I'm starting to think that the security of all these "libre" devices is pathologically bad precisely because the engineers working on them are people who *don't* understand how security is engineered in more serious systems, and that's why they think they're scary and bad.
Conversation
Spend a bunch of time keeping blobs away from the main CPU, don't even hash them. RYF certified laptops with µCs running blobs with full DMA access. Shared memory scary even though it's behind a firewall, let's expose the entire USB attack surface to the baseband instead.
2
3
26
"Layered Security", don't even have an IOMMU. Libre all the things, no secureboot. Throw on an off the shelf eMMC, no firmware audit and no FDE by default, there's another blob with full system access.
1
2
23
Actually I see they do FDE by default now (as of a couple months ago), too bad no integrity and no secureboot so the eMMC can still just take over.
"Open TrustZone code!" which you aren't actually doing any interesting security features with. All key management in the OS.
1
1
15
Anti-rollback storage? Don't need that when there's no passcode unlock attempt limit at all. Brute force to your heart's content.
I thought they said this was for "regular users" who wouldn't use a 32-character passphrase to unlock their phone?
2
1
15
Their choice of SoC, cellular baseband, Wi-Fi baseband and other components is based on the warped view that having persistent firmware in components is somehow more open or freedom respecting than the OS being required to load the firmware which is more secure and transparent.
1
1
13
They mislead people into thinking that it's an open hardware device and ignore the many serious privacy and serious issues with their product. They spread tons of misinformation about other products and open source projects including GrapheneOS and have done substantial harm.
1
11
GrapheneOS has spent years since we started in 2014 looking for hardware partners interested in making private and secure devices rather than focusing on branding/marketing and producing something significantly worse than iPhone or Pixel which are still leagues ahead of everyone.
1
13
Purism's marketing deliberately misleads people with tons of weasel wording and outright false claims. They have a lot of people convinced they make open hardware or that they have open firmware. They offer something far less private and secure in many ways but cover it all up.
1
14
Purism and many companies with similarly misleading marketing have made it much harder for companies interested in producing more private, more secure and more open devices. It's a crowded space and yet very few people are actually trying to do these things instead of pretending.
1
13
Purism was never interested in addressing our concerns and making a device we could consider supporting. They did want us to lend them our branding so they could claim to be partnered with us without them actually doing anything. Their recent behavior has pretty telling too.
Sebastian Krzyszkowiak () and others take offense to us explaining to our users in detail why we can't support their hardware. We can't support hardware that's a huge step backwards for hardware and firmware security with a bunch of security features the OS requires missing.
1
12
has personally participated in libel and bullying targeting me in retaliation for explaining our reasoning within our community. Has repeated tried to frame me as a liar and jumped into ongoing bullying/harassment trying to push the baseless claim that I'm delusional/crazy.
1
8
Show replies