Another interesting open-hardware project I just ran across: https://mntre.com/media/reform_md/2020-01-18-finishing-reform.html
I have a Purism Librem 15v4 and just got a Pinebook Pro ( https://www.pine64.org/pinebook-pro/) as an air travel/burner laptop (i.e. if something happened to it where I felt like I needed to throw it away or if it got lost or damaged, at least it's a $200 laptop instead of a $1500 laptop). I like both a lot, though yeah, the keyboard's not great. But I haven't found a laptop keyboard in a long time that I really liked, and I don't regard the Librem's keyboard as worse than average. They're just almost all terrible (with the possible exception of some Lenovos, some niche gaming laptops, and esoteric devices like the MNT Reform above). On Tue, 2020-01-21 at 11:54 +0100, Hans-Christoph Steiner wrote: > glad to hear that the FP3 is good! They are making progress then. I > like the FP2 well enough, but its buggy. Partially, I assume that's > because it is hard to make a device with easy to swap out parts. Its > a > bummer they don't have Fairphone Open for FP3, but I think they are > overwhelmed with Android integration work, so its better to have one > solid ROM than a Play and an Open where neither are solid. > > .hc > > Abel Luck: > > Agreed with both of you. > > > > I still use my librem daily. I said I wouldn't buy another, but > > that's > > cause I plan to use it for a long time until hopefuly there is a > > good > > alternative. And I guess if my Librem drowned today I would buy > > another :S. > > > > I plug in my own keyboard, and can get non-USBC hubs for things > > like > > ethernet. But screen size and ram.. there are limits to the > > tradeoffs > > I'll make. > > > > The FP3 is not that bad tbh. Everyone in my household has one now! > > > > ~abel > > > > Devrandom: > > > Agreed, ergonomics are definitely not top-notch, and I hope > > > there's an > > > iteration that improves things. However, for development and > > > Qubes I > > > need 32GB. That, together with the freedom aspect trumps other > > > considerations. > > > > > > On Thu, Jan 16, 2020 at 2:29 AM Hans-Christoph Steiner > > > <[email protected]> wrote: > > > > > > > > I hear you, and I've similar things from others. Fairphone is > > > > in a > > > > similar boat. I think we need to compare apples to apples > > > > here: what > > > > Nitrokey, Librem and Fairphone are trying to do is important, > > > > no other > > > > providers are doing those things better. Things like: > > > > > > > > * true free software support > > > > * hardware switches > > > > * repairability > > > > * conflict-free minerals > > > > > > > > .hc > > > > > > > > Abel Luck: > > > > > I have a Purism Librem v3 (the 13" model) and I have to say I > > > > > am not > > > > > very happy with it. > > > > > > > > > > From a privacy pov, it's nice. ME can be disabled manually. > > > > > The hardware > > > > > switches are very handy. Rather than ship binary blobs for > > > > > the bluetooth > > > > > driver, they left that feature out, not compromising. Which I > > > > > like. > > > > > > > > > > However from an ergonomics/usability pov, I am quite > > > > > dissatisfied. When > > > > > I say the keyboard is bad, I'm not a keyboard snob. It truly > > > > > is just a > > > > > bad keyboard, I really dread having to go on the road and use > > > > > the > > > > > keyboard for any length of time. The trackpad quality is also > > > > > very low. > > > > > > > > > > Also the laptop comes with a usb c port, which is basically > > > > > useless as > > > > > it doesn't support thunderbolt, which means no adapter for > > > > > ethernet or > > > > > external displays. Waste of a port! > > > > > > > > > > I wouldn't buy another Librem :/ > > > > > > > > > > That NitroPad looks interesting, but the deal breaker for me > > > > > is the > > > > > 1366x768 px screen. So small! 1920x1080 is the minimum I > > > > > would ever get > > > > > in a laptop again. > > > > > > > > > > ~abel > > > > > > > > > > Devrandom: > > > > > > This is a Lenovo. The Purism laptop goes to 32GB and has > > > > > > hardware kill > > > > > > switches. It also has secure boot with the Nitrokey and > > > > > > the TPM option, > > > > > > but I didn't try it (yet). > > > > > > > > > > > > On Wed, Jan 8, 2020 at 4:19 AM Hans-Christoph Steiner < > > > > > > [email protected]> wrote: > > > > > > > > > > > > > Looks like quite a nice laptop setup for privacy: > > > > > > > > > > > > > > > > > > > > > -------- Forwarded Message -------- > > > > > > > Subject: NitroPad: Secure Laptop With Unique Tamper > > > > > > > Detection > > > > > > > Date: Tue, 7 Jan 2020 10:25:13 +0100 > > > > > > > From: Nitrokey <[email protected]> > > > > > > > Reply-To: Nitrokey <[email protected]> > > > > > > > To: Hans-Christoph Steiner <[email protected]> > > > > > > > > > > > > > > Deutsche Übersetzung ist hier: > > > > > > > > > > > > > > https://sendy.nitrokey.com/l/DYw4PK9oeKpCQ4HCJ3sHVA/d891PlpQflj763CzcTeLrLCQ/2drgzRE7oneOhHNyMnMe8g > > > > > > > > > > > > > > Dear Nitrokey supporters! > > > > > > > > > > > > > > Do you think your computer hardware is secure? Can you > > > > > > > rule out that in > > > > > > > your absence no one has manipulated your computer? In a > > > > > > > world, where > > > > > > > most users do not have any real control over their > > > > > > > hardware and have to > > > > > > > blindly trust the security promises of vendors, NitroPad > > > > > > > unlocks a > > > > > > > refreshingly new security experience. NitroPad X230 [1] > > > > > > > is significantly > > > > > > > more secure than normal computers. With NitroPad, you'll > > > > > > > have more > > > > > > > control over your hardware than ever before while > > > > > > > maintaining ease of use. > > > > > > > > > > > > > > Features > > > > > > > > > > > > > > Tamper Detection Through Measured Boot > > > > > > > > > > > > > > Thanks to the combination of the open source solutions > > > > > > > Coreboot [2], > > > > > > > Heads [3] and Nitrokey USB hardware, you can verify that > > > > > > > your laptop > > > > > > > hardware has not been tampered with in transit or in your > > > > > > > absence > > > > > > > (so-called evil maid attack). The integrity of the TPM, > > > > > > > the firmware and > > > > > > > the operating system is effectively checked by a separate > > > > > > > Nitrokey USB > > > > > > > key. Simply connect your Nitrokey to the NitroPad while > > > > > > > booting and a > > > > > > > green LED on the Nitrokey will show that your NitroPad > > > > > > > has not been > > > > > > > tampered with. If the LED should turn red one day, it > > > > > > > indicates a > > > > > > > manipulation. > > > > > > > > > > > > > > Deactivated Intel Management Engine > > > > > > > > > > > > > > Vulnerable and proprietary low-level hardware parts are > > > > > > > disabled to make > > > > > > > the hardware more robust against advanced attacks. > > > > > > > > > > > > > > The Intel Management Engine (ME) is some kind of separate > > > > > > > computer > > > > > > > within all modern Intel processors (CPU). The ME acts as > > > > > > > a master > > > > > > > controller for your CPU and has broad access to your > > > > > > > computer (system > > > > > > > memory, screen, keyboard, network). Intel controls the > > > > > > > code of the ME > > > > > > > and severe vulnerabilities have been found in the ME > > > > > > > enabling local and > > > > > > > remote attacks. Therefore ME can be considered as a > > > > > > > backdoor and has > > > > > > > been deactivated in NitroPad. > > > > > > > > > > > > > > Preinstalled Ubuntu Linux With Full-Disk Encryption > > > > > > > > > > > > > > NitroPad ships with a preinstalled Ubuntu Linux 18.04 LTS > > > > > > > [4] with > > > > > > > full-disk encryption. Ubuntu is one of the most popular, > > > > > > > stable and > > > > > > > easiest to use Linux distributions. Switching from > > > > > > > Windows to Linux has > > > > > > > never been easier. > > > > > > > > > > > > > > Optional: Preinstalled Qubes OS For Highest Security > > > > > > > Requirements > > > > > > > > > > > > > > Instead of Ubuntu Linux, on request you can get your > > > > > > > NitroPad with > > > > > > > preinstalled Qubes OS 4.0 [5] and full-disk encryption. > > > > > > > > > > > > > > Qubes OS enables highly isolated working by means of > > > > > > > virtual machines > > > > > > > (VM). A separate VM is started for each application or > > > > > > > workspace. This > > > > > > > approach isolates applications and processes much more > > > > > > > than conventional > > > > > > > operating systems. Qubes OS keeps your system secure, > > > > > > > even if a > > > > > > > vulnerability has been exploited in one of the software > > > > > > > applications > > > > > > > used. Example: If your PDF viewer or web browser has been > > > > > > > successfully > > > > > > > attacked, the attacker cannot compromise the rest of the > > > > > > > system and will > > > > > > > be locked out once the VM is closed. > > > > > > > > > > > > > > In addition, separate virtual workspaces can be used, > > > > > > > such as an offline > > > > > > > workspace for secret data and an online workspace for > > > > > > > communication. > > > > > > > NitroPad with Qubes OS is technically similar to SINA > > > > > > > clients (for > > > > > > > governments), but remains transparent thanks to open > > > > > > > source. Qubes OS is > > > > > > > for users who want maximum security. > > > > > > > > > > > > > > Keys Under Your Control > > > > > > > > > > > > > > All individual cryptographic keys are generated directly > > > > > > > on the NitroPad > > > > > > > exclusively during installation and are not stored by us. > > > > > > > However, all > > > > > > > individual keys can be replaced by you. Unlike "Secure > > > > > > > Boot", the keys > > > > > > > for securing the operating system remain under your > > > > > > > control and do not > > > > > > > depend on the consent of the vendor. > > > > > > > > > > > > > > Nitrokey USB Key Included > > > > > > > > > > > > > > NitroPad comes with a Nitrokey Pro 2 [6] or a Nitrokey > > > > > > > Storage 2 [7]. > > > > > > > Their security features include for example email > > > > > > > encryption (PGP, > > > > > > > S/MIME), secure server administration (SSH) and two- > > > > > > > factor > > > > > > > authentication through one-time passwords (OTP). The > > > > > > > Nitrokey Storage 2 > > > > > > > additionally contains an encrypted mass storage with > > > > > > > hidden volumes. > > > > > > > > > > > > > > Professional ThinkPad Hardware > > > > > > > > > > > > > > Based on Lenovo ThinkPad X230, the hardware finish and > > > > > > > robustness meet > > > > > > > professional quality standards. The famous ThinkPad > > > > > > > keyboard with > > > > > > > background lighting and TrackPoint allows comfortable > > > > > > > working. The used > > > > > > > laptops have been refurbished. > > > > > > > > > > > > > > Out-of-the-Box User Experience > > > > > > > > > > > > > > With NitroPad, you don't need to take care of opening the > > > > > > > hardware > > > > > > > casing to flash the BIOS chip, installing and configuring > > > > > > > Linux, or > > > > > > > pairing the Nitrokey Pro/Storage. We do this work for > > > > > > > you. The Nitrokey > > > > > > > is already configured with your NitroPad so that it can > > > > > > > be used for > > > > > > > tamper detection without any further configuration > > > > > > > effort. > > > > > > > > > > > > > > Security Conscious Shipping > > > > > > > > > > > > > > To make it more difficult to intercept and manipulate > > > > > > > your NitroPad, the > > > > > > > NitroPad and the Nitrokey USB key can be shipped in two > > > > > > > separate > > > > > > > shipments if desired. > > > > > > > > > > > > > > Use Cases > > > > > > > > > > > > > > For Everyone > > > > > > > > > > > > > > NitroPad enables you to detect hardware tampering. For > > > > > > > example, if your > > > > > > > laptop is being inspected while crossing the border or if > > > > > > > you leave your > > > > > > > device unattended in a hotel or during travelling, you > > > > > > > can check the > > > > > > > integrity of your NitroPad with the help of the Nitrokey. > > > > > > > > > > > > > > For Enterprises > > > > > > > > > > > > > > NitroPad can serve as a hardened workstation for > > > > > > > certificate authorities > > > > > > > and other use cases requiring high-security computers. On > > > > > > > business > > > > > > > trips, the NitroPad protects against evil maid attacks > > > > > > > while the > > > > > > > computer is unattended in a hotel or baggage. > > > > > > > > > > > > > > For Governments > > > > > > > > > > > > > > Governments can use NitroPad to protect themselves > > > > > > > against advanced > > > > > > > persistent threats (APT) without relying on foreign > > > > > > > proprietary technology. > > > > > > > > > > > > > > For Journalists > > > > > > > > > > > > > > If you as an investigative journalist are serious about > > > > > > > protecting your > > > > > > > confidential sources, NitroPad helps you getting there. > > > > > > > > > > > > > > NitroPad X230 is now available in our Online Shop [1]. > > > > > > > > > > > > > > More details are available in the product factsheet [8]. > > > > > > > > > > > > > > Kind regards, > > > > > > > your Nitrokey team > > > > > > > > > > > > > > [1] > > > > > > > > > > > > > > https://sendy.nitrokey.com/l/DYw4PK9oeKpCQ4HCJ3sHVA/jZaFd1lbEdmWO6EYOcLzDQ/2drgzRE7oneOhHNyMnMe8g > > > > > > > [2] > > > > > > > > > > > > > > https://sendy.nitrokey.com/l/DYw4PK9oeKpCQ4HCJ3sHVA/YFe1znalGDB8Ua763Ggu9RKw/2drgzRE7oneOhHNyMnMe8g > > > > > > > [3] > > > > > > > > > > > > > > https://sendy.nitrokey.com/l/DYw4PK9oeKpCQ4HCJ3sHVA/cZ8CHlfV3cxRZgMwQJk6fQ/2drgzRE7oneOhHNyMnMe8g > > > > > > > [4] > > > > > > > > > > > > > > https://sendy.nitrokey.com/l/DYw4PK9oeKpCQ4HCJ3sHVA/UXFKS892rBzNshvgAM3iX7Sw/2drgzRE7oneOhHNyMnMe8g > > > > > > > [5] > > > > > > > > > > > > > > https://sendy.nitrokey.com/l/DYw4PK9oeKpCQ4HCJ3sHVA/D8RUORLEDmVGkJAOqOZ12w/2drgzRE7oneOhHNyMnMe8g/ > > > > > > > [6] > > > > > > > > > > > > > > https://sendy.nitrokey.com/l/DYw4PK9oeKpCQ4HCJ3sHVA/3NM892YvQl3nQBfzax83fVdg/2drgzRE7oneOhHNyMnMe8g > > > > > > > [7] > > > > > > > > > > > > > > https://sendy.nitrokey.com/l/DYw4PK9oeKpCQ4HCJ3sHVA/892ZG8927tvGnlab4KjZMl8lQg/2drgzRE7oneOhHNyMnMe8g > > > > > > > [8] > > > > > > > > > > > > > > https://sendy.nitrokey.com/l/DYw4PK9oeKpCQ4HCJ3sHVA/ITDgVP8lO6ZSALVagGX892vw/2drgzRE7oneOhHNyMnMe8g > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > > List info: > > > > > > > https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > > > > > > To unsubscribe, email: > > > > > > > [email protected] > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > List info: > > > > > > https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > > > > > To unsubscribe, email: > > > > > > [email protected] > > > > > > > > > > > _______________________________________________ > > > > > List info: > > > > > https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > > > > To unsubscribe, email: > > > > > [email protected] > > > > > > > > > > > > > -- > > > > PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA > > > > 5556 > > > > https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556 > > > > _______________________________________________ > > > > List info: > > > > https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > > > To unsubscribe, email: > > > > [email protected] > > > _______________________________________________ > > > List info: > > > https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > > To unsubscribe, email: > > > [email protected] > > > > > _______________________________________________ > > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > To unsubscribe, email: [email protected] > > -- Josh King PGP Fingerprint: 8269 ED6F EA3B 7D78 F074 1E99 2FDA 4DA1 69AE 4999
signature.asc
Description: This is a digitally signed message part
_______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
