Language Selection

English French German Italian Portuguese Spanish


Syndicate content Purism
High-quality laptops that protect your freedom and privacy
Updated: 13 hours 35 min ago

Purism’s Librem 5 Progress in Videos

Wednesday 17th of April 2019 03:10:05 PM
The Purism team is making a remarkable progress to deliver the Librem 5 phone.

Nothing shows the progress we have been making quite as clearly as a demonstration of the Librem 5 status from the devkit itself – so let us take you through a handful of (short) videos showcasing the current possibilities and development of our Librem 5 devkit:

Bootup in under 10 seconds

In this video we get to witness the devkit’s amazingly fast bootup – less than 10 seconds!

Incoming call

Here we are, receiving a voice call on the Librem 5 devkit.

SMS text messaging in chat application

Using the Librem 5 chat application to send and receive sms text messages (and hello world).

Web browsing and video playback

You can now browse the web, choose a video and watch it play.

Librem 5 devkit to devkit calling

And finally, the really awesome one that never fails to amaze: voice calling from devkit to devkit.

That’s it for now, we hope you are as happy about what you’ve just seen as we all are.


You can pre-order your Librem 5 phone now

Purism at SCaLE 2019 – Retrospective on Secure PureBoot

Monday 15th of April 2019 03:09:20 PM
In March, Purism took part in the Southern California Linux Expo – SCaLE 2019.

Once again, we were so busy we barely had the time to leave our booth: people were very interested in the Librem 5 devkit hardware, in the latest version of the Librem laptops and PureOS, on having the same apps for the Librem laptops and the Librem 5 phone… so we got to do the full pitch. On a less technical note, our swag was quite a success. People told us they loved our paper notebook and carpenter pencil, and asked questions about the pencils – which, according to Kyle Rankin, Chief Security Officer of Purism, have a section that is “kind of shaped like our logo”, and being carpenter pencils “are designed so you can sharpen them without having to use a proprietary pencil sharpener.” Visitors (and team) loved them for being beautiful, unusual and useful.

Above all, our audience wanted to see the PureBoot demos (apart from an inspirational young attendee, who asked his grandmother to take him to SCaLE specifically so he could meet Todd Weaver, our founder and CEO) – and each time we thought we could take a break, someone else came up and asked about PureBoot. We had constant demonstrations of PureBoot on a Librem 13v4 and Librem Key, and got lots of excitement from the security community and enterprise customers – national and international.

PureBoot, as introduced earlier, is a combination of hardware – a trusted platform module (TPM) inside a Librem laptop – with a disabled Management Engine. It boots using a coreboot BIOS and a Heads payload, that verifies it hasn’t been tampered with, using a Librem Key. This combination is the strongest security available in computing devices. Unlike other secured boot processes, this combination also allows you to control and sign with your own keys. We were frequently asked to demonstrate PureBoot for enterprise use cases – specifically, what the best-practices would be for an enterprise to secure their fleet of laptops; these same enterprise best-practices may also be applied to an individual, whether a beginner or a security expert.

During the in-person demonstration, Purism team members showcased for the first time the complete PureBoot solution from start to finish (and we are about to get technical):

  • A Librem 13v3 /boot partition was frozen in time and signed with a user-generated gpg key, on a Librem Key. The happy path is proven by an inserted Librem Key; the Librem laptop is powered on to show the device matches the previous known-good-state – and the LED blinks green.
  • The system is booted and PureBoot unlocks the encrypted disk, using the Librem Key and the user’s PIN. The Librem Key is then removed, and a malicious attack is simulated by modifying the secrets stored in the TPM.
  • The Librem Key is inserted, the Librem laptop powered back on, the measurements failed to match – alerting the user that the device was tampered with (since the last known-good-state) by a bright red screen on the Librem laptop, and a constantly blinking red LED on the Librem Key.
  • The user of the Librem laptop can now decide how to handle the tampered-with laptop: by flipping the Hardware Kill Switch on the WiFi/BT and deciding to boot; by booting from a known-good USB recovery OS and performing forensics on the system; or by working with Purism to return the system to a known-good factory state.
PureBoot Enterprise Best Practices

The best practices for enterprise using Pureboot were also described to a regular audience at the Purism booth in Pasadena, and here they are, for reference:

  • The IT/Security department uses an airgapped Librem Laptop, and they generate GPG keys for all staff and copy the GPG key per staff, onto an individual’s Librem Key;
  • They physically label the Librem Key for the staff member, sign the staff member’s Librem laptop with the Librem Key, hand the Librem laptop (and Librem Key) to the staff member, who boots and sets up the Librem laptop like normal; uses the Librem Key for tamper-detection, disk-decryption, mail encryption among other uses, such as anti-interdiction;
  • If a Librem Key is lost, a new key can be created from the airgapped backup Librem laptop, and handed to the staff member.
  • If a device was tampered with, the IT/Security department can have any number of policies implemented including: Librem laptop drops to offline mode for document recovery; Librem laptop optionally wipes the disks, or Librem laptop flags the user to bring it to IT/Security.

This offers the best in class enterprise control, measuring single-bit detection and tampering on a signed image – while subscribing to the usable computing practice of “boot not brick” of devices in the field.

It was really nice meeting you at SCaLE, and we hope to see you next time.

Coreboot News: New Script, Pre-built Binaries and PureBoot on Non-TPM Laptops

Thursday 11th of April 2019 02:05:17 PM

Things have been busy in the coreboot department, lately, and we are excited to announce a number of new improvements:

  • Pre-built binaries of our default coreboot BIOS firmware
  • Pre-built binaries of our tamper-evident PureBoot firmware
  • Improved script to automate coreboot builds and flashing from pre-built binaries
  • PureBoot tamper-evident support for non-TPM Librem 13 version 2 and Librem 15 version 3 systems
Pre-built Binaries

In the past, updating to our latest coreboot BIOS images required you to go through an automated, yet time-consuming process, of downloading and compiling coreboot from scratch. While we know that many people prefer building the firmware from source–after all that’s one of the big advantages to using free software –some would rather have the convenience of pre-built binaries, for the same reason they like pre-built binaries for regular OS packages.

This is a way of getting convenience while also knowing the ROM you are loading has already been tested for your particular laptop version. Just like with our regular coreboot BIOS, trying out our beta PureBoot firmware images–that use Heads instead of SeaBIOS–required users to go through a somewhat complicated process of building from source. While we hope to soon offer PureBoot as a pre-install option when you buy a laptop, in the mean time we will be providing pre-built PureBoot firmware binary images.

Starting today, you can get binary ROM images both for our traditional coreboot and PureBoot in the repository. We’ve already disabled and neutralized the Intel Management Engine in these pre-built images as well. As we update and make improvements to coreboot, we will keep these images up-to-date—a great reference point if you want to make sure you are running firmware with the latest updates and security improvements.

Improved Flashing Script

Providing pre-built images is a good start to making our coreboot images easier to install and update, but we do realize most people don’t want to figure out how to use flashrom on the command line, and we are releasing a new and improved flashing script at so it’s easier to either pull down the latest pre-built coreboot binary, or build it yourself. If you are using the traditional coreboot BIOS, it will even flash the update for you, whether you want to update the traditional SeaBIOS coreboot image or transition over to PureBoot. Current PureBoot users should flash from within the trusted Heads environment itself: the script detects it and provides users with instructions on which ROM file they should copy to a USB disk and flash.

To use the improved script, copy and run it as root. The README for the script lists what dependencies you need, and the script itself will also detect and alert you if you are missing packages it needs:

mkdir ~/updates cd ~/updates wget -O sudo bash ./ PureBoot Tamper-evident Support for Legacy non-TPM Laptops

We make sure our own security, and our improvements aren’t limited to those who buy our latest hardware. This is why we ported coreboot to the Librem 13 version 1 and continue to provide coreboot updates to it and other early Librem laptops. One of the things I’m most excited to announce is that we have ported PureBoot tamper-evident support into Skylake-based Librem laptops without TPM chips! This means that if you have a Librem 13 version 2 or Librem 15 version 3 without a TPM, you can now use a Librem Key in place of your TPM chip and get similar protection against tampering!

Heads Using a Librem Key How Does This Work Without A TPM?

When we first announced our partnership with Trammell Hudson to port Heads to our laptops, we also started offering TPM chips, first as an optional upgrade for an extra cost and ultimately installed by default for no extra charge. Until now, the TPM chip was needed to store all of the pre-approved firmware measurements securely, as that was the only method Heads supported; once we announced the addition of the Librem Key to our product line, we realized that there might be a way for the Librem Key to take the place of the TPM for older Librem laptops.

Traditionally, Heads will send measurements of itself to the TPM, and if it matches the pre-approved measurements you originally set up the TPM will unlock a secret that gets converted into a 6-digit HOTP code and sent to the Librem Key, which has its own copy of the secret and generates its own 6-digit HOTP code. If the code it receives over USB matches the code it generates, it flashes a green LED; otherwise it flashes a red LED to alert you of tampering.

When configured for a system without a TPM, and instead of using a random secret that’s unlocked with the correct firmware measurement, our PureBoot Heads ROM uses the firmware measurement itself—converted to a hash—as the secret. When originally setting it up, the Librem Key is to be configured to store a copy of that secret. Upon boot, Heads uses its own local flashrom to pull down a full copy of the running firmware, hashes it, and converts it into a 6-digit HOTP code. Like before, it sends that HOTP code to the Librem Key and the Librem Key compares it with the code it generates. If they match, green LED, if they don’t, red LED.

This method turns the Librem Key into a kind of external TPM—at least in the sense that the device itself is being sent firmware measurements instead of the TPM, in the form of a hash converted into a 6-digit code. The main practical difference you’ll notice is that the no-TPM solution takes an additional number of seconds at boot, before you will get to the first boot prompt—as it takes time to copy down the full firmware image.

What’s Next for Coreboot

We are working on a number of additional improvements to make coreboot, PureBoot and our coreboot update process even better. Among them is a migration to coreboot 4.9, compiling the PureBoot firmware from source and from within our firmware update script; more automation around the initial PureBoot and Librem Key setup process, and maybe—if there’s sufficient interest—backporting PureBoot to Broadwell-based Librem laptops (13 version 1 and 15 version 2).

Purism at LibrePlanet 2019 – Showcasing the Librem 5 Phone

Tuesday 9th of April 2019 04:08:43 PM

This year’s edition of LibrePlanet went on so well, we had people stopping by to ask questions before the conference was open for the day.

Purism’s booth was busy, and people were happy to see us. Nearly everyone we talked to had been following our progress, and everyone was excited to see things in-person. We showcased the fourth version of Librem laptops, and made regular demonstrations of both PureBoot on a Librem 13v4 and Librem Key. Above all, we drew a lot of excitement around the in-person viewing of the Librem 5 devkit. So much excitement, we really wanted to write about the commotion caused by the Librem 5 development – and specially about the devkit demonstration – not only among the audience but also within our own team members.

The Librem 5 phone may still be months away from delivery, but the Librem 5 devkit is under very rapid development. Showcasing our progress is something we’re very proud of, so at the first day of LibrePlanet we whet the appetite of audience members by showcasing sub ten-second boot times from powered-off state to unlock-screen… and we also showed off the initial application support of calling, settings, chat/sms, and browser.

But it gets better: on the second day we drew audible gasps of astonishment – from people in the audience and staff alike – when we demonstrated a voice call from a phone to the Librem 5 devkit and it rang on cue, alerting of the incoming voice call. To add to the excitement, the Purism staff then powered up a second Librem 5 devkit and opened the chat/sms program and sms (text) – and messaged to and from another staff member over the cellular connection.

The Librem 5 as a product highlights the impressively diverse nature of our team’s expertise at Purism – from schematics through kernel development, through the creation of phosh; from the authorship of libhandy to initial adaptive design of core applications such as Web to PureOS Store and house curated applications, all the way to custom in-house design and the development of Calls, and Chat. A good summary to our presence at LibrePlanet, a few weeks ago, is that it ended up being an impressive demonstration of what people expect to get when the Librem 5 begins shipping in Q3 of 2019. And how amazed they will be at what they get.

Librem Laptop RAM and Storage Bump, 32GB max RAM

Friday 5th of April 2019 03:27:26 PM

Technology is constantly improving, and we do get excited whenever we can add those improvements and upgrades to our products — especially when we can do so without raising prices. Recently, we announced a version 4 upgrade for our Librem 13 and Librem 15 laptops; today we are happy to announce we have upgraded the default configuration on both laptops to 8GB RAM and a 250Gb M.2 SATA disk, while keeping the same base price of $1399 and $1599 respectively.

We know that many of our customers have high RAM requirements, whether that’s due to using a RAM-hungry OS like Qubes or to just having too many chat tabs open in your browser. The single SO-DIMM RAM slot in the Librem 13 and Librem 15 meant an upper limit of 16GB RAM on our laptops… until now. Due to constant advances in RAM density we have been able to validate 32GB SO-DIMMs in our current product line and starting today will offer 32GB RAM as a premium upgrade to both the Librem 13 and Librem 15. If you’ve been holding off on your Librem laptop order because of RAM, wait no longer!

Purism Becomes PIA’s First OEM Partner

Thursday 4th of April 2019 03:03:24 PM
PIA’s popular VPN platform will be fully integrated into Purism’s software and hardware offerings for unprecedented security and privacy protection

SAN FRANCISCO, Calif., April 4th, 2019 — Purism, the social purpose corporation which designs and produces popular secure hardware, software, and services, is working with Private Internet Access (PIA) as its very first OEM partner to bring an unprecedented combination of tracking-free and encrypted tools and services to the people.

PIA is, and has been since its inception, renowned for its popular VPN service that refuses to log user data. The company is committed to privacy protection and internet freedom and is a longtime sponsor of internet privacy advocates such as EFF and the Software Freedom Conservancy. By combining its signature VPN capabilities with Purism’s leading secure hardware and software products, the two will create a first-of-its-kind bundle for users to set up a privacy protecting and secure environment out of the box. The addition of PIA as a VPN partner strengthens Purism’s growing roster of partners and services that make its Librem line the most comprehensive privacy and security focused offering on the market. Other existing partnerships include Nextcloud for secure document management, Matrix for secure chat, Werner Koch GPG expert, Trammell Hudson who supported Purism’s industry first TPM integration with Heads, and Nitrokey’s development of Purism’s Librem Key for physical encryption.

“PIA is the gold standard of VPNs, and we are thrilled to be working with a company that is so closely aligned with our ethics,” said Todd Weaver, founder and CEO of Purism. “PIA has stood behind their commitment to protect user data, whether it’s taking a political stance to promote broadband privacy with a full page ad in the New York Times or demonstrating in court that they truly do not log their customers’ data. Our partnership with them is a big win for users who don’t want to sacrifice convenience or freedom in the products they use.”

“Purism has been an important player advancing the cause of internet privacy and freedom and are the perfect partner for us to work with on integrating PIA into a broader suite of hardware and software,” said Ted Kim, CEO of Private Internet Access. “Combining our privacy protecting VPN capabilities with Purism’s line of products will provide the ultimate security package to users.”

Purism plans to include PIA-based VPN by default in the Librem 5 phone, as well as within PureOS for its Librem 13 and Librem 15 laptops. Purism will also collaborate with PIA on a future services bundle.

About Purism Purism is a Social Purpose Corporation devoted to bringing security, privacy, software freedom, and digital independence to everyone’s personal computing experience. With operations based in San Francisco (California) and around the world, Purism manufactures premium-quality laptops and phones, creating beautiful and powerful devices meant to protect users’ digital lives without requiring a compromise on ease of use. Purism designs and assembles its hardware by carefully selecting internationally sourced components to be privacy-respecting and fully Free-Software-compliant. Security and privacy-centric features come built-in with every product Purism makes, making security and privacy the simpler, logical choice for individuals and businesses. Media Contact Marie Williams, Coderella / Purism +1 415-689-4029 See also the Purism press room for additional tools and announcements.

The Future of Computing and Why You Should Care

Tuesday 2nd of April 2019 03:49:04 PM The future of computing and why you should care

(transcript follows)

Let me set the tone by using a quote from a great person of history:

“The ultimate tragedy is not the oppression and cruelty by the bad people, but the silence over that by the good people.” ~ Martin Luther King Jr.

Let me start by stating: I believe we can change the future of computing for the better. However, currently something is wrong with our digital world; something basic, something is rotten at the core. I want to talk to you about what that is, how it came to be, and why we must change it. And I want you to care… because:

“A person who won’t care, has no advantage over one who doesn’t care.” ~ Mark Twain

This talk comes in three parts:

Part 1. History

The history of the mistreatment of our digital rights.

Most Big Tech companies that abuse people are based in the US, therefore I will describe the history from that perspective. Some things you need to understand: Governments write the rules of the game that society plays. There are always rules, and governments influenced by Big Tech are writing those rules. If you are somebody who wants no rules whatsoever, you will quickly realize rules will be written that govern you, without your involvement.

My sage advice to you: Write the rules. Let’s write the rules that we want to see in an ethical society that respects freedoms and liberties.

Nearly everybody knows that exploitative Big Tech abuse our digital rights, because it’s at the core of their business. It’s the root problem. It will not “get better” unless any one of three things happen:

  1. Government regulation (that is ethical for society)
  2. Business models change (to something ethical for society)
  3. People switch (to something ethical for society)

Big Tech—corporations whose business model exploits humanity for profit—they all suffer from a systemic toxin, that discourages personal freedoms and removes any digital rights we as society demand. Big Tech corporations are already starting the marketing to try to differentiate themselves from it. But marketing alone will not remove the poison within their business model.

Minor disclaimer: You may ask “But… You’re a Company?” Actually, we’re a Social Purpose Corporation (SPC). And that is not just a series of buzzwords, it’s a legal framework of a business that carries with it significant importance. it is the reason we can’t ever exploit people for profit, it is the reason we are unlike all Big Tech who were formed to strip your digital rights in the name of maximizing shareholder value.

There was a recent article in Inc. magazine about us:

“Purism is what is called a ‘Social Purpose Corporation,’ which allows a business to prioritize social objectives over fiduciary duties.” ~ Christine Lagorio-Chafkin – Senior writer Inc.

Let me dive deeper into the problem. All corporations, including all Big Tech giants, have a single goal: Maximize Shareholder Value. That’s it. That’s the only goal. But it’s not just a goal. Under eBay v. Newman, a lawsuit setting legal precedent stating:

The law makes it literally malfeasance for a corporation not to do everything it legally can to maximize its profits.

So if given the choice of making $1 by exploiting people online, or opting to treat people ethically, the Corporation must exploit people online for the dollar, or the board of directors and executives could face a lawsuit from any shareholder that claims they did not maximize the value of their shares.

The regulations at the foundation of Big Tech are forcing the exploitation of our digital rights.

Quoting Chancellor William B. Chandler, III who sums up the problem perfectly in his Delaware Court opinion when eBay sued Craigslist for not maximizing its shares:

“Having chosen a for-profit corporate form, the directors are bound by the fiduciary duties to promote the value of the corporation for the benefit of its stockholders.” ~ Chancellor William B. Chandler, III

We have centuries of legal precedent in the physical world, advanced by science and society guiding our moral compass, trespassing laws, freedom of speech, privacy rights, protection against personal harm and abuse. We have nearly no digital rights. Big Tech trespasses on your data, restricts speech, obliterates privacy entirely. Big Tech exploits people, causes harm and inflicts abuse upon our society.

If somebody approached your bedroom window from outside, put a camera up and started recording, you would immediately call the authorities and report the numerous laws broken—a case would be opened, arrests could be made, charges could be pressed, trials could ensue, criminals could go to jail; but in the digital world none of that exists—you are forced to leak far more details than a camera in your bedroom would share, and you are forced to leak that personal data from your phone all the time.

Big Tech exploits you every millisecond of every day.

All future government regulation will be influenced, funded, and lobbied by Big Tech. Could you imagine a future regulation where Big Tech wins to cryptographically sign everything with their keys, under their control on their products? What a nightmare scenario… Could you imagine your mobile phone under the complete control of Apple or Google?

We need to write the rules based on values we want in society.

AI algorithms from Big Tech have one input variable: $Maximize_Shareholder_Value. That translates directly into

  1. Gather everything on all of the society
  2. Keep people digitally captive
  3. Maximize exposure time
  4. Polarize opinion to elicit more profit

That is not what AI should be taught. Due to data manipulation, no two people in society are getting the same information; it is impossible to have a sane debate about any polarizing topic because we aren’t starting with a foundation of shared knowledge. What if the input request to AI algorithms was “Build an ethical society that respects freedoms and digital rights”? What would society look like then?

Maximizing shareholder value in a society that has nearly no digital rights, guarantees exploitation of that society. Why did we let this happen? How did we let this happen? I know why. Because… It’s convenient to give up control. It is convenient for you to download a proprietary application that exploits you, agree to the legal binding terms of service you didn’t read, and blissfully believe Big Tech is helping you in the digital world. It’s inconvenient to stand up for your freedom.

It seems we are offered to choose between convenience and control or inconvenience and freedom

I believe we can have both convenience AND freedom. We can actually build technology that benefits society faster when they are based on principles we deem ethical.

Society’s technology genius is not lacking, its moral genius is. Trust in Big Tech is eroding rapidly. No Big Tech company has core values that help our digital rights. The largest challenge we will face is the marketing budgets of Big Tech, when they claim things like:

“We protect your privacy” ~ Big Tech
Actually, You exploit personal private data without a persons knowledge
“We use encryption” ~ Big Tech
Actually, It’s inside proprietary apps that you control
“We are secure” ~ Big Tech
Actually, You hold the master keys controlling society
“You can trust us” ~ Big Tech
Actually, You won’t let anybody verify anything
Part 2: The present

Currently, Big Tech is maximizing shareholder value without values. The products, software, and services offered by Big Tech will continue to mistreat people unless we can establish what digital rights are and change society for the better.

Then we advocate, regulate, and build products that adhere to those digital rights.

Mark Twain famously wrote:

“It is curious that physical courage should be so common in the world and moral courage so rare.” ~ Mark Twain

I believe there are five fundamental digital rights:

1. Right to Change Providers
If a person wants to change a service provider, they can easily move to another. (Decentralized Services)
2. Right to Protect Personal Data
A person owns and controls their own master keys to encrypt all data and communication, nobody else. (User-controlled Encryption)
3. Right to Verify
Society has the freedom to inspect the source of all software used, and can run it as they wish, for any purpose. (Software Freedom)
4. Right to be Forgotten
A service provider only stores the minimal personal data necessary to provide the service. Once the data is no longer required, it is deleted. (Minimal Data Retention)
5. Right to Access
A person must not be discriminated against nor forced to agree to any terms and conditions before accessing a service. (Personal Liberty)

If we can do those things, we can change the future of computing for the better.

Part 3: The future

As technology gets closer and closer to our brain, the moral issues of digital rights become clearer and clearer.

It started with computers, where we would leave them and come back to them. Then phones, that we always have on or near us with millisecond leakage of personal data beyond human comprehension. Then wearables, that are tracking very private details. IOT devices are everywhere— I have to stop to remind everybody: “The S in IOT is for Security” ~ Anonymous—and finally, surgically implanted.

A question to consider: What Big Tech Company would you purchase your future brain implant from? This is coming.

However, I believe we can change the future of computing for the better. Let’s stand together and invest, use, and recommend products and services that respect society.

What future will you choose?

π day

Thursday 14th of March 2019 01:05:44 PM
Consider doing something round, today.

Pi Day is celebrated everywhere on March 14th (3/14), since π is the mathematical symbol for the ratio of the circumference of a circle to its diameter – numerically, approximately 3.14159.

But this irrational and transcendental number can go on and on, millions of digits beyond the decimal point, never repeating itself, never forming a pattern.

We know we had you at ‘irrational and transcendental’.

So let’s celebrate. Recite as many of the infinite digits of Pi as you can remember, memorizing is good for the brain anyway. Organize π-reciting contests. Eat pie. Eat pizza, it counts as pie. Eat anything round (and edible, please). Eat cake with friends (it’s also Einstein’s birthday, if you need a reason); eat donuts, eat cookies. Walk around in circles, have circular thoughts, throw pies at your colleagues, appreciate the casual relation between the ratio of the circumference of a circle and the English word for pastries filled with sweet goodness.

Or savory. We don’t want to impose. And have a nice π day.

Lockdown Mode on the Librem 5: Beyond Hardware Kill Switches

Monday 11th of March 2019 03:49:02 PM

When I tell people I work for Purism and I’m asked what Purism does, the explanation I give to the average person is along the lines of: “we make privacy and security respecting hardware that runs free software.” Immediately after that, I almost always point to our hardware kill switches to demonstrate how we take a different approach from most other hardware out there. To me it’s a great example of a simple, easy-to-understand security measure that provides a tangible benefit to everyone.

Like with our Librem laptops, our Librem 5 smartphone will also feature kill switches; but unlike the laptops it will have three kill switches, not just two:

  1. cameras and microphone
  2. WiFi and Bluetooth
  3. cellular baseband

Later in this post I’m going to describe an exciting new feature for our Librem 5 phone we are calling “Lockdown Mode” that extends our normal kill switches to provide even more security and privacy; but first I will explain the existing use, and reasons behind, each kill switch – as well as talk about some of the privacy and security risks with other sensors on the phone that have led us to implement Lockdown Mode.

Cameras and Microphone Kill Switch

The cameras and microphone kill switch is arguably even more important on a phone than on a laptop. While the webcam / microphone kill switch on our laptop can help protect you from malware that might snoop on you through the webcam without your knowing, at least it could only snoop on you while you are around your laptop. Most people tend to carry their phones with them everywhere so the privacy risks are much greater if your microphone and cameras are always on.

WiFi and Bluetooth Kill Switch

Like with the camera and microphone, the WiFi and Bluetooth kill switch has even greater significance on a phone than on a laptop. Disabling WiFi and Bluetooth can protect you from external over-the-air attacks if you are in a high-risk area (or a vulnerability comes out for your WiFi or Bluetooth card). Protecting against remote attacks isn’t the only benefit of this kill switch though, disabling WiFi in particular can also protect you from tracking.

Since your phone is in your pocket, your WiFi hardware detects compatible networks nearby as you move around. Even if you don’t associate with the networks around you, the mere fact that your hardware can see them allows the phone (and apps on it) to know you are near those devices. As you move, your distance to those devices changes, which changes the strength of the signal and helps triangulate where you are for any company like Google that has a database of WiFi access points, along with their location. By removing power from your WiFi hardware, you can ensure that any applications that might try to track your location with WiFi are blocked.

Cellular Baseband Kill Switch

The cellular baseband kill switch is unique to the Librem 5 and completely removes power from the cellular modem in the Librem 5. Even if you aren’t concerned by the risks due to the fact that cellular modems run mystery code and have access to all communications that go over them, you still should be aware of, and concerned by, the tracking and privacy concerns. To route calls and data to your phone, your cellular provider needs to triangulate your position with respect to the towers in your area. As a result, as long as your cellular modem is on, your provider knows where you are. Your phone’s OS also uses this tracking data to supplement (or in place of) GPS so apps on your phone can also know where you are.

Putting a kill switch in the Librem 5 meant a design unlike many of the existing phones out there that combine the CPU and cellular modem into a single chip. We intentionally split out the baseband onto a replaceable M.2 card. This not only lets you physically remove the baseband altogether, but lets you power it off with a kill switch. If you want to know for sure that your cellphone isn’t tracking you, you can flip the switch and know for certain that it’s off.

So Many Sensors

One big challenge when protecting your privacy on a phone is that, unlike an average laptop, a phone is full of more sensors and other hardware that could be used for tracking and spying. A lot of security research over the past decade has demonstrated just how much information can be derived by seemingly harmless sensors that are included on a phone.


GNSS, which supports GPS, GLONASS, Galileo and Beidou – as well as SBAS augmentation services like WAAS, EGNOS, GAGAN and MSAS – is useful for navigation software, as it provides your accurate coordinates wherever you are on Earth. Despite what some people might think, the GNSS is a passive device. By itself, it can’t transmit your location to anyone, it can only pick up signals from GNSS satellites and use them to calculate your current position. That said, if your GNSS is on, even if your network is disabled, any software on your system with access to the GNSS can log your location, and transmit that log later.


The IMU chip provides a phone with a compass and accelerometer it can use along with a GNSS to tell what direction you are heading. An accelerometer is also a useful sensor to provide extra phone features such as detecting the orientation of the phone so that it can rotate the screen, provide metadata to the camera, and even detect when you pick it up, put it in your pocket, or flip it over and place it back on the night stand.

There are some privacy and security risks with the accelerometer, however. Security researchers over the years have discovered ways to detect what you are typing on the screen simply by looking at variations in the accelerometer. Also, being able to log the speed and direction of your phone, combined with detecting nearby WiFi access points could (in theory) provide a pretty accurate tracking device even with GNSS disabled.

Ambient Light and Proximity Sensors

The ambient light and proximity sensors on a phone provide a number of useful features we use every day. Among them the light sensor helps the phone adjust the backlight brightness based on the available ambient light, which can help with power savings. The proximity sensor helps detect when you place the phone up to your face, so it can lock the screen and prevent you from accidentally triggering touchscreen button presses with your face. These sensors seem pretty harmless, but security researchers have demonstrated how the light sensor can be used to fingerprint a particular user and even to map out the arrangement and size of their home.

Introducing Lockdown Mode

So we have three kill switches, yet there are so many other sensors that we might want to turn off. It’s true that people could disable hardware within the OS and since PureOS is free software and Purism is an ethical company, you have more reason to trust that disabling the hardware with software actually works. That said, the whole idea of the hardware kill switch is to provide you that additional assurance that a piece of hardware is truly off.

While we could add kill switches for every individual piece of hardware, having three kill switches already pushes the limits with respect to space on the phone, the complexity of the hardware and the overall user experience. So if you set the upper limit on kill switches to three, there are a number of different ways you can address the problem with these extra sensors including:

  • Only disable those sensors with software
  • Group sensors with one or more existing kill switches
  • Lockdown Mode

We have thought through all of these different options, among others, and we decided that it was better to offer the option for extra security to those who really need it. We have selected a solution we are calling Lockdown Mode, that gives people who need this extra level of protection the option to turn all sensors off easily, without imposing extra complexity on an average user.

How Lockdown Mode Works

To trigger Lockdown Mode, just switch all three kill switches off. When in Lockdown Mode, in addition to powering off the cameras, microphone, WiFi, Bluetooth and cellular baseband we also cut power to GNSS, IMU, and ambient light and proximity sensors. Lockdown Mode leaves you with a perfectly usable portable computer, just with all tracking sensors and other hardware disabled. If you switch any of the hardware kill switches back on, the hardware that corresponds to that switch powers on along with GNSS, IMU, and ambient light and proximity sensors.

What About Offline Navigation?

One of the most obvious side effects of Lockdown Mode is the ability to use the GNSS with purely offline maps. Note that you still can do this on the Librem 5 in a few different ways, by flipping any one of the kill switches back on and then disabling the corresponding hardware in software. For instance, if your biggest concern was transmitting your location, you could leave the WiFi / Bluetooth and cellular baseband off, turn on the cameras and microphone and disable those in software instead. Those who need a offline navigation but have such a high level of risk that they can’t accept the risk of disabling the cameras and microphone in software, could physically remove the cellular baseband hardware from the phone and leave that kill switch on.

The Future of Lockdown Mode

There is a lot of potential to extend Lockdown Mode past just disabling hardware into software, and we are exploring some of those options now. For instance, the OS could detect when Lockdown Mode is enabled and automatically lock your screen. Those who are under even greater threats could potentially have Lockdown Mode enable extra defenses inside the OS, disable certain services, or even shut down or wipe the phone (although I’d suggest you set up some kind of PIN prompt for that last one, in case you trigger all the switches by accident). There are a lot of possibilities for this new feature and I’m looking forward to seeing how our customers extend it on their own phones.

Latest Posts Related Posts About Purism

Purism offers high-quality privacy, security, and freedom-focused computers, phones, and software. Our platform is meant to empower everyone, including privacy-conscious users, entrepreneurs, business people, developers, writers, digital artists, activists, geeks and defenders of freedom all around the world.

Women’s Day 2019

Friday 8th of March 2019 03:13:28 PM
Think equal, build smart, innovate for change

Is this year’s UN motto for the International Women’s Day. And we find it quite fitting. It suits our own concerns, our own philosophies.

In Purism, we care about rights. Digital rights concern everybody, touch most people’s lives, and carry a heavy societal weight when it comes to women. In spite of that, the gender gap in Tech is abyssal – and women are almost nowhere to be seen.

So Happy Women’s Day.

To say women are under-represented in the IT sector is an understatement; the situation in Free Software development is not much better, although some steps have been taken to improve the gender gap. There is, for example, the Debian Woman project, with its own mentoring program; or Outreachy, inviting cis and trans women, trans men and genderqueer people to apply – and, if you have a sense of humor, there’s also WoMan.

But we all need more, and we need it sustained and sustainable. Women matter. History repeats itself in forgetting those without a voice – and we all lose, collectively. Women in technology were only somewhere between 2% and 5% of all programmers a decade ago; and are only about 10% now. At Purism, as of this writing, our nine-person independent board comprises 33% women – in addition to being racially and geographically diverse; our full team is over 20% women, and once again racially and geographically diverse. Groups that are little-represented urgently need to be able to create, and give feedback on, what is created by other groups. Women and girls must contribute to making real change in tech as well, help shape how it impacts their lives. And it does impact their lives immensely.

Consider, in no particular order and among many others, the work (and legend) of Hypatia of Alexandria; remember Grace Hopper, who found that bug; Ada Lovelace, who got you your first computer program (and the Analytical Engine); Muriel Cooper and the information architecture that led to digital interfaces; Hedy Lamarr, movie star and wireless encryption specialist; Katherine Johnson, for allowing (manned) space exploration; Carol Shaw and Super Breakout, because playing games matters; think about Margaret Rock and the Enigma Machine, Karen Sandler and the Software Freedom Conservancy.

And our very own Dorota Czaplejewicz, Heather Ellsworth, Nicole Færber, Teresa Hill, Petra Kirchner, Kim Kuan-Louie, yours truly, Andrea Schäfer, Jennifer Stoddart, Helen Vasilevski and Nikki Zinman.


Diversity is an asset, and creates safe workplace environments. If you want a safe workplace environment that respects diversity, we are hiring.

Purism’s CEO Todd Weaver Testifies at State Senate

Wednesday 6th of March 2019 06:45:29 PM

Thank you Chairwoman Jackson and committee members. I am honored to be here.

My name is Todd Weaver, and I think you’ll find both Gabriel and I are quite unusual witnesses from the tech sector here today. This is because we are here as the CEOs of growing technology companies that protect privacy rather than exploit it. I am calling for much stronger consumer privacy protections here in California and around the world, not weaker ones.

I believe the default approach in California should be the right to opt in, rather than requiring all of us to have to inconveniently opt out, of the exploitation of our most personal data across all software, each service and every site we use. As Mr. Mactaggart, whom I’d like to take a moment to thank for his tireless years of effort on AB 375, appropriately stated, a do-not-track browser extension backed by law is helpful for protection on websites, but misses on the widely popular applications and services; this is one of many reasons we need to protect personal privacy by default.

I also strongly support holding companies, like mine, accountable in court if we violate a person’s privacy rights – rights which are guaranteed in the state’s Constitution, but that I believe our laws do not yet fully respect when it comes to the Internet.

I am here to tell you it’s time for California’s extraordinary tech industry to stop harvesting and “sharing” our most personal private data without our meaningful consent and knowledge. You all have the power to make this happen, and I believe the time is long overdue.

Now you have heard some business and tech communities suggesting California’s new privacy law–if not substantially amended (which of course means weakened) before it is allowed to go into effect–is going to cause extraordinary business hardship and confusion. These are of course the same arguments that were made by many of these same companies regarding Europe’s GDPR – but since the GDPR went into effect, these companies have continued just fine, and in most cases have grown profits. That is real evidence that California’s new privacy law is not going to destroy Internet commerce as we know it.

I am here to tell you that AB 375 (or stronger) protections – just like those in the GDPR – are not going to be hard to implement. The key is whether we, companies, are willing to simply begin to honor our customer’s privacy rights by designing our services to be privacy-protecting by default, rather than privacy-exploiting by default.

Is this possible? Yes. I am here to tell you that my growing company was founded on the simple principle that privacy is a right and needs to be the default in all products and services.

Let me be clear: technology advancements can absolutely be rooted in moral values and still lead innovation. Society’s technology genius is not lacking, its moral genius is. And this is where you come in. Technology innovation that complies with privacy protection is easy. Let me restate: it is easy to operate a successful business, while playing by the rules you set.

I started Purism when I came to realize that my two daughters, like all children, need convenient products and services that protect them, rather than exploit them. As a technologist, I understand painfully well how much the technology sector can exploit my kids with ease. For example, as each of you, critical policy-makers, will come to realize, your smartphones track your exact location and everything done on that device, every millisecond of every day, and record that personal data permanently for retrieval at any point in the future. Not forgetting every search, chat message, photo, video, and every article you read.

Well here’s the bad news: the current unregulated exploitative models in use today ensure everything you do in the digital world leaves exacting, privacy invading, excruciating details about you permanently.

That’s why, in 2014, I started Purism. It is a social purpose company completely founded on privacy-protection principles. Purism is already manufacturing in California, and assembling these laptops right here, including the operating system, applications, and bundled services that will not track you, period. Purism is growing triple-digits year over year; future innovation and job creation around privacy by design is the future that California needs to lead on.

Consumer demand for privacy is real and happening, and needs to be the default.

This year we will be manufacturing a security and privacy-designed phone with bundled services that comply with AB 375, and go even further with opt-in by default for all offered services. Use these phones and your most sensitive details will be under your control and kept completely private. Isn’t that a confidence level we all should have?

This is done by a simple approach: privacy by design. And this is an approach all tech companies can implement if they are truly committed to privacy, beyond just marketing slogans.

As AB 375 seeks to make clear, privacy is a right, and your every location and every communication and every web page and every search stored permanently should not be exploited to use needed services online.

I strongly suggest the time has come for Californians to take back their constitutional right of privacy on the Internet, and urge you to substantially strengthen the privacy protections afforded by AB 375.

For your, and my children’s sake. Thank you.

Converging on Convergence PureOS is Convergent, Welcome to the Future

Wednesday 6th of March 2019 01:00:36 PM
Many Devices, One OS

The two big mobile OS vendors have been dreaming of convergence between laptop OS and mobile OS for a long time; dreaming of being able to make the same application code execute, and operate, both on mobile phones and laptops – adapting the applications to screen size and input devices.

Purism is beating the duopoly to that dream, with PureOS: we are now announcing that Purism’s PureOS is convergent, and has laid the foundation for all future applications to run on both the Librem 5 phone and Librem laptops, from the same PureOS release.

Purism has one convergent operating system, PureOS. Google has two separate ones, ChromeOS and Android; Apple has two separate ones too, macOS and iOS.

What Is Convergence?

If you’ve ever had an app on your phone that you wanted on your laptop, you’ve wanted convergence. Convergence is a term used to describe the similar functioning of an app across different platforms. Many companies are eager to have their software be convergent, because it brings a consistent look and feel, as well as the exact same functionality for apps that run on your phone and your computer.

Convergence can be really handy, since it allows you to use the apps you’re already familiar with, as well as the data that you’ve already synced. Convergence also brings plenty of of benefits to developers, such as writing your app once, testing it once and running it everywhere.

Since this is the ideal dream, why don’t we have convergence already? Why can’t a person run the exact same app on a phone and laptop today? It turns out that this is really hard to do unless you have complete control of software source code and access to hardware itself. Even then, there is a catch; you need to compile software for both the phone’s CPU and the laptop CPU which are usually different architectures. This is a complex process that often reveals assumptions made in software development but it shows that to build a truly convergent device you need to design for convergence from the beginning.

Reaching convergence is one more checked item on the list that Purism’s founder envisioned when he created the company, specifically to:

“…manufacture a mobile phone from the schematics on up that would run that same ethical operating system.”

How We Got There

The right path to get us here was starting with the “universal operating system” as the foundation of PureOS, Purism’s operating system. Running on so many different CPU architectures is a huge benefit, because very often laptops need a power-hungry and fast CPU, while a phone needs a power-aware, battery-saving CPU. These CPUs are, consequently, designed differently for their different uses, and you often have to “port” or cross-compile software for it to work well on both CPUs. By basing PureOS on a solid, foundational operating system – one that has been solving this performance and run-everywhere problem for years – means there is a large set of packaged software that “just works” on many different types of CPUs.

Purism’s PureOS showcasing adaptive convergent design in a Web Browser — notice as the window subtly resizes the buttons in the application’s header shift to the footer, for a mobile friendly interface.


The above example is already built into the master branch of GNOME Web as a class-based modification to the existing code, allowing it to easily adjust and adapt to the screen size and inputs of both mobile and desktop.

Adaptive Design

Multiple architectures are not enough to reach convergence however – as most people know by now, there are many important parts in getting true convergence. A good example of the problem in website design space: if you’ve ever gone to a website on your phone that had tiny text which scrolled off your phone screen, you know that a regular web page, designed for a desktop computer, isn’t always suitable for your smaller screen phone.

Web designers now have toolboxes to design web pages, which they adjust for mobile or desktop in order to get easier readability and use. A similar, but far more complex practice, is required for software apps and defined by Purism as “adaptive design”. Purism is hard at work on creating adaptive GNOME apps – and the community is joining this effort as well – apps that look great, and work great, both on a phone and on a laptop. Combining the work of the free software ecosystem with Purism’s contributions means we can target convergence for all our Librem hardware line: both the 13″ and 15″ laptops and the 5″ phone. This means we can get the most out of the ecosystem for the community: convergent apps will be easier to maintain, and therefore easier to secure. They will also be easier to build, enabling a vibrant community to build cool stuff that is free software and protects your privacy.

Purism’s PureOS showcasing adaptive convergent development in Discussions (Fractal) – a matrix chat program. As the window resizes, the column width dynamically changes to preserve a legible line width, until the sidebar and message view don’t fit at the same time. At this point the leaflet folds, only the message view is visible, and a back button is added to the header-bar, to allow navigation to the room list.

Building Convergence Features into Existing Apps

Developers can tap into convergence through the tools we actively use, contribute to, and develop directly in the ecosystem. We’ve created libhandy, a mobile and adaptive presentation library for GTK+ and GNOME, which is under active development. Packaged in PureOS and Debian already, you can also use it in flatpaks, simply by including it in your flatpak maniphest in Builder.

Purism’s PureOS showcasing adaptive convergent development in Password Safe, an encrypted password storing application.

We are excited to provide convergence well before any of the other mobile OS vendors. Let’s see how long it takes for them to catch-up. Thank you for your continued support!

Fragments App for the Librem 5

Wednesday 27th of February 2019 04:56:02 PM
Fragments app, the BitTorrent client

In continuing our series of applications that are ready to work with the Librem 5, we would like to announce that Fragments is now fully working! With Fragments, you get to have the ability to use BitTorrent to download large files. At Purism, we like using torrent to efficiently download PureOS or Debian operating systems, because what’s more fun than torrenting on the go?

Got an app you’re interested in porting? Find out more at our developer page. Hang out at our Librem 5 community channel and tell us what you’re working on.

PureBoot, the High Security Boot Process

Monday 25th of February 2019 06:09:53 PM
Strong security

The boot process, in computer hardware, forms the foundation for the security of the rest of the system. Security, in this context, means a “defense in depth” approach, where each layer not only provides an additional barrier to attack, but also builds on the strength of the previous one. Attackers do know that if they can compromise the boot process, they can hide malicious software that will not be detected by the rest of the system. Unfortunately, most of the existing approaches to protect the boot process also conveniently (conveniently for the vendor, of course) remove your control over your own system. How? By using software signing keys that only let you run the boot software that the vendor approves on your hardware. Your only practical choices, under these systems, are either to run OSes that get approval from the vendor, or to disable boot security altogether. In Purism, we believe that you deserve security without sacrificing control or convenience: today we are happy to announce PureBoot, our collection of software and security measures designed for you to protect the boot process, while still holding all the keys.

Why “PureBoot”?

PureBoot comprises a number of different technologies, and together they secure the boot process in a convenient way. Why are we combining all of these different technologies under a single name? Because they all work together to secure the boot process, because it’s easier to talk about our boot security overall calling it by a single name, instead of by the names of its (currently) six individual components:

  1. Neutralized and Disabled Intel Management Engine
  2. The coreboot free software BIOS replacement
  3. A Trusted Platform Module (TPM) chip
  4. Heads, our tamper-evident boot software that loads from within coreboot
  5. Librem Key, our USB security token
  6. Multi-factor authentication that unlocks disk encryption using the Librem Key
How PureBoot Protects You

There are lots of different threats and attacks that focus on the boot process. It’s easier to understand how PureBoot protects you if you understand what some of the threats are, so this section will describe how some very specific attacks work, and how PureBoot stops them.


One of the most common security threats you face is exposing sensitive data, if and when your laptop is lost or stolen. Disk encryption is a simple, highly efficient way of protecting your data from loss or theft, for it requires a passphrase, without which no one can read the data on your disk. With PureBoot, we ensure that all systems we ship are encrypted by default, with keys you set up on first boot. Many vendors use disk encryption with a passphrase; but we’ve decided to go a step further, and unlock the disk with multi-factor authentication.

Today we’re happy to announce something we’ve only hinted at before: the integration of our Librem Key with LUKS disk encryption. Once set up, you just need to boot with your Librem Key inserted, and when prompted enter the same Librem Key PIN you use for GPG encryption or signing. This means that, in order to unlock your disk, attackers need “something you have” (the Librem Key) and “something you know” (your Librem Key PIN). If you lose your Librem Key you can always fall back to a recovery mode that prompts you for your old passphrase; you can set a strong fallback passphrase and store it somewhere safe, but use the Librem Key for convenience. For even more security, you can delete the recovery passphrase and only use the multi-factor authentication to unlock your disk.

We are working on adding this solution into upstream projects, so it will be available and pre-installed by default. If you want to try it out today, just follow the steps in our documentation, and download a script that automates the process of setting up LUKS to use your Librem Key.

BIOS Malware and Kernel Rootkits

Once attackers do have access to your system, they will want to keep that access and hide themselves from you. One of the best ways for them to hide – and make sure they still have access between reboots — is compromising your OS’s kernel software, so that it filters out any requests to the system that might reveal the attacker’s software. Of course, you could still thwart an attacker by reinstalling or upgrading your operating system, even if you can’t see any evidence of an attack… but the attacker may also have compromised your BIOS (the first code the system runs) so that it re-infects your system after every reinstall, successfully hiding themselves even from a live OS — booted from USB. BIOS malware allows attackers to intercept, and capture, your disk encryption password as you type it in.

With PureBoot you only need to insert your Librem Key and turn the computer on to know: if your BIOS has been tampered with, the Librem Key will flash red to warn you. If your computer is safe, the Librem Key flashes green. When you boot into your OS, it will use your own private keys to test whether any boot files (including your kernel, initrd, and other config files) have changed. You can use your Librem Key to re-sign these files at any time, using keys completely under your control.

PureBoot starts by loading a free software BIOS, coreboot, so that you can audit your BIOS for security bugs or backdoors. Since attackers generally focus on more mainstream proprietary BIOSes for their malware, this alone will protect you from a number of common attacks.

Of course, coreboot is only the beginning.

The next step happens as coreboot loads the Heads tamper-evident boot loader, and uses the TPM chip. TPM chips have traditionally been used to restrict what code you can run at boot, and/or for Digital Rights Management (DRM); but we put the TPM in your control. When Heads is set up for the first time, it stores known-good measurements of all executed boot code into the TPM chip on the system — along with a special secret. You can reset the TPM, set a new TPM passphrase and store new measurements at any time; it doesn’t require Purism’s approval.

Heads authenticates itself to you, not the other way around, by turning that shared secret in the TPM into a 6-digit code it then sends to your Librem Key. If the BIOS changes, or if an attacker resets the TPM, the TPM won’t release the shared secret to Heads, Heads won’t be able to generate the code that matches what the Librem Key generates, and the Librem Key will flash red to warn you.

PureBoot protects against kernel rootkits using your own GPG keys, the ones stored on your Librem Key. When you first set up Heads, it signs all of the files in your /boot directory with your own GPG keys; whenever you boot your OS, it scans all the files in your /boot directory and warns you if anything has changed. It does all this without locking you out of your system or removing control: even in the event of modified files, you always have the possibility of booting into a failsafe mode and get back into your system.

Up to this point, Heads had only been available to a small group of people, in a private Beta program. This program was a success and led to a number of UI and documentation improvements; we are so pleased to announce that, starting today, Heads is an open Beta for anyone who wants to try it out. If you would like to test Heads on your Librem laptop, just visit our official documentation page for details on how to build, install and set it up.

Intel Management Engine Risks

The Intel Management Engine (ME) is a special piece of software from Intel that runs on all modern Intel computers, and is required to initialize the hardware. In some computers, the ME includes Advanced Management Technology (AMT) software, allowing IT to remotely access a computer over the network, see what’s on the screen and control the hardware. Many security experts are very worried about the ME’s complete and fundamental access to your computer’s hardware, because its source code is proprietary and therefore it can’t be audited for security bugs, or for backdoors that might be planted by the vendor or by a sophisticated adversary. These worries aren’t completely unfounded: Positive Technologies has found a number of concerning security vulnerabilities in the ME over the years.

We now know PureBoot protects against ME vulnerabilities in a number of ways, we start by choosing an ME chip that does not contain AMT features to begin with, and then we disable the ME by setting the “disable” bit within the ME. Since we don’t really want to rely on trusting the ME to disable itself, we also neutralize the ME by erasing most of the code within it, leaving only a minimal set of modules, essentially for initializing the hardware. Additionally, we also protect the system – from attacks that might modify the ME code itself — with our TPM chip, and with Heads tamper-evident boot software. You can read more specifics about our process here and here.


Ever since the Snowden revelations about how NSA programs to interdict computer hardware during shipment and modify it with backdoors, the security community has been much more focused on attacks along the supply chain. We have already written about our own approaches to protect the digital supply chain, and have also offered anti-interdiction services to customers who wanted additional assurances that their laptop hasn’t been tampered with in transit.

In the past, most of our anti-interdiction protection was focused on hardware solutions; but with PureBoot we can add even more sophisticated measures, measures that integrate hardware with software. By using PureBoot’s protections against BIOS malware and rootkit tampering combined with a Librem Key, we can ship the laptop and Librem Key separately (and, potentially, to separate locations) to frustrate interdiction attacks. Once you receive both your Librem Key and your laptop, you will have at your disposal an extra tool: one that detects any tampering during shipping.

Convenient Boot Security Under Your Control

Having a secure boot process, you have a stable foundation you can base the rest of your system security on. Having that process under your control, you have the assurance that you truly own your system, that you won’t be locked out of it, or prevented from running any OS you want. We are making this whole process simple and convenient so that you can get stronger security features — without being tempted to disable security that is getting in your way. PureBoot accomplishes all of these goals using free software, that you can audit and change.

We’ll soon include it in every laptop we ship. We also have something in the works for existing users of Librem laptops and Librem keys to upgrade to PureBoot — and expect to have general availability in the second quarter of 2019.

That’s all from us, for now. For more information about PureBoot, check out our official PureBoot documentation page.

Librem 5 Hardware Update

Friday 22nd of February 2019 01:33:45 PM

Greetings everyone! This is a progress report on the Librem 5 development for the past two weeks. Here is all that happened.

Conferences and Communities
Quite a few members of the Purism team attended FOSDEM this year. Kyle Rankin gave a keynote, The Cloud is Just Another Sun that dealt with vendor lock-in in the cloud; the video is also available on the FOSDEM site. Meanwhile, some of the Librem 5 team organized a community Q&A session under the heading of Free Software on Mobile Devices. Owners of the Librem 5 Developer Kit got their LCD displays flashed with the commands needed to work around some issues they had been experiencing.

Plasma Mobile sprint
Not everyone in the Librem 5 team went to FOSDEM: two team members attended the Plasma Mobile sprint in Berlin. Once there, they helped set up Librem 5 developer kits, talked about user interface design in Plasma Mobile and discussed development issues and progress. The Plasma Mobile team got something up and running real quickly on the developer kit, despite some initial glitches concerning touch input. This has led to a productive discussion on ways to support different form factors, one that will hopefully lead to some nice cross-platform ways to support device convergence.

Application Development
Recent discussions, both in the Matrix chat rooms and on the forums, have led to two initiatives concerning the subject of phone applications: the first resulted in the compilation of the Mobile GNU/Linux apps list, a community-maintained list of applications that are meant to work on mobile devices running GNU/Linux – either because they target small screens, or because they feature adaptive user interfaces. If you can think of any app that should be on the list but ins’t, please follow the contribution guide at the end of the app list page.

Dev Kits Probably the most significant event in last week’s news is that the LCD screens on development boards will now work, if you update the software running on them. We knew that the screens worked just fine on the development kits we sent our backers, but we’re still all very happy to know that any remaining display problems could be fixed in software, not requiring the panels to be replaced. This update took longer to develop than initially hoped, as our kernel hackers had to work around a couple of tricky bugs in the hardware preventing the panel from being set up properly. Our community has already been exploring other features of the development board, so we’re now looking forward to seeing what they can do with working displays!

The second initiative led to the creation of a new Matrix room (community/librem-5-apps) for app development discussions, and it’s now listed in the online documentation. It’s early days, there’s not that much being discussed at the moment but, with two other channels dedicated to different kinds of Librem 5-related conversations, it’s good to have a place for app-specific discussions.

Much has been written about battery charging on the development board. Although the board’s controller circuit has built-in protection circuitry, we do recommend using batteries that also provide some level of overcurrent protection so that there is redundant protection in place. Batteries used with the development board must meet the specifications we’ve outlined – see the developer documentation and the printed text on the board’s battery holder. Following these guidelines is the safest; if you are unsure about whether the battery you are using meets the specifications, remove the battery when the board is not in use.

Still on the subject of batteries, charging now works with our 5.0 branch of the kernel; but the current status of the battery isn’t always correctly reported by the operating system. Despite this, the charging circuitry is always working, in order to make sure charging occurs properly. While the 5.0 branch brings this improvement, the 4.1x kernel has support for more of the Librem’s peripherals; so 5.0 is not quite ready for everyday use just yet.

Developers with no access to boards can still get an experience of the current phone environment by using an emulator, thanks to Pan, one of the contributors to the developer documentation. While this gives a flavor of the phone experience, it may be lacking when it comes to prototyping with the types of peripherals that the phone will have. Fortunately, use of peripherals can be simulated to some extent, and a recent contribution to the documentation shows just how to do that.

Ongoing work on the U-Boot bootloader, the flash-kernel and the tools used to create images for the development board aims to make it easier to resize the storage space available on the board. This will help with the board’s software development, especially when testing with large Flatpak runtimes. In the kernel itself, we have tied the panel to the backlight so that the two turn on and off together, and we switched to the mainline touchscreen driver now that a compatible driver has been identified. The graphics stack has also been receiving some attention, in order to make it more stable – with work ongoing in a branch, and changes being upstreamed at least as far as PureOS.

Shell and Apps

We have guaranteed Phosh is now more stable on the development boards, as a result of removing unused components from the session. In the user interface department, the volume control now does indeed control the volume. Chatty, on the other hand, has been updated and improved over the last few weeks to include support for Matrix chats, using libpurple to provide this integration. The user interface now also features adaptive elements and dialogs, and includes a brand-new welcome screen.


The new online account icons got merged

Wi-Fi and Bluetooth

Wi-Fi was working on the developer kits, but many of the users found it to be unreliable; after a long investigation into this issue, a workaround was found and sent to the Librem 5 Development mailing list. As noted in the message, it will improve some aspects of wireless networking – although there are a few remaining issues to be aware of.

And that’s our report! Questions? Come by our matrix channels, we’ll be happy to see you.

Massive Progress, Exact CPU Selected & Minor Shipping Adjustment

Thursday 21st of February 2019 04:04:27 PM


We are so close to being finished, and we are so excited about it. Things are progressing so rapidly at Purism, in and around the Librem 5 smartphone, that we want to share the latest updates with you. As we’ve said before, we want to make a secure mobile communication device; one which offers on-par experience to today’s smartphones, but one that is also ethical. We are around the bend from reaching that goal. Progress Report

Progress has been quick and steady, and because we only use components that respect both our ethical values and your personal privacy and freedoms, you can imagine the layers of complexity that go into delivering such a revolutionary mobile phone – from new hardware to a new kernel, from a new operating system to new applications, all of it culminating into the Librem 5 phone.

We want you to have the best possible solutions when it comes both to hardware, and to user experience.
Being able to show that what we’re doing corresponds to our exact intentions is very important, for it will allow you to see this progress for yourself–and we do think the video below, running on the Librem 5 dev kit hardware we shipped in December, speaks volumes.

The Librem 5 devkit running PureOS

What you just saw in the video is the prototype of the Librem 5 hardware, and it has nearly identical specs to the ones we are putting into production later this year. And, as you can see, it is running our own PureOS mobile operating system – we’re proud to show off the fact that the Librem 5 is not built on Android, nor iOS.All the basic functionality is still in pre-release state, and more progress is constantly happening around-the-clock, which means even more apps are making it into the PureOS Store regularly.

Q3 2019 – shipping the Librem 5

But all this leads us to the aforementioned (one quarter) shipping adjustment: the previous Q2 estimate is now confirmed for Q3 product shipping: This accounts for the time it took us to properly benchmark test the newest CPU choices from NXP for the Librem 5, and the question of whether or not to choose the i.MX 8M Quad or the i.MX 8M Mini, mean we have adjusted our delivery plans slightly. As we previously announced, the i.MX 8M Quad CPU had known errata issues in the silicon itself, and this was the root cause for the delay, detour and need for research about potential alternatives.

On one hand, the i.MX 8M Quad silicon issues meant not only that the temperature of the battery was way too high, but also that it could discharge too quickly. On the other hand, the i.MX 8M Mini is made in an updated silicon process (14nm instead of 28nm) and has reduced features, resulting in a lower power consumption–but it’s new, and there could be unknown issues and risks. So a lot of research was made, and our development team started evaluating the i.MXM8 Mini to see if it could be used within our requirements–free software only, no binary blobs, mainline based software stacks.

And then the month of February began, and something else unexpectedly happened: NXP released a new software stack for our first CPU choice, the i.MX 8M–and all of the power consumption and heating issues suddenly disappeared!

CPU and Specs

So here we are, on track again after a little delay–quite a useful delay, because now we know. We know a lot more about the i.MX 8M Quad CPU we chose, and a little bit more about a possible alternative. We have chosen the i.MX 8M Quad CPU because the power consumption issues can be dealt with in software… and ultimately that means we don’t have to change the hardware to solve this issue. Full fabrication will begin for the Librem 5 with the specifications we described before:

Display5.5" - 5.7" HD display ProcessoriMX8M Quad CPU Storage32 GB eMMC internal storage Wireless802.11abgn 2.4 Ghz / 5Ghz + Bluetooth 4 BasebandGemalto PLS8 3G/4G modem w/ single sim on replaceable M.2 card GPSTESEO LIF3 multiconstellation GNSS receiver Smartcard2FF format smart cards Kill Switches3 - WiFi, Cellular, Microphone/Cameras (all 3 will turn off GPS) External StoragemicroSD storage expansion Accelerometer9-axis IMU (gyro, accel, magnetometer) Front CameraTBD Back CameraTBD Vibration MotorYes ChargingUSB C connector for charging, USB client function, USB host function, power delivery BatteryUser replaceable Speakersat least one Delivering on our Promise

As you have come to know, Purism will always keep you posted – about the impressive progress we are making, about any issues, major or minor, that come along. And ultimately, this CPU choice has many opportunities – ones that will change the future of computing for the better, for this decision does come with certain advantages in the long term. The i.MX8M Quad is the most powerful CPU that has both a good operating temperature and a good battery life. Having chosen the best possible CPU will provide us, and you, with an overall better hardware experience, with better capabilities and a shorter integration path–meaning, the integration with the software platform.

Rapid Development Continues

Software development continues to move forward quickly. Amazingly quickly. In the past few months, we’ve seen astonishing software progress, and we are now able to take advantage of it. Finally, the extra time for Librem 5 hardware fabrication will benefit software advancements that continue without slowdown, such as quality testing, providing a greater number of default apps, and community advancements made on our Librem 5 dev kit.

Excitement Increases

We recognize the importance of the Librem 5 phone and all the interest you have around it, you can rest assured. Based on our historic delivery on our promises, we feel more comfortable in advancing towards the delivery of the Librem 5 phone in the third quarter of 2019. We are also immensely grateful for all the support we’ve been receiving, both on our forums and on social media, and so proud of the progress our team is making; grateful to our community for supporting our efforts as we work diligently to get the Librem 5—and all its societal benefits—into people’s hands. We think that both our team and the community deserve the very best.

Purism’s CEO Todd Weaver Testifies at California Congressional Privacy Commission

Thursday 21st of February 2019 12:09:34 AM

Thank you Chairman Chau and committee members.

My name is Todd Weaver, and I think you’ll find I’m an unusual witness here today, while I may be sitting side-by-side with impressive privacy protection groups, I am here as the CEO of a rapidly growing technology company based in California.

I am here calling for much stronger consumer privacy protections – starting with giving consumers the power to opt IN rather than opt OUT of sharing their personal data.

I am here to tell you it’s time for California’s extraordinary tech industry to stop harvesting and “sharing” our most personal private data without our meaningful consent and knowledge.

I am not here to tell you AB 375 (or stronger) protections are tough to implement, history is filled with wrongdoers complaining that doing right will put them out of business only to comply and thrive later. Incidentally, this same tech industry complained about Europe’s GDPR that certainly did not put them out of business.

I am here to tell you the new law (or stronger) is easy to technically comply with – if we companies simply begin to honor our customer’s privacy rights and design our services to be privacy-protecting rather than privacy-exploiting.

I started Purism, when I came to realize that my two young daughters, like all children, need convenient products and services that protect them, rather than exploit them.

As a technologist, I understand painfully well how much the technology sector can exploit my kids with ease.

That’s why I started this social purpose company founded on privacy-protection principles. Purism is already manufacturing in California and assembling these laptops shown right here, including the operating system, applications, and bundled services.

We will also this year be manufacturing a privacy-designed phone with bundled services that comply with AB 375 and go even further with opt-in by default for all offered services.

We have been growing by triple digits annually, reflecting the huge built up consumer demand from parents and professionals and enterprises just like you who simply want to keep their and their children’s lives private and secure.

This is done by a simple approach: privacy by design.

As AB 375 seeks to make clear, privacy is a right, and your every location and every communication and every webpage and every search stored permanently should not be exploited to use needed services online.

I strongly suggest the time has come for Californians to take back their constitutional right of privacy on the Internet, and urge you to substantially strengthen the privacy protections afforded by AB 375.

For your and my childrens’ sake, Thank you.

How Purism avoids the FaceTime™ remote camera viewing

Friday 15th of February 2019 07:59:56 PM

With the Major iPhone FaceTime bug that lets you hear the audio of the person you are calling… before they pick up, it’s probably a good time to remind everyone how Purism gives you peace of mind – because with Purism, your device protects you by default.

Hardware Kill Switches.

What this means is that there’s a physical switch that severs the circuit to your webcam and microphone.

Because you cannot really trust software you cannot verify. And since Apple’s FaceTime is not Free Software – with its source code released so that anyone can verify their security claims, like the one we use at Purism – how can you trust what cannot be verified?

At Purism, both our Librem laptops, and the upcoming Librem 5 phone include this rather simple switch, that makes it remarkably easy to guarantee that the camera and microphone have no electrical circuit enabled.

See? Powerful simple privacy protection built into all Purism products by default.

How to Avoid the Frightful 5 Big Tech Corporations

Tuesday 5th of February 2019 05:12:24 PM
So you’re wondering…

You’re starting to question the moral values of Big Tech. You and your friends probably have a growing feeling of creepiness about the tech giants who have — like a poorly-acted villain — told you one thing, and given you another.

Society – all of us – was told by these rising tech giants that “Everybody’s doing it, it’s easy: just do it,” and even though the masses – again, all of us – were skeptical, also generally thought, “Okay, I may be the product… but I am in control.” Until, of course, you weren’t in control.

Big Tech have two business models: one is to exploit your private life for profit, the other to lock you into their products and services. Some even have both. Consequently, nearly everyone wants to leave Facebook – it’s just that nobody wants to leave it for Facebook 2.0. And that highlights the larger, deeper, and more menacing issue in digital society: that your digital civil rights are under constant, relentless attacks from Big-Tech.

Why is that?

That’s because Big Tech have a legally bound requirement to exploit you to maximize profit. They have been structured specifically to lock people up, to make it impossible to leave. Society’s technology genius is not lacking, its moral genius is.

Big Tech is rotten to the core, they’re maximizing shareholder value without values. And that has to change.

Is it changing?

Counter to every attempt by Big Tech, you still do retain the control to switch away from platforms under their control. Leaving the harmful tech companies is a process of recognizing what is abusive in your relationship with them – and theirs with you; switching to something that aligns with your core values will bring you joy. If everyone used, bought, and shared ethical products, we would all be living in digital utopia.

Avoiding Big Tech that harms you is much easier when you know what you actually want.

What do you want?

Like most people, you probably want convenient products that allow you to participate in digital society, products where you are also respected and protected by default. And you probably recognize that the current tech giants will not — and cannot — provide that.

I created Purism to solve this giant problem. We are solving it. And with your support, we will advance the digital civil rights movement. One that changes technology for the better.

What model can compete against Big Tech?

The steps it takes are pretty clear: and even though they are difficult, Purism is farther along than you may currently think. We have the momentum to realize our dreams, here is our model:

Step #1 is simple: avoid Big Tech in products and services.

Step #2 is to manufacture hardware without purposeful backdoors that exploit users, and therefore society.

Step #3 is to release all software source code under Free Software licenses, designed to protect and respect society

Step #4: Focus all development on values that better society, ensuring individual digital civil rights are fully respected.

And finally step #5, to release services that do not exploit, do not lock-in, and do not control people.

Doesn’t that sound like a really good business model in, and for, technology?
“Maximize Society’s Values.” — Todd Weaver, Purism SPC
sounds an awful lot better than the current Big Tech model,
“Harm People for Profit.” — Big-Tech.

This rotten core of locking people into products and booking them into an exploitative platform needs to become a thing of past regret.

Social purpose companies mean advancing social good first, returning the power to the people.

Decentralized protocols mean decentralized power, returning control to the people.

Free Software means freedoms that benefit society, returning control to the people.

Secure hardware means private data is kept private, returning control to the people.

And all this means any future product or service that you use or join must be from an organization that does social good, uses decentralized protocols, that advances freedom in software and security in hardware. Can you imagine how awesome society will be if technology does all that?

It’s within your power to help society – by avoiding Big Tech, by using products and services that respect your digital civil rights.

Thank you.

Learn more about Purism products that do all this.

For more information on what Purism is doing across hardware, software, and our upcoming services, subscribe to our newsletter:


You will receive an automated e-mail you will need to reply to to confirm your subscription.

Purism announces a partnership with GDquest to develop adaptive game tutorials

Monday 4th of February 2019 07:14:45 PM

We are happy to announce our forthcoming partnership with GDquest – one that we hope will make the world a happier, more fun place.

Libre/indie game designers might like to know that Nathan Lovato – game design expert, founder and game design instructor at GDquest – will be making a series of tutorials, explaining how to make adaptive games with high-quality libre game engine Godot; tutorials showing how games can both be created and released on the Librem 5 smartphone, and later submitted to the PureOS store.

The first of the three video tutorials will focus on how to create a mobile game for GNU/Linux. It will also help conceive and design a 2D mobile game, and tackle design issues that are unique to mobile games – such as having a small screen, dealing with touch controls and any performance and usability issues. By loading Flossy Gnu in Godot, the tutorial demonstrates how these performance and usability issues are to be addressed. Specific tips for GNU/Linux in general, and for the Librem 5 in particular, are of course also to be noted and discussed.



The second tutorial will deal with sideloading your newly created game onto your Librem 5, starting by demonstrating how to build “Flossy Gnu” on your Librem laptop – or on any other GNU/Linux laptops; how to copy and install it onto your Librem 5 smartphone, play it – and hopefully have plenty of fun with it. It’ll also suggest how to install a new build when you update your game.

The third and last (but not least) video tutorial will be all about publishing to the PureOS store. It’ll demonstrate how to publish source code and assets for a reproducible build, and how to submit the game for inclusion in the PureOS store after that.

GDQuest is producing more tutorial videos as part of their ongoing crowdfunding campaign. There are only a few days left to back the project. Join us in supporting them!

Get in touch with Nathan Lovato at GitHub, at GDquest, or at his pro SNS account

Image credit: MooGNU Copyright 2012 /g/ CC-BY-3.0

More in Tux Machines

Graphics: AMDGPU and X.Org Elections

  • amdgpu drm-next-5.2
  • AMDGPU Has Another Round Of Updates Ahead Of Linux 5.2
    Feature work on DRM-Next for the Linux 5.2 kernel cycle is winding down while today AMD has sent in what could be their last round of AMDGPU feature updates for this next kernel release. Building off their earlier Linux 5.2 feature work are more updates. That earlier round brought new SMU11 enablement code for Vega 20, various other Vega 20 features, HMM preparations, and other code changes.
  • 2019 Election Round 2 voting OPEN
    To all X.Org Foundation Members: The round 2 of X.Org Foundation's annual election is now open and will remain open until 23:59 UTC on 2 May 2019. Four of the eight director seats are open during this election, with the four nominees receiving the highest vote totals serving as directors for two year terms. There were six candidates nominated. For a complete list of the candidates and their personal statements, please visit the 2019 X.Org Elections page at The new bylaw changes were approved in the first round of voting. Here are some instructions on how to cast your vote: Login to the membership system at: If you do not remember your password, you can click on the "lost password" button and enter your user name. An e-mail will be sent to you with your password. If you have problems with the membership system, please e-mail membership at When you login you will see an "Active Ballots" section with the "X.Org 2019 Elections Round 2" ballot. When you click on that you will be presented with a page describing the ballot. At the bottom you will find a number of dropdowns that let you rank your candidates by order of preference. For the election: There is a pull-down selection box for 1st choice, 2nd, choice, and so on. Pick your candidates top to bottom in order of preference, avoiding duplicates. After you have completed your ballot, click the "Cast vote" button. Note that once you click this button, your votes will be cast and you will not be able to make further changes, so please make sure you are satisfied with your votes before clicking the "Cast vote" button. After you click the "Vote" button, the system will verify that you have completed a valid ballot. If your ballot is invalid (e.g., you duplicated a selection or did not answer the By-laws approval question), it will return you to the previous voting page. If your ballot is valid, your votes will be recorded and the system will show you a notice that your votes were cast. Note that the election will close at 23:59 UTC on 2 May 2019. At that time, the election committee will count the votes and present the results to the current board for validation. After the current board validates the results, the election committee will present the results to the Members. Harry, on behalf of the X.Org elections committee
  • It's Time To Re-Vote Following The Botched 2019 X.Org Elections
    While there were the recent X.Org Foundation board elections, a do-over was needed as their new custom-written voting software wasn't properly recording votes... So here's now your reminder to re-vote in these X.Org elections. At least with the initial round of voting they reached a super majority and the ballot question of whether the X.Org Foundation should formally fold into its umbrella worked and that X.Org + hook-up passed so all is well on that front. But for the Board of Directors elections, that's where re-voting is needed with the voting software that now correctly records the votes.

today's howtos

Games: Lutris and More

  • Epic Games Store Now On Linux Thanks To Lutris
    While the Epic Games Store itself is not officially supported by the open source Linux operating system, a third-party gaming client has now made sure that you can access the store and launcher on your own distro. The Epic Games Store is now accessible on Linux via the Lutris Gaming client. The client is available to all Linux users, who in the past has provided the same users a way to play PC games without the need to have Windows installed in their machines. Although Linux is not necessarily the go-to platform when it comes to PC gaming, there is a very niche audience dedicated to making the platform work in favor of open-source and to counteract what could be perceived as a heavily Windows-biased PC gaming community. Linux gaming is somewhat tedious to the relatively casual or normal user, although there are some within the Linux community that advertise and try to foster its growth in terms of gaming, as there are some games that can run better on the operating system. That is to say, if you have a lot of patience to try and make it work.
  • You Died but a Necromancer revived you is good fun in a small package
    Sometimes, simplicity is what makes a game and in the case of You Died BaNRY that's very true. The game has little depth to it but makes up for that in just how frantic and fun it can be. The entire gameplay is just you (or you and friends) attempting to cross a small level filled with platforms, spikes and all sorts of crazy traps. It's ridiculously easy to get into as well, since the controls are so basic all you need to worry about is your movement.
  • Forager is a weirdly addictive casual grinding game that has mined into my heart
    I'm not usually one for games that have you endlessly wander around, collect resources, build a little and repeat but Forager is so ridiculously charming it's lovely.
  • DragonRuby Game Toolkit, a cross-platform way to make games with Ruby
    Now for something a little different! Ryan "Icculus" Gordon, a name known for many Linux ports and SDL2 teamed up with indie developer Amir Rajan to create a new cross-platform toolkit. Why was it created? Well, in a nutshell they both "hate the complexity of today's engines" and this toolkit was actually made to help ship A Dark Room for the Nintendo Switch, which shows how versatile it is.

10+ Open Source Software Writing Tools That Every Writer Should Know

Being a professional writer requires two key things to help ensure success: commitment and support. The former comes from the writer, and the latter comes from the tools he (or she) uses to get the job done. Below is a list of 11 great and lesser-known writing tools or apps, many of which are free and open-source, that can help improve the quality of your writing and make you a more productive and successful writer. Read more