I am in the market for a secure laptop after a major headache with some suppliers in China.
Our small company had the bright idea of using an iPad with the wireless chip removed as a ‘secure’ enclave. Low and beholdsomehow the Chinese company was able to access the device wirelessly through a side channel attack and got access to all the files. Major headache all around and I feel a bit at fault for my ignorance on hardware security.
I am looking at the Librem 14 and I was wondering how secure is it against ‘sidechannel’ attacks. I would hate to buy it and have to return it a week later to find a bunch of files deleted even though the radio was ‘disabled’.
Is there any gaurentees against ‘state actors’ compromising the security of these devices? Is the hardware open source(and can be audited)?
Sorry if I can come off as distrusting but I find it hard to believe there’s an America company that sells a secure computing device.
Do you mean “supply chain attack” when you say “side channel”? It would be helpful to know more details about how your device was attacked if it had no WiFi card at all (and I’m assuming no cellular network or other network access as well?)
I guess you should consider using Qubes OS, which works smoothly on Librem laptops. This operating system is as secure as it gets and sometimes even provides more security than air-gapping.
Well I removed the wireless chip from the iPad(the iPad wifi was greyed out in settings) but they still were able to connect to the iPad through electromagnetic side channel as I understand it. I dont know the specifics as I am not a RF security engineer.
This is why I am very sceptical about your laptops using proprietary components. It’s all more or less security theatre without enabling the hardware to be audited.
QubeOS is not secure if it’s not running on secure hardware and that cannot be gaurenteed as 99% of computers have proprietary hardware with proprietary firmware as I understand it. I am not a security researcher through I tried QubeOS and it failed me security wise.
The reason I ask is that I’m skeptical about the ability of even a state actor to modify code and execute code on a computer purely over RF from an otherwise offline computer, unless they added some additional hardware to the device that allowed that remote control. There are certainly examples of attackers using RF to view what’s on the screen of a computer and there have been some whitepapers that demonstrate a proof of concept for getting other information over RF, but again that’s retrieving information that’s on the screen or in RAM, not modifying information or executing code.
Hardware backdoor claims are also something I’m typically skeptical of, because I haven’t seen a lot of actual proof of that done at scale (outside of specific interdiction of network hardware that was part of the Snowden disclosures). In particular I’ve never seen proof of actual mass hardware backdoor implants in the wild (which is something that is difficult to hide forever). The reason is that well-resourced attackers like state-level attackers prefer software supply chain attacks because they are easier to hide long-term and easier to explain away as a bug or unintentional debug mode if discovered.
Not exactly sure what happened with the iPad but the wireless chipset on the board was removed as I could see and what was on the iPad could still be accessed wirelessly so I am not sure what to tell you. Could the iPad be leaking a radio signal through one of the chips? I am not the one to ask but I’ve seen it first hand.
If it’s true that the WiFi chip was physically removed (and not just that it was disabled in software via airplane mode) then there must have been some other hardware on the device that allowed wireless communication. Likely either a cellular modem (some iPads include that feature) or Bluetooth.
To answer more general questions about Purism hardware and software security measures, the article I linked above (and will link here again for convenience) covers what we do to address software and firmware supply chain attacks (the most likely supply chain attacks you’d face):
We also offer PureBoot as a secure firmware alternative, which allows you to detect tampering in firmware and the kernel:
If you are concerned about hardware being tampered with in shipment after it leaves Purism, we offer an add-on anti-interdiction service which includes PureBoot:
To address the case of ensuring hardware is truly off when you disable it, we offer hardware kill switches that physically disable the device (instead of disabling it in software) as well as have removable WiFi cards in our laptops and our Librem 5 phone (which also has a removable cellular modem):
In addition our Librem 14 adds another switch that prevents firmware from being overwritten:
Our Librem 5 phone adds “Lockdown mode” to its kill switches which disables all other sensors (gps, accelerometer, etc) in addition to cameras, mics, wifi, bluetooth, and cellular modems:
And for people who are particularly concerned about hardware supply chain, we offer a premium version of the Librem 5, the Librem 5 USA, which has made in the USA electronics in the same facility we make our Librem Keys in:
I’ve seen the board the wireless modem(with bluetooth radio) was in fact removed though I can’t really tell if the rest of the hardware was tempered with.
No, our warehouse is locked and secured and we do not allow outside visitors even before the pandemic. Instead, we offer the anti-interdiction service to address those kinds of concerns.
I guess nobody could give such a guarantee. Security is a game of depth, as Kyle puts it.
You can only exclude as many possible loopholes as possible. And Purism is working to get rid of as much closed code as possible. If you use the killswitch or remove the WiFi card of a Librem, there’s probably no other computer that has LESS unfree code (e.g. SSD firmware remains).
In the end, it’s more likely that a human mistake leads to compromised security. E.g. you might THINK the data was exfiltrated via a RF sidechannel, but actually the iPad made a cloud backup (before the WiFi was removed) that was hacked. Or it was sent via unencrypted mail(*). Or something like that.
Or the software update warns you of an invalid signature, but you ignore it.
(*) I would assume the valuable data was not created on the iPad, right? So, somehow it had to get there, and this also leaves some possibilities how it could have been stolen.
A Side channel usually only reveals what passes the CPU (or by extension, what’s in RAM or on the screen). Only if the device is compromised, it could load data from disk and then exfiltrate it.
I don’t know how much you would like to reveal to us but how do you know all this? What are the facts? And what is assumption, guess and speculation?
Has data or information stored or processed on the device been leaked to a third party? How can you be sure?
Was those data or information been stored or used on any other device (even temporarily)?
Has any data been manipulated? How can you be sure? Could that have been done by the user (maybe accidentally)?
Are there mobile storage devices in use? How does data go in and out from that device?
How do you know that this Chinese company is behind the incident? On the other side you talk about a state actor.
Yes could be all true. Just seems not the most probable case from my perspective. On the other side your company seem to have some valuable business secrets to defend which makes it plausible.
Well I am not going to argue with you and you’re obviously much more knowledgeable about the subject than me. I would be even willing to send you the iPad if you even want to dig further in but I know for fact that the iPad can still be accessed even though the radio chipset has been removed. Don’t know the specifics just what I experienced.
Thanks for the flowers, but Kyle is certainly several levels above me
Just as @prolog, I’m curious how you can be so sure that this is what happened. The reason why we have a hard time believing this, is that this would be a really high level attack. We know these are possible and happen. Just not that we regularly talk to somebody who was a victim.
To reiterate, if data (that is not on your screen) is leaving your device, then there is software on the device that makes it leave. Either intentional (you copy it), unintentional (cloud backup, anti-virus), or malicious. This is already true if you HAVE a radio. If you have no radio, there has to be malicious software plus a receiver in close proximity.
Thinking about the low data rates that side channel attacks provide, I just thought I’d rather try to place a sender in the docking station, the power plug or anything else you attach to the device that looks unsuspicious.
Still, can you be 100% sure the data was stolen from THIS device and not from a different one? How?
No problem. If you are distrusting then you have come to the right place.
My attitude is that you shouldn’t have to trust because everything can be verified.
What was the exact model of iPad?
Different people may mean different things by “side-channel attack”. Regardless, after a successful attack of any sort, a skilled attacker can make it impossible to find out how the attack was conducted.
It goes without saying that for maximum security, you should have custody of your device at all times. You don’t really spell out the scenario.
EDIT: Nachteile iPad Jailbreak (https://www.comsmile.de/ratgeber/tablet/ipad-jailbreak/):
– durch die ausgehebelten Einschränkungen von Apple hat Schadsoftware nun freie Bahn,
– Trojaner und Viren durch dubiose Anbieter in Cydia,
– höherer Akkuverbrauch (gelegentlich).
– Verlust der Apple Garantie.
For a sophisticated attacker, I wouldn’t rule that out.
As recently as December 7, it was being discussed in this forum/category that the vulnerability known as “Amnesia 33” contained at least one RCE in open source IP stacks.
As recently as October, it was being reported that the Windows IP stack had an RCE vulnerability.
As recently as October, it was being reported that the Linux Bluetooth stack had an RCE vulnerability.
Maybe, just maybe, by now your conventional x86 computer has enough band-aids to stop RCE in most cases (at least for machine code) but what about some of the lower level components that themselves are tiny computers running operating systems with negligible protections and application code with more corners cut than a circle?
I would assume that state actors still have a few RCE vulnerabilities in the bank.