We live in a Sad World – Purism Anti-Interdiction Services are (Somewhat) Popular

A few years ago, we learned the NSA may intercept networking gear during shipping in order to modify it to provide backdoor access to the hardware, and it’s likely other national security agencies around the world also modify hardware on transit for spying purposes.

I’d think most people would not really care, and only high-profile business and governmental targets may take preventive measures, but according to a recent post from Purism, their Anti-interdiction services are fairly popular among their customers.

Wait… What? What is “anti-interdiction”. The only definition I know of is: “the action of prohibiting or forbidding something”. But it turns out there’s another definition that applies here:

the action of intercepting and preventing the movement of a prohibited commodity or person.

Purism laptops are not exactly prohibited, but you get the point, and the anti-interdiction services are meant, not to prevent, but detect interdiction of laptops or other purisms hardware on their way to the customer.

Anti interdiction
Laptop with nail polish on all screws

The company already offers a $69 PureBoot Bundle that includes secure firmware with Librem “Vault” USB key used to detect firmware tampering. This should be good enough for most people, but Purism anti-interdiction services go further with some detection measures that include:

  • Glitter nail polish on screws
  • Customized tamper-evident tape on a bag surrounding the laptop and its box
  • PureBoot Bundle (to detect firmware/OS tampering) with a custom PIN
  • Shipping the Librem Key and laptop separately (optionally to separate addresses) to further frustrate interdiction
  • Customized threat model coordinated over encrypted email
  • Sending pictures of the laptop measures we performed over encrypted email

This all takes time because counter-measures are customer-specific, encrypted email support must be set up on the customer side, etc..

You may feel it’s over the top, but the company was surprised by the number of people interested in the service:

While some people are definitely picking it because they are in a high threat situation, others just want the peace of mind that comes with knowing their laptop won’t be tampered with in transit without their knowing about it. We’ve also seen orders from Enterprise customers who are considering adding this service to all their future orders.

I feel a little sad that we’ve come to a point where people feel they have to take such extreme measures.

PureBoot Bundle Anti Interdiction

The PureBoot Bundle Anti-Interdiction is now a visible, $249 option for Purism laptops, server, Librem Mini mini PC, and the company will also offer this option for Librem 5 smartphone.

Share this:

Support CNX Software! Donate via cryptocurrencies, become a Patron on Patreon, or purchase goods on Amazon or Aliexpress

ROCK 5 ITX Rockchip RK3588 mini-ITX motherboard

Radxa ROCK 5C Lite SBC with Rockchip RK3588 / RK3582 SoC
Subscribe
Notify of
guest
The comment form collects your name, email and content to allow us keep track of the comments placed on the website. Please read and accept our website Terms and Privacy Policy to post a comment.
17 Comments
oldest
newest
Bugfish
4 years ago

Welcome to Trumplandia

theguyuk
theguyuk
4 years ago

Nixon

Antonym
Antonym
4 years ago

Or before: “NSA Timeline 1791–2015 ” (check 1973)
https://www.eff.org/nsa-spying/timeline

NoWay Jose
NoWay Jose
4 years ago

Dumb fuck Obummer was so deep into privacy invasion you could feel him in your rectum.

Marcus Berglund
Marcus Berglund
4 years ago

Haha .. you think Trump did this ? .. thats funny.
This has been going on for at least 10 years (my previous employers/clients going back 10 years would PAY EXTRA to NOT have equipment shipped – to avoid various US agencies intercepting).
The US has ZERO credibility nowadays .. worse than the chinese.

RK
RK
4 years ago

If you’re buying a luxury sports car, are you going to skip the magnesium hubcaps upgrade?

itchy n scratchy
itchy n scratchy
4 years ago
  RK

How does this help against loosening the bolts?

Rebel
Rebel
4 years ago

The same with the Tor-project, the us-goverment is one of the greatest supporters incl. big nodes. Email&cloud Scanner from google and Microsoft are real.

theguyuk
theguyuk
4 years ago

Not forgetting the US backdoors in the chip hardware.

Philipp Blum
Philipp Blum
4 years ago

Yes, these things exist. Of course, they do. But, do you really think the NSA or Chinese government really care about smartphones for normal people? They don’t. It would be also way simpler to inject a backdoor into the firmware of the LTE chip or something. These are closed source and nobody knows how they are supposed to look like. Have fun detecting this.

dgp
dgp
4 years ago

^ this

You can just imagine someone buying one of these thinking they’ve beat the NSA only to go and install the non-free firmware package for wifi firmware etc without even blinking an eye.

Willy
4 years ago

It’s amazing how conspirationists continue to be obsessed by hardware backdoors when exploitable software vulnerabilities are routinely available, are so numerous that there is a market for them, and that they even allowed the finely targetted stuxnet worm to be developed! Hardware backdoors are extremely expensive to create, and cannot be exploited without complicity from the running software. They’re just neither affordable nor reliable compared to what can be achieved with software alone. But at least the myth around them allows some companies to make a lot of money by selling slow, outdated or crippled hardware to credulous people to… Read more »

dimtass
dimtass
4 years ago

Like the openssl heartbleed which was going on for many year. Just a software bug, who needs to tamper HW. On the other hand, in my origin country there was a scandal a few years ago that the prime minister’s mobile was tampered and a Trojan was found in the provider’s routers that could tamper any phone number. The man responsible for those equipment found hanged in his house and the official announcement was that he committed suicide, though the people who found him said later that it was impossible to do that in that scene the way it was… Read more »

George
George
3 years ago

So what is a safe software/ hardware option for someone that isn’t knowledgeable in this area

Spooked tf out
Spooked tf out
3 years ago

I’ve ordered a 5 midrange and cheap phones to Canada from all over. They all have removable batteries. They were all opened by customs and plugged in carelessly (scratches/scuffs), as if somebody was just production lining all phones, connecting them to a computer installing spyware.

Big brother hates removable batteries. Those variants aren’t apparently even permitted to be sold in Canada. Phone bootloaders are locked to prevent wiping properly. I thought the US was bad. We’re even closer to being China!

Jack Hackett
4 months ago

If you are not doing anything wrong, you have nothing to worry about. Some people are scared that others might find out how much porn they watch. Tracking people is expensive, and there are far too many real threats too waste resources on a few paranoid people.

Boardcon Rockchip RK3588S SBC with 8K, WiFI 6, 4G LTE, NVME SSD, HDMI 2.1...