Privacy Beast vs Nitropad comparison?

[dcon]

Are there any significant differences between the two? It seems that Nitropad has more hardware configuration options. With ME inactivation, is there any reason to swap out the WiFi module?

I’d like to thank both vendors for bringing these to the market!

Noobs need Qubes! 👏

[Maillist]

Hello,

the Privacy Beast is more secure. As they write, it meets and exceeds
the Qubes os certification, the Nitropad only meets them.They differ in
the OEM reownership process.


cheers.

[Andrew Sullivan]

Hello

I'm thinking of trying my hand at Qubes (currently a long-time Linux Mint user), and I need a new laptop anyway so I'm thinking of the Nitropad or Insurgo machines. 

You say that the Insurgo is "more secure" and "exceeds" the requirements of Qubes certification; in what ways is this?  Is it just the reownership process (which I admit does look more stringent in the as of the Insurgo, but they end up re-owned just the same?).

If I got one of these machines and for some reason decided that Qubes wasn't for me, would it be easy to "nuke" the Qubes and just install Linux Mint or whatever?  Would a Linux installer have any problems with Coreboot etc?

Thanks in advance

Andrew

[Catacombs]

Your choice between NitroPad or Insurgo might depend on where you live.  I think Insurgo is based in north America, and Nitro is based in Europe.  Different taxes, shipping problems, searches.  I thought they both allowed for non-tampered shipping security with NitroKey.

Option three is is the laptop from Puri, Librem.  From north America, also allows for non-tampered shipping security with NitroKey.  https://puri.sm/

Besides there standard offering they have a sale on what they call refurbished, which some believe is Puri/Librem clearing their warehouse shelves. 

https://forums.puri.sm/t/refurbished-librem-laptops-on-sale/8841

For their Pure OS, they offer another service, (for a monthly fee).  Despite being Debian based, these do not install so easily on other Linux OS's.  https://librem.one/   

They offer their own Debian based OS, Pure OS.    Pure uses Boxes for security.   These is free OS, and you can give it a whirl without buying anything.  https://www.pureos.net/ 

Puri/Librem  will install Qubes for you, (I think for a charge) or you can do that on your own.

The other OS's which one might use is Tails Linux (yeah, you knew that, but I had to mention it.)  and Easy OS. 

Easy OS some might not consider to be secure, only one developer, Barry Kauler, uses Boxes for security.  http://murga-linux.com/puppy/viewtopic.php?t=109958

I guess noobs need Qubes is a joke, because it has some intensive learning associated with using it properly.  or at all

[Andrew Sullivan]

Thanks for the reply.  I'm in the UK, so I think you're right, the Insurgo machine would probably cost me in terms of shipping, import duty etc.  So the Nitropad (from Germany I think) is probably a better bet.

I also think you're right in that both machines use a Nitrokey.  The difference I think is that Insurgo put their security key on the machine, and then force you to change it when you first boot up.  With the Nitropad, there is just a default key (something like "changemenow") which obviously needs to be changed (!) but I don't know if there is a formal reowning process.

Never heard of easyOS, I'll have a look.

"noobs need Qubes" wasn't my quote!!!

[Maillist]

Hello,

unfortunately no, they do not end up the same.

just a very quick summary from what i have to assume according to what is stated on the Nitropad website:

In general,  i see the following issues:

Assuming they use Heads' Pursim code for generic key generation/export of the public key/insertion into the ROM and flashing it back:

1: That would mean they use default Pins, therefor its possible to intercept the whole process at any point (compromising the firmware and resealing the key)

2: No reproducible builds.

3: Were can the code be found, which version?

No public CI, no public builds artifacts.

Also, about the shipping: I cant see any security benefit  the way they do it (Qr code not send by secure communication)?

Keep in Mind, i might be wrong with this assumptions, as i dont have a Nitropad/ cant install their Image  because of the issues i mentioned (2/3)

About installing a different OS: Thats possible.

About the Wifimodule: Apart from other reasons,the default Intel 6205 sucks anyway, I suggest Atheros 9380.

Pursim products cant compare security wise with the PrivacyBeast/ Nitropad/ any x30 series Lenovo with coreboot because of the hardware architecture they use.

cheers

--
You received this message because you are subscribed to the Google Groups "qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/93fd27f8-2838-43c3-9f84-0c3865382d0d%40googlegroups.com.

[Catacombs]

Librem pricing shows two prices for including a Nitrokey sending key separately or with laptop. I assumed that would be to verify shipment had not been tampered with. I guess I misunderstood how that really worked. If it is not encrypted properly. Then that would not be close enough to Insurgo options.

Apologies for changing the subject. But this would be a good time to ask the last poster, or anyone else, do you have any experience with the project, I now face, flashing Core Boot onto a Lenovo X 230? Last Poster seems to have more knowledge than I in hardware.

Thanks for correction. Details are more important than impressions.

[Andrew Sullivan]

No apology necessary!  I would also be interested in this information - given that I currently have time on my hands (!) and that second-hand X230s are quite inexpensice, maybe I'll try the DIY route.

BTW, I am only interested in the Nitropad and the Insurgo machines, I'd previously ruled out the Purism/Librem...