A San Francisco-based start-up is creating a line of Linux-based laptops and mobile devices designed with hardware and software to safeguard user privacy.
Purism this week announced general availability of its 13-in. and 15-in. Librem laptops, whichit says can protect users against the types of cyberattacks that led to the recent Intel AMT exploits and WannaCry ransomware attacks.
The laptop and other hardware in development has been "meticulously designed chip by chip to work with free and open source software."
"It's really a completely overlooked area," said Purism CEO Todd Weaver. "We also wanted to start with laptops because that was something we knew we'd be able to do easily and then later get into phones, routers, servers, and desktops as we expand."
The company has already designed a 11.6-in. Linux-based 2-in-1 that can currently be pre-ordered. Weaver expects the 2-in-1 to be available in about six months. The 2-in-1 with a basic 256GB SSD and 8GB of memory retails for $1,398.
Purism's 2-in-1 is based on the same Linux OS as its laptops and has physical toggle switches that can turn off its cameras, microphone and wireless connectivity.
Around the same time, the company wants to ramp up development of an open-source smartphone that will also sport native security features such as an encrypted messaging platform. The company still needs $5 million in capital to develop the privacy-based smartphone, Weaver said.
Now that the Purism has built up an inventory of laptops, however, it will begin targeting businesses as customers for its laptops; wait times for one should only be a few weeks.
"The nice thing about the B2B sales is our core audience -- the software developers, hardware geeks and hardcore security individuals," Weaver said. "CTOs and CIOs are, of course, in that core audience and they recommend technology to buy. So, we'll start picking up small businesses...and be able to expand that to much larger enterprises because we have a depth of credibility they're interested in."
By "depth of credibility," Weaver means his company's philosophy that it will always release its system source code, enabling it to be audited and known vulnerabilities eliminated in order to avoid even theoretical cyberthreats.
For example, in May, Intel announced that PCs sold after 2010 with its server chipsets could be remotely hacked due to a critical vulnerability in its Active Management Technology (AMT) firmware, a component of Intel's 7th Generation Intel Core vPro processors. Intel released a patch for the vulnerability.
The vulnerability was first discovered in March by a researcher at Embedi, a security product provider. Along with allowing a potential hacker to gain control of a PC's mouse and keyboard, the vulnerability also enabled a hacker to bypass a computer's password authentication processes.
"Prior to the Intel publishing the AMT (Active Management Technology) exploit, it was all just a theoretical threat," Weaver said. "We took it upon ourselves to say that is a theoretical threat, so we're going to remove it. The way we remove it is, of course, we don't use an Intel networking card, we don't use a management engine that has that networking stack in it, and we don't use a CPU that has vPro, which means AMT isn't able to be used."
Because Purism's laptops don't natively run Windows or macOS or applications, they're not suseptible to common ransomware attacks, such as the WannaCry attack in May, Weaver said.
Purism's 15-in and 13-in Librem laptops.
The laptops are built on sixth-generation Intel i5 mobile processors and so-called PureOS, a platform based on Debian GNU/Linux that runs the open-source Coreboot BIOS firmware.
The computers come preinstalled their version of the LibreOffice suite of business applications, software created by The Document Foundation, a non-profit organization based in Germany. The suite includes email, spreadsheets, graphics, drawing, presentation, media player and Purity's own browser called PureBrowser.
PureBrowser is based on the Firefox web browser but includes security add-ons such as the Privacy Badger, a plug-in created by the non-profit Electronic Frontier Foundation (EFF) that blocks spyware and browser trackers.
The laptops also come with a preinstalled Tor Browser, an anonymizing browser that uses encryption and anonymous routing to protect users' rights, and the EFF's HTTPS Everywhere, a browser extension that encrypts communications with many major websites.
Despite the company's plans, analysts say it could have a tough climb.
Mikako Kitagawa, a principal research analyst at Gartner, said a vendor as small as Purism will have a difficult time breaking into even the midsized corporate market, as that laptop market is already dominated by Lenovo, Dell and HP.
"The reality is that large companies do not really get their hardware from unknown vendors," she said.
Additionally, when Purism announced the Librem laptop line in 2015, it caused something of a stir in the open-source software community from developers who argued the company wasn't fully delivering on its promise of a completely open-source computer because it used an Intel processor and a proprietary BIOS.
"The criticism comes down to the strictness of Free Software Foundation enthusiasts, which is completely understandable," Weaver said. "The concern from that audience...is that they wanted us to be further along than we are."
Now that Purism is using Coreboot, there is only 200KB worth of proprietary binary code remaining on the computer, Weaver said.
He compared the laptops and their software to a layer cake in which the first seven layers are open source, and only the last layer remains to be freed through reverse engineering.
"Yes, we know we have this binary, but it's at the lowest level. We're investing [revenue] back into the supply chain and reverse engineering the management engine, which is the last remaining binary we have," Weaver said.
A base model of the Librem 13 laptop, with 8GB of RAM and a 250GB SATA 3-attached SSD retails for $1,898; the Librem 15, also with 8GB of memory and a 250GB SATA SSD, retails for $1,999.
Purism launched a crowdfunding campaign in 2014 to raise money to develop the two laptops and a 2-in-1 tablet. The crowdfunding campaign for the 13-in laptop raised about $462,000 of a $250,000 goal; the 15-in laptop raised nearly $600,000 of its $250,000 goal.
All together, Purism said it's raised more than $2.5 million (including seed funding) and has seen 35% to 38% average monthly growth in orders over the last year for its Librem 13-in and 15-in laptops, respectively. Previously, the laptops were only made-to-order, meaning it took up to three months to get one.
Along with free, open-source software, the laptops come with two physical toggle switches, one to turn off the microphone and camera and another to shut off wireless/Bluetooth connectivity. The laptops also sport something called a "Purism Key," a one-touch method to search the computer for documents and applications.
The laptops have a distinctively MacBook-like look to them. They include a multi-touch track pad that can scroll, click, zoom, and scale the view in the same way a MacBook's trackpad works.
Weaver said that's no coincidence, as purchasing any sturdy, all-aluminum laptop case from third-party vendors who mimic Apple designs leaves little room for customization. And, in fact, a lot of Purism's core customers are Apple enthusiasts and will be familiar with the build quality.
Go here to read the rest:
Purism aims to push privacy-centric laptops, tablets and phones to market - Computerworld
- Digital surveillance threats for 2020 - The Star, Kenya - January 18th, 2020
- Teejayx6 Will Steal Your Identityand Rap About It - WIRED - December 2nd, 2019
- Such as the struggle of the Venezuelan economy, some residents turn to a lucrative gig: Cybercrime - Herald Journalism 24 - December 2nd, 2019
- Smart users guide to the snooping game - Livemint - November 17th, 2019
- Privacy on your smartphone: how to protect your data - AndroidPIT - November 17th, 2019
- BBC News heads to the dark web with new Tor mirror - The Verge - October 27th, 2019
- The Tor Project releases Tor Browser 9.0 with several UX improvements - Neowin - October 27th, 2019
- Fraudulent Tor Browser Spies and Has Been Stealing The Bitcoins - GoodTime Nation - October 27th, 2019
- OnionShare Lets Anyone Host Anonymous Sites on the Dark Web - BleepingComputer - October 16th, 2019
- #SecTorCa: Millions of Phones Leaking Information Via Tor - Infosecurity Magazine - October 16th, 2019
- Is there anything we can do to stop someone spying on us? - Newstalk 106-108 fm - August 25th, 2017
- If you're really concerned about browser security, Incognito isn't enough - TechRepublic - August 20th, 2017
- The Daily Stormer has lost its lease, accessible only via Tor browser - The Moderate Voice - August 20th, 2017
- Tor Project 'disgusted' by Daily Stormer, defends software ethos - CNET - August 18th, 2017
- Neo-Nazi site Daily Stormer resurfaces with Russian domain following Google and GoDaddy bans - Vox - August 16th, 2017
- Tor Browser 7.0.4 Download - TechSpot - August 14th, 2017
- Debian-Based Tails 3.1 Anonymous OS Debuts with Tor Browser 7.0.4, Linux 4.9.30 - LXer (press release) - August 11th, 2017
- Tails 3.1 has been released but you'll need to do a manual upgrade - Neowin - August 10th, 2017
- China and Russia go further in squelching Internet freedom - Washington Post - August 10th, 2017
- The FBI Booby-Trapped a Video to Catch a Suspected Tor ... - Motherboard - August 9th, 2017
- Major Improvements Are Coming Soon to the Tor Browser - The Merkle - August 8th, 2017
- The Attack on Global Privacy Leaves Few Places To Turn - WIRED - August 4th, 2017
- Tor Co-Founder: There Is No Dark Web The Merkle - The Merkle - August 3rd, 2017
- Online privacy protection - Choice - CHOICE - August 2nd, 2017
- There Is Basically No Dark Web. It's Only A Few Webpages TOR Co-founder - Fossbytes - July 31st, 2017
- How to Install Tor Browser for Mac and Protect Your Online Activity - iDrop News - July 29th, 2017
- How to get around an ISP blocking a website - MyBroadband - July 26th, 2017
- Don't blame online anonymity for dark web drug deals. - Slate Magazine (blog) - July 26th, 2017
- Tor network will pay you to hack it through new bug bounty program ... - ZDNet - July 21st, 2017
- Tor Project to launch public bug bounty project - CIO Dive - July 21st, 2017
- How to access the dark web - The Daily Dot - July 20th, 2017
- Your Mailman Is a Drug Dealer. He Just Doesn't Know It. - WNYC - July 20th, 2017
- Want porn? Prove your age (or get a VPN) Naked Security - Naked Security - July 20th, 2017
- Suspected AlphaBay founder dies in Bangkok jail after shutdown of online black market - Washington Post - July 19th, 2017
- S. Sudan blocks Sudan Tribune website over hostile coverage - Sudan Tribune - July 19th, 2017
- Assassins and child porn; a darknet offers everything - The Slovak Spectator - July 19th, 2017
- Apple users warned of dangerous new Mac malware that steals banking credentials - ThaiVisa News - July 18th, 2017
- The best security apps to lock down your Android phone - The Daily Dot - July 14th, 2017
- Mozilla is held to a higher standard - Ghacks Technology News - July 14th, 2017
- Privacy blunder? Firefox's Get Add-ons page uses Google Analytics - Ghacks Technology News - July 13th, 2017
- Russia, China vow to kill off VPNs, Tor browser - The Register - July 11th, 2017
- How to safely search the deep web - The Age - The Age - July 11th, 2017
- ACLU's Gillmor on privacy: 'We pay for what we value' (Q&A) - The Parallax (blog) - July 10th, 2017
- What is Tor browser, and is it safe? | Komando.com - July 7th, 2017
- Darknet 101: Your guide to the badlands of the internet - CNET - CNET - July 5th, 2017
- In Reporting on North Korea, Tech Helps Break Through Secrecy - New York Times - July 5th, 2017
- How to safely search the deep web - The Sydney Morning Herald - July 5th, 2017
- TOR Browser - darkwebnews.com - July 5th, 2017
- How To Search The Deep Web Safely - Gizmodo Australia - July 5th, 2017
- Burleson man convicted of accessing child porn from dark website - Fort Worth Star Telegram - July 4th, 2017
- Here Brazilian Journalists Learn Privacy for Themselves and Their Sources - Brazzil.com - June 30th, 2017
- Brazilian site teaches journalists how to protect sources and personal data from digital attacks - Knight Center for Journalism in the Americas (blog) - June 29th, 2017
- The best ways to make your search private in 2017 - KnowTechie - June 28th, 2017
- Bill regulating online anonymizers unanimously passes first ruling in Russian Duma - Washington Times - June 24th, 2017
- The Burger King Ad That Activated Google Home Just Won A Prestigious Award - XDA Developers (blog) - June 24th, 2017
- Mozilla's new Android browser blocks ads and trackers - Boing Boing - June 22nd, 2017
- Secure OS Tails 3.0 Launches With Debian 9 Base, Redesigned ... - Tom's Hardware - June 15th, 2017
- Tails OS hits version 3.0, matches Debian's pace but bins 32-bit systems - The Register - June 14th, 2017
- Tor Browser 7.0 is released | The Tor Blog - June 10th, 2017
- Tor Browser 7.0 works harder to protect your anonymity on its own - Engadget - June 10th, 2017
- Tor Browser 7.0 released - gHacks Tech News - Ghacks Technology News - June 8th, 2017
- Tor Browser 7.0 arrives with multiprocess mode, content sandbox, and Unix domain sockets - VentureBeat - June 7th, 2017
- Wikipedians Want to Put Wikipedia on the Dark Web - Motherboard - June 7th, 2017
- What The Dark Web Is And How To Access It - Komando - June 3rd, 2017
- What is Deep Web and How is it Different from Dark Web - Guiding Tech (blog) - June 1st, 2017
- If You Think WannaCry is Huge, Wait for EternalRocks - Data Center Knowledge - June 1st, 2017
- DOJ, FBI Executives Approved Running a Child Porn Site - Motherboard - May 30th, 2017
- What is Tor, How It Works And Where to Download the Tor Browser? Everything You Need To Know - MobiPicker - May 30th, 2017
- WannaCry 2.0: EternalRocks author calls it quits - TheINQUIRER - The INQUIRER - May 28th, 2017
- Data For Sale: What Everyday Consumers Can Do To Keep Their Info Safe - Forbes - May 26th, 2017
- Fearing surveillance in the age of Trump, activists study up on digital anonymity - Washington Post - May 26th, 2017
- EternalRocks Attack Spreads While Using Same Exploit As WannaCry Ransomware - Yahoo News UK - May 23rd, 2017
- Tor browser for Android that is better than Orfox is in the works - Android Kenya (blog) - May 23rd, 2017
- Organizations Can Combat WannaCry & Jaff Ransomware With Well Instrumented DNS - Techzone360 - May 23rd, 2017
- This Spy App Can See If You've Visited Whistleblowing Sites on the Dark Web - Motherboard - May 20th, 2017
- Why Nigerian CIOs should care about the dark web - ITWeb Africa - May 20th, 2017
- A hack has put data of 17 million Zomato users at risk: Should India be worried? - DailyO - May 20th, 2017
- New Jaff Ransomware Part Of Active Necurs Spam Blitz - Threatpost - May 13th, 2017
- Three vulnerabilities allow spies to detect Tor browsers - Cloud Pro - May 9th, 2017
- Tor Browser - TechRadar - May 6th, 2017