Well, I got my Librem 14 in the mail today. I am most excited. I took it out of the box and took it all in. Very nice and sleek, small enough for easy storage and yet large enough to do my work. It is perfect. Thank you Purism. Thank you very much!
I do have a question. I turned on the laptop and got it running, went through the OS config and put my passwords and all that in. Got into the main OS and made some changes to the appearence and network settings. I have not connected the devide to the Internet thus have not updated the OS or installed any packages. The only thing I did was turn on the machine and go through the walk through in setting up the OS for the first time. I changed the wallpaper too. I shut the lid, and opened it back up and the standby works perfectly. So I shut it down and put it away and went to the store.
I came back an hour later and put the groceries away and turned the laptop back on. I entered the USB Librem key and I got a red screen with ERROR: boot hash mismatch. States the following files failed verification /boot/initrd.img-5.9.0-1amd64
It says there could be a compromise and asks if I would like to update the checksums now?
Okay, so I have no idea what this means. Can anyone walk me thru this so I understand why this appeared and what I have to do to fix it?
I want to ask, is this normal? I have not updated any OS or bios but I did complete the OS install from fresh startup. Is that why I have to update the checksum?
I have a question. I have not yet updated the device OS or bios, or made any changes to the system. I want to securely and anonymously update the OS and anything else I would need to ensure a safe and secure system is installed. What do I do?
And I will then have to sign the keys again? Will this be the same process as before? I appreciate you all’s clarification.
My intention for the device is for work, investigative journalism and related: data analysis, light software development, and secure communications.
I not only want to learn how to do these things, but learn how to do them safely. thanks for any help!
The update of PureOS is as secure as it can be already out of box. You trust the source of packages.
I don’t know what is your concern about anonymity. Apt (the packaging system) does not send any unnecessary data. You could want to hide your IP address using Tor or some VPN.
You can try to use QubesOS, which is more focused on security and privacy.
But of course it is evident to your ISP and to the other three letter problems that you are updating PureOS and at a stretch what packages you have installed, so
This. Some three letter solutions.
There are many aspects to this. The simple ones are
You are using a secure connection to the PureOS repository (https: rather than http:).
I believe that apt will verify the signature on any downloads.
Okay cool. I have been putting in time to learn. My goal here is to use the computer for some hobby decentralized finance development and investing. I would love to avoid hackers and criminals and also the Governments that exist today that view people and Crypto a “target.”
You ever hear of a program called OAKSTAR or MONKEYROCKET? This is getting out of hand if you ask me, and for a lawful citizen who simply wants out of the pockets of corrupt institutions, I make it my duty to free myself as best I can.
thanks for any help!