This may be stupid question. I have an x230 with heads, and the hardware that heads runs on is limited. Is the pureboot basically an implementation of heads on more modern hardware, or is it starting from scratch (or from generic bootguard) to run on Librem CPUs?
I am torn between a L14 and a Starbook MK V, and one of, if not the only features missing from the Starbook is the protected boot. I really want to be able to check integrity and only be able to boot with a hardware key, and without reviewing the git (next step), I am trying to determine how unique the pureboot implementation is, and how much closer to the even more modern intel chips in the starbook pureboot has brought heads, or if a brand new cpu needs an entirely new implementation of heads/pureboot/bootguard equivalent.
forgive the naivete, I am only trying to contribute to the community at large.
PureBoot is Purism’s cutting edge, complete secured boot process and combines a number of technologies including:
Neutralized and Disabled Intel Management Engine
Coreboot the free software BIOS replacement
A Trusted Platform Module (TPM) chip
Heads our tamper-evident boot software that loads from within coreboot and uses the TPM and the user’s own GPG keys to detect tampering within the BIOS, kernel, and GRUB config.
Librem Key a USB security token that integrates with Heads to alert the user to tampering with an easy “green light good, red light bad” process.
Integration between the Librem Key and LUKS disk encryption so you can unlock your disk with your Librem Key.
Note that Intel ME is not neutralized in Librem 14, only disabled.
Pureboot is Purism’s fork of Heads, which usually differs from upstream Heads by about a dozen patches or so at any given time. We push as much of our work back upstream as possible, so you can run upstream Heads on a Librem 13/15/14/Mini if you want. Bootguard has nothing to do with it and is not used.
As Heads is just coreboot + a custom Linux payload, one can add Heads support for any board which has coreboot support (and enough room in flash for the payload) with a little work. You could buy a modern laptop with coreboot (say from Starlabs) and add Heads support yourself and use a Librem/Nitrokey, but you’d be on your own for support (and would probably need to finish TPM 2.0 support in Heads first).
Thank you for the detailed answer, extremely helpful. So the Librem 14 is not using TPM 2?
any ballpark for man hours to achieve tpm2 support? And then more generically, if I wanted to put heads on a coreboot supported machine, how much minimal work would you estimate to have it function nicely on the machine (assuming everything else was generally compatible, including tpm2 support). I will dive into the heads github today. I was under the impression it was tied to specific, small group of hardware. That is very promising that it is more generic than I thought. I will turn to that community for more questions about how functioning it would be to blindly flash it on to another random machine.
My last question for you is it possible to use a yubikey or other gpg hardware key with the Librem implementation of heads (or heads in general?)
no, the Librem 14 uses a TPM 1.2 (it can be firmware-flashed to TPM 2.0 should we wish)
I’ve not looked at the state of things recently to be able to estimate that. If TPM2 support were implemented, me adding support for a new board would probably take an hour or less to get up and running, but I’m a veteran coreboot/Heads developer so not a great metric to use.
only the LK/NK are supported currently. I’m not sure what other keys are capable (if any) and support would likely needed to be explicitly added
PureBoot is the name we use for the suite of software we use to secure the boot process. Practically speaking this ends up usually just referring to our fork of Heads, but technically speaking also encompasses other parts of securing the boot process, including a script to allow you to unlock your disk using a Librem Key. Those parts are less mature than the boot firmware, though, so normally when we talk about PureBoot we are talking about our custom fork of Heads.
I’ll elaborate a bit more on this. Like @MrChromebox says, only the Nitrokey and Librem Key are supported, but when we talk about “supported” here we are specifically talking about the HOTP tamper detection function that we added to Heads when we first started offering it on our laptops.
Before we added this feature, Heads would use TOTP only, which means you would take a picture of a QR code that represented the shared secret stored in the TPM, and use a phone authenticator app to convert it to a 6-digit code. Each time you boot you would take out your phone and verify the code. I wanted Heads to be more user friendly because I wanted wider adoption among our own customers, and felt that if a user has to unlock their phone each time they booted, and compare a 6-digit code, they’d likely just skip it.
With the Librem Key HOTP support, it’s much simpler. Just insert the key at boot, and when the TPM releases a shared secret, PureBoot converts it to a 6-digit HOTP code and sends it over USB to the Librem Key. If it matches what the Librem Key generated itself with its own version of the shared secret, it blinks green, otherwise it blinks red.
You can use a Yubikey for GPG signing of files in PureBoot, but we worked with Nitrokey to write custom firmware for the Nitrokey and Librem Key to implement this special HOTP feature. In theory other USB security tokens could implement this HOTP feature, but no others have. At the moment, if you use a Yubikey to sign files in PureBoot, you have to fall back to TOTP to verify that the boot firmware hasn’t been tampered with.
Does this mean the Librem/Nitro keys HOTP implementation is different from the Yubikeys HOTP implementation? I know the Yubikey supports HOTP, but I didn’t expect there were different ways to implement that would affect functionality.
Yes the Yubikey can generate HOTP and TOTP codes, but the difference is the direction the authentication flows. Traditionally when you use a USB security token for HOTP or TOTP, your token (the client) has a shared secret and it generates a 6-digit code that you copy to a website (the server) so you can authenticate to the site.
In this case the authentication direction is reversed. Your computer is authenticating itself to the key. It’s the client that is generating a 6-digit code and passing it along to the security token (the server) over USB. There is special client software we worked with Nitrokey to develop that runs inside Heads to implement this.
I was just recently experimenting with changing over to using pureboot on my Librem 14. However, I am somewhat confused. According to you post, the TPM inside the Librem 14 should be a 1.2, but my dmesg/journalctl reports the following for me tpm_tis 00:06: 2.0 TPM ....
I initially ordered mine without pureboot and wanted to try it out now. So I flashed pureboot and now I am unable to setup the TPM as all commands return “invalid tag”. Is it possible that non-pureboot ordered Librem 14s were shipped with TPM 2.0?
every now and then the ODM sends us a few L14’s that are flashed with a TPM 2.0 firmware instead of the correct 1.2. If a given L14 isn’t shipped with Pureboot, it may have slipped through. Support has a procedure to downgrade, so contact them and they’ll provide the files/instructions necessary