Have I Been Pwned

Hi guys! I have had my Librem 14 for one week now, and I have been using it and enjoying it. The weird right had shift key throws me off, but other than that it’s been fun. I’ve been trying to only install software through the native package manager in general, and I also compiled and ran an open source LibGDX game that I have been working on as a hobby for a few years and this 3D RTS project ran beautifully with 60 FPS here on the Librem 14. Although my code is kind of an emulator for an old 2000s game and uses some nonfree 3D artwork for the characters, the code is mine and fun to use.

So I’ve been enjoying this device but I found myself on the holidays talking to folks about computer security and I’m suddenly reminded how I feel like any attempt to even understand what I should be aiming for with computers these days is derailed by differences in common foundational understandings.

When I use Wireshark on Windows, I can see that Windows calls home all the time. If I run my favorite 2000s game program that I thought was an offline game, every 3rd time or so it shoots encrypted traffic off to some Azure Edge “app click tracker” for Microsoft that I assume is a bean counter on EXE clicks and maybe some other things. When I open my Librem 14 and use Wireshark, it’s pretty quiet. There was some TCP connection when it was first starting up to some IP that was already DNS resolved by the time I opened wireshark, and for which a whois told me it was Fastly in California (not sure what that is), but in general it’s much quieter than Windows. Like my Librem 5, I just feel good using this thing.

But is that only because I’m telling myself to feel good about it? I found myself having a conversation with folks who see “going it alone” with computer security and not sending everything we do back to major corporations as being probably a bad idea. We talk about the SolarWinds/SolarFlare hack and how most major agencies in the United States including the Department of Energy (nuclear weapons) were compromised, and how Microsoft was compromised, and this was all known to have happened. And so we talk about how maybe Microsoft being compromised means that all these people whose machines report their clicks to Microsoft might be likewise compromised.

But, on the flip-side, there is this idea that the Microsoft backdoor into everything means Microsoft can fix it. Is the future a world where “being compromised” is what happens to anyone who tries to “go it alone” and use open source software, because one mis-click installation of something bad run at the superuser level might install some vile garbage from a foreign nation state that spies on us forever, and that is effectively invisible. Whereas on devices running Windows or Android or Mac that the user practically doesn’t own, the constant surveillance means that the major corporations can always be aware of threats and always take action. And here on my Librem 14 where I want to feel safe, for example of someone finds a zero-day in whatever browser I choose, they might get into my system and never get out because I don’t have a big-budget security team watching over me.

And yet, in other circles and with other people, we have talked ourselves in circles with our dislike for these corporations and their invasions of privacy and their efforts to control our lives. And now, talking to people who happily give up their data, there is actually an understanding of what the free software is trying to do and the desire for control, and they see that as a form of toxic self-harm focused on the wrong threat actors. It’s suggested to me that the threat isn’t Google or Apple or Microsoft or their friends, but rather targeted spearfishing that only Google or Apple or Microsoft can save you from that would otherwise compromise your tech when you need it most, such as for those really personal things like shopping or mobile banking where you enter private personal details that need to be handled with care.

So, I guess it puts me in that weird situation of wondering, how can we know what to trust? If I decide to trust my LIbrem 14 more than my Windows, is that just an emotional choice based on whatever I decided to put in my head, and have I simply been “pwned” by Purism, or a foreign nation-state actor working through them to convince people like me to use devices where the device owner is the superuser, so that those foreign nation-states can hack in and become the true superuser in my place?

I find it very hard to prove a negative: how can I prove my Librem 14 is not infected with invisible malware? How can I prove my Windows device is not infected with invisible malware? If it were infected by a known threat then we could isolate and determine that, and prove it was present. But how can I ever prove it is not present?

And if there is no way to prove a negative, then is the only safety something that comes from proving a positive by the active work undertaken by wealthy major corporations on behalf of their users (or useds)?

If you were presented with a physical computer and invited to use it for some time, how would you convince yourself to trust it?

Confidence rate: what I am confident about, I place trust in. FUD counters that.

I cannot answer internal questions.

Auditing the code and its behavior. If you do not understand the code, learn about it. Wear and tear on the hard drives, which can be examined by digital forensic techniques and tools.

Microsoft has a Shared Source Initative program for debugging and reference purposes.

https://www.microsoft.com/en-us/sharedsource/

That depends on what I am trusting it with.

When the question of trust in computing is being discussed, I like to refer to Joanna Rutkowska of ITL and a well-known article she published in October 2015: https://blog.invisiblethings.org/papers/2015/x86_harmful.pdf.
You don’t need to read the entire article, which is very technical and more for hardware/system specialists. But I encourage you to read Chapter 1 - the Introduction - and especially the section “Trusted, Trustworthy, Secure?” which IMO is the best definition of both the meaning and the problem of trust in digital technologies.
Be prepared for more paranoia, though!

From the Smoking Man’s cigarette lighter: “Trust No One”.

But then again he still had to interact with others. Doesn’t mean he trusted anyone, but he still had to deal with 'em.

Build the operating system and the firmware from source, after verifying the source, and just install it yourself. While that may not be 100%, that is still vastly better than Windows where you can prove nothing (or Android where you know that it is infected with visible malware).

It’s not going to be a very effective attack though i.e. the foreign nation-state will get much better bang for their buck by, say, a supply chain attack against Microsoft / Google / Apple - and thereby pwn hundreds of millions of devices. You can perhaps argue that the attributes that cause a customer to choose Purism make that individual customer a higher value target for the foreign nation-state but in sheer weight of numbers …

Anyway, how do you know that M / G / A are not in fact front companies for foreign nation-states?

A fair question. There is no “wrong” about it though. It is just what you decide the worst threat to you is.

The reality is that about 99.x % of spearfishing is targeted at mainstream devices. No wonder M / G / A have to build in so much to try to counter spearfishing.

Because AOSP is FOSS, you can do the same thing with Android for everything except for some firmware and drivers. And while the question was for the Librem 14, I’m sure you’re aware that the Librem 5 uses non-FOSS firmware. I’m sure you’re also aware that the Librem 14 has not-intended-to-be-user-updateable firmware too. A chain is as strong as its weakest link.

Nation-states, unlike the typical malware maker, don’t particularly care about “bang for their buck”. You’ll note that when the CIA cyber tools (Vault 7) were released they included plenty targeting GNU/Linux.

You have examples for that claim?

Sure. All USB3 devices have embedded proprietary firmware. That’s the sort of firmware that was intended for the RYF exemption, but that doesn’t mean it isn’t there.

Does this mean if I unplug the spare mouse I was using from my Librem 14 that it becomes truly trustworthy?

I didn’t say anything about “trustworthy” – that’s for the tin foil hat types to debate.

I was simply saying that pretty much everything that is USB3 has proprietary firmware … it’s just embedded. Even your USB-C-PD cables have embedded chips and firmware (read up on Channel Configuration and/or Port Controller chips). Similarly, internal to your laptop, the USB controller has embedded proprietary firmware. Any USB thumb drive has embedded proprietary firmware. All of that falls under the RYF’s exception —> and was the clear intention for that exception [as opposed to the firmware on the Librem 5’s wifi module or the Librem 5’s cellular modem].

True enough, with the following additional points:

• some firmware is open source (and in an ideal world more would become so)
• it may not matter that the firmware has access to the data - what matters is what the firmware can do with that access (hence, for example, a blackbox keyboard has access to your password but there are limits as to whether it can successfully exfiltrate the password - but a somewhat sophisticated attacker could probably exploit this)
• it may not matter in the case that the data is encrypted (hence, for example, a blackbox SSD obviously has access to the encrypted data on your root partition but does not have access to the corresponding plaintext - and again a sophisticated attacker in some circumstances could exploit this) - and likewise the firmware in your WiFi card and in your cellular modem (where applicable) both have access to the data but the data is, or should be, encrypted, thereby removing access to the plaintext content

So imagine the nightmare scenario where you have a hostile keyboard and a hostile SSD and the keyboard is able to grab your LUKS password and then exfiltrate it to your SSD i.e. the two pieces of hostile firmware are cooperating.

I think in this case “Perfect is the enemy of good”. Open source is not perfect security but it is good security. It raises the bar for the attacker.

There are some exceptions, like the Librem Key, or the various Nitrokeys. Another one of the top of my mind is the NeuG USB True Random Number Generator, and there are various similar TRNG examples like it.

Yes the Nitrokeys+Librem Keys have open firmware. But technically those are not “thumb drives” (flash data storage USB devices), they are encrypted password stores.

Well the Nitrokey Storage 2, as its name says, has storage up to 64 GB.

Interesting. I still assume that there is some firmware on that device that is proprietary. What I’m saying is that while the encryption and key management is FOSS, the firmware for the flash memory controller is probably proprietary (the wear leveling and garbage collection is at a chip level and the firmware for that chip is AFAIK always proprietary).

Okay, I will contact Nitrokey Support and let you know once I have a response.

Thanks! I’m curious. I looked briefly at the source code, but would need to spend more time on that. I’ve googled to try to figure out what chip they use for the flash memory controller and have come up empty.

Here are GitHub repositories pertaining to the Nitrokey Storage:

What is likely relevant to your query is the bill of materials (BOM):

Huh. So the people building the thing that the Pureboot uses to achieve security… designed their thing with Microsoft Excel XLSX files?

That feels similar to when I tried to download Android on the NXP website. Contrary to the nature of Purism, the nature of NXP who manufactures the Librem 5 CPU as I understand it… is very privacy-invasive. Their user agreement in order to run code on the NXP CPU that originates from them was extremely awful.

Granted, that code isn’t really meant for a Librem 5 but rather for some other kind of “evaluation version” of the i.MX 8M Quad chip or something else like that that I don’t understand, but still… Is Purism bound to all the terms of the NXP agreement? Including banning of reverse engineering how code runs on the CPU?

Although one of the only parts of the agreement when I signed up as Chris Kringle or Leeroy Jenkins or whatever my supposed name was (I forget what I told them)… was that the agreement can be terminated.

So, yeah, NXP, if you’re reading this, consider our agreement terminated. Whatever I clicked on late at night without reading wasn’t a legally binding contract to me, because I thought it was in bad faith that you requirement me to click through it in order to download some random source code. You can tell I’m not a lawyer so your agreement with me is terminated, for both our benefit. Thanks.

The Nitrokey Storage is not directly related to PureBoot. However, the Librem Key, which is used with PureBoot, is based on the Nitrokey Pro 2:

Nitrokey Partners with Purism to Build the Librem Key | Nitrokey

Unfortunately the Nitrokey Pro 2’s development has been discontinued, with the Librem Key still five versions behind upstream since its release:

Not sure, you will need to contact Purism for further details about their legal arrangements.