Privacy without kill switches for cameras and microphone

Does anybody have suggestions to protect privacy on the Librem 11 for cameras and microphone becuase there are no kill switches?

It’s hard to believe the Purism has manufactured this device without kill switches. Very disappointing and troubling to say the least.

1 Like

It is OK it is for Linux-FOSS Peoples. :wink:

Well, if I had the Librem 11, I would heat the back to remove the adhesive, disassemble the Librem 11, then physically remove the camera module and microphone. Note that this procedure may void your warranty.

For the average consumer, you can toggle the camera or microphone on or off within the Settings app, provided that you trust PureOS.

1 Like

Thanks, that is a great suggestion and I would really be interested if anybody had removed the camera module and microphone and would share details on their experience in doing that. Does anyone know if OpenSnitch can be used to block the microphone and camera?

1 Like

OpenSnitch is a firewall that monitors network traffic; it is not designed for blocking any hardware devices.

All in due time, I am sure this will be a feature they will need to implement. In terms of what you can do, maybe you can look into something like this:

  1. If you don’t want to use mics and kill switches, just rmmod the modules for those devices and uninstall the packages that contain the modules. If you remove the kernel modules, the kernel has no way to use those devices.

  2. If you want to have an enable / disable kind of capability on your laptop, here is what you might consider:

a) The kernel uses modules for those devices. The kernel expects those modules to be in certain locations when it loads them up.

b) Because the kernel expects the modules to be in a certain location you can rmmod the modules from the kernel and move the modules to a new non-standard location. That way, even if someone wants to modprobe the modules back into the kernel, the kernel won’t be able to find it.

c) Create a script that gives you the following ability:

  • TURN ON / USE THE DEVICES - create a symlink to the modules from the location where the kernel expects the modules to be located and point them to your custom location for the modules. Modprobe the modules to load them, turn on the devices if you need to and you are good to go.

  • TURN OFF / STOP USING THE DEVICES - stop the devices, rmmod the modules from the kernel, delete the symlinks from above and you are now safe again.

You can create icons on your desktop or put shortcuts in your application menu for each of the functions if you don’t write a ui of some sort for that sort of thing. Super easy to do, tons of examples online.

The caveat here is that if you get owned at the root level, the bad guys can install the modules back in to the system and spy on you, so you might look into writing a script that runs periodically and checks if the modules are installed and sends you a notification of some sort. There are also a bunch of other tools that can help you keep an eye on the installed files on your system and send you notifications as well as look into using immutable distros or even something like Qubes OS that virtualizes every app or perhaps something like NixOS that has reproducible builds.

If you really want to do your security right, learn how to use SELinux security framework, it isn’t hard but it can be work to learn. Look for online training that can help you learn how to use it properly, it really is a great way to manage your system security profile.

While a hardware switch would be perfection, there are a huge amount of solutions available to you to customise your rig to your specifications. With the right combination of tools you can make it very difficult for someone to spy on you via those devices.

Probably when the Librem 11 v2 comes out.

Thanks sounds like my old sysadmin skills will pay off to do this. BTW have you identified the module names for camera & mic that you could share?

I think that using Qubes OS is almost as good as using the hardware kill switches, because it relies on hardware virtualization to isolate the devices.

I do not think it is anywhere near as good, as the hardware kill switches’ ability to physically disconnect the hardware’s power current cannot be internally bypassed by software, firmware, or hardware.

1 Like

In case of Qubes, only hardware could bypass it. And if you don’t trust it, you’re in trouble…

It is why I trust hardware kill switches more than most other tools at the moment, and learned about fortifying and defeating physical security after the pandemic.