Purism enables interdiction

Mango · November 28, 2018, 5:20am

Purism doesn’t offer will call. From their ops:

“Hi [REDACTED],
We are shipping from San Francisco, California, United States. We do not offer an option for personal pickup.
Best regards”

It’s extremely common for customers to pick up high expense items like vehicles, computers, art or other items in person. It requires little to no added work for the company, and completely negates any interdiction concerns. I guarantee customers would travel from well out of state to receive their items. Purism has neglected to act on interdiction concerns:

I suggest that this is not an accident. I charge that a malicious actor within the company has snubbed out interdiction prevention each time it has come up, facilitating interdiction for their external ties. There is no need to compromise the entire company, only the 1-2% of products going out to people that actually matter, and leveraging existing interdiction logistics systems would be the best way to do this.

2disbetter · November 28, 2018, 5:59am

Do you actually belief this garbage?

Mango · November 29, 2018, 3:03am

Interdiction happens in bulk, but I doubt that’s the case for brown box shipments going out to individuals.

These people do not have limitless resources. They are not gods.

itay-grudev · November 29, 2018, 10:42am

Kyle Rankin was discussing making tamper evident BIOS verified by a Librem Key to verify the firmware hasn’t been tampered with while in transit. See the end of https://puri.sm/posts/the-librem-key-makes-tamper-detection-easy/.

Mango · December 9, 2018, 3:11am

You don’t need to modify firmware for effective interdiction…

itay-grudev · December 9, 2018, 3:23am

You mean Chinese style?

https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

Mango · December 11, 2018, 6:43am

Those can get by x-ray inspection, you wouldn’t need something as tiny or complex as that.

But yes.

itay-grudev · December 13, 2018, 6:36am

To be perfectly honest, I haven’t seen the “far side” of my Librem motherboard yet. There could be anything there.

johny · December 22, 2018, 5:54pm

My Librem came with the wrong SSD and 3 months later I was sent the right model, making me wonder if my laptop was not tempered with in the factory or after being shipped.

I feel like yes for a privacy and security oriented company this situation is not ideal.

rinokeros · March 25, 2019, 2:18pm

Can you elaborate a bit?

rinokeros · March 26, 2019, 6:40am

Ok, and what does your log show? You never received the key? The key will be shipped separately I suppose but could be indeterdicted as well? Did you contact orwl?