Kyle Rankin

Chief Security Officer
PGP ID: 0xB9EF770D6EFE360F
Fingerprint: 0DFE 2A03 7FEF B6BF C56F73C5 B9EF 770D 6EFE 360F
Librem Social

From its beginning, Purism’s focus has been on building products that respect and protect your privacy, security and freedom. I’ve written about how these three concepts are interdependent before. While Purism is somewhat unique in focusing on all three of these concepts at once, it isn’t the only company that builds products aimed at protecting privacy, security or even freedom. In fact, each of these areas are multibillion-dollar industries.

Security is a huge industry today, and it continues to grow, with companies releasing new products all the time–products they claim will protect you. Privacy is also hot topic right now, with many companies making sure they include “privacy” in their marketing. There is also an entire industry around products built on free software–even Microsoft recently pivoted over to supporting software freedom in its products.

Even with all these companies focusing on the same topics, Purism stands apart from the crowd. How? In our approach. Most other companies build products that coincidentally put them, the vendor, in control. From the beginning, Purism has designed all its products to empower the user, not the vendor. All of our products show this approach–and this post will highlight some of our user-empowerment design decisions.

Control Your Hardware

It is more and more difficult to find laptops that are easy to upgrade and repair. Some cases even demand for experts with special tools and quite a bit of effort to do something as simple as a RAM upgrade (if it’s not soldered on), to replace a hard drive, or to replace a battery. Some vendors justify this by pointing at design sensibilities, but it coincidentally also means you are more likely to buy the more expensive versions of their laptops even if you don’t need the extra resources. Some vendors go even further to control who can upgrade or repair the hardware, and use DRM and security chips to make it difficult to use third-party hardware.

Our laptops have visible Philips screws on the bottom. You can remove the bottom case yourself, without any special tools and without Purism’s permission, and get access to the RAM, drive bays and the battery–and replace them yourself. We added simple hardware kill switches so you can control the webcam, microphone and WiFi hardware–no need for special software.

Control Your Software

Vendors love using software to lock customers into their ecosystem. Proprietary software and proprietary operating systems have been doing this for decades and in that world if you want new features and in some cases even security updates, you have to pay the vendor for the privilege. If the vendor removes a feature, changes a default, or even completely changes the program, you don’t have much recourse. As long as you use that vendor for everything, things might work OK, but the moment someone else offers a better alternative, you discover just how little power you have to switch.

Purism ships its hardware with free software, starting with coreboot boot firmware all the way to the 100% free software PureOS operating system. By using free software, we put you in full control over all of the software on your system. You have the freedom to change any piece of software you like, you can install any OS you wish–and upgrades are free. By controlling the software, you also control the hardware. If you have to root software, you don’t really own it; with Purism hardware you don’t have to root anything.

Control Your Security

When you ask vendors to build a secure system, they end up designing something that keeps full trust and control in their hands, or else has no security at all. Vendors hold the keys to your security, not only because they don’t trust you to manage it, but also because it conveniently locks you into them. If you ask a vendor to secure the boot process, they design a system where every OS must get their approval (signature) before it can boot. If you ask them to secure your communications, their solution is to replace your current system with proprietary software and protocols they control.

We believe you should hold the keys to your security. We have designed each of our security measures so that you are in control, not us. This is why we chose our PureBoot solution over existing signature-based approaches that might lock you into us. With PureBoot you control all of the keys that protect your boot process and can easily change them at any time. You can boot any OS you wish without having to get Purism’s approval or disable boot security. This is also why our Librem Key uses open hardware, firmware and an industry-standard OpenPGP smart card to store your keys securely without any proprietary software. When we secure communications with Librem Chat and Librem Mail, we do it with end-to-end encryption. You hold all of the keys–so no one else, Purism included, can snoop on your communication.

Control Your Phone

The phone ecosystem takes even more control away from the user. Phones are harder to repair and upgrade than laptop hardware, and some require a hardware signature handshake so the vendor must approve any hardware peripherals (like headphones) you might attach. You can only install software the vendor has approved of ahead of time, and upgrade the OS if the vendor says you are allowed, unless you are willing to disable all security protections in the OS and root your phone.

Apple recently demonstrated the level of control it has over phone software when it removed Facebook’s internal iPhone apps; Google demonstrated the control it holds over its own ecosystem when it revoked Huawei’s access to OS updates as part of a larger trade war. With these controls in place, how much of your phone do you actually own?

The Librem 5 phone has been designed to put you back in control. By running free software, starting at the boot firmware and ending with PureOS, there’s nothing to root–you control the full stack. You also can remove the back and have access to the battery, a removable OpenPGP smart card, a removable cellular modem, and a microSD card so you can expand your storage later on. It also includes three hardware kill switches to give you control over the cameras and microphone, WiFi/Bluetooth and cellular modem–and you can combine all of them to disable the rest of the sensors, in what we are calling “Lockdown Mode” for even more control.

Control Your Services

Internet services are a major area where tech companies take control from their users. Ask any of these companies to create a network service, and they’ll invent one where all traffic coincidentally flows through them only, with proprietary clients, servers and protocols they control. You have multiple messaging apps on your phone not because of technical limitations, but because each of the big tech companies wants to lock you into their own proprietary network, and leverage network effects to keep you there. After locking you in to the platform, these companies then capture as much data as they can about you so they can sell access to it (and to you) to third parties. You end up with no control over your own data–or to how it is being used.

We designed Librem One to put you back in control of both your privacy, and your data. By creating a suite of decentralized and open-protocol services using free software servers and clients, and hosting it all under a central brand with a single username, you get all of the convenience of big tech services, but you actually control your data and the service itself. Since we fund Librem One on a standard subscription model, we don’t collect your data, track you, or show you ads.

Each Librem One service lets you communicate with any of the other networks on the Internet that speak the same open protocols (it’s just like being able to email friends regardless of what email provider they use). You can pick our branded Librem One apps for ease-of-use, or any of the excellent free software projects we based them on. If you don’t need the convenience of Purism managing your services, you can even host your own versions of every service we run—we even plan on sharing how we set each of these services up, just to make it easier for you to host them yourself in the future.

Control Social Media

Social media is another area where tech companies have exercised control–not just over its users, but ultimately over speech on the Internet as a whole. Since they fund social media from ads (therefore, from your data and preferences), social media applications are focused on taking control over what information you see. That is why it is so difficult to get a social media application to sort by date–it’s more important for them to train their relevance algorithms, so they know which promoted posts to put in your feed. Everyone has become so used to giving up control over the rest of their lives, they are now asking those same companies to decide not just what they see in their feeds, but what speech is allowed on the Internet at all.

It turns out that, while Big Tech companies are good at building technology, they are not human rights or censorship policy experts, and putting them in control of speech on the Internet has led to a lot of problems–including the silencing of disaffected groups–while not making anyone happy with their centralized moderation decisions. Centralized moderation also has a heavy human cost: it outsources the ugly task of sifting through the worst that the Internet has to offer to low-wage workers, often resulting in emotional and mental trauma.

Some have advocated moving to a decentralized network like Mastodon in response. While the network is decentralized, the way the technology is built still puts control over what you see into the hands of the sysadmin who happens to be moderating your instance. Like in Big Tech companies, sysadmin are not human rights, or censorship, experts; since they are often doing this as a side hobby, their approach to moderation (however sincere their efforts) tends to err on the side of whatever is easiest, which tends to be censoring a post, or blocking a user or a network. This has led to a chilling effect on political speech in certain instances, harming some of the same minority groups the moderation policies aim to protect. If a moderator happens to share your values, you’re in luck; if not, your only recourse is looking for another instance.

At Purism, we have taken a completely different approach, with Librem Social aimed at putting you back into control of your social media. We recognize that we aren’t human rights or censorship policy experts, so we’ve deferred to the real experts in the space to help us define an approach to moderation; one that expands the anti-discrimination clause in our Social Purpose charter:

The Corporation will not discriminate against individuals, groups or fields of endeavor.

The Corporation will allow any person, or any group of persons, in any field of endeavor to use its systems for whatever purpose.

You shouldn’t have to outsource your trust to a vendor to be secure, you shouldn’t have to outsource your control to see only the content you want to see. We have added a policy against harassment and illegal activities so you can stay safe, while modifying the existing Mastodon software Librem Social uses so you only see content you opt into.

This is a (great) start, and immediately solves a lot of problems for Librem Social users–but it still leaves some issues for the rest of the Mastodon instances without our opt-in approach. We have big plans to add features to Mastodon at large, features that give moderation control back to the users, not only of Librem Social, but the entire Mastodon network. You should be in full control of the content you see, never having to rely on a central authority (even one you might trust, like Purism) to curate it for you. Whether you want to filter out adult content or politics, or to opt in to them, we aim to build tools that give you, not us, that power.

User Empowerment

All of Purism’s products are aimed at removing control from tech vendors (including ourselves) and giving freedom back to users. This is true in the free software we use throughout our hardware, the open standards (again, and free software) we use for our services, and in our approach to moderation for Mail, Chat and Social. You shouldn’t have to outsource all of your trust to a vendor to be secure, have privacy, or only see the content you want to see in social media. With Purism products, you are in control.

Recent Posts

Related Content

Tags