A few years ago, we learned the NSA may intercept networking gear during shipping in order to modify it to provide backdoor access to the hardware, and it’s likely other national security agencies around the world also modify hardware on transit for spying purposes.
I’d think most people would not really care, and only high-profile business and governmental targets may take preventive measures, but according to a recent post from Purism, their Anti-interdiction services are fairly popular among their customers.
Wait… What? What is “anti-interdiction”. The only definition I know of is: “the action of prohibiting or forbidding something”. But it turns out there’s another definition that applies here:
the action of intercepting and preventing the movement of a prohibited commodity or person.
Purism laptops are not exactly prohibited, but you get the point, and the anti-interdiction services are meant, not to prevent, but detect interdiction of laptops or other purisms hardware on their way to the customer.
The company already offers a $69 PureBoot Bundle that includes secure firmware with Librem “Vault” USB key used to detect firmware tampering. This should be good enough for most people, but Purism anti-interdiction services go further with some detection measures that include:
- Glitter nail polish on screws
- Customized tamper-evident tape on a bag surrounding the laptop and its box
- PureBoot Bundle (to detect firmware/OS tampering) with a custom PIN
- Shipping the Librem Key and laptop separately (optionally to separate addresses) to further frustrate interdiction
- Customized threat model coordinated over encrypted email
- Sending pictures of the laptop measures we performed over encrypted email
This all takes time because counter-measures are customer-specific, encrypted email support must be set up on the customer side, etc..
You may feel it’s over the top, but the company was surprised by the number of people interested in the service:
While some people are definitely picking it because they are in a high threat situation, others just want the peace of mind that comes with knowing their laptop won’t be tampered with in transit without their knowing about it. We’ve also seen orders from Enterprise customers who are considering adding this service to all their future orders.
I feel a little sad that we’ve come to a point where people feel they have to take such extreme measures.
Jean-Luc started CNX Software in 2010 as a part-time endeavor, before quitting his job as a software engineering manager, and starting to write daily news, and reviews full time later in 2011.