Librem 14 firmware security

cubes · June 2, 2023, 9:42am

I’m not sure if this is the right place to discuss this. But since Librem 14 is supposed to be the most secure laptop, while I found that it may lack some common firmware security features, I think it may be worth mentioning these issues so that users know to mitigate these risks. And eventually, I hope the issues will get fixed or improved.

First I think Pureboot does a good job at detecting tampering against the operating system. But attacks against the firmware may render its protection useless. The following is based on my understanding of how things work. Please correct me if I am wrong.

Unimplemented SPI write protection:
Based on how EC and Pureboot are updated, it’s possible to modify the firmware from the operating system. As a result, malwares in operating system can infect the firmware. Measured boot can also be bypassed because the code for measured boot resides on SPI flash too.
Some firmware security feature is not enabled
For example, Early Boot DMA Protection is available from coreboot but is not enabled. There’s an option to enable this in Dasharo. I think it’s worth mentioning the users what features are enabled.
Documents on security features and security tests:
Without these documents, users are not aware of what is not protected and the risks. For example, based on 1), booting a malicious operating system bears the risk of infecting the firmware with malwares. It would be greate if Purism can also provide test results from security testing tools, for example Chipsec.

cubes · June 3, 2023, 12:43am

In short, Pureboot is as secure as the root account in the operating system. Once malware gains root access, it can get higher privilege and persistency by infecting the Pureboot firmware.

xvector · June 29, 2023, 1:29am

Even malware with root privileges can’t infect the Pureboot firmware if you flip the BIOS and EC write protection switch on the motherboard.

Edit: apparently this switch doesn’t work, and needs to be implemented in the firmware? Ouch.

FranklyFlawless · June 29, 2023, 2:23am

At the moment, PureBoot is used for tamper protection. It is assumed that you already have formulated a plan if there is a successful sophisticated attack against it.

xvector · June 29, 2023, 2:57am

Love this laptop, but Purism promised and implemented an EC/BIOS write protection switch explicitly to protect against this kind of attack. I don’t think it’s too much to ask that they follow through with making the switch work!

FranklyFlawless · June 22, 2024, 1:57am

@jonathon.hall

What do you think about these points?

CrimsonCube · June 24, 2024, 5:03am

Does the scope of that tamper detection include the detection of tampering with the firmware?

FranklyFlawless · June 24, 2024, 6:22am

Yes, see these resources for further details:

Note that I assume your definition of firmware in this case refers to Coreboot + Heads, which is the two-step boot firmware.

CrimsonCube · June 24, 2024, 6:17pm

Looks like you do need a librem key for this though right?

FranklyFlawless · June 25, 2024, 3:01am

Yes, at least in PureBoot’s current implementation, as it indicates firmware tampering using either a green or red LED from the Librem Key. Alternatively, a six digit pin can also be displayed using TOTP, but PureBoot does not utilize it.

CrimsonCube · June 25, 2024, 3:07am

Can Heads be used instead?

FranklyFlawless · June 25, 2024, 3:11am

PureBoot is based off Heads, with various changes made by Purism.