Purism vs the world

Hello,

I have read several posts on the forums and didn’t find any answering my question but if some exist please do not shoot me!

Since Purism is a USA-based company, how do you avoid or plan to avoid pression from your country’s secret services (NSA, FBI, CIA, …) which are known to pressure companies a lot in order to introduce backdoors both in hardware and software?

In a similar logic, since the hardware manufacture is done in China (or so I remember having read), and it is also known to introduce hardware backdoors, is there any process to certify it is backdoor free ?

I’m considering buying a Librem 5 (despite its very high price) because I have been waiting for an open and secure smartphone before owning one, and all other open smartphone alternatives have been aborted, but I remain a bit sceptical regarding this matter.

3 Likes

[ure]

You cannot avoid it really, but the warrant canary (well, the absence thereof) lets users know if a gag order occurred. If a gag order has not occurred but some other incident has, one has to trust Purism to tell users.

I wasn’t aware of this warrant, thank you!

It’s better than nothing, although it means one has to check by himself to ensure it has not been compromised (or maybe there is an existing automated process in their devices displaying a big security notice when the warrant has not been emitted ?).

But still, it doesn’t mean that they do actual verifications on the hardware to ensure that a backdoor has not been placed without them being notified.

I know it sounds totally paranoid but as these things are perfectly common (routers (as long as many products) made in China are backdoored), one could expect them to double-check and to communicate on it.