Disclaimer: I don’t have a Librem yet (I plan on getting one soon), and I have no experience with coreboot, gpg, or a tpm.
If I boot up with the Librem key, and notice that
/boot files have been tampered, but the firmware is fine, it should be a simple matter to boot a (trusted) live distro, mount root (which I assume is encrypted), and regenerate boot files.
But if the firmware isn’t trusted, what do I do? I don’t have another machine I really trust to flash it, and I’m too poor to buy a new one, so I can only work with the tampered machine. I can’t trust either the installed OS or any live OS. I could use pureboot to try a factory reset or to flash a firmware image from a usb drive. But if these require pureboot, which is now tampered, I can’t trust the results.
Are there any solutions to tampered firmware that are feasible for someone with few resources?
Did you ask the question about your actual computer? No, probably not, because there is no easy way to know whether someone changed your firmware.
I’d say you need to decide first whether you want to be able to detect that your firmware had been tampered with. And if you answer that with “yes” you’ll go for it.
And then - if ever - you run into the situation that you’ve really been targeted by such a complicated attack you’ll react to that knowledge according to your circumstances at that time.
I’d say you need not to bother about your question, now, because you do not know what trusted help and options you’ll have if ever you’ll really suspect somewhere changed your firmware.
I have a cool idea. What if I got a Blue Pill or some other small, programmable device, then put a firmware image on it and the code to flash the firmware with it. Then, if the firmware is tampered, I could shut down the computer, take the motherboard, attach the Blue Pill, and flash the good image.
Any thoughts? Are there more appropriate devices than a Blue Pill, because that’s the only thing I know of.
If you order the Librem 14, it has a physical switch to prevent the firmware from being changed, so you don’t have to worry about it.
For older Librem models, you have to reflash the firmware.
ChriChri, isn’t one of the functions of the Librem Key to determine if firmware has been tampered with?
amosbatto, wouldn’t a physically present attacker be able to flip the switch?
I found a link to PureBoot factory reset, but I haven’t found any other documentation on it. The factory reset seems like a good way to fix tampered firmware, except I don’t know how it works. Therefore, I don’t know how resistant it is to tampering.
In essence, I wonder if detecting tampered firmware is useful (as in fixable) for the average poor man. I understand that I personally have no need to worry, especially about physical attacks, but I still want to know if I can reasonably protect against it.
Of course, but it avoids any remote attacks and it makes a physically-present attack a little bit more time-consuming and hence more likely to be caught in the act.
I assume that this is going to be a DIP switch on the motherboard, so your hacker would have to know something about the Librem 14 to even know that it exists. You can paint glitter nail polish on the screws of your Librem 14, to know whether anyone has opened the case. You can also paint glitter nail polish on the DIP switch itself. If you have photos of the glitter nail polish covering the screws, you can check whether anyone has changed the nail polish because the glitter patterns should be unique and impossible to replicate.
All of this strikes me as extremely unlikely, because a cracker would have to change the code of PureBoot+Heads, which is only sold with devices made by Purism and changes to PureBoot can be detected by the Librem Key. Heads itself is only compatible with a couple Thinkpad models. As far as I know, Purism is the only company that even sells devices with Heads preinstalled.
Maybe the cracker has figured out an attack for Coreboot (which is only sold on a couple million devices per year), which also pertains to PureBoot, but all the Chromebooks with Coreboot preinstalled have a signed UEFI, which would be very hard to crack, so I don’t see why a cracker would bother focusing on Coreboot. There are much easier targets in the world. It would take a very specialized espionage group to target the firmware in Librem laptops.
Exactly. My point is that thinking black or white might not help you. If you will be able to detect firmware tampering at some point in the future and you couldn’t do that until now, you’ll already have improved you situation a lot (if you think that it might help you somehow ).
What you’re asking for in your original post is the next step after that: What happens if…
Make the first step first.
If - and only in the unlikely event that it really happens - your firmware gets tampered with you’ll have to decide according to your then actual circumstances and possibilities how to deal with the situation.
You do not know the future. You do not know whether that big ‘if’ will happen and you do not know your situation when that big ‘if’ might happen.
Be prepared mentally if you need to, make friends, have a network if you put yourself in a position that someone might take the burden to really try to intrude your hardware in that unlikely way. Constantly evaluate your actual options to react to security problems.
I’d say for such a situation you cannot have a fixed plan you need to be prepared to handle it.
As @amosbatto already wrote: the event is really unlikely and if you thing it is likely for you you should reevaluate the risk you take for whatever your doing to maybe get the resources to handle such situations.
To add to what has already been written … if someone opening up the case and flipping a switch to allow reflashing is a realistic aspect of your threat model then you should probably reconsider ever leaving your laptop unattended i.e. ever letting it leave your custody.
The physical switch is there to stop the amateurs.