Hacker News new | past | comments | ask | show | jobs | submit login
Purism – Privacy-Respecting Laptops (puri.sm)
178 points by monort on July 19, 2015 | hide | past | favorite | 104 comments

I'm pointing out that these laptops are no more free then any other laptop out there. It's just an average laptop shipping a Linux distro.

These guys won't be able to get the binary blobs from neither Intel nor Nvidia released, this have been pointed out many times before from several places.

They are even kind enough to mention it themself: https://puri.sm/posts/purism-software-freedom-deconstructed/



The money quote from the linked coreboot blog post is:

   Laptops with libre operating systems have existed for  
   decades. The only real innovators in this area have been 
   Google and GluGlug. Google ships partially free  
   firmware, although insufficiently libre to be able to 
   provide the “respect your privacy” guarantee. GluGlug 
   can make this claim, and it ships laptops with fully 
   libre firmware. The downside of GluGlug is that it’s an  
   aftermarket add-on. GluGlug and Google have been in 
   business far longer than Purism. So, what has Purism    
   brought in that’s new and exciting and libre? Nothing.
The content of the post is disputed in the comments by someone who claims to be a "volunteer of Purism project":

   Purism is actively working on porting coreboot to Librem15 with 
   some coreboot developer(s). @mrnuke is more than welcome to join 
   the effort :) There, that's the truth about Purism.

I think the money quote from a comment is

  Purism’s Librem 15 will ship with an Intel CPU fused to **run unsigned BIOS** code
This is apparently the first time a laptop is (almost) available with a recent Intel cpu where this is the case. This is needed for an attempt to port coreboot to be possible.

Original claim here: https://puri.sm/posts/pioneering-cpu-efforts-to-liberate-lap...

That claim only deals with Haswell since before that, there was no fuse to prevent running unsigned BIOS code (also known as Intel Boot Guard).

Since there are Haswell Chromebooks, there are devices on the market that also provide this feature.

The limitation for libreboot devices using recent Intel chips is the ME firmware which is always signed, but not on the CPU and not BIOS code. So the statement is technically correct - through some _very_ careful choice of words.

Not to discredit this product, but I'm having a harder and harder time trusting products that feature high security. They seem like trojan horses. I think I'm probably just being paranoid - is there a trustworthy independent third-party of some sort that verifies just how private these types of products are?

Edit: to be clear this is most likely an awesome product put out by people who care about security and privacy. I'm not trying to call this product out specifically. Privacy / security are really bold claims and without any specific regulations in the area that I'm aware of I feel extra cautious around anything claiming to provide those things. Like I said, I'm probably just being paranoid, but I like to think strategically, and if i were to be a spy agency of any sort and thought I could get away with it, selling a not-so-private privacy product would definitely be a move of mine.

> without any specific regulations in the area

What regulations, issued by which authority, would you trust?

The Purism claims are relevatively small (e.g. camera/microphone hardware switch can be verified by a motherboard inspection) and are an incremental move in a positive direction.

What we need are more competitors to Purism.

I'd recommend getting an old thinkpad or macbook compatible with libreboot (http://www.libreboot.org/) which is apporved by FSF and only runs free software in the bootloader/BIOS. Purism, on the other hand, uses a proprietary bootloader, as well as proprietary BIOS, as well as proprietary code for Intel FSP, Intel ME, Intel VBIOS, and Intel CPU microcode updates.

At user request, the Intel i7 CPU in the Purism 15 was chosen to include VT-d support (needed for Qubes security, which isolates the GPU to a single driver VM) and to exclude support for the black box Intel ME hardware (vPro).

In contrast, on virtually every mainstream laptop with VT-d, you are forced to use a CPU which includes Intel ME/vPro support.


ME is in the chipset and not the CPU[1][2]. Chances are the silicon for it is there and working, but Intel doesn't officially "support" ME with that chipset+CPU combination and supplies firmware that doesn't use it. It doesn't necessarily mean there is no ME capability that could be exploited.

IMHO "support" has become a bit of a weasel-word today, meaning everything from "it's physically impossible because the hardware doesn't even have the circuitry" to "it's all there and functional, but we just don't want you to use it". In between are things like disabled via undocumented hardware jumpers or software settings (remember how certain AMD CPUs could have extra cores "unlocked"? Same principle.) The older models without ME are the former, but I'm almost willing to bet that the latter is the case of the newer CPUs and chipsets.

[1] https://ruxconbreakpoint.com/assets/2014/slides/bpx-Breakpoi...

[2] http://recon.cx/2014/slides/Recon%202014%20Skochinsky.pdf

Thanks for the links.

It will be good to run some tests against the Purism 15 motherboard, at least to evaluate the dormancy/presence of the Intel ME via publicly known interfaces.

It's still a step in the right direction to be able to buy a laptop with a CPU that "does not support" the Intel ME, because it will permit some testing of the Intel claim. It also helps that Purism is using non-Intel components for wired and wifi networks, since Intel ME/AMT/vPro requires Intel networking.

> It will be good to run some tests against the Purism 15 motherboard, at least to evaluate the dormancy/presence of the Intel ME via publicly known interfaces.

The ME is required to be able to boot contemporary Intel devices. It's required to do power management for years. There is no way they ship a device with Intel CPUs and no ME.

What they can do is ship a system without the AMT/vPro features that are implemented in ME firmware. The difference being if the firmware for that part of the chipset is 2MB or 6MB. If you want to know what Intel requires 2MB of firmware for a chip that isn't supposed to be very active, I have no idea either.

But given that the 6MB firmware supports intercepting USB (for keyboard and mouse) and the GPU to route them over the network interface for the soft-KVM feature, be aware that the chip has these capabilities in hardware, no matter the firmware. It just doesn't use them (or so Intel claims).

An interesting distributed project would be Intel ME honeypots connected to the Internet by transparent hardware firewalls with full packet capture.

interesting thanks for the link

I'm pretty put off that I spent 5 minutes digging around on their site and couldn't find one of those claims. All I saw was "Everyone is trying to steal your private datas, but for a large markup we can make you secure."

actually, those claims they made during crowdsupply phase have not been incorporated into final design. See http://www.reddit.com/r/linux/comments/3anjgm/on_the_librem_...

To follow up: the crowdsourced page does indeed make a large number of claims which at least make this sound like a very secure and privacy ensuring device. When I mentioned regulations, I was thinking along the lines of ad companies in the US. For example, an ad for a sleeping pill wouldn't be allowed to outright claim to put you to sleep if the pill didn't work... unless that pill was labeled under homeopathic medicine, then all bets are off because homeopathic "medicine" is unregulated (or was the last time I checked).

New (and also old) privacy focused companies remind me of homeopathic medicine.

This old blog post has some info about BIOS and firmware, https://puri.sm/posts/bios-freedom-status/ . We need more OEMs to publish similar lists and begin moving the incremental needle towards transparency, rather than claiming an opaque supply chain of black box components.

None actually. edit: something like the EFF perhaps but even then you're just trusting the skills of whoever volunteers for / gets paid by them.

It certainly would be interesting if NSA started intercepting and implanting these products à la Cisco ;)

"is there a trustworthy independent third-party of some sort that verifies just how private these types of products are?"


Am I the only who thinks that it's way too expensive for what it offers? I mean a U i7 processor, 4GB of ram and a 500GB HDD for $1800+. It sounds insane to me (I'm still a college student so my perspective might be skewed a bit)

EDIT: Can anyone explain how they manage to max the memory to 32GB when the intel ark page[1] for that processor says that the maximum it supports is 16GB?

[1]: http://ark.intel.com/products/84993/Intel-Core-i7-5557U-Proc...

I totally agree. I like all the specs except for the price. Cut in in half and maybe you might have something decent. Otherwise, I can just turn off the wifi, tape a sticky note to my camera, and install Linux myself, thank you.

Hopefully mainstream manufacturers will adopt some specs, e.g. Thinkpad Retro, http://blog.lenovo.com/en/blog/retro-thinkpad-survey-2-displ...

Interesting to see how people overwhelmingly chose 7-row and other traditional ThinkPad designs. Despite having implemented their new design changes for a few generations, few people are really loving their changes.

Somewhere on their blog, they noted that the new layouts "didn't take too long to get used to". In other words, they were changing things purely to satisfy some poor design sense, not to benefit customers.

I spent over 2 grand on the X201, yet a new X250 is about $1000 with a reasonable config. I wonder if they're leaving money on the table by not offering better options, or if people like me are just a strange anomaly that's worth ignoring.

It sounds like the Retro is aiming squarely at that classic, premium segment who know what they want.

Re: 32GB memory:


> After our last update regarding Intel’s physical 16GB memory maximum for 5th Generation CPUs, we heard from a backer that Intelligent Memory can run 32GB even though the specification states 16GB! This was corroborated by both PCWorld (...) and our direct contact at Intelligent Memory this morning.

Of course it's expensive! Laptops are high volume, low margin products that carry a lot of inventory risk (such as component price drops.)

Doing anything extra, in low volume, will raise the price a lot.

Thin and light laptops have always been more expensive than boat-anchor laptops. On top of that, you always pay a premium for a device that's higher-end than consumer class. And you're paying a premium for a lower-volume device.

> way too expensive for what it offers

It mainly offers privacy, I'd assume. Besides, target customers may be commercial intelligence agencies, those who can conduct "detective" work for commercial companies. It sometimes implies discrediting a competitor's work, enquiring about their products, etc. It's plain gray-zone job, but there are thousands of employees in this domain.

$800 of parts, $1000 of non-recurring-expenditure in developing the PCB and casework.

I agree. Currently writing this from an i5, 4gb ram, SSD asus zenbook from 2 years ago, which I bought for $750. The form factor and hardware are almost identical to the 13" laptop here. :\

Those specs have probably been written assuming max. 2 memory slots, max. 8GB in each, rather than stating some kind of absolute engineering limit in the CPU itself. 16GB SO-DIMMs are very recent and only available from a single vendor, but I have seen reports of them working at least on Broadwell CPUs with just a single memory slot.

The irony of promoting a "Privacy-Respecting Laptop" with a website that uses Google Analytics...

I like the marketed focus of these laptops. However, because I dislike deceptive marketing I don't like Purism. They present their laptops as extraordinaly open when they are in fact no different than a lot of other laptops on the market regarding openness. All I see in them is the addition of a hardware switch and the installation and configuration of trisquel.

The only company I know of which sells considerably more open laptops than the competition is Minifree Ltd[1]. They have the RYF certification from the FSF. Still, there is non-free code running in the devices as a system — think hdd firmware — but the advances they’ve made are substantial.

[1] http://shop.gluglug.org.uk/

> All I see in them is the addition of a hardware switch and the installation and configuration of trisquel.

I'm not aware of any major commercial computer with a FOSS BIOS or a hardware RF killer for the wireless parts.

First, the purism laptops have no foss bios.

    The Librem PCH X99 uses [the Intel Management Engine blob]
    and the board will not boot without the blob.[1]
Second, the laptops sold by Minifree Ltd have a foss bios.

Fun fact: Purism even links to me.bios.io[1], which contains this little gem

    there is a little man inside your pc... and his thing is bigger
    than yours. Your wife knows this.[2]
about the Management Engine.

[1] https://puri.sm/posts/bios-freedom-status/

[2] http://me.bios.io/ME:Introduction

Any modern Intel computer needs the Intel ME. It is a harmful opaque binary but the only ways to get around it is to a) use an ancient chipset (i.e. GlugGlugs x60s) or b) use a different processor like ARM.

I dislike Purism in that they say things like "Purism OS" rather than Linux / Trisequel, but if they do ship a coreboot bios laptop running Trisequel (Trisequel is just Ubuntu stripped of non free kernel components) then I believe it will be the most free Intel laptop with a modern chipset available.

    it will be the most free Intel laptop with a modern chipset available.
How will it be any more free than the laptops listed here[1]?

    Any modern Intel computer needs the Intel ME.
My reaction to that is to evade modern Intel like the pest. I wonder if I’ve enough company in this reaction to be noticeable for the people at Intel who listen to money.

[1] http://www.coreboot.org/Supported_Motherboards#Laptops

For one thing, Intel Boot Guard is disabled unlike many other modern Intel laptops, allowing you to modify the firmware in the first place. I think this is more important than being "100% FOSS" or the like.

All the laptops that can run coreboot also have no Intel Boot Guard or equivalent function, which couldn’t be disabled by the user.

I remain with the conclusion that Purisms marketing is deceptive, borderline lying.

Yes, my point is that the only modern Intel alternative I know of without Boot Guard is Chromebooks.

Or AMD? (I don't know the state of AMD firmware/microcode - but they do at least still offer amd64-compatible CPUs that are not Intel).

Since Kaveri AMD started building in the "Platform Security Processor". That's an ARM core that provides Trust Zone feature (ie. "make Hollywood trust your computer, despite you, the user"). Its code is signed as well.

About the same time they also stopped releasing source code for hardware initialization.

So along that axis they're not significantly better or worse than Intel nowadays. (I guess you can get by with a smaller firmware, and they allow redistribution, which are both nice, but not very relevant for freedom or security purposes)

My Thinkpad x201 has an hardware switch for turning wireless on/off, though I can't tell if it actually cuts the power or just tells the module to disable itself.

Usually this is a signal to the miniPCI card (it has its dedicated pin) but there is no requirement for the card to listen to it.

They don't have a FOSS BIOS. Read the reddit thread in the comments here.

It's an intriguing idea, and I'm glad someone is doing it. However, I suspect they would do better to separate the hardware products from the software.

I would happily buy a laptop with a good hardware spec that came with Windows without the junkware and with physical switches to disable all the sensors and transmitters. That would be a significant improvement on the things available to me today, and I would be willing to pay a modest premium for it. (These devices do already look quite expensive given their specs.)

However, by taking this pure stance on the software side as well, it runs headlong into the same thing that keeps most people out of FSF world: you buy a computer for the software you can run on it, and the software you get that way simply isn't as good in many cases as what you can get on Windows or OS X.

Here's an obvious example. I can buy a new Windows PC and probably watch the Blu-Ray I bought while I was out by (a) inserting the disc, and (b) pressing play. In contrast, the site here explains in great detail how installing software on Linux to watch a DVD is likely to be illegal in many places and they aren't going to supply the software themselves for that reason. Which of these is going to give a better user experience?

I wish them luck, because their goal is a noble one even if I'm not personally willing to give up the useful capabilities of mainstream software to go as far as they do. I hope they at least inspire more hardware companies to install physical switches to prevent abuse of the ever-increasing numbers of sensors and transmitters on these mobile devices, and inspire the likes of Microsoft to provide better controls over what software running on their platform can do.

> However, by taking this pure stance on the software side as well, it runs headlong into the same thing that keeps most people out of FSF world: you buy a computer for the software you can run on it, and the software you get that way simply isn't as good in many cases as what you can get on Windows or OS X.

I've been running Linux for over fifteen years, and I beg to differ: free software is almost always preferable.

> In contrast, the site here explains in great detail how installing software on Linux to watch a DVD is likely to be illegal in many places

That's simply an unfortunate fact of living under repressive regimes which try to forbid one from playing the DVDs one has bought; it's certainly not their fault.

I've been running Linux for over fifteen years, and I beg to differ: free software is almost always preferable.

It depends what you're doing, but if it involves anything to do with gaming, professional/business software, or the creative/multimedia industries, I stand by my previous comment.

For example, arguing that LibreOffice is an acceptable professional substitute for MS Office is fine until your accountant can't open the spreadsheet you sent over because of some incompatibility in the macros, at which point the amount of money it's going to cost for the lost time on that one occasion will instantly cover the cost of buying the real thing.

For another example, despite the recent push by the likes of Valve, gaming on Linux is still a far cry from gaming on Windows or any recent console.

That's simply an unfortunate fact of living under repressive regimes which try to forbid one from playing the DVDs one has bought; it's certainly not their fault.

But most people aren't going to care, because they want to watch their movie, and this laptop won't let them unless they jump through hoops and, in many places, break the law along the way.

>gaming on Linux is still a far cry from gaming on Windows or any recent console.

You mean, like the Steamboxes?

You mean, like the Steamboxes?

Those are due to be released later this year, but no-one really knows yet how they will work out in terms of performance or cost-effectiveness, or what range of games will be available for them. Even if Valve port all of their own big titles over, the major titles from others in the industry may or may not follow, and it will probably take time if they do.

So yes, Steam machines are what I was referring to, but yes, gaming on Linux is still a far cry from gaming on Windows or any recent console.

There are many many options for you if you want a laptop that will run windows "well" (even if most of them suck).

This is for people who want a laptop where all hardware is well supported by open and upstream drivers in linux.

If you're running Windows or OS X, most of the point of this is defeated. You can't tell much about privacy, security, etc. The hardware switches are nifty, but they're an add-on due to popular demand, not the main feature.

(It is a bit annoying the the marketing isn't clear that this is just a nice modern laptop which supports linux very well and avoids you supporting Apple or Microsoft with your purchase.)

There are many many options for you if you want a laptop that will run windows "well" (even if most of them suck).

But that's rather the point. I'm willing to trust a clean Windows 7 installation and well-known drivers not to be phoning home. Given a system that was never contaminated with junkware, I then have a reasonable chance of only getting stuff I choose on there afterwards and keeping control of what applies downloaded software updates and when, and that is my primary requirement in software terms for a system I'm willing to trust. The desire for a good spec is just because so many business laptops are overpriced junk here in the UK, and the physical switches are just safeguards to mitigate things like zero days attacks or, frankly, embarrassing forgetfulness.

I don't really buy the theory that the source for everything you install theoretically being available somehow makes your privacy better protected. Given that I'm not going to personally audit the entire source code of the OS distro being installed -- and neither is anyone else who buys these laptops -- the benefit is largely illusory, and the reality is that I'm just trusting the distro and everyone contributing to it instead of trusting the likes of Microsoft. Either way you're also assuming the system is secure so any privacy you start with will stay that way.

An important-to-note additional detail:

> Purism’s Librem 15 will ship with an Intel CPU fused to run unsigned BIOS code, allowing a future where free software can replace the proprietary, digitally signed, BIOS binaries.


So they haven't solved the problem of getting a free implementation, they've just disabled the security feature that stops rootkits from replacing your bios?

Now I don't have the freedom to modify the code or improved security. How is this making me better off?

Coreboot is mostly open source. I think being able to modify the firmware at all in the first place is more important.

Me being able to modify the firmware of my laptop is somewhat important. Other people being unable to modify the firmware of my laptop is very important.

If there's no way to get one without sacrificing the other, the better option for my privacy, security, and freedom is to take a static but non-free BIOS.

Signed firmware isn't static. They don't fuse a hash into the CPU, but a key (to a key to a key, see http://www.apress.com/9781430265719) to verify signatures.

So the result is that you can't update your computer's firmware, but somebody else (although probably not the average criminal).

The standard solution is to lock down the write access to the flash chip. While current era firmware requires writable flash for memory init (or you lose suspend to RAM capabilities), it can be locked down directly afterwards and before code from somewhere else is executed. That works nicely without Boot Guard, but not so good with UEFI (which stores its persistent variables in the same flash memory part).

Yea, the best solution would be a jumper to disable it.

Thats what they want, not what they currently got. The laptops that have been shipped does not use Coreboot, it has a proprietary BIOS.

The first? How about LibreBoot [0]?

[0] https://www.fsf.org/resources/hw/endorsement/gluglug

Seriously, couldn't they have gone a lot further with the Pure* rebranding? I have: PurePlayer, PureTerminal, PureNotepad, PureMenu, PurePurePure, PureShit and so on and so forth ...

Or, of course, they could have been honest with the OS and browser they are using ...

Isn't this also one of the goals of bunnie's novena? http://www.bunniestudios.com/blog/?tag=novena

Something built from the ground up, where you can build and (with inspection) trust every part of it.

I don't know about this Purism ideology thing. Having watched the video, they keep saying things about people losing privacy through the use of various websites, that's the main point of the video. You can't solve that with better hardware, if you provide data about yourself to a third party.

And the hardware they do provide is not significantly more secure/libre than any run-of-the-mill laptop. I mean Intel, with Intel Management Engine? Surely, you're joking.

Providing a linux distro-spin-off as an OS?

To me, these guys sound like crooks, because they make a lot of claims, and they are nowhere near delivering on those promises. And they use a bullshit language with terms like ideology, but again with no real substance to back this up.

I'd much rather buy a Novena, if I was really concerned about this kind of things. Just my 2 cents.

They're beautiful, certainly. But who do they target? Me? I love Linux so all I want to know is: what is the default OS based on? It seems like the desktop environment is Gnome and they pre-install Libre Office, gimp and inkscape. Nice but what happens if I install Arch or Ubuntu? Does everything work out of the box? Does the SSD work perfectly with the current kernel?

Or do they target privacy curious Mac and Windows users? In which case: What happens when these users want to design and order a photo book? (Here in the Netherlands, nobody offers that on Linux and it is a big thing keeping me from switching my "please remove my browser toolbars once a month" mother in law to Linux.) Even more knowledgeable computer users don't simply switch to Linux, and this page does not even mention its OS, so what can you expect? I think the difference is way to big to just glance over it and say you have mac/windows compatible software. As a Windows user going to a Mac is a big step, many people I know hated it and move back. Imagine them moving to Linux...

I'd buy one, if it would mean I'd get a System76 like machine that just works with in-kernel stuff for sure. The hardware switches, the lack of a windows key and the nice looks are very attractive extra's.

from the crowdsourced page:

> Bundled with the fully free/libre, no mystery software Trisquel GNU/Linux operating system, with free/libre professional quality web browser, email, graphics, drawing, word processing, presentation, spreadsheet, and media software, users can easily replace their existing computer. Since it is a GNU-based distribution, users can add hundreds of thousands of free/libre and open source applications easily.

Hmm, feels a bit disingenuous that they don't mention Trisquel and call their Firefox/TOR combination "Pure browser". I don't like that. Question remains, who likes the software? Who do they target? I love the hardware... Perhaps they should have partnered with Elementary so we'd know what we'd get.

Apropros your Mother who needs printed photobooks, are there not services in the .nl where you can just send them a set of digital photo's and they'll print the books for you, or is your Mother used to a Windows-only app for 'preparing and uploading' the prints to a local shop? It is an interesting problem that you have no Linux solution - but I think indeed there are probably ways to move to Linux and yet overcome this issue, if it is one ..

Am I the only one who can't understand what this product offers exactly?

This is a nice / modern hardware laptop, which you can have confidence supports any recent linux distro well, because all hardware drivers are "upstreamed". Further, there are as few closed-source firmware blobs as possible. Various people care about that for various theoretical reasons, but one good one is that any firmware that could be infected with a virus could also be patched.

It is annoying that the marketing is not clear on this fact. This is a nice, if pricey, laptop which supports any modern linux distro well. And when you buy it, you avoid your purchase supporting Apple or Microsoft. (I've purchased a couple Apple laptops over the years, begrudgingly, just to run linux on them. I'm excited to have an alternative.)

I think their messaging is pretty clear. These are laptops built with a focus towards keeping your information private.

But that doesn't really say much!

How does their hardware tackle privacy issues? What do they do exactly?

They put some power switches on the webcam/microphone and wireless modules. That's about it.

They also disabled signature verification on the chipset firmware, but it's not clear that solves any privacy issues, given that the only extant firmware is the closed-source one from Intel. (If anything, disabling signatures is a net negative for privacy, as the authors of a malicious replacement wouldn't even need access to Intel's signing key to create one.)

Intel Boot Guard is about the BIOS, not the "chipset firmware".

Not much, according to this article, as there are many firmware blobs that are still entirely opaque: http://blogs.coreboot.org/blog/2015/02/23/the-truth-about-pu...

If the situation with blobs and proprietary code running alongside your CPU looks so bad with Intel chips, why doesn't anyone try to use AMD chips? Or are there equally bad things there as well? (I'm aware of the SMU in recent chips, is there anything else?)

1.800 USD for a button which toggles microphone and camera, I'm not saying you could do exactly that with a USB periferic.. but.. yea, you get pretty close anyway.

I like the hardware off switches. Wish my Thinkpad had them.

I like the idea, but the site contains way too much FSF ideology and too little actual technology as far as I'm concerned. And for that price, I'd rather go with tried-and-tested System76 rather than an unknown company. (Or rather, since I don't have the money, go with a cheap Lenovo and install my favourite distro myself ;-) )

To provide a truly secure laptop one need to control entire stack of software, which means OS verifying kernel module signatures, no third party software, BIOS verifying OS and MBR and TPM verifying BIOS (unless it's made truly read only which would probably require custom chip these days). Anything else would be an illusion.

Nice idea, but i am sorry: Those prices are ridiculous.

My current Dell Inspiron 3437 came pre-installed with Ubuntu and only cost 250+ USD.

It is true that I do not trust Canonical or Dell, but why would I trust Purism instead? What proof of trustworthiness do they provide?

My Dell's very low spec is good enough for what most developers typically do: use a text editor to deal with source files and use the shell to ssh into a remote machine. The most taxing program that I use is firefox. The browser consumes more CPU cycles and memory than all other programs taken together.

The short story: I do not need a laptop that costs 1600+ USD, just for its nebulous, unproven claims of privacy, when I am perfectly happy with one that costs 250+ USD.

Eh, looks like your common unbranded OEM laptop ale PCSpec at about 50% premium price.

Also a "privacy" oriented laptop with Boot Guard disabled? hah? With how prevalent UEFI malware appears to be why would any one want to disable pretty much the only security measure against it?

Boot Guard allows you to perform block level or cryptographic verification of the BIOS and firmware.

And while a CPU fused to boot unsigned bios sounds nice and nifty virtually ever motherboard out there supports unlocking the signature validation using a hard or a soft jumper any how.

Disabling that is like disabling the file system integrity access checks on an encrypted hard drive it can only lead to a disaster....

Definitely on board with the idea. But as others pointed out a bit on the expensive side. However, if more companies got into the mix the prices would come down. Someone has to get the ball rolling (hats off to Purism for doing that).

This sounds more about using free software than actually solving privacy issue based on "code is free" concept.

So what Linux distro is the OS based on ?

To me the most compelling feature of the laptop is the hardware switches to toggle the camera, microphone, bluetooth, and wifi.

Even libre firmware can't guarantee my system won't be compromised and updated with malicious firmware.

There are a number of ways to write protect the flash part where (CPU) firmware resides. Some permanent (or with a jumper), others until the next reboot, by which any attack vector vanishes.

So checking that your libre firmware locks down the flash as soon as it's done with its work can be a pretty strong guarantee.

I love hardware switches but it's a bit of an expensive tinfoil hat (especially when comms are going to be via a compromised network in any case)

Is it unreasonable to want to ensure your conversation isn't being recorded while you're not even using the device? There's hardly anywhere in my house where a software controlled microphone can't hear and that bothers me.

Not at all unreasonable, just that this solution seems expensive and ineffective most of the time the device is in use.

They are a bit pricy, but the real issue here is the battery life. I believe most people would like to have more than 4-6 hours on their 15" laptop.

I think there's plenty of room for some *NIX laptops below OSX pricepoint - just not sure it's this one

What's the hardware inside these? Is it all custom made from the ground up?

get the 13" up to spec with the 15" (32GB, USB3+, etc.) + coreboot, and I'll think really hard about it... :)

They really wrote their own OS for this?

Well, that was fast.

Very interesting hardware; I particularly like the hardware killswitches for the sensors (microphone and camera) and radios (WiFI & Bluetooth). It looks attractive, too, which actually matters.

But there's no way I'd ever give money to someone who has hired the execrable Jacob Applebaum. No way.

If I may ask, why are you so negative about Jacob Appelbaum?

His association with Julian Assange and Edward Snowden, particularly his release of purported national security to foreign persons and media.

The company is free to associate itself with him, and I'm free not to purchase their otherwise-quite-interesting product.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact