designs and assembles its hardware by carefully selecting internationally sourced components to be privacy-respecting and fully Free-Software-compliant. Security and privacy-centric features come built-in with every product Purism makes, making security and privacy the simpler, logical choice for individuals and businesses.

Media Contact:
Marie Williams


The post First Librem 5 Smartphones are Shipping appeared first on Purism.

Software Freedom Day

Saturday 21st of September 2019 06:17:22 AM
Today we celebrate software freedom!

In case you haven’t heard of it before, “software freedom” is a commitment made by programmers: to release apps in a way that always benefits the everyday user. A “free software” application upholds these four essential freedoms, defined by the Free Software Foundation:

  • The freedom to run the program as you wish, for any purpose

  • The freedom to study how the program works, and change it so it does your computing as you wish; access to the source code is a precondition for this

  • The freedom to redistribute copies, so you can help others

  • The freedom to distribute copies of your modified versions to others; by doing this, you give the whole community a chance to benefit from your changes (access to the source code is a precondition for this)

As part of its social purpose charter, all software released by Purism is free software. That means our software includes a lot of free software created by others–thank you!

We make this commitment with a “free software license” that formally grants these freedoms. This means you don’t need to ask us permission to use our software–you already have it. If you are a programmer, you are free to tweak or even overhaul an application. If you are a consultant, you are free to provide supporting services. If you are an everyday user, you are free to choose whoever you like to provide programming and other services, or even learn how to do it yourself.

There’s a veritable rabbit-hole of information about the software freedom movement out there

But here are four simple actions you can take today to support software freedom:

  1. Join or donate to the Free Software Foundation. They originated, and continue to spearhead, the free software movement. In many ways they foresaw the troubles with digital civil rights that we have today; giving them a louder voice will very likely help forestall more troubles tomorrow.

  2. Buy something from Purism

Mirrors for Speedier Downloads

Friday 20th of September 2019 05:33:33 PM

To put it briefly, PureOS provides ISO images and packages for download. Recently, we’ve seen increased traffic on our download site, and we expect that traffic to grow. We’re hoping to address increased traffic with mirrors for both package updates and downloads.

We’re very happy to announce that Sonic, a highly-ranked and privacy-respecting ISP, has offered to host a mirror for PureOS. This will alleviate some of the traffic, especially for those in North America, without compromising security. The security of the packages remains guaranteed by our signatures; the mirror simply holds another, identical set of packages, signed with Purism’s key.

The mirror is easy to use. For example, if you’d like to use the mirrors for downloading an image, simply use this URL: And here’s the link to the most recent GNOME Live build.

If you’d like to use the mirror for your packages, you have two choices:

1. use the command line to edit your /etc/apt/sources.list
2. use Software to add the mirror URL

The first choice is pretty quick and easy. In the terminal, use your favorite text editor to edit this file, /etc/apt/sources.list, and insert the following line:

deb amber main
deb-src amber main

Then run and apt-get update, and you should be all set.

If you prefer to use the Software tool, simply open Software. You can find it among the apps, by going to the upper left-hand corner of the desktop and clicking on “Activities”; then “Show Applications”, which is the last icon in the dock usually–a collection of nine squares.

Once you see all your apps you can either search for “Software” or scroll down a bit until you see it. And once the first “Software” is open, go to the menu on the top bar where it says “Software” again. There, the drop-down menu will show you an entry for “Software repositories”–and that is where we’ll make our changes, in order to use the new North American mirror. Appropriately enough, once you’ve clicked on the Software repositories menu entry you’ll see the “Software & Updates” screen. In the “Other Software” tab you can enter the new mirror’s URL by clicking on the “Add” button in the bottom left. Now, enter this entire line:

deb amber main

You’re almost done. Hit the “Add Source” button and authenticate with your password. Finally, hit “Close” then “Reload” and you should have a snappy, speedy new mirror for your packages.

Packages are updated four times a day on the mirrors and more can be done if necessary, but this will be more than enough for now. Enjoy! And thank you very much to Sonic.

The post Mirrors for Speedier Downloads appeared first on Purism.

SIM Application Toolkit: Avoid Being Exploited

Wednesday 18th of September 2019 09:47:58 PM

Technologies are often created with good intent, to make our life easier, to solve problems in a convenient way. The Management Engine in Intel’s CPUs, for instance, was intended to make the life of admins easier. It allowed for remote access on a very low level, so they could even do complete remote reinstalls of a machine. And if you have to manage a large fleet of machines, distributed within a larger enterprise, this can save huge amounts of effort, time–and thus money.

Implementation details matter

Sadly, many of these technologies that were meant as good are implemented in a way that bears more harm than advantages. The ME, for example, is fully proprietary and closed. It is even undocumented in most parts, so it can not be publicly reviewed and audited. It is a piece of software, software has bugs and so has the ME implementation; the news are full of it lately.

The same is true for something that many mobile phone users are totally unaware of–the SIM Application Toolkit, also called SIM Toolkit, SAT/USAT or STK.

The SIM Application Toolkit

Its name already points to the origin: the SIM card. It is the tiny chip card you insert into your phone, to get access to the cellular network of an operator. The SIM card used to be a fairly simple device, which you can imagine as the key to unlock the access to the network: i.e., it stores a secret (a cryptographic key) along with an ID (the IMSI) and some details about the issuing operator, etc. This data set grants you access to the operator’s network.

But phones [also called handset, or ‘terminal equipment’ (TE), in mobile terms] have become more and more powerful. And setting up these cards has become more and more complicated; you need an SMS center number, details for the MMS server, mailbox dial-in number… and a lot more. All this needs to be properly set up in the mobile, to make full use of both the mobile and the network. To make this even more complicated, these details (and the way to set them up) are different from operator to operator. The process for this initial setup is (also) called provisioning. It was to make this (and other things) as convenient and least painful as possible for users that SAT was invented.

The name SAT tells us not only that it is SIM-related, but also that it contains the term application: SIM cards can, and today they usually do, indeed contain small applications or applets. They are small computers on their own, they run code, and they can indeed be programmed. Most are based on the JavaCard standard and can be programmed with small Java applets. The SAT defines a standard way to interface the SAT applets with the modem and the phone.

Here comes the tricky part

SAT applets can have access to modem traffic, especially to SMS. They can execute on the SIM card–pretty much without any knowledge from the user. SAT applets can even initiate unsolicited communication (e.g. sending SMS) and can get updated and/or changed by the operator, over the air. All this is part of the 3GPP standards. SAT applets can also interact with the user, if the handset implements the user interface parts of SAT with simple menus, limited icon display and reading input from the ‘dial pad’.

SAT applets are an important part of the provisioning by the operators, when new SIM cards get activated. But their implementation details are not public. Their code is not public, and is thus likely to contain security flaws.

The SIM Jacker and the S@T Browser

One of these flaws has just surfaced: it is called SIM Jacker, and it exploits the S@T Browser component, found in many SIM cards. It allows for exposing critical user data, like the currently connected cell tower ID. The cell tower ID can easily be matched against databases, and is pretty much equal to having a geographical position. An attacker would thus be able to locate a user–accurately enough to determine, for example, if someone is at home or not. And it must be assumed that more information about the user can very well be extracted in a similar way.

This is possible when attackers send a specially crafted SMS to a mobile. It is not visible to the user and will initiate, again without the user knowing, an automated response by the mobile. The mobile then sends it back to the attacker, exposing for example what the user cell tower ID is.

Protecting the Librem 5

Purism is actively working with its modem manufacturers in order to protect Librem 5 users from such exploits. We are also investigating how to have a configuration option: how to opt-in to SAT, if you really need it (e.g. for initial provisioning), and disable it again afterwards–in order to avoid any such forms of exploitation.


Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the people—stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

.column-6:after { content: ""; min-height: 225px; /* padding-bottom: 30%; */ display: block; } .column-6 img { bottom: -0px; } @media only screen and (min-width: 600px) { .column-6:after { display: none; } .column-6 img { bottom: 0px; } }

The post SIM Application Toolkit: Avoid Being Exploited appeared first on Purism.

A Guest Post by Evon Ho

Tuesday 17th of September 2019 03:05:04 PM

Evon Ho, a first year Computer Science student at Southern New Hampshire University, asked us a few questions about Purism. Todd Weaver, Purism’s founder and CEO, answered them, and Evon wrote the following essay:

Purism: A Privacy Based Computer Company

It all started when Todd Weaver, Founder and CEO of Purism, realized Big Tech could not be trusted as moral guardians of his and his children’s data. The current paradigm of corporations data hoarding is, as Todd describes it, built on “a tech-stack of exploitation”–and not by accident, but by design. Companies such as Google and Microsoft–and especially Facebook–intentionally collect, store and share user data to whomever they see fit. In recent events, the California Consumer Privacy Act, which becomes effective on January 1, 2020, will make residents of California able to know what personal data is being collected about them, know whether their personal data is sold or disclosed and to whom, say no to the sale of personal data, access their personal data, request a business delete any personal data information about a consumer collected from that consumer and not be discriminated against for exercising their privacy rights. This sounds good, and it is, but not according to Big Tech. Big Tech such as Facebook hired a firm to run ads that said things like “Your next click could cost you $5! Say no to the California Consumer Privacy Act”. Big Tech does not care about privacy, they care about their bottom line. This is where Purism comes in.

Purism is a privacy focused company. Their devices, the Librem5, Librem13 and Librem15 run PureOS–a GNU/Linux distribution that puts privacy, security and freedom first, by design. It includes popular privacy-respecting software such as PureBrowser. The OS helps you “Surf the web safely without being tracked by advertisers or marketers” and allows you to easily encrypt your entire OS and data with your own encryption keys. This is huge, especially if you understand how much of your “private” data is actually being shared.

I e-mailed the company asking questions about the entrepreneurial aspects of running a computer company, expecting an employee to send over a typical pre-written list of information. To my surprise and excitement, the CEO and Founder Todd Weaver e-mailed me himself, and answered my questions. This was very inspiring.

There are quite a few entrepreneurial aspects of running a computer company. You must manufacture your own computers and design your own software. Because the software in PureOS is free software, there exists a community of paid and volunteer developers who maintain it. This is beneficial in many ways, such as it allows the code to be freely auditable and if there’s a bug it’s usually fixed fairly quickly. There are some challenges that one must overcome as well, such as delays in manufacturing and the management of growth based on cash flow–this is crucial. With dedication and perseverance, these challenges are easily overcome, and one can move onto the designing process.

To design a computer from scratch, you must have a goal in mind. Purism’s goal is to give consumers “a computer that you fully own and control”. This goal then allows them to list all the reasons why current laptops and phones cannot meet such a goal. They then look to solve each reason of incompatibility to produce a new and improved device that allows one to fully own and control their device. To fund such a company, one needs an investment of capital. Founder and CEO Todd Weaver invested his own money into the company initially, then ran crowd-funding to bring the first product to market.

Purism’s goals for the future include continuing to improve and expand their products to offer a convenient alternative that respects people and their digital lives. This is a noble and respectable goal, and I for one would love to use a Librem when I graduate Southern New Hampshire University and work as a software developer.

In conclusion, if one has a worthy goal in mind such as Purism’s privacy-first approach, nothing is impossible–not even running a successful computer company.

Thank you, Evon–we loved it, and are very proud that you chose us. Keep up the good work!

The post A Guest Post by Evon Ho appeared first on Purism.

Librem 5 Batch FAQ

Thursday 12th of September 2019 10:40:27 PM
We have been getting a lot of questions related to our announcement of the Librem 5 shipping schedule. Here, we will post the answers to some frequently asked questions, and update this document as new questions come in.

Q: The shipping announcement says the first batch of the Librem 5 will have a “loose fit”. Does this mean the phones will be low-quality?

A: Every Librem 5 that rolls off the assembly line will be a high-quality smartphone. Every component, tested and lovingly assembled. “Loose fit” in this case leaves us room to have ribbon cables, antenna cables, camera spacer and LED alignment have a looser tolerance than later batches.

Q: The first batch of Librem 5s is listed as having “unfinished switch caps”. What does that mean?

A: That the hardware kill switches will be the bare switch pole, without the ergonomic covers on top that will make them easier and more comfortable to use.

Q: Will all software updates be released for all shipping batches of the Librem 5? If I get batch Birch, will I get the same software updates as later batches?

A: Yes! All batches will receive the same software updates at the same time. That means new (and updated) applications will arrive at the same time, no matter which batch you received.

Q: If I receive the Librem 5 from one of the first batches, will I have a fully functional phone?

A: Yes! Even the very earliest batches will be capable smartphone, including a modern web browser and core cell phone functionality.

Q: How do I know which shipping batch my order will be part of?

A: You will receive an email letting you know which shipment batch you are scheduled to be part of, based on your place in the queue.

Q: Will it be possible to replace the case (or other components) in the Librem 5 I receive with parts from a later batch?

A: Very likely, yes: screw-holes in the PCBA and basic mechanical design are unlikely to change; minor adjustments for ease of assembly or antenna placement are examples of case modifications between batches.

Q: Can the operating system the Librem 5 ships with (the GNU/Linux based PureOS) be replaced with another operating system?

A: Yes! There are community efforts underway to port UBports, Plasma, and PostmarketOS to the Librem 5. We will be publishing a blog post soon with details about the progress of these projects. However, Purism has invested heavily in PureOS for the Librem 5 and will only be able to support PureOS on the Librem 5 directly.

Q: What is PureOS, exactly?

A: PureOS is a GNU/Linux-based operating system, which powers all of the privacy-focused laptops Purism ships. PureOS has been lovingly and painstakingly optimized for the touch screen of the Librem 5. PureOS is also Free Software Foundation endorsed.

Q: I REALLY want one of the Librem 5s from the first batch (Aspen)! Pretty please?

A: Thank you for asking politely! We will be assigning each customer a batch according to when their order was placed. If a customer in an earlier batch chooses to wait for a later batch, we will reassign that slot.

Q: If I order today, what shipping batch will I be in and when will my Librem 5 arrive?

A: Orders placed today will likely fall in Batch Evergreen. Order now to secure your place in line–we are doing everything we can to process orders faster than the queue is filling up, and will continue in that effort.


Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the people—stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

.column-6:after { content: ""; min-height: 225px; /* padding-bottom: 30%; */ display: block; } .column-6 img { bottom: -0px; } @media only screen and (min-width: 600px) { .column-6:after { display: none; } .column-6 img { bottom: 0px; } }

The post Librem 5 Batch FAQ appeared first on Purism.

The California Consumer Privacy Act

Wednesday 11th of September 2019 12:13:31 PM

Next January, California is set to have one of the strongest laws in the nation, passed last year with unusual bi-partisan support, seeking to add some first-of-their-kind state protections over our personal data. It is called the California Consumer Privacy Act (CCPA) of 2018. It nicely reflects the fact that our state is one of the only states in the country whose constitution in Article 1, Section 1, actually contains an express right of privacy guaranteed to all Californians.

This past year, since the bill’s passage, Purism has worked tirelessly–and dedicated substantial staff resources–to help make sure the new law is not substantially thrashed by Big Tech’s huge army before the fledgling law can even take effect: an army of highly-paid lobbyists. The stakes for Big Tech are large, but the stakes for consumer privacy, and for Purism’s philosophy of consumer privacy protection and control, are so much bigger.

To try to stem the extraordinary political muscle of Big Tech in Sacramento, Purism has worked in close collaboration with California’s top privacy protection groups including the ACLU, EFF, Consumers Union, Common Sense Kids Action and the Privacy Rights Clearinghouse, and many others to try to stop the onslaught of Big Tech-sponsored bills seeking to vitiate the new law.

Our CEO has testified in legislative hearings against the weakening measures, and has recently co-written a powerful editorial published in the Mercury News, the newspaper in the backyard of Big Tech in Silicon Valley, against these bills. As Purism’s legislative advocate, I have met with key California legislators to try to thwart Big Tech’s predictable onslaught against this new law.

The new law is obviously a long overdue first step

It seeks to give consumers quite a bit more control over the vast data companies collect, store, share and sell about them–all without their knowledge or meaningful consent. Needless to say, the secret collection and sale of these extraordinarily valuable troves of personal data have made Big Tech companies some of the most valuable companies in the world, the most politically powerful–and the greatest threat to our most basic privacy rights.

Among the new law’s key requirements:

  • Businesses must provide certain disclosures when selling consumers’ personal information. This includes disclosing the categories of information the business has collected or sold, the categories of sources from which the information is collected, and the specific pieces of information collected about the consumer.
  • Additionally, the CCPA allows consumers who are 16 years of age or older to opt out of the sale of their personal information, with younger consumers needing to opt in before a business can sell their information.
  • Consumers can also request that certain personal information be deleted.
The new law is also obviously far from perfect, as Purism’s CEO repeatedly testified this year in the Legislature

It does not even require companies to give consumers the fundamental right to first affirmatively agree to opt in–to the selling or sharing of their private information, before it can ever be shared or sold–instead forcing unknowing consumers to try to figure out the labyrinth of (often purposely tedious and confusing) website requirements in order to opt out of the sharing of their most personal data.

Like all laws, it reflects substantial political and policy compromise. It only came about because the California Legislature felt it had no choice back in 2017: to respond to a pending, highly popular statewide ballot initiative which sought to empower consumers, to find out what information businesses were collecting on them, and give them the choice to stop the sale of their personal information. In exchange for the introduction of the new California Consumer Privacy Act, the sponsors of the ballot initiative agreed to withdraw their initiative, and the new CCPA was quickly shepherded through the legislative process and signed into law.

Though Big Tech companies were unable to stop the passage of this law, they were able to secure a major procedural loop-hole to give them future “bites at the apple” this year, before the new consumer protection law actually takes effect next year. They got the Legislature to agree to postpone its legal effect until next January 1st–giving Big Tech the chance to try to undermine the key protections the new law contains.

Some Big Tech CEOs publicly continue to assert they have become true converts to the importance of protecting consumer privacy

Instead, they–and their legions of powerful lobbyists–have, disappointingly, spent this past year in the California Legislature quietly attempting to do all they can to weaken California’s new privacy law before it even goes into effect.

I am therefore very pleased to report that, as the legislative year winds to a close this hot summer in California’s Capitol, Purism’s tenacious efforts, in collaboration with many other committed, non-profit privacy groups like ACLU and EFF–and the commitment to privacy by key legislators in Sacramento–appear to be paying off for California consumers. Although some measures are continuing to move forward that may relax some of the provisions in the CCPA, the many Big Tech-supported bills that have sought to substantially curtail consumer privacy rights have, at least for now, been halted.

Purism and its supporters can therefore be very proud; we are not just “talking the privacy talk” but “walking the privacy walk” when it comes to fighting for consumer privacy rights and consumer empowerment. Though the political battles are clearly never over, the social benefit company’s efforts to better protect our cherished personal privacy, and consumer control over our, and our children’s, privacy will always be worth the substantial effort and cost.

We shall continue this worthy fight.

The post The California Consumer Privacy Act appeared first on Purism.

Purism at GUADEC 2019

Tuesday 10th of September 2019 03:46:05 PM

GUADEC 2019 took place in Thessaloniki, Greece, and some of Purism’s team members were there. This year’s program was excellent, with plenty of interesting presentations; among them, Tobias Bernard’s talk about adaptive patterns and GNOME apps that work well across different form factors, from phones to desktops. Below is a video of his talk, which we think you should really watch when you have a chance–and here are the slides.

One of the main themes of the talks was around containerized applications and the security involved. We learned about punching holes through flatpaks, with portals to provide the flatpak with temporary access to a service, and how to better secure multi-process flatpak applications with bubblewrap.

And after busy days of talks, we found the time to relax and casually chat at the picnic hosted at beautiful Platanakia:

Heather Ellsworth, François Téchené, Julian Sparber, Bob Ham, Tobias Bernard and Adrien Plazas

There were also a few meals, involving food, drinks and some interesting discussions about possible software ethics rating systems encouraging ethical practices like encryption, discouraging unethical ones like tracking.

From left to right, Heather, with Adrien and Bob in the back; in the front row and also from left to right are François, Tobias and Julian


The one where we invited the little hacker-in-training

Finally, after attending GUADEC talks and BoFs (and the occasional picnic), we went to the beach on Wednesday; we even have a picture, so you can see it really did happen…

@media (min-width:769px) {.media-embed {max-width: 125%; margin-left: -12.5%; margin-right: -12.5%; width: 125%; } }

The post Purism at GUADEC 2019 appeared first on Purism.

PureOS Rolls On as Stable

Friday 6th of September 2019 02:04:11 PM
PureOS was originally conceived as a rolling release.

A rolling release receives periodic updates in a “rolling” fashion–they just keep rolling in. This is good, as you get the latest cutting edge changes to applications and system libraries. But unfortunately there is a side effect to rolling releases: they are bad for stability, because the changes they bring are often not yet widely used, or tested, in real world situations. This issue is inherent to any fast moving body of code, and PureOS is no different; we attempt to solve it by putting the user at the center of our design choices. With this in mind, we polled our forum and worked internally to devise a pragmatic solution that follows best practices, while continuing to provide options for users.

Our solution is straightforward; we’re making our PureOS release a stable release, and creating a new rolling release. In addition to this stable release, we’re adding two complementary suites–amber-security and amber-updates–which work together to bring a rock solid release. We will also build and release a rolling release just like the one our users are used to, meant for those who are willing to use, and test, the latest software from upstream. Both releases will receive security updates, of course, but the rolling release will lack real-world testing, by design.

How do I get the new stable release?

You likely already have the new stable release. We’ve tested it for a while, and are now adding it as a normal update to PureOS base files. It should be an uneventful update–but if there are any issues at all, please let us know via bug report in our tracker system. We’ll announce our new rolling release in the near future. We will continue working on it, and during the period where our upstream has moved from stable to a new testing release there will likely be a bit of churn. Waiting for that to settle will likely benefit the quality of the new rolling release.

You can also download the new release. We’ll continue to update our documentation on the new release though very little has fundamentally changed. All our current documentation is routinely updated, and it all pertains to this latest release.

The post PureOS Rolls On as Stable appeared first on Purism.

Librem 5 Shipping Announcement

Thursday 5th of September 2019 02:52:34 PM

SAN FRANCISCO, Calif., September 5, 2019 — Purism begins its iterative shipping schedule for the much anticipated Librem 5 phone running PureOS.

The Librem 5 phone is built from the ground up to respect the privacy, security, and freedoms of society. It is a revolutionary approach to solving the issues that people face today around data exploitation — putting people in control of their own digital lives.

Due to the high volume, growing demand for the Librem 5, and in the interest of openness and transparency, Purism is publishing its full, detailed, iterative shipping schedule. This expands on the existing commitment to start shipping in Q3 by defining specific batches, their features, and their corresponding ship dates.

Most companies keep their release and product plans secret right up until mass production launch, so they can avoid publicizing any setbacks or delays; but we have decided to bring our community and customers along with us for the Librem 5 journey, and have been transparent about our progress from the beginning. This means you have been able to celebrate along with us as we have reached milestones like shipping our devkit in 2018, the NXP CPU silicon issues we had to overcome, placing our first call in early 2019, sending our first SMS. You have been able to track our software progress directly from our public code repositories and watch live updates to libhandy, Phosh, Chatty, and the rest of our software. And we are compliant with, and submitting for, the “Respects Your Freedom” certification from the Free Software Foundation.

The iteration schedule starts in September, 2019, and the Librem 5 will be shipping in batches with incrementing code names. Each iteration improves upon the prior in a rapid rolling release throughout the entire first version of the phone, including the public plans for the second revision of the phone for context.

Every iteration includes updates to hardware, mechanical design, and software. We will be contacting each customer to confirm their shipping address, which modem and power supply they would like, and to confirm which shipping batch they are currently scheduled to receive — and to give them an opportunity to select a later batch than they are scheduled for, should they prefer to wait for a later iteration. As slots in a particular early batch free up, we will open it up for others in a later batch to join in, according to the date of the order.

If you haven‘t yet placed your order (or want to place an additional order) — the sooner you order, the earlier the shipping batch you will be added into.

Batch Aspen

Hardware: Initial board, all hardware components included.

Mechanical Design: Individually milled case, loose fit, varying alignment, unfinished switch caps (hand crafted).

Software: Initial release of core Apps, manage contacts, basic web browsing, early power management, software updates from the PureOS Store via the terminal.

Certifications: FCC and CE for Radios

Shipping window: September 24th – October 22nd

Batch Birch

Hardware: Next run of board, all hardware included.

Mechanical Design: Aspen + tighter fit, improved alignment.

Software: Aspen + improved setup, improved web browsing, improved power management.

Certifications: FCC and CE for Radios

Shipping window: October 29th – November 26th

Batch Chestnut

Hardware: All hardware included.

Mechanical Design: Birch + capped switches.

Software: Birch + final setup, improved web browsing, improved power management.

Certifications: FCC and CE for Radios

Shipping window: December 3rd – December 31st

Batch Dogwood

Hardware: All hardware included.

Mechanical Design: Chestnut + refinements.

Software: Chestnut + core apps improved, additional applications, refined graphical PureOS Store.

Certifications: FCC and CE for Radios

Shipping window: January 7th – March 31st

Batch Evergreen

Hardware: All hardware included.

Mechanical Design: Molded case.

Software: Long term support release

Certifications: FCC and CE

Shipping window: Q2 2020

Batch Fir

Hardware: 14nm Next Generation CPU

Mechanical Design: Version 2

Software: Long term support release

Certifications: FCC and CE

Shipping window: Q4 2020

Thank you to all the supporters who continue to share the Purism story with the world — this is a long-term movement around creating a digital society that respects people. Purism started in 2014 and has been growing triple digits year-over-year. The Librem 5 project started in 2017 with early bird backers rapidly funding the 60 day campaign that blew past the $2.5m mark. The Librem 5 devkit was released in December 2018. Software inventions and releases have been ongoing for a few years. Now we begin the iterative production releases of the Librem 5 phone, which our entire team is very excited to share.


About Purism

Purism is a Social Purpose Corporation devoted to bringing security, privacy, software freedom, and digital independence to everyone’s personal computing experience. With operations based in San Francisco, California, and around the world, Purism manufactures premium-quality laptops and phones, creating beautiful and powerful devices meant to protect users’ digital lives without requiring a compromise on ease of use. Purism designs and assembles its hardware by carefully selecting internationally sourced components to be privacy-respecting and fully Free-Software-compliant. Security and privacy-centric features come built-in with every product Purism makes, making security and privacy the simpler, logical choice for individuals and businesses.

Media Contact

Marie Williams, Coderella / Purism +1 415-689-4029

See also the Purism press room for additional tools and announcements

The post Librem 5 Shipping Announcement appeared first on Purism.

Announcing the PureBoot Bundle: Tamper-evident Firmware from the Factory

Tuesday 3rd of September 2019 06:39:16 PM

We have been promoting the benefits of our PureBoot tamper-evident firmware with a Librem Key for some time, but until now our laptops have shipped with standard coreboot firmware, that didn’t include tamper-evident features. To get tamper-evident features, you had to reflash your Librem laptop with PureBoot firmware after the fact, using our standard firmware update process. One of the biggest challenges for most people using PureBoot was the initial setup process–but many people might  find installing an OS challenging too.

The best way to solve this challenge is for us to do the setup for you–and that’s what we are happy to announce today.

While we will still default to our standard coreboot firmware, starting today, if you order a Librem laptop and select the “PureBoot Bundle” option for the firmware, you can choose to have PureBoot installed and configured at the factory. The PureBoot Bundle includes a Librem Key, as well as a “Vault” USB drive that will contain the GPG public key we generated at the factory. You can use the Vault drive later to store backups of GPG keys you generate and store them in a safe place.

With the PureBoot Bundle, you will be able to detect firmware tampering and rootkits out of the box! Just unbox the laptop, plug in the Librem Key and turn it on–if the Librem Key blinks green, your laptop is safe; if it blinks red, it was tampered with in transit. Also, now that our Librem Keys are made in the USA next to our fulfillment center, we have even tighter control over the supply chain for the most critical trusted component in this equation.

If you pick a PureBoot Bundle, we will perform the following additional steps on top of the standard PureOS install process
  • Reflash the firmware with PureBoot
  • Factory-reset the Librem Key and set default user and admin PINs
  • Generate a new, unique GPG key on the Librem Key
  • Copy the corresponding GPG public key to a USB flash drive shipped with the laptop
  • Sign all of the files in /boot with this GPG key
  • Add the GPG public key to the firmware’s GPG keyring and reflash the firmware
  • Reset the TPM and set a default admin PIN
  • Store the known-good firmware measurements in the TPM
  • Share a secret in the TPM and Librem Key to detect later tampering

When you get your PureBoot Bundle, you can immediately test whether the firmware was tampered with during shipment. For an additional charge, you can contact us about our anti-interdiction services which, among other measures, ships the Librem laptop and Librem Key separately.

We believe you should have full control over your keys

Once you have verified the integrity of the firmware, you can set new passwords and secrets on the Librem Key and TPM, generate new GPG keys (or copy over GPG keys you already have), and re-sign all of the files, all with keys under your control, at any time.

We hope that, by setting it up for you at the factory, we can get this next-generation tamper-detection technology into more customers’ hands. Everyone–not just hardcore geeks–deserves the peace of mind of knowing that their systems are safe from tampering; and unlike with other secure boot systems, PureBoot gives you tamper-evident firmware without vendor lock-in–you control all of the keys.

To get the PureBoot Bundle, order a Librem 13 or Librem 15 and on the configuration page in the shop, select “PureBoot Bundle” under the firmware option.

The post Announcing the PureBoot Bundle: Tamper-evident Firmware from the Factory appeared first on Purism.

Why the Total Dossier on Everybody Must Stop

Tuesday 3rd of September 2019 01:51:40 PM
Where people go, what people do, and who talks to whom, should be kept private.

There is a total dossier on everybody, and you are likely a willing, yet oppressed, participant. Willing because of how convenient it is; oppressed, because everything you do is under the complete control of others.

Gang-stalking by corporations must stop. We have seen before what can happen when all the whereabouts of all people are tracked. The German Secret Police (the Stasi) had over 250,000 spies, who served in a four-decade long despotic regime over a population of 17 million, committing crimes against their own people–crimes that were viewed to be as brutal as those perpetrated by their Nazi predecessors–reminds us what oppression is. We have seen what happens when your privacy is invaded, when what you do is tracked. Decades before the Stasi, the Gestapo had 40,000 spies watching over a country of over 80 million, committing the worst atrocities on civilians ever; this is what oppression is.

We have seen what happens when who talks to whom turns into a demagogic tragedy. McCarthyism was coined from recklessly slandering public figures, ruining the lives of hundreds of US citizen with unsubstantiated accusations; this is what repression is.

The amount of data gathered on people from any of the aforementioned organizations is infinitesimally small, when compared to the astronomically large, nearly incomprehensible amount of personal data gathered from your mobile phone in just one day.

Where you go is known with satellite-measured accuracy, within a meter of your position on earth. Polling every millisecond–even when offline, for later synchronizing–your exact location is recorded at every moment of every day, permanently. What floor you’re on, who you are near, how long you’re near them, what speed you’re traveling at, who you’re traveling with, are all elementary level mathematics to establish. Cross-linking a single data point like your longitude and latitude to a second data point like the radio distance to a cellular tower or three, adding in what Wi-Fi you connect to and the strength of connection, makes confirming your location in triplicate extremely easy.

What you do is matched against where you go, how long you are there, and how much you interact with your phone or health monitoring app. Knowing you’re at an event, bar, game, restaurant, hotel or friends house is matched against photos, videos, social media posts, chats, heart rate–or simply how often you look at your phone–and can determine what you’re doing with a remarkable degree of accuracy. Were you bored or engaged? Were you hungry, or did the salad you paid for suffice until the after-dinner pizza you had delivered late-night, after your ride-share (aka taxi+tracking) service dropped you off at 11:04pm?

Who talks with whom is egregiously recorded forever, and in nearly all cases what is said to whom is also flagrantly squirreled away for eternity. You chatting with your mother–yep, spied on. You texting your spouse–spied on. You calling to cancel cable–spied on. Your photo sent to your colleague–spied on. It’s easier to list all the things kept between just you and the intended recipient, because it is absolutely nothing. There is no app that can guarantee it’s just two people involved in a text string; because apps, the underlying operating systems, and the underlying cellular networks, are controlled by the very same groups that surveil all of society.

Your oppression is not entirely your fault; knowledge is purposefully and behaviorally restricted from your purview.

It’s either buried in the hundredth paragraph of a terms-of-service you didn’t read, or shrouded in enough mystery you follow the rest of the anchovies in a collective experiment wondering “if it is this bad, why hasn’t anybody stopped it?”

It takes any one of three things to solve this–as history has shown: governments regulating to benefit civilians; business models changing to respect society; people switching to products and services that are ethical for society. Surveillance companies are working daily to remove the last one from happening; people switching requires a network effect, and they put up anti-competitive barriers for any new competition to have a level playing field. These same companies–all Big Tech companies–are so gargantuan that they don’t have to change their business practices toward helping society; they opt to use marketing slogans to keep their oppressive regimes dominating instead.

This leaves governments to step in and consider regulating the behemoths–never forgetting that lobbying efforts will work hard to adding regulation that keeps the companies gigantic, rather than regulation that benefits civilians, since this type of regulation makes smaller but growing competition need to jump higher and higher to vault over the new regulatory hurdle.

To rid yourself of the unethical dossier collected on you takes having a (convenient) alternative that avoids knowing where people go, what people do, who talks to whom, all it takes is governments to stand up and regulate to benefit its civilians.

And most importantly, it takes you leading by example, using products designed to respect your rights.

The post Why the Total Dossier on Everybody Must Stop appeared first on Purism.

The Librem 5 Application Compatibility Chart

Friday 30th of August 2019 04:58:51 PM

All of the applications below are confirmed to run on the Librem 5 Smartphone running PureOS.

Each application is grouped into one of three categories based on how optimized it is for the mobile screen.

Mobile Optimized – Fine tuned for mobile screen and touch input.

Visual Issues – Some visual elements could use additional fine tuning for mobile screens.

Needs Mobile Optimization – Runs and is functional, but not all visual elements are visible or fit on the screen.

This list was last updated on August 30, 2019 and some items are maintained by the team at Purism.  This is not a complete list of all pieces of software that run on the Librem 5 (either currently or in the future) and additional applications will be added to this chart as they are tested and verified.

The Librem 5 Application Compatibility Chart

ApplicationMobile OptimizedVisual IssuesNeeds Mobile Optimization
Phone Calls

SMS, Messaging

Web Browser
GNOME Contacts
GNOME Settings
GNOME Clocks
King's Cross Terminal✓
Music Player
GNOME Archive Manager

Image Viewer
Eye of GNOME
GNOME Disk Utility
Graphic Design
Torrent Client
GNOME Podcasts
PDF Editor
GNOME Calculator
If you see any incorrect entries or bugs, please file them here

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the people—stand up for our digital rights, where you place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

.librem-5-compatibility td.column-1 img {width:64px !important;filter: drop-shadow(0 1px 12px rgba(0,0,0,0.05)) drop-shadow(0 -1px rgba(0,0,0,0.05)) drop-shadow(1px 0 rgba(0,0,0,0.1)) drop-shadow(0 1px rgba(0,0,0,0.3)) drop-shadow(-1px 0 rgba(0,0,0,0.1));}.column-6:after { content: ""; min-height: 225px; /* padding-bottom: 30%; */ display: block; } .column-6 img { bottom: -0px; } @media only screen and (min-width: 600px) { .column-6:after { display: none; } .column-6 img { bottom: 0px; } }

The post The Librem 5 Application Compatibility Chart appeared first on Purism.

Purism CTO Presents “A Mobile Phone that Respects Your Freedom” at CCCamp

Wednesday 28th of August 2019 06:05:50 PM

It is not easy to build hardware that respects your freedom, and it becomes even more challenging when that hardware is a mobile phone. No one knows this better than Purism CTO Nicole Faerber–and at CCCamp 2019 she elaborated on these challenges in a 45-minute presentation: “A Mobile Phone that Respects Your Freedom.” While we strongly suggest everyone view the talk itself (it’s so good!), in this post we will pull out a few of the highlights:

Mobile phone market is a small number of big players

As everyone knows, the current smartphone market is a duopoly with the majority of phones running Android, and the rest running iOS. But the chipset market and the bulk of the smartphone supply chain is in the hands of only a few large companies. Two companies only (Mediatek and Qualcomm) account for the bulk of Android phones, which itself accounts for the majority of phones on the market. That’s not just a lot of control in a small number of companies, it also presents its own challenges if you want to create a device that respects freedom in a marketplace where the norm is proprietary software. This means most phones integrate as much as possible into as few chips as possible–and those chips generally require proprietary firmware and drivers to function.

Patents present a unique challenge

One thing many people don’t understand outside of the mobile space is the impact that patents have. Every new generation of phone technology brings with it hundreds, if not thousands, of patents. While patent holders have certain requirements to license these patents to others, they also use their patents to control the market. This is particularly relevant when you consider just how important mobile phones have become in everyone’s lives–having, in many cases, replaced the traditional personal computer as the primary computing device. This control over the market via patents presented us with a lot of challenges, in particular when attempting to source a standalone 4G modem that supported voice.

Unveiling the Librem 5 PCB

We want a smartphone that respects people’s freedom with an open, hackable design and published schematics. In fact, we are seeking “Respects Your Freedom” certification from the FSF, so we went to great effort to source freedom-respecting chips that worked with free software drivers. One big area where we could not work around proprietary blobs was the modem, so between that and our desire to use hardware kill switches–for the WiFi and the cellular baseband–we went with a design that separated out those components into their own chips (in the case of the cellular baseband, a removable M.2 card). We started by releasing a devkit in December 2018, and in this talk Nicole unveils the first public pictures of the actual phone PCB!


Hardware is hard, and making mobile phone hardware that respects your freedom is even harder. Challenges include finding suppliers, language barriers when working with Chinese suppliers (in many cases the only viable avenue for certain mobile phone work, these days), often dealing with long lead times, regulations and certifications. There’s also a general lack in available hackable hardware, which means that there isn’t nearly enough expertise in mobile phone hacking in the community–something we hope to change!

Nicole’s talk was marvelous–both informative and interesting–and you should really watch the video in its full version bellow, because there’s so much more to it than what we just wrote about!


Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we–the people–stand up for our digital rights, where you place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

.column-6:after { content: ""; min-height: 225px; /* padding-bottom: 30%; */ display: block; } .column-6 img { bottom: -0px; } @media only screen and (min-width: 600px) { .column-6:after { display: none; } .column-6 img { bottom: 0px; } }

The post Purism CTO Presents “A Mobile Phone that Respects Your Freedom” at CCCamp appeared first on Purism.

How To Promote Real Social Good

Thursday 22nd of August 2019 03:25:22 PM

It was big news this week when the nation’s most powerful chief executives finally acknowledged that corporations should contribute more to society than maximizing shareholder value. The new mission statement of the Business Roundtable, as their group is known, contains the following goals:

  • Delivering value to our customers. We will further the tradition of American companies leading the way in meeting or exceeding customer expectations.
  • Investing in our employees. This starts with compensating them fairly and providing important benefits. It also includes supporting them through training and education that help develop new skills for a rapidly changing world. We foster diversity and inclusion, dignity and respect.
  • Dealing fairly and ethically with our suppliers. We are dedicated to serving as good partners to the other companies, large and small, that help us meet our missions.
  • Supporting the communities in which we work. We respect the people in our communities and protect the environment by embracing sustainable practices across our businesses.
  • Generating long-term value for shareholders, who provide the capital that allows companies to invest, grow and innovate. We are committed to transparency and effective engagement with shareholders.

There is a lot of speculation around what has motivated this change, ranging from genuine altruism to a response to politicians who have made corporate greed a talking point in their stump speeches, or even to using it as a hedge to explain future losses driven by a possible recession. This article does not address any of that speculation. Instead, this article will address whether the Business Roundtable’s new mission statement is likely to significantly affect corporate behavior, based on our experience as perhaps the first Social Purpose Corporation in the technology space.

“The Business Roundtable CEOs could just re-incorporate as a Social Purpose Corporation, if their motives aligned with their words.” Todd Weaver, Founder & CEO of Purism stated.

This news story caught our attention here at Purism because we have been thinking about how to build a company that promotes social good. Our company was incorporated in Washington State as a Social Purpose Corporation. We chose this form or corporation to ensure that our foundational purpose to advance the freedom, privacy and security of our customers would not be undermined by those who seek to maintain the ability of Big Tech to profit off of customers’ personal information. We also wanted to protect our company’s ability to achieve its purpose as it grew, in particular once it took on outside investment. One big threat we knew we’d face if we went through the traditional C corporation model was that future investors could potentially sue us for pursuing social good above maximizing shareholder value.

According to the Washington State Bar Association, “An SPC’s directors may give weight to one or more of the social purposes, rather than solely considering the best interest of the corporation. RCW 23B.25.050. This allows the founder to elevate a particular social cause rather than maximize profit at the expense of society. It allows a company to be socially responsible without being considered financially irresponsible.”

As laudable as the mission statement by the Business Roundtable is, the fact remains that its members’ corporate structures and broader objectives will continue to be centered around profit maximization. Let’s keep in mind that CEOs of large companies typically have much of their compensation based on the performance of the company’s stock. Will CEOs whose compensation can run into the hundreds of millions of dollars per year put their personal financial interests aside for the greater good? And, more importantly, one must unfortunately admit that often times the very nature of the businesses conducted by the largest companies is, at their core, contrary to the public good.

Consider, for example, the social media companies who know their platforms are being manipulated to fuel division and discord in societies around the world, and yet they fail to stop the abuses. Consider the role of large banks in economic calamities around the globe. Consider the role of pharmaceutical companies in making drugs unaffordable for many people, and in contributing to the opioid crisis. Consider the fossil fuel companies who continue to extract and burn fossil fuels knowing that they are an existential threat. Consider the role of chemical companies in polluting the environment. And consider the fact that our company was born out of the need to protect people from the challenges to their privacy, security and freedom brought on by Big Tech. Sadly, the shift in emphasis by the Building Roundtable does not address the biggest problem with many of the largest corporations, which is that their business objectives are not compatible with general health and welfare. Saying that companies should deal fairly and ethically with their employees and partners even if it affects the bottom line is nice–but beside the point. It would be far more beneficial for these companies to reevaluate their overall effect on society.

We at Purism are grateful to the many US states offering to give companies the freedom to actually benefit society, rather than contribute to its ills. We believe that consumers who really care about their freedom, privacy, and security, or other issues like climate change, seek out companies like ours that exist, first and foremost, to do something important that can better people’s lives. We use capitalism, and the corporate form, to build a sustainable company that can continue to serve our mission. Making money is a means to an end, not the end itself. We exist for our customers, not for our shareholders, and our shareholders back us because know the social good that comes from our efforts. People parting with their hard-earned money for products and services deserve that much.

The post How To Promote Real Social Good appeared first on Purism.

Librem 5 August Update

Wednesday 21st of August 2019 02:36:07 PM

Hi Everyone! The Librem 5 team has been hard at work again, and we want to update you all on our software progress.

We are preparing everything for the Librem 5 to be delivered soon, and its software will focus on the most critical applications a phone needs: calls, messages and web browsing. There are supporting projects that will be delivered too, like GNOME Settings, the shell, GNOME Initial Setup, and GNOME Contacts. So without further ado, let’s take a tour through the software we will deliver–as well as some other applications that have seen some major changes.

Applications Libhandy

We have made some adaptive dialog improvements to HdyHeaderBar’s back button. There is a really nice new pagination widget for the app drawer. A general overhaul of the app drawer is almost finished–thanks so much, Alexander Mikhaylenko, for all of your hard work on this!

Also, be sure to check out the newly packaged demo app.

And Libhandy 0.0.10 has been uploaded to Debian and to PureOS.


We have worked on a few recent main efforts on Calls: adding a calls history, allowing the Contacts app to dial numbers, and enabling the system to receive calls when the shell is locked.

To lay the foundation for the calls history, the records have to be recorded in an SQLite database. Then, to complete the work, the database was connected to the UI.

In order to allow Contacts–or any other application–to dial calls, a tel url handler was added to Calls.

Calls now starts up in a new daemon mode when GNOME starts, so that incoming calls can always be received.


The team fixed several crashes, and the welcome screen was reworked; there is also an ongoing effort to integrate with libfolks, which is used by Contacts.

We continue to improve the SMS plugin, too, and fixed an issue with multipart SMS reception: all SMS fields are initialized as soon as the first part is received (thanks a lot, Aleksander Morgado, for the patch). There is also handling for SMS messages that were received by the modem when Chatty isn’t running, support for delivery reports, and phone number formatting according to E164.

The conversation view was improved by introducing lazy loading for pulling the chat history patch, which gradually loads the chat log into the conversation view as the user scrolls up. Thanks, Leland Carlye, for the awesome patch!


The team added many mobile tweaks: from file chooser dialogs to about dialogs, message dialogs, adaptive presentation dialogs, dialog maximization, and info bars.

Web Browsing

We have backported many mobile improvements, which we also included on the devkit image. The Epiphany “new tab” page and several other in-viewport pages have been made adaptive, and there is a continued effort to push for Epiphany to adopt HdyPreferencesWindow.

Soon, you will be able to edit CSS from Epiphany’s preferences; and the search engine management dialog has been ported.

In order to address the application manager overflow issue, the about: applications now has improved CSS for responsiveness.

Initial Setup

We have refactored adaptive changes for some long-needed cleanups, which will be submitted upstream eventually.


We have some brand new functionalities, such as new buttons, added for making a call and sending sms.

In preparation for Contacts integration with Calls and Chatty, we have been doing some investigation into libfolks, gnome-contacts-search-provider, and evolution-data-server. This led us to a major refactoring of GNOME Contacts, so as to reduce complexity.

We have added some fixes to avoid crashing when taking a webcam picture, using GNOME 3.32 avatar styles for fallback–and the avatar is no longer cut off. A long press for selecting contacts was also implemented.

We are still working on fake persona.


We are working hard to redesign GNOME Clocks for mobile/adaptiveness–and to get the Alarm UI to use new list patterns.


We did it–GNOME Help now works on the devkit!


We are focusing a lot of effort on the WWAN panel, where locked SIM cards are now handled (and there’s a dialog to enter a PIN to unlock the SIM), data can be enabled and APN can be set, and auto-connect for default APN is also enabled so that it is persistent across device restarts. The UX has been improved too, by using HdyColumn to center align the panel and porting to HdyDialog. Finally, the WWAN panel now also detects multiple modems!

But that’s not everything: other areas of GNOME Settings have seen adaptive changes too, such as the background panel, search locations dialog, and notifications dialog, which have been made adaptive; the GNOME Online Accounts has also been made adaptive, by reducing the account widget margins and setting a minimum and natural size–which required the account dialog to be adapted. Plus, we are currently updating the format dialog for the Region panel (in GNOME Online Accounts).

There’s a new design for the WiFi panel being discussed upstream, which will need to be implemented once consensus is reached.

Additional adaptive fixes are still under review upstream, and include fixing HiDPi scaling issue of background images, region panel, and privacy panel dialogs.


We have a shiny, new, user-friendly terminal for mobile screens called Kings Cross, which is now default on the Librem 5. Thank you so much, Zander Brown, for all of your hard work on this!

We have also set a default background image. In order to help debugging efforts, debug symbol packages have been added by default. We’re now shipping a patched UPower that detects the devkit’s charger and power supply.

Support for the Librem 5 has been upstreamed in Debian’s flash-kernel.


Our team fixed several keyboard crashes, too: keyboard visibility on DBus is properly toggled now, for example, and a text-input issue preventing the OSK from showing up automatically in the correct windows is fixed. We also made lots of cleanups across the code base (see some cleanups and imservice cleanups for more detail) as well as getting tests added, error-checking made stricter, and many other fixes.

Some scaling improvements were made by calculating the scale factor instead of pre-scaling; honoring the widget scale factor, and setting a constant font size.

Additional rendering upgrades included avoiding infinitely redrawing the keyboard (since this was making the keyboard blurry, as well as eating up battery and CPU cycles), fixing the blurry text and icons and making the widget easier to style. We also added frame rendering, in order to make the keyboard match the design.

To avoid hiding content behind the keyboard, LayerSurface improvements were made–and newer layer shell code from phosh implemented–to hide/show the window, instead of destroying and redrawing it every time. This helped us make squeekboard our default keyboard.

Sound support is being added in the keyboard.

And, thanks to Piotr Tworek, we fixed an out-of-bounds memory-read bug!

XKB keymaps are being generated from XML instead of using premade ones, to allow for more keymap flexibility, so we have also decided to make some keyboard geometry adjustments to make the XML simpler.

The navigation between keyboard views was significantly improved, and landscape orientation was added so the keyboard no longer takes up the full screen, being centered instead. Similarly, the keyboard is now centered horizontally. We have also started working on improving symbol input, and adding support for non-ASCII languages.

The text-input protocol has been updated; it now supports notifying when no OSK is needed.

Compositor + Shell

The compositor has seen many fixes by now–although at first you may hardly notice them. Stack handling works better now, and unmapped surfaces won’t be raised in the stack. In order to mitigate any accidental rendering bugs when, for instance, focus rules cause the function to return early, the view damage in set_focus, to where the drawing list is handled, has been moved. Additional work has been done to move the focus back to first shell surface when unfocusing layer surface. To make recent GTK dialog fixes behave properly, maximize/fullscreen state is now taken into account on view init.

The team has also made a few layer surface changes: a layer shell crash was fixed and unused protocols were removed.The system modal dialogs now match the design much better; the ability to unmaximize auto-maximized layers was removed to avoid a broken state; we fixed the layer shell show/hide, and now have the ability to use enums as types. Some protection was put in place to guard against negative exclusive zone when surfaces set negative margins.

Other noticeable changes are that you can now close an app from the overview, and the keyboard button is hidden when the keyboard is unfolded.

We have also added touch support in X11 backend!

We were worried about a few compositor crashes, which led us to make some input grab fixes for xdg_popups and remove input method’s resource from the list on destroy.

Other changes we made include dropping the pointer emulation on touch and auto-maximizing before mapping the surface, to avoid flicker for example when starting new applications.

Phosh has seen the addition of PhoshToplevelManager and PhoshToplevel classes for managing and representing toplevel surfaces; this switches from a private protocol to wlr-foreign-toplevel-management, which is more complete than our previous private protocol and makes phosh usable with other compositors that implements the new protocol. Reporting the surface’s parent is still pending upstream review.

As you boot your devkit now you’ll notice that you see your list of favorite apps immediately. This is the result of our recent effort to move the favorites to home screen–once again, thanks to Alexander Mikhaylenko, in this case for fixing the sizing of the activities! You’ll also notice our new animated arrows when folding/unfolding the home screen, and fix favorites changing via gsettings.


If you haven’t already, take a moment to read our blog post that details the Librem 5 team’s contributions to the 5.2 kernel.

But a few things have happened since: support has been added for our accelerometer and gyroscope, and it’s been submitted upstream. In order to make IIO-sensor-proxy work correctly, we mainlined an accelerometer driver bugfix–meaning we will soon be able to use IIO-sensor-proxy by default and auto-rotate so that we can remove the “Rotation” switch in the top bar.. and rely on the sensors to decide the orientation that should be displayed!

We have been working very hard to improve the graphics stack too. MXSFB support has been added into mesa, and several patches are in review upstream: v1 and v2 of the NWL MIPI DSI driver, v2 of the LCD panel patches to make it work embedded in a panel_bridge(which is used by the NWL driver), v1 of the MXSFB patch to handle NWL timing requirements. Some tests with MXSFB were fixed.

A couple of minor patches were made to fix a typo in i.MX8MQ reset names and IPUV3 kconfig.

Power Management

The team is trying very hard to better manage the power consumption of the phone and reduce the overall temperature: to make sure we don’t lose basic kernel support, we now check for cpuidle sysfs nodes and DRM render node. We are also working on helping NXP to mainline thermal-idle to cool the CPU by idle-injection; to ease kernel updates, we improved kernel tests–and the CPUs now slow down when hot, instead of overheating and shutting down.

Also, thermal management investigations have led us to a focused effort on S3 suspend/resume.


The mailing list now receives build status mails–if you’re interested, you can sign up for and receive them.

And the images will soon include our patched version of gnome-settings-daemon.


We have made several updates to the existing documentation: the low-level touchscreen reading hints, GNOME platform section, and application settings have all been updated, for example. We have also made many one-line updates to be able to use recent links, a more recent version of GNOME, etc.

As always, a big “Thanks!” to everyone that has helped review and merge changes into upstream projects; your time and contribution are much appreciated. That’s all for now, folks–stay tuned for more exciting updates to come!

The post Librem 5 August Update appeared first on Purism.

The Librem 5 Smartphone in Forbes

Tuesday 13th of August 2019 05:40:57 PM
Todd Weaver helps Moira Vetter answer the question “Is America Finally Ready For A Surveillance-Free Smartphone?” in a recent article in Forbes.

The article begins by pointing out that several companies have tried to release private, secure smartphones–and most have failed. Does that mean privacy and security are impossible to achieve? Well, not really, because:

One company wants to change the privacy-focused technology landscape

And that company is Purism. Not depending on the traditional Silicon Valley Venture Capital marketplace, and being a Social Purpose Company, Purism will never compromise its users security, or their privacy, for profit.

Purism’s crowdfunding campaigns on the Crowd Supply platform consistently achieved more than their funding goal. The latest, concerning the Librem 5 smartphone, raised over $2 million. And what makes the Librem 5 smartphone different from other phones? Several factors, such as the business model, an engaged community, and the fact that privacy and security are starting to be a great concern– and not just for everyday smartphone users, but for the government as well.

While the world continues to “opt-in” and share their every move, thought, comment, viewing whim, personal home climate preference, and family behavioral profile with the 2 or 3 companies running the world, there are people that find this repugnant.

Ultimately, desiring privacy does not mean having to go off the grid: a privacy-enhancing smartphone both empowers and enables its user.


Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the people—stand up for our digital rights, where you place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

.column-6:after { content: ""; min-height: 225px; /* padding-bottom: 30%; */ display: block; } .column-6 img { bottom: -0px; } @media only screen and (min-width: 600px) { .column-6:after { display: none; } .column-6 img { bottom: 0px; } }

The post The Librem 5 Smartphone in Forbes appeared first on Purism.

Curbing Harassment with User Empowerment

Thursday 8th of August 2019 02:25:32 PM
User empowerment is the best tool to curb online harassment

Online harassment is both a privacy and a security concern. We all know the story of how someone (typically a woman, studies say) states their opinion online and is then harassed to the point of leaving the service (or worse). Using the infamous “with an opinion” hook, we can frame a user story that affects more than 50% of the population:

User story: I am a marginalized person with an opinion. I want to intercept online harassment, so that I can communicate safely with friends and strangers.

The truth is that a motivated mob can target anyone, marginalized or not. We would all benefit from effective anti-harassment tools.

Don’t rely on the operator

Many current and proposed solutions to stop or curb harassment rely on one or more of these methods:

  • Human content moderation. Typically volunteer or low-paid, and subject to burnout. A moderation team simply does not scale, and cannot moderate private messages (we define “private” as “end-to-end encrypted”).
  • Server-side tracking. Error-prone “algorithms”, with little or no transparency, regularly make mistakes. And once more, they cannot apply to private messages.
  • Shoot-first takedown laws that skip the deliberative process and are frequently abused.
  • Corporate censorship, or any of the above distorted by bottom line.

It is tempting to rely on a server-side solution, whether that means the machine itself or humans working on your behalf. This can work on tiny scales if you have a trusted friend with both technical and legal know-how, but in all other cases the issues are compounded. To mashup two misunderstood quotes:

You solved a harassment problem by ceding control to the service? Now you have two problems.

Empower the user

We suggest that user empowerment via client-side features is a more robust and safer approach. Potential design patterns include:

1. Client-side heuristics

Server-side solutions necessarily put power in the hands of a developer or sysadmin. By contrast, client-side heuristics put power in the hands of the user, including the power to turn them off. Privacy Badger is a great example of this in practice:

  • Fresh installations use rules generated by offline training.
  • Additional rules based on behavior-based heuristics.
  • Additional customization for experienced users.
  • No ads, no calling home, no tracking.
  • Turn it off, for example if you are researching trackers.

Moving forward we aim to enhance all Librem One clients with badger-like functionality. We believe that the majority of cases won’t require machine learning, and could be handled with simple heuristics:

2. Safety mode

We can classify online correspondents into three groups:

  • Trusted contacts. People we talk to regularly, and trust.
  • Strangers. People we don’t know well, or don’t know at all.
  • Bad actors. People we don’t want to interact with, possibly based on the advice of a trusted contact.

Typically, we want to communicate with strangers online, so this should be possible by default. But if we are being actively harassed, we can assume that further messages from strangers are unsafe, and switch our account to “safety mode”–rejecting messages, invites and other interactions from strangers. We can rely on our trusted contacts for help and support, including passing on well-wishes from strangers.

At-risk individuals might choose to start their account in safety mode.

Trusted caretakers might maintain lists of bad actors, but trusting a caretaker should require very careful consideration: What is their governance model? What is their appeals process? Do they leak information about list recipients?

3. Crowd-sourced tagging for public content

In the specific case of public posts, we believe that public crowd-sourced tagging (aka, folksonomy) is a sustainable and fair replacement for human moderation, caretaker-lists and takedowns.

This approach takes moderation power out of the hands of a few sysadmins and corporate moderation teams, and grants it to all users equally. Users are free to decide which user-moderator they trust, and filter based on their tags–or skip moderation entirely.

Nicole Faerber nominated for “CTO of the Year” by Women in IT Awards

Wednesday 7th of August 2019 01:56:51 PM
Our very own Nicole Faerber has made it to the short-list for “CTO of the Year” by the Women in IT Awards!

Congratulations are in order–we are so proud to say that Nicole Faerber just got nominated to the short-list of such a meaningful award. Nicole’s nomination means a lot to Purism, and we are here today to say just so.

She totally deserves this nomination (and, if we may say so ourselves, she’d also deserve to get the award…) for oh-so-many reasons:

  • for her amazingly innovative work on our upcoming Librem 5 smartphone
  • for her concerns about privacy and security and avoiding data and user exploitation
  • and of course her assertive presence in the free software community, where she contributes to making free software an industry standard… helping the rest of the world take its possibilities seriously.

So thank you, Nicole Faerber for all that you do!

“Women have been an important part in creating the very foundations of modern IT, naming Ada Lovelace as just one example (here and here are some more), and have ever since played an important role in IT and computer science.” – Nicole

Women in technology are clearly not represented enough: they amounted to somewhere between 2% and 5% of all programmers a decade ago, and about 10% now. At Purism, we pride ourselves on being gender diverse, in addition to being racially and geographically diverse. Our full team is comprised of 20+% women (with women accounting for 37+% of our board, and 33+% of Purism executives) and we continue to work to increase that percentage. Diversity is an asset, and creates safe workplace environments. If you want a safe workplace environment that respects diversity, we are hiring.

The post Nicole Faerber nominated for “CTO of the Year” by Women in IT Awards appeared first on Purism.

More in Tux Machines

FOSS in SaaS/Back End/Databases

  • What to expect from Scylla Summit 2019

    Scylla (the company) takes its name directly from Scylla [pronounced: sill-la], a Greek god sea monster whose mission was to haunt and torment the rocks of a narrow strait of water opposite the Charybdis whirlpool. Outside of Greek history, Scylla is an open source essentially distributed NoSQL data store that uses a sharded design on each node, meaning each CPU core handles a different subset of data.

  • Licence to grill: A year on, MongoDB's Eliot Horowitz talks to The Reg about SSPL

    A year after its controversial switch to the Server Side Public License (SSPL), and with new products livening up the summer, MongoDB remains unrepentant. The change was aimed at making vendors selling a service using the company's code share the source of applications used to run the service as well as any tweaks. The move appeared to be aimed squarely at cloud vendors, content to "capture all the value and give nothing back to the community," as Dev Ittycheria, CEO of MongoDB, told us at the time. Elements of the open source community were less than impressed. The Open Source Initiative (OSI) rejected the company's attempts to get the licence approved and eventually MongoDB withdrew the thing from the process, although the company continued to use it for its own products. Indeed, at MongoDB's London .Local event, where we met co-founder and CTO Eliot Horowitz, the company was trumpeting the opening up of its Compass GUI for MongoDB under the SSPL.

  • From Russia with OLAP: Percona uses ClickHouse analytics

    At Percona Live Europe last week, one such example came up around the open source scene that is developing in Russia and how one of the projects that is now starting to open up to international use.

  • The love and the lament: Percona CEO details state of open source data

    Open source has changed, obviously it has. Starting from its origins among the hobbyist programmers and hackers who dared to defy the proprietary Silicon Valley behemoths, the open community-centric model for software development has now been widely adopted by the commercial software sector. In many cases, open source has become the norm for modern platforms, tools and applications. But how has this affected the nature of open development and what impact has this shift left in its wake on the data landscape that we view today?

  • GraphDB 9.0 Open Sources Its Front End and Engine Plugins to Support Knowledge Graph Solutions

    Ontotext has announced GraphDB 9.0, which is aimed at lowering the effort required for development and continuous operation of knowledge graphs by opening multiple integration extension points for its users and developers. GraphDB is a database for managing semantic information with more than 30 large production installations in big enterprises. With the growing complexity of enterprise data integration, many organizations are starting the journey of building knowledge graphs.

  • Ververica Announces Open Source Framework to Enable Lightweight, Stateful Applications at Scale

    Ververica, the original creators of Apache Flink, today announced at Flink Forward Europe the launch of Stateful Functions (, an open source framework that reduces the complexity of building and orchestrating stateful applications at scale. Stateful Functions enables users to define loosely coupled, independent functions with a low footprint that can interact consistently and reliably in a shared pool of resources. Ververica will propose the project, licensed under Apache 2.0, to the Apache Flink community as an open source contribution.

  • DataStax offers bidirectional data dexterity for Apache Kafka

    DataStax has opened up ‘early access’ to its DataStax Change Data Capture (CDC) Connector for Apache Kafka, the open source stream-processing (where applications can use multiple computational units, similar to parallel processing) software platform. As a company, DataStax offers a commercially supported ‘enterprise-robust’ database built on open source Apache Cassandra. Stream processing is all about speed and cadence, so, the DataStax CDC Connector for Apache Kafka gives developers ‘bidirectional data movement’ between DataStax, Cassandra and Kafka clusters.

Security: WireGuard, SafeBreach and More

  • WireGuard Snapshot `0.0.20191012` Available
    Hash: SHA256
    A new snapshot, `0.0.20191012`, has been tagged in the git repository.
    Please note that this snapshot is a snapshot rather than a final
    release that is considered secure and bug-free. WireGuard is generally
    thought to be fairly stable, and most likely will not crash your
    computer (though it may).  However, as this is a snapshot, it comes
    with no guarantees; it is not applicable for CVEs.
    With all that said, if you'd like to test this snapshot out, there are a
    few relevant changes.
    == Changes ==
      * qemu: bump default version
      * netns: add test for failing 5.3 FIB changes
      Kernels 5.3.0 - 5.3.3 crash (and are probably exploitable) via this one liner:
      unshare -rUn sh -c 'ip link add dummy1 type dummy && ip link set dummy1 up && ip -6 route add default dev dummy1 && ip -6 rule add table main suppress_prefixlength 0 && ping -f 1234::1'
      We fixed this upstream here:
      This is relevant to WireGuard because a very similar sequence of commands is
      used by wg-quick(8).
      So, we've now added some tests to catch this code path in the future. While
      the bug here was a random old use-after-free, the test checks the general
      policy routing setup used by wg-quick(8), so that we make sure this continues
      to work with future kernels.
      * noise: recompare stamps after taking write lock
      We now recompare counters while holding a write lock.
      * netlink: allow preventing creation of new peers when updating
      This is a small enhancement for wg-dynamic, so that we can update peers
      without readding them if they've already been removed.
      * wg-quick: android: use Binder for setting DNS on Android 10
      wg-quick(8) for Android now supports Android 10 (Q). We'll be releasing a new
      version of the app for this later today.
    This snapshot contains commits from: Jason A. Donenfeld and Nicolas Douma.
    As always, the source is available at and
    information about the project is available at .
    This snapshot is available in compressed tarball form here:
      SHA2-256: 93573193c9c1c22fde31eb1729ad428ca39da77a603a3d81561a9816ccecfa8e
      BLAKE2b-256: d7979c453201b9fb6b1ad12092515b27ea6899397637a34f46e74b52b36ddf56
    A PGP signature of that file decompressed is available here:
      Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE
    If you're a snapshot package maintainer, please bump your package version. If
    you're a user, the WireGuard team welcomes any and all feedback on this latest
    Finally, WireGuard development thrives on donations. By popular demand, we
    have a webpage for this:
    Thank you,
    Jason Donenfeld
  • WireGuard 0.0.20191012 Released With Latest Fixes

    WireGuard is still working on transitioning to the Linux kernel's existing crypto API as a faster approach to finally make it into the mainline kernel, but for those using the out-of-tree WireGuard secure VPN tunnel support, a new development release is available.

  • SafeBreach catches vulnerability in controversial HP Touchpoint Analytics software

    Now the feature is embroiled in another minor controversy after security researchers at SafeBreach said they uncovered a new vulnerability. HP Touchpoint Analytics comes preinstalled on many HP devices that run Windows. Every version below is affected by what SafeBreach found. In a blog post, SafeBreach Labs security researcher Peleg Hadar said that because the service is executed as "NT AUTHORITY\SYSTEM," it is afforded extremely powerful permissions that give it wide access. "The CVE-2019-6333 vulnerability gives attackers the ability to load and execute malicious payloads using a signed service. This ability might be abused by an attacker for different purposes such as execution and evasion, for example: Application Whitelisting Bypass Signature Validation Bypassing," Hadar wrote. [...] The company has long had to defend HP Touchpoint Analytics against critics who say it gives HP unnecessary access to users' systems. When it first became widely noticed in 2017, dozens of users complained that they had not consented to adding the system.

  • Security Tool Sprawl Reaches Tipping Point
  • How trusted digital certificates complement open source security

    Application developers incorporating open source software into their designs may only discover later that elements of this software have left them (and their customers) exposed to cyber-attacks.

  • Securing the Container Supply Chain

FOSS in Finance/Currency Leftovers

Programming Leftovers

  • Xilinx unveils open source FPGA platform

    The Vitis unified software platform from FPGA vendor Xilinx is the result of five-year project to create software development tools using familiar languages like C++ and Python to develop a wide range of applications for its reprogrammable chip.

  • Listen: How ActiveState is tackling “dependency hell” by providing enterprise-level support for open source programming languages [Podcast]

    “Open source back in the late nineties – and even throughout the 2000s – was really hard to use,” ActiveState CEO Bart Copeland says. “Our job,” he continues, “was to make it much easier for developers to use open source and much easier for enterprises to use open source.”

  • 10 open source projects proving the power of Google Go

    Now 10 years in the wild, Google’s Go programming language has certainly made a name for itself. Lightweight and quick to compile, Go has stirred significant interest due to its generous libraries and abstractions that ease the development of concurrent and distributed (read: cloud) applications. But the true measure of success of any programming language is the projects that developers create with it. Go has proven itself as a first choice for fast development of network services, software infrastructure projects, and compact and powerful tools of all kinds.

  • The Eclipse Foundation Launches The Eclipse Cloud Development Tools Working Group for Cloud Native Software

    The Eclipse Foundation today announced the launch of the Eclipse Cloud Development Tools Working Group (ECD WG), a vendor-neutral open source collaboration that will focus on development tools for and in the cloud. The ECD WG will drive the evolution and broad adoption of emerging standards for cloud-based developer tools, including language support, extensions, marketplaces, and developer workspace definition. Founding members of the ECD WG include Broadcom, EclipseSource, Ericsson, IBM, Intel, Red Hat, SAP, Software AG, and Typefox among many others.

  • You cannot cURL under pressure

    With cURL having this many features (with the general mass of them being totally unknown to me, let alone how you use them) got me thinking… What if you could do a game show style challenge for them?

  • Follow-up on ‘ASCII Transliteration without ICU or iconv’

    By an anonymous commenter, I got pointed to that Unicode (in Qt) is slightly more complicated than I had considered when writing the code: I missed to handle planes beyond the Basic Multilingual Plane (BMP) and the ‘surrogates’ between code points 0xD800 and 0xDFFF. In a series of recently pushed Git commits I addressed problem of surrogates and fixed some more issues. Some preparatory work has been done to support more planes in the future, but as of now, only the BMP is supported. For details, please have a look at the five commits posted on 2019-10-12.