Have I Been Pwned

Well, interesting to see that you had made an issue about this problem that we have long been stuck with: how to upgrade those early/older Librem Keys to more recent firmware updates that were for the Nitrokey Pro 2. I noticed this was 8 months ago…but there was no follow-up whatsoever.
I guess it’s a tricky problem: just flashing the Nitrokey firmware update will not make it a Librem Key, hence it will not be recognized as such by PureBoot. So it means Purism SPC has to make their own firmware update from the Nitrokey code, so that the LK still is an LK with the newer version.
Anyway, not much happening here. I don’t feel at ease with still using my older NKs, and the question is always the same: if there is a firmware update, it means a bug or a flaw was discovered (but thankfully, was kept secret!) Or is it the case? An update could also be only an improvement or new feature.
So: should we or should we not update? And should we be worried if this proves impossible? The situation is not clear and I feel Purism should clarify.
Is it even possible to flash a new firmware in those LK/Nitrokey Pro 2 - I’m not even sure about this? I know it is possible with their newer NK3 product line, but what about the former family line?

1 Like

No.

Storing a list of parts in a spreadsheet, regardless of format (xls, ods, hand written) of that spreadsheet, is not designing.

1 Like

@jonathon.hall has commented on the issue at February 6th, 2024:

Yes you can, but v0.10 and below can only be done with hardware reflashing:

There are multiple issues involved:

  1. The Nitrokey Pro 2, which the Librem Key is based on, has discontinued development on v0.15.
  2. The Librem Key is behind several version releases from upstream, on v.0.10.
  3. The Librem Key firmware repository is not updated to v0.15, as highlighted earlier.
  4. Documentation for hardware flashing the Librem Key firmware does not exist.

Even if the last three issues are resolved, it is clear that the Nitrokey Pro 2 is obsolete, so there are only two options for Purism at that point:

  1. Maintain and update the Librem Key firmware repository, which is unlikely given the current situation.
  2. Rebase on the Nitrokey Pro 3 (AKA Librem Key Mini), or another hardware design, which was claimed to not be in development when I asked about this years ago.
4 Likes

Thank you for the detailed information.
Checking on my several LKs showed that all have firmware 0.10, as you rightly pointed out.
Checking on my two NitroKey Pro 2, both are 0.15 (they were purchased much later)
It appears to be the latest and final firmware release, since dev has stopped and the product is being discontinued anyway.
I wonder how many LKs Purism still have in stock - and should they all be considered obsolete?
Those LibremKeys will never be updated, even if Purism rebases on firmware 0.15 and comes up with a firmware update. The reason for this is that firmware 0.10 and below CANNOT be updated with nitropy cli: it lacks a bootloader needed for flashing the new firmware once the device gets enabled in firmware flashing mode. Unfortunately, this bootloader (and the possibility to update the firmware via cli) appeared as a new feature of version 0.11 - one version above LKs!
But is this really so bad? There has been a lot of talk and divergent opinions on the subject of there security dongles and firmware upgradability. For some threat model, this is viewed as an unacceptable liability and a considerable increase of the attack surface: there should be no way to tamper with the device by simply reflashing a forged or modified firmware.
On the contrary, some claim that firmware updates are necessary for correcting bugs or flaws; and also as a way to introduce new features on the same product (which is what Nitrokey has done from firmware versions 0.11 and above)
I don’t know…
Which is best? I guess it depends on the threat model, in the end.

1 Like

It may interest you to know - regarding the future of these projects - that Nitrokeys (and I quess by extension, Librem Key) have been funded by EU. See Nitrokey | Next Generation Internet and Nitrokey 3 | Next Generation Internet

Unfortunately that funding for future improvements is now threatened, see thread: EU funding to open source projects in jeopardy - YOU can help

1 Like

Yes, at least I would given all of the citations I provided.

It is possible for Purism to offer hardware flashing services for the Librem Key, among other Librem products, via RMA, but that idea has not been raised yet.

Always update. In practice, adversarial threats refine their techniques and tools over time.