Librem 14 RAM Upgrade Trusted Suppliers/Vendors?

I’m looking for to upgrade from 32 to 64GB RAM. I believe current RAM is 2666mhz.
Who are the trusted suppliers Purism is using that are compatible ^^^?
How would I know they don’t have spy chips imbedded?

Spy chips in motherboards certainly exist, but in RAM?

Let experts correct me, but I don’t see how RAM could possibly send instructions to other computer components. RAM is designed to only receive instructions (to store data) and respond to requests to retrieve data. The physical interface would simply not be able to pass any instructions coming from any malicious chips in RAM to any other hardware.

1 Like

I hope you’re right. But one thing that has been proven true: If it can be done, they’ll do it.

RAM is a repository for data. If they can pipe that data to a network adaptor, or pass readonly data embedded in the chip to the hard drive, to be activated with some other binary attack… I can see how it might be possible.

The system has to interact with RAM. Who is to say that they can’t put a hidden processer in the RAM that injects malicious data over the top of the primary RAM->HD/CPU pipe?

I’m not a sparky… I can’t say what is technically possible. But if it is technically possible, we can assume it’s being done.

I’m not the expert, but let me correct you anyway in the name of long standing Internet tradition.
Only producer knows what is implemented on a ram chip. It has to implement ram functions, but it could implement something more. Like, for example, recognize that it holds a chunk of kernel code and inject something else, when that chunk of code is being accessed. Then the malicious code owns your system on a kernel level and all bets are off.

It is a long way though, from this paranoid hypothesis to the practical attack. Very hard to keep the RAM producer silent about it. Even harder to keep the RAM module from deconspiring itself (think a few hundred thousands of computers inexplicably communicating on the internet, without being told to do so, someone would notice - people run firewalls on standalone boxes). But yes, it could be done.


Well, in terms of practical, the shitbags that run the planet have unlimited resources.

And in terms of too many eyes on: It always amazes me how the slaves can dismiss this as normal:

If they can pull off that scam against humanity, then a RAM manufacture attack seems pretty trivial.

because that sort of attack is difficult/expensive, and easily detected if done at scale. So a Samsung 32GB sodimm ordered from Amazon will be fine. There effectively a zero chance of something purchased from a major retailer directly being infected/modified

Just to play the game a bit though: If you personally are already in someone’s sights then ordering online may expose you to an interdiction attack. In some respects you are better to go to a big city, pick a computer store at random and buy the RAM in store.

I think, in general, RAM is one of the components of a computer where trust is unavoidable !

I think I read that Intel has been doing some work with encrypted RAM - so that only the CPU sees the plaintext, and data is encrypted on store, and decrypted on load. That may mean that you don’t have to trust the RAM. That would need to be thought through carefully …

Putting on my tinfoil hat, a relatively obvious attack by RAM would be to mirror any data that is held on protected pages onto unprotected pages. So, for example, keys or passwords that are supposed to be secret would be less so. You might have to combine this with some other attack in order to exfiltrate the data but compromised RAM would help.

Along similar lines, many peripheral devices will directly access RAM. So while RAM might have difficulty actively doing much with your secrets, it could expose those secrets to such peripheral devices e.g. have them written to disk, where again, combined with another attack they may be able to be exfiltrated (or seized at a later date). This might be a practical attack against Full Disk Encryption.

Also, as @Dwaff says, just as the RAM can effectively alter any kernel code, if your operating system loads firmware into attached peripherals (PureOS aims not to do this but this topic is in General security & privacy chat so need not be strictly limited to PureOS) then bad RAM can effectively alter any such device’s firmware … and now things really are getting serious with a potential exfiltration mechanism. (May depend on whether firmware is signed.)

I don’t think any of these attacks (or all of these attacks) would be at all easy. They would require in-depth technical knowledge and would have a large one-off cost. (It is also likely that the attack would have to be tailored to each specific target, given the hardware and software dependencies.) So we can probably assume a state actor.

If your threat model realistically includes state actors then “maybe” but even then I think there are many simpler attacks available to state actors (like chopping you up into little pieces).

:+1: Me too.

1 Like

Supra-state: The NWO agenda is doing away with nation states.
How do you think they are going to pull that attack off? History will prove IME and spy-chip supply chain attacks will be an integral asset to pulling off that global scam they have on deck.

The more spy-chip free tech we can get out there, the better the chances the slaves have at survival.

Right now… well… they are sitting ducks with their spy devices. Lambs to the slaughter.

So the modus operandi of such a spy chip would be:

  1. Scan/analyze data being put into the RAM
  2. Upon detecting certain patterns of code in the data (which is likely to be then read and executed), patch that with malicious code.
  3. The code is read and executed. Profit.

Technically, that is certainly possible.

Now, I am not too sure it’s as straightforward as that. There are considerations:

  1. How often will the chip come across code that could be patched?
  2. How difficult is it to patch the code in such a way that it still does its original job and the spy job? Because, if it doesn’t do its original job, the tampering will surface quickly.
  3. Is it worth doing? Do the profits pay for the efforts and outweigh the risk of being caught?

The scheme would certainly make sense if a particular computer with known OS was targeted. Say, if I was determined to put a backdoor in your super-duper-secure machine you are building, I would put together some smart-ass RAM modules aimed at Qubes (or whatever you herald here you are running) and try to convince you to buy them.

Other than that, I just do not see how any RAM vendor could possibly find this worth even trying.

Besides, wouldn’t this spy RAM be obviously slower than either advertised or than competitors’ non-spying RAM, what with all the side operations going on?

If that NWO takes over, I imagine the first thing they’ll do is to turn off the internets, so we probably don’t have to worry about spy-chips in our computers.

You need to realize these spy-chip directives are not being initiated for profit. And they aren’t being initiated at the vendor level. Those are just pawns on the chessboard.

The chess-master is much higher.

And the agenda is absolute control. They’ve already stolen the worlds wealth via the central banking scam. They can steal at will. This is not about money. It’s about absolute control.

Your best bet of making it thru that and maintaining some sovereignty is going to be thru the dark web, dark markets, and private crypto currencies.

And that means you’re going to need spy-tech free tech to survive what is coming.

A reasonable question but do you think you would notice? If we are only talking about using the RAM to alter kernel code, it may only be necessary to compromise a limited part of the code hence there is the fixed small overhead across all memory accesses that relates to whether the compromise is activated and there is a significant overhead within the compromised code.

As an example of how this attack might work … if you have ECC RAM then the RAM is calculating the ECC as a function of the written data and doing so on the fly. Let’s say the RAM module knows the ECC for a code block that is to be detected. It compares the ECC against the target value each time it calculates the ECC. As soon as the target code is loaded off disk into RAM, the RAM module knows what to compromise. (Compromise may then involve altering the loaded code to jump off somewhere to perform the extra operations while also delivering the standard functionality. This should ensure that the read penalty for all other memory accesses is nothing.)

There will be false positives with the ECC value (because the ECC value is not unique to that code sequence and because the code sequence may occur elsewhere). That can be partly mitigated by choosing the code sequence that triggers the compromise so that the code sequence is the least frequently occurring in the target operating system’s kernel. In any case, a match on the ECC value then triggers a more comprehensive comparison to see whether this is the exact correct code to compromise.

The attacker would also need to be careful to trigger only when the real kernel code is being loaded from disk into the actual kernel code area, not just when it is being shuffled around in files e.g. not during install or upgrade (otherwise the compromise will be made permanent on disk and signature verification could fail).

This whole approach will likely fail if the kernel’s code changes so that the target sequence no longer occurs or no longer occurs in the relevant routine. It’s not as if you can easily then upgrade the compromise in the RAM module. Perhaps the RAM module reports error 0x42424242 if the ECC value is not detected within X seconds after power-on. You, the victim, contact your supplier and eventually they tell you “yes, faulty RAM module, we’ll have to replace it, under warranty of course”. :slight_smile:

Maybe they are all spying. :slight_smile:

I still don’t think this is the best attack for a well-resourced, highly sophisticated attacker. So nothing I have written here should be taken too seriously.

Hi! I have a Librem15 that I bought in 2019. I was interested in upgrading my 32GB RAM to 64G when I came across this topic. Would you be able to tell me if my motherboard supports 2 slots of 32G? And, what about the processor? Is it possible change it? Thanks!