The privacy advocacy community made waves recently after Google unveiled a new messaging system. True, Google’s upcoming Allo offers end-to-end encryption – a feature long called for by the information security community – but users must opt-in for the better security. For many privacy advocates, this perceived failure to make stronger security the default is virtually unforgivable.
For companies like Google, however, offering end-to-end encryption can also complicate advertising revenue or customer service. In Apple’s case, it must weigh the security benefits of encrypting its iCloud services with the inability to give users who've forgotten their password a way back into their cherished photo collection. These are certainly difficult business decisions companies must weigh.
The outcry against Google Allo wasn’t the first time default settings have upset privacy activists either. During the height of the W3C negotiations on Do Not Track, Microsoft famously programmed DNT as the default in its browser, setting off a firestorm. Many in the advertising industry were outraged that one company’s default setting could upset the entire advertising marketplace. DNT was never the same again.
Without a doubt, these examples demonstrate that default settings for digital products and services can have a massive impact on their success in the marketplace, on consumer privacy, and on the marketplace as a whole.
Enter Purism, a California-based startup that manufactures a line of privacy-centric laptop computers and tablets where, yes, privacy is the default in each device.
“We need to make privacy protection the default, and make it more convenient,” Purism CEO Todd Weaver told Privacy Tech.
Started in 2014, Purism manufactures unique privacy-protective devices by working directly with hardware manufacturers and the open software community. In a phone conversation, Weaver highlighted his belief in producing high-quality devices that respect user control and freedom from tracking. This is backed by a five-bulleted “Philosophical Contract” on the Purism website, including a promise to only use open-sourced software, place users' privacy "above all else," and install hardware that protects privacy.
Purism offers two lines of tablets and two laptops, all of which run on Linux. Though they promise to respect user privacy – and I got a sense from Weaver that he really does believe in personal control and privacy – prospective customers must employ patience and be prepared to fork over a decent sum of cash. The most modestly priced device is the Librem 10 tablet and sells for $599. On the other end, the Librem 15, Purism’s top laptop, sells for a hefty $1,899.
But for those needing a full range of privacy protections without having to do all the research and installation themselves - from the operating system to email to the device hardware itself - Purism may be an appropriate option to consider.
Weaver said the company takes extra steps to ensure privacy and security protections are baked right in to each device. Purism’s eight-person team goes so far as to build its operating system – from the boot loader to the kernel – line-by-line, and each motherboard, chip-by-chip.
To the average user or employee, a Linux-based system could be intimidating, but Weaver says the goal is to design for more user convenience, something Purism is continuing to work on. Plus, Linux provides Purism with the ability to build in significant privacy and security features from the ground up, including in its operating system, email client, and browser plugins.
Purism takes the unique step of custom designing all of its motherboards. Each chip is installed with the specific intention of preventing backdoors. Weaver said if they’re given the wrong chip, Purism’s software will not run appropriately. He said his team designs the motherboard, and then specifically orders the chips from various Chinese-based companies. Purism then hires out an additional team of 15 employees to build the devices – from motherboard to screen to case.
The day after Weaver and I spoke, Wired published an article about backdoors placed in the hardware of processing chips. Wired’s Andy Greenberg writes, “And now imagine that silicon backdoor is invisible not only to the computer’s software, but even to the chip’s designer, who has no idea that it was added by the chip’s manufacturer, likely in some far-flung Chinese factory.” The piece is based on a new study from a group of University of Michigan researchers, who just won an award for the best paper at the IEEE Symposium on Privacy and Security.
I once again reached out to Weaver to find out his thoughts on this. He expressed concern about the threat, but said it’s not just a threat from Chinese-supplied chips, it is “a potential threat from any manufacturer.” Weaver also explained that addressing such a risk would “take a lot more time and money” and would require “additional checks to compare the original, approved, verified design with the end product.”
Weaver contends the only way to mitigate such a deep manufacturing threat “is to have the initial design verified and released under a free license, then have the final manufacture checked against that initial, verified design.” He admitted they are not currently at that stage, but remains optimistic about future plans to address it. “Securing the entire supply chain is a long-term goal for us, but as the paper suggests, it would be very expensive, so we have to grow into that goal,” he said.
It’s clear that Weaver and his team really do care about privacy and freedom of expression, almost to a fault. I asked him what his biggest market was, thinking that Europe would be a strong contender. He said they do not keep close analytics of their buyers, out of respect for their privacy. Weaver did note, however, that the U.S. holds the main share of consumers – at 55 percent – with the UK following up at 35 percent. Though he wasn’t prepared to say what type of consumer is buying Purism devices, in my estimation, they would be appropriate not only for journalists, privacy and human rights activists, but also for corporate executives, technologists, and anyone within an organization needing to ensure data is secure and private in as many facets as possible.
If there is interest in one of Purism’s devices, patience is needed, however. Weaver said an order takes about six to eight weeks to complete because the process itself is expensive. At Privacy Tech, we hope to test one out ourselves, but we’ll have to remain patient as well. Stay tuned.
Top image is a screen shot of a Purism Librem laptop