Purism, a startup that builds laptops with a focus on privacy and security, announced that Trammell Hudson, an infosec researcher known for creating the “Thunderstrike” exploits against Macs, will be joining the company. Hudson will also be responsible for integrating his own “Heads” firmware project into Purism laptops to increase their anti-tampering security.
Heads is free (as in freedom) and open source firmware that runs in the computer’s ROM. It enables cryptographically signing the lowest levels of the system and protecting users against third-party modification.
Chipset features such as Bootguard, flash protection, and the Trusted Platform Module (TPM) are used to create a strong hardware “root of trust,” while also allowing users to install their own custom firmware.
“Purism’s Librem laptops are ideally suited for the philosophy of the Heads firmware project—Purism is manufacturing modern hardware designed to allow the users to have control of their own systems,” said Trammell Hudson, a well-known information security researcher and founder of the Heads project.
“They are the only vendor that allows users to establish their own hardware root of trust with CPU features like Bootguard, and their support for Coreboot and Heads improves security by being open, auditable, flexible and measured,” Hudson added.
The development of Heads firmware has been influenced by previous research on rootkits and BIOS malware, as well as by research on protecting against Intel’s Management Engine, which itself has been called a rootkit.
Purism has already taken significant steps to disable Intel chipset features that would allow for any Intel-powered computer to be remotely controlled, but some of them can’t be removed completely without Intel’s help and accord.
Purism laptops also come with Coreboot (an EFI/UEFI open source alternative), which the company said it has already protected its customers against Vault7-related attacks that targeted EFI/UEFI firmware.
UEFI contains millions of lines of closed source code, which makes it harder to audit and more exposed to attacks. Coreboot has a much smaller attack surface due to its minimal code base that is only responsible for booting a system and not much else.
Purism currently offers two Skylake-based laptops and a Broadwell-Y tablet with an optional dock, all of which can be pre-ordered and should ship within the next few months. The devices run the company’s own privacy-friendly PureOS Linux-based operating system by default, but Qubes OS is also available as a free alternative.