Yeah, well I buy my smartphones on mars. My phone only has martian back doors.
So I win.
1 Like
Just finished a game of Terraforming Mars. United Nations Mars Initiative came first, Inventrix Corp. came last.
This is a surprisingly common misconception. I often see statements along these lines from folks in Europe who believe that the powers of US intelligence somehow is unlimited in the US and constrained in Europe, when the opposite is true.
One of the few legal constraints the NSA does happen to have is with respect to actions within the US to US citizens. While you can certainly point to plenty in the Snowden disclosures that show these restrictions have been flouted for mass surveillance in some cases (PRISM), or sometimes even for more trivial targeted surveillance (LOVEINT), the point still stands that a US company (such as ourselves) could legally fight an attempt to backdoor devices (just like other US companies have fought and won lawsuits against National Security Letters). A discovery that the NSA had actively tried to backdoor hardware of a US company within their facility covertly would be a huge news story, given our largely US customer base. A company based in another country would have no such recourse as the NSA is free to compromise foreign hosts with no restrictions.
Regardless, this is why itâs important that devices run free software thatâs reproducibly built so customers can audit, build, and reinstall the software on their systems, why we continue to work to free the firmware used in our systems, and why itâs such a big deal that we are making the Librem 5 USA PCBA in the US right next to where we assemble and ship it. This allows us to oversee that whole process with a chain of custody starting with a blank, unpopulated PCBA, to a working PCBA, to an assembled phone, to a phone thatâs tested, boxed, and ready to ship. We also offer additional anti-interdiction services for customers with interdiction concerns.
As time progresses we will continue to tighten up this process even further as we get more capabilities. In the mean time, donât fall for the myth that the NSA has free rein over US companies but is powerless abroad.
16 Likes
[âŚ] folks in Europe who believe that the powers of US intelligence somehow is unlimited in the US and constrained in Europe [âŚ]
Well, actually folks in Europe might know about the balance between US homeland security and US citizenâs freedoms, but might not want to trust any US agency which has no obligations against them. Any national institution acts interpreting in some way the interest of their nationâs citizens.
A company based in another country would have no such recourse as the NSA is free to compromise foreign hosts with no restrictions.
Once in another country, the actions of US agencies must be weighed against actions of that countriesâ agencies. I do not believe that, in general, an US agency might act more freely abroad than at home.
donât fall for the myth that the NSA has free rein over US companies but is powerless abroad.
Will not.
[Typo edit]
1 Like
This depends greatly on the agency. The NSA and CIA for instance will both act more freely abroad as that is where they are intended to operate. Each agency has its own function and limitations so it is important to consider the context when assessing whether an agency is more likely to operate in a given locale.
The NSA and CIA for instance will both act more freely abroad as that is where they are intended to operate.
You are not considering that NSA or CIA are not acting inside of a vacuum, and are not bound only by the constraints of their own national laws.
I rewrite my thought: I do not believe that, in general, an US agency might be able to act more freely abroad than at home, due to various known and unknown constraints.
Doesnât all of this assume that these three letter agencies are actually acting within the laws? And also that either US and/or foreign companies and foreign governments are not cooperating willingly with these agencies for under the table payments of large sums of money?
1 Like
Why would anyone think that the NSA is the only danger? Many countries have similar capabilities with similar goals. They all represent some kind of risk everywhere in the world - although quantifying that risk depends in part on understanding which agencies, if any, are likely to be targeting you.
Good point, the original context was that of NSA obligating backdoors and since then weâve had a bit of scope creep.
The threat of all devices having backdoors due to a mandate is very different, and non-existent in this context, than the threat of a targeted act by any agency of any country.
See also:
Of course you are right that the NSA is not the only danger, but they are the main danger because they are by far the biggest and have by far the most resources. I donât think any other country has comparable capabilities.
The Snowden material revealed that in 2013, NSA paid no attention to laws protecting US citizensâ privacy. Since then, the law has changed slightly, but the NSA probably hasnât. Besides, ânational securityâ is a great excuse. Just invoking the phrase ânational securityâ may be sufficient to get around US laws supposedly protecting citizensâ privacy. Besides, violations never come to light unless a whistleblower exposes them, and weâve seen what happens to whistleblowers.
4 Likes
As as a U.S. company, take heart in the fact that U.S. corporations are considered âU.S. Personsâ. Which means if we go back to pre 9-11 modus operandi, it is some other agancyâs job to collect intel on pure.sm.
Odd though, the two letter domain of â.smâ implies this is in San Marino; a little landlocked country inside of Italy⌠wonder if the U.S. person exception occurs if this traffic is considered going out of the U.S. and back?
2 Likes
Thou takest my humour too seriously.
The Register mentions the Librem 5 USA in their security news roundup: https://www.theregister.com/2021/06/07/in_brief_security/
5 Likes
At least in the US you can fight against NSA in the courts unlike in China. The only reasonable alternative phone would be Fairphone then, but itâs full of proprietary blobs and therefore should be less trusted.
The Librem 5 USA is âNow Shippingâ and will be available in 6 to 8 weeks. Not sure what âNow Shippingâ means when it is available in 6 to 8 weeks? I think it is again playing with words.
Or maybe it means, it will arrive after about 1.5 to 2 months once Purism ships it. But it is kind of funny to read, âNow Shippingâ and will reach you after 2 months. That would be the slowest shipping method 
3 Likes
Iâm curious too, is there additional final assembly that needs to be done before shipping? Testing? Something that would take 5-6 weeks, and THEN shipping the phone?
Or maybe new orders will be shipped in 6 - 8 weeks 
And current orders are being processed now.
2 Likes