Why do Librem laptops ship with Manufacturing Mode enabled?

:man_facepalming:

:man_facepalming: :woman_facepalming: :man_facepalming: :woman_facepalming: :woman_facepalming: :man_facepalming: :man_facepalming: :man_facepalming:

Yes mr. fanboy, believe it or not CTOs have actual tech teams and are rarely coding stuff on their own.
Maybe you didn’t ever work in a larger place except your localhost, correct? :wink:
How nice is it to comment on a forum on topics you are completely incompetent about.

The decision here is behind @MrChromebox who is actually contributing and understands the issue.
I have nothing to add here, if you decide to ignore it, let’s see what they will think about Purism on
a real tech forum, let’s say Qubes mailing list.

S <> T ergo CSO <> CTO

Are you suggesting that it is better to have hardware now that cannot utilize the software that is a work in progress instead of hardware that will be able to take advantage of future changes? Neither approach is objectively better than the other (both have advantages and disadvantages) just trying to understand your thoughts.

As for the average person, the average person won’t ever upgrade the BIOS if there is a known bug so really any BIOS level security is for the more saavy person anyway. With that said, it seems to me the primary reason Manufacturing Mode is enabled is because the majority of people who care about the two paths forward, and are communicating about the topic, have expressed that this is the prefferred path to the long term goal of coreboot with Librem key.

Being in the current minority on this opinion does not make your opinion less valuable nor does it make either side more or less objectively correct. The long term plan has been communicated and the current path defined. You don’t agree, that’s ok. You’re proud of not being politically correct, that’s your prerogative.

Showing that coreboot without a Librem key doesn’t protect against something that coreboot + Librem key is being developed to resolve really doesn’t accomplish anything. Also to the best of my knowledge pureboot is available to be deployed to existing Librem systems as of February 25th.

1 Like

great ! @ any-paranoid-enough-people-out-there - procure yourself a hardware-flasher and THEN try and make the same anti-Purism-arguments as somebody here did.

I think you completely missed my point.
Don’t worry for my use case, I know how to reasonably protect my s**t.
I don’t report it because I don’t feel safe about the platform whatsoever.

The only reason I opened this issue is because over 90% of Purism users expect to have
a “secure by default” setup, without flashing the BIOS ever or even know what does it means.
So you kind of proving my point, it’s better to have a safe “default off” rather than an open “default on”
which the majority of users will not even care about.

Selling marketing fluff such as a secure laptop that respects your privacy, while you have a huge hole
in the default setup is what seems dishonest to me. There is no even a single disclaimer about it,
and while Pureboot can defend against it in the future (if the flash wasn’t tampered with before), this
is not the default case. How many laptop owners have Heads/Pureboot out of the box? Zero.
It’s a beta project that requires additional steps, hardware (librem key), knowledge and courage (hello Apple’s headphone jack) to install.

Can we effectively say that no Librem laptop ships with secure by default (Librem key+Heads) by default?
This is exactly it. While it’s a nice roadmap project, how about all the current users, they have to be exposed
because of some decision? Well at least someone has to say loudly that there is an elephant in the room.

It is just so embarrassing to see how you don’t even pick up the simplest facts, like who you are actually talking to. It just happens to be more obvious here than in the rest of the thread.
You don’t even pick it up, when it is literally spoon-fed to you.

The CTO of Purism is literally the person who - in person - makes the schematics of the phone.
The CSO of Purism is literally the person who - in person - integrates heads, and prove it to you with that link you didn’t click, which is a repeating pattern with you and your kind.

Maybe. But also maybe I became a paid dev before you grew a beard.
In the company I work, the CTO and the CSO don’t code anymore (but I remember when they did).
Why? Because they have several hundred more devs below them than Kyle has.
(and seriously, I don’t care if you buy it)

You know, I was wondering for a while whether LibreBoot hired a paid FUD troll, but now you convinced me that even they have more class than calling a human being BS.

2 Likes

The most tiring thing here are your distractions.

Oh snap, I have no clue what I was talking about :sunglasses:
But you know, I can admit I was wrong. You should try it once.

Meanwhile you back-pedaled to the local-only attack vector, so basically nothing changed since #4

I always found this somewhat amusing, because I can hardly think of a freedom that is not two-edged.
Just think of the freedom that allows people to treat others like shit on this forum.
It easily causes more harm than open ManagementMode.

1 Like

be quiet ! cyborgs don’t treat others like shit because the only sword they have LEFT is a condom.

This thread has gotten way off topic, to the point to where I’m not even sure what the original question/potential vulnerability being discussed was, so let me clarify a few things:

  • The ME manufacturing mode (MM) vulnerabilities described in Positive Technologies’ blog post are not accessible on a device with a neutered/disabled ME (ie, all Purism Librem laptops). In order to exploit them on a device with a neutered ME, one would first need to flash a firmware image with a functional ME and reboot the device. At that point, an attacker would already have persistence via malicious firmware, and the ME-MM vulnerabilities wouldn’t present any real additional danger to the user, given the level of persistence the attacker already has.

  • In order to mitigate that possibility, Purism is focused on improving our beta PureBoot firmware, which provides tamper resistance/detection, and delivering it to all current/future Librem laptops.

  • Locking the Intel flash descriptor (IFD) as was suggested here could prevent changes to the ME firmware / prevent the ME from being re-enabled without the use of an external flash programmer, at the cost of reduced flexibility for future updates. That’s a trade-off we don’t feel is worth it

  • Restricting firmware updates to those signed by Purism has also been floated, and that’s a non-starter, for obvious reasons.

Obviously, the freedom for users to run their own firmware (or any non-Purism firmware) has some security implications, which we are working to mitigate in a way that doesn’t infringe on the freedom users expect from a Librem device. We’re happy to communicate our decisions/thinking when questions are asked in reasonable manner.

@Kyle_Rankin, hopefully I haven’t misstated anything here :slight_smile:

9 Likes

And with this said, this thread needs locking up and forgetting about.

6 Likes