Announcement: Insurgo PrivacyBeast X230 Laptop meets and exceeds Qubes 4.0 hardware certification
71 views
Skip to first unread message
Andrew David Wong
Jul 19, 2019, 12:19:37 AM7/19/19
to qubes...@googlegroups.com, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Dear Qubes Community,
We are very pleased to announce that the Insurgo PrivacyBeast X230 [1]
has passed Qubes 4.0 Hardware Certification and is now a Qubes-certified
Laptop! [2]
## What is Qubes Certified Hardware?
Qubes Certified Hardware [3] is hardware that has been certified by the
Qubes developers as compatible with Qubes OS. Beginning with Qubes 4.0,
in order to achieve certification, the hardware must satisfy a rigorous
set of requirements [4], and the vendor must commit to offering
customers the very same configuration (same motherboard, same screen,
same BIOS version, same Wi-Fi module, etc.) for at least one year.
Qubes-certified Laptops [2], in particular, are regularly tested
by the Qubes developers to ensure compatibility with all of Qubes'
features. The developers test all new major versions and updates to
ensure that no regressions are introduced.
It is important to note, however, that Qubes Hardware Certification
certifies only that a particular hardware *configuration* is *supported*
by Qubes. The Qubes OS Project takes no responsibility for any
manufacturing or shipping processes, nor can we control whether physical
hardware is modified (whether maliciously or otherwise) *en route* to
the user. (However, see below for information about how the Insurgo
team mitigates this risk.)
## About the Insurgo PrivacyBeast X230 Laptop
The Insurgo PrivacyBeast X230 [1] is a custom refurbished ThinkPad X230
[5] that not only *meets* all Qubes Hardware Certification requirements
[4] but also *exceeds* them thanks to its unique configuration,
including:
- Coreboot [6] initialization for the x230 is binary-blob-free,
including native graphic initialization. Built with the
Heads [7] payload, it delivers an Anti Evil Maid (AEM) [8]-like
solution built into the firmware. (Even though our requirements [4]
provide an exception for CPU-vendor-provided blobs for silicon and
memory initialization, Insurgo exceeds our requirements by insisting
that these be absent from its machines.)
- Intel ME [9] is neutered through the AltMeDisable bit, while all
modules other than ROMP and BUP, which are required to initialize
main CPU, have been deleted. [10]
- A re-ownership process that allows it to ship pre-installed with
Qubes OS, including full-disk encryption already in place, but
where the final disk encryption key is regenerated only when the
machine is first powered on by the user, so that the OEM doesn't
know it.
- Heads [7] provisioned pre-delivery to protect against malicious
interdiction. [11]
## How to get one
Please see the Insurgo PrivacyBeast X230 [1] on the Insurgo website [12]
for more information.
## Acknowledgements
Special thanks go to:
- Thierry Laurion [13], Director of Insurgo, Technologies Libres (Open
Technologies), for spearheading this effort and making Heads+Qubes
laptops more broadly accessible.
- Trammell Hudson [14], for creating Heads [7].
- Purism [15], for greatly improving the UX of Heads [7], including
the GUI menu, and for adding Nitrokey [16] and Librem Key [17]
support.
[1] https://insurgo.ca/produit/qubesos-certified-privacybeast_x230-reasonably-secured-laptop/
[2] https://www.qubes-os.org/doc/certified-hardware/#qubes-certified-laptop-insurgo-privacybeast-x230
[3] https://www.qubes-os.org/doc/certified-hardware/
[4] https://www.qubes-os.org/doc/certified-hardware/#hardware-certification-requirements
[5] https://www.thinkwiki.org/wiki/Category:X230
[6] https://www.coreboot.org/
[7] https://github.com/osresearch/heads/
[8] https://www.qubes-os.org/doc/anti-evil-maid/
[9] https://libreboot.org/faq.html#intelme
[10] https://github.com/osresearch/heads-wiki/blob/master/Clean-the-ME-firmware.md#how-to-disabledeactive-most-of-it
[11] https://en.wikipedia.org/wiki/Interdiction
[12] https://insurgo.ca
[13] https://www.linkedin.com/in/thierry-laurion-40b4128/
[14] https://trmm.net/About
[15] https://puri.sm/
[16] https://www.nitrokey.com/
[17] https://puri.sm/posts/introducing-the-librem-key/
This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2019/07/18/insurgo-privacybeast-qubes-certification/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAl0xRMEACgkQ203TvDlQ
MDAEVQ//d5Ziw78qjjYCaepSpJTXwdlw6yiZVXm5ecB1xYMdS7UrQJYX3vS/on/R
i4Sh/fuQBfr5qzap8BHK7DyZ3IJYFjazVPkXStKk5gYrx2ZCD+/3xMNwKYNn9Old
YNf6N5+2ux9WMn39k+E5MJNJOUWuM3VRTTSlJT8YnM4fQR+2pzC7Ugdam24BGUSr
bTz7k/3mbDTDjWAmttzDNTt+pJEB0BkSlms862JqxCLulwwrw3noQk8DGHX1VraD
EY72atFoehSvU8HpeXhjxiCQhPwk/2SktxL5C+W21Z4Jyl+NzLFA2OCf5Bw+wOpp
LJZ6/Y1Gy+FNH8mzD6mNVu23l+x4nlTfSqIHtpw/OnQTxdmMYsWV1Ayn9xONJJB0
PPEBW24c0NKKD/b2V9R3rfwScLgP4Lc5kfS6KFJItUka4OoZ1cQdGdAX+2X2S0QT
RIW1NUeeqbJHPwSPLTszBs9gGW0mmE26J4D2F8r+ldVgGskOeX9MGJ8qSzBVzOLk
SnhfY9ZXjxyrT4v+QMShu6QJqPwcbFpbS5Lp5ZMS1JAz1fWL8/tbXhCNcTKzl1R7
mXpjfGjtM9hDFzlD/eMyCFRAW3V16Pk9qcABak5+HEH8py88mnnnyNy4npRYu/Xe
j6VpvWE87DI4vYuUX/F9hKLES5HJZVRdWj5j+9B+riZZuVJOo+M=
=WwYE
-----END PGP SIGNATURE-----
Hash: SHA512
Dear Qubes Community,
We are very pleased to announce that the Insurgo PrivacyBeast X230 [1]
has passed Qubes 4.0 Hardware Certification and is now a Qubes-certified
Laptop! [2]
## What is Qubes Certified Hardware?
Qubes Certified Hardware [3] is hardware that has been certified by the
Qubes developers as compatible with Qubes OS. Beginning with Qubes 4.0,
in order to achieve certification, the hardware must satisfy a rigorous
set of requirements [4], and the vendor must commit to offering
customers the very same configuration (same motherboard, same screen,
same BIOS version, same Wi-Fi module, etc.) for at least one year.
Qubes-certified Laptops [2], in particular, are regularly tested
by the Qubes developers to ensure compatibility with all of Qubes'
features. The developers test all new major versions and updates to
ensure that no regressions are introduced.
It is important to note, however, that Qubes Hardware Certification
certifies only that a particular hardware *configuration* is *supported*
by Qubes. The Qubes OS Project takes no responsibility for any
manufacturing or shipping processes, nor can we control whether physical
hardware is modified (whether maliciously or otherwise) *en route* to
the user. (However, see below for information about how the Insurgo
team mitigates this risk.)
## About the Insurgo PrivacyBeast X230 Laptop
The Insurgo PrivacyBeast X230 [1] is a custom refurbished ThinkPad X230
[5] that not only *meets* all Qubes Hardware Certification requirements
[4] but also *exceeds* them thanks to its unique configuration,
including:
- Coreboot [6] initialization for the x230 is binary-blob-free,
including native graphic initialization. Built with the
Heads [7] payload, it delivers an Anti Evil Maid (AEM) [8]-like
solution built into the firmware. (Even though our requirements [4]
provide an exception for CPU-vendor-provided blobs for silicon and
memory initialization, Insurgo exceeds our requirements by insisting
that these be absent from its machines.)
- Intel ME [9] is neutered through the AltMeDisable bit, while all
modules other than ROMP and BUP, which are required to initialize
main CPU, have been deleted. [10]
- A re-ownership process that allows it to ship pre-installed with
Qubes OS, including full-disk encryption already in place, but
where the final disk encryption key is regenerated only when the
machine is first powered on by the user, so that the OEM doesn't
know it.
- Heads [7] provisioned pre-delivery to protect against malicious
interdiction. [11]
## How to get one
Please see the Insurgo PrivacyBeast X230 [1] on the Insurgo website [12]
for more information.
## Acknowledgements
Special thanks go to:
- Thierry Laurion [13], Director of Insurgo, Technologies Libres (Open
Technologies), for spearheading this effort and making Heads+Qubes
laptops more broadly accessible.
- Trammell Hudson [14], for creating Heads [7].
- Purism [15], for greatly improving the UX of Heads [7], including
the GUI menu, and for adding Nitrokey [16] and Librem Key [17]
support.
[1] https://insurgo.ca/produit/qubesos-certified-privacybeast_x230-reasonably-secured-laptop/
[2] https://www.qubes-os.org/doc/certified-hardware/#qubes-certified-laptop-insurgo-privacybeast-x230
[3] https://www.qubes-os.org/doc/certified-hardware/
[4] https://www.qubes-os.org/doc/certified-hardware/#hardware-certification-requirements
[5] https://www.thinkwiki.org/wiki/Category:X230
[6] https://www.coreboot.org/
[7] https://github.com/osresearch/heads/
[8] https://www.qubes-os.org/doc/anti-evil-maid/
[9] https://libreboot.org/faq.html#intelme
[10] https://github.com/osresearch/heads-wiki/blob/master/Clean-the-ME-firmware.md#how-to-disabledeactive-most-of-it
[11] https://en.wikipedia.org/wiki/Interdiction
[12] https://insurgo.ca
[13] https://www.linkedin.com/in/thierry-laurion-40b4128/
[14] https://trmm.net/About
[15] https://puri.sm/
[16] https://www.nitrokey.com/
[17] https://puri.sm/posts/introducing-the-librem-key/
This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2019/07/18/insurgo-privacybeast-qubes-certification/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAl0xRMEACgkQ203TvDlQ
MDAEVQ//d5Ziw78qjjYCaepSpJTXwdlw6yiZVXm5ecB1xYMdS7UrQJYX3vS/on/R
i4Sh/fuQBfr5qzap8BHK7DyZ3IJYFjazVPkXStKk5gYrx2ZCD+/3xMNwKYNn9Old
YNf6N5+2ux9WMn39k+E5MJNJOUWuM3VRTTSlJT8YnM4fQR+2pzC7Ugdam24BGUSr
bTz7k/3mbDTDjWAmttzDNTt+pJEB0BkSlms862JqxCLulwwrw3noQk8DGHX1VraD
EY72atFoehSvU8HpeXhjxiCQhPwk/2SktxL5C+W21Z4Jyl+NzLFA2OCf5Bw+wOpp
LJZ6/Y1Gy+FNH8mzD6mNVu23l+x4nlTfSqIHtpw/OnQTxdmMYsWV1Ayn9xONJJB0
PPEBW24c0NKKD/b2V9R3rfwScLgP4Lc5kfS6KFJItUka4OoZ1cQdGdAX+2X2S0QT
RIW1NUeeqbJHPwSPLTszBs9gGW0mmE26J4D2F8r+ldVgGskOeX9MGJ8qSzBVzOLk
SnhfY9ZXjxyrT4v+QMShu6QJqPwcbFpbS5Lp5ZMS1JAz1fWL8/tbXhCNcTKzl1R7
mXpjfGjtM9hDFzlD/eMyCFRAW3V16Pk9qcABak5+HEH8py88mnnnyNy4npRYu/Xe
j6VpvWE87DI4vYuUX/F9hKLES5HJZVRdWj5j+9B+riZZuVJOo+M=
=WwYE
-----END PGP SIGNATURE-----
Demi M. Obenour
Jul 21, 2019, 9:53:23 AM7/21/19
to qubes...@googlegroups.com, qubes...@googlegroups.com
On 7/19/19 12:19 AM, Andrew David Wong wrote:
> - Coreboot [6] initialization for the x230 is binary-blob-free,
> including native graphic initialization. Built with the
> Heads [7] payload, it delivers an Anti Evil Maid (AEM) [8]-like
> solution built into the firmware. (Even though our requirements [4]
> provide an exception for CPU-vendor-provided blobs for silicon and
> memory initialization, Insurgo exceeds our requirements by insisting
> that these be absent from its machines.)
>
Is the RAM vulnerable to Rowhammer attacks? My understanding is that
> - Coreboot [6] initialization for the x230 is binary-blob-free,
> including native graphic initialization. Built with the
> Heads [7] payload, it delivers an Anti Evil Maid (AEM) [8]-like
> solution built into the firmware. (Even though our requirements [4]
> provide an exception for CPU-vendor-provided blobs for silicon and
> memory initialization, Insurgo exceeds our requirements by insisting
> that these be absent from its machines.)
>
recent motherboards mitigate these attacks by increasing the refresh
rate, but I am not sure if this one can.
Sincerely,
Demi
Reply all
Reply to author
Forward
0 new messages