Positive friendly mistrust

General security & privacy chat
#1

I really like the ideas and the idealism behind Purism and its products. I have a lot of respect for all of the people who help to build up this company and who help to fullfill its high ideals.

But also I mistrust Purism. It is a friendly positive mistrust and it is a deep form of respect for all the work that goes into Purisms products.

I’d go so far to say I owe Purism my mistrust, I owe them taking the responsibility to check on their products, ideas and technology.

Purism wants to give me back the control over my data and my computers. I became customer and without signing a contract I agreed to take back control.

Sounds easy, but in reality this is work to do on my side: If I’d blindly trust Purism I wouldn’t really take back control and thereby responsibility. To fullfill my side of the unwritten contract I have to understand the products, I have to evaluate risks that come with their usage and have to discuss my concerns. I have to take control actively.

Users of Purisms products need to help to improve the products and ideas by looking at them with a positive friendly mistrust. A sane mistrust that values all the work that already has been put into taking all the arguements for mistrust away.

A mistrust that is happily and openly communicated and discussed to help to improve products, documentation, technologies.

10 Likes
Understanding the PureOS default disk encryption (luks, cryptsetup) / possible security issue
Librem 13 v4 with librem key fails verification on first boot?
How to setup the Librem Key to decrypt storage with LUKS at boot time
PureOS won't boot after upgrade, boots with recovery
#2

Good philosophy. I may be on the same page. On my Friendica server, I had somebody join a thread of mine about waiting for the Librem 5. He was a bit of a wet blanket, but for justifiable cause. He sounded angry, but, you know, ASCII doesn’t really have tone, inflection, and volume.

He sounded mad when he called Purism liars because it wasn’t truly a free product because the modem runs off a proprietary “blob” (a word I learned about two weeks ago). I’m like, c’mon man :roll_eyes:, I can’t expect them to become a chip-maker for every detail. I quoted Sagan with that, to bake a pie from scratch you have to first create a universe, line. He had solid points, but I’m going with a pragmatic spirit of the law instead of a non-achievable letter of the law with this one.

2 Likes
#3

hear hear ! and that’s why “they” have a road-map in-place.

we probably need a separate one for the L5 - to have a clear picture - once it’s “out”

2 Likes
#4

“road-map” link earns a bookmark. :wink:

1 Like
#5

I’d like to emphasize this again: Having control inherently means having responsibility.

That leads to another interesting question: How do you get the education to take the responsibility?

I guess one does not need to know all and a lot of the responsibility-taking can be a group effort (like checking patches and processes), but in the end a user in control is responsible for her/his data and needs a basic insight in which risks are involved in what technique and action.

Purism gives the users the technology to take control. But who gives the average user the education to take responsibility?

3 Likes
System Slowed to a Crawl (caused by Brave Browser)
Any Purism experts in Colorado
#6

good question ! i would suggest that Purism as an SPC is equally qualified to provide both. most of it’s employees are spread around the globe so why not have a separate division to handle learning/education ? i don’t mean the certification type education (that is handled by others already) i mean something similar to what CGCOOKIE does with Blender training.

2 Likes