I had an idea that I thought may be worth considering - What if Purism sealed the boxes using some sort of unique paint / multi-candle wax seals to ensure that the boxes haven’t been tampered with en voyage? Perhaps taking a photo of said seal and sending a digital copy via encrypted email to them, presumably for an extra fee of course. I think it’d provide peace of mind to a lot of customers.
I was thinking the same thing. After watching Jacob Abbelbaums talks this seems very important, I got my librem 15 today and there was no seal whatsoever… concerning…
I am eager to see more about this box sealing/interdiction prevention process. This is probably the only thing preventing me from buying a Librem laptop.
This video shows that the CIA has been known to take packages of electronics after they’re shipped, plants malware on the device inside and then forwards the package on to you. (30:35 of video explains this process)
How can Purism prevent this? What packaging can fool proof this method of attack?
I’m thinking of holographic seal tapes for the future (and maybe there could be some sort of holographic tape that changes if it gets attacked by a hair dryer?), in addition to having pictures of the motherboard taken before shipment… Other ideas?
I’m thinking of holographic seal tapes for the future (and maybe there could be some sort of holographic tape that changes if it gets attacked by a hair dryer?), in addition to having pictures of the motherboard taken before shipment… Other ideas?
I like where both ideas are going. If the package snatcher’s intentions are to put malicious code on the computer, at the lowest levels, then a picture won’t show that.
Is there a way to display some sort of “last time booted up” message or something similar? Is that a BIOS feature that could even be implemented?
Then you could at least know with time stamping and package tracking information when it booted up last.
How about shipping the battery and power charger separate, a few days apart?
holographic seal tape can be defeated by using a syringe to inject acetone just under its surface, temporarily disabling the adhesive. after the attacker is done, they just put it back.
purism makes laptop signing key, fingerprints available on puri.sm, github, keybase, and business cards.
glittery nail polish over the screwholes. this is discussed on several sites.
signed picture of nail polish emailed to user and available by user login.
the glitter pattern is random and very difficult to reproduce.
one problem is blink testing, taking your own picture and overlaying to spot differences, is also difficult. you cant put your camera in the same place, have the same settings, and lighting that the factory did. the only way i can think of around this is a few pics, or maybe a short animation showing a few different angles, and having the user visually inspect that the pattern is close enough. it should still be difficult or time consuming for the attacker to make a close pattern. a well funded adversary could have the resources to build a custom glitter sprayer, so this may not deter a nation state.
The other topic is closed, but I worked in cyber for the gov’t and I know for a fact that many, many, servers, new from the manufacturer, have chips replaced and additional functionality has been added to those chips. Same with laptops, desktops, phones, you name it. My last investigation before I retired was a nasty one ad no information was available for… at least not unclassified information. The EPO server was the primary target and before they took it away I compared it to valid schematics of the server and it was not kosher. Not even close.
First of the reason why opensource is advocated in security therms is that you can check it. The same should work with hardware no? If you publish the schematics, you should be able to check if all the components are as they should be. that should work too no?
The second thing, would be to check the firmware. So maybe the way to go is to create a tool to check if nothing has been tempered with that side maybe by doing checksum on the firemware, installed coreboot, check if there is any additional hardware or stuff like that…
What about dispatching the laptops in “kit” form, like a kit house… ?
Post some parts (top and bottom aluminum cases and charger, and perhaps the SSD drive. A week later post the mother board WITHOUT the parts you already posted like the SSD Drive or such… and we assemble once all parts are received. So it can not be booted in transit, and shows on paperwork as PC “parts” NOT a PC… ? Or do they NOT need to boot it up to install their malware… ???
I have two laptops on order with you but what is the point if they will be compromised as they leave Purism / USA, before they arrive in my country… ? If I were them, targeting all laptops from a company like Purism would be a good idea… obviously someone ordering a Purism laptop is a much more “interesting” target
It does not literally have to be nail-polish, it could be easy-to-clean; it just has to survive non-tamper shipping but absolutely not survive any tampering (of course, TLA could formulate their own and replace it, but the glitter arrangement would be different.