How can I trust NitroPad more than another laptop manufacturer? I actually trust this much less.
Could be wrong. But also don’t care since I’m not in the market for it.
All the ingredients have been a long time in the making. To summarise, it builds upon coreboot, heads, nitrokey, and me_cleaner, all of which are open source and have been developed by various people in this domain who also know what they are doing. It uses a thinkpad x230 as it is an ivy bridge processor, the last generation of intel processors whose initialisation is open source and well understood. If you would like to read more about this specific combination, you can also read at https://www.qubes-os.org/doc/certified-hardware/#qubes-certi... .
How does GP know that everything is actually being provided unmodified, without any backdoors?
> it helps a lot rather than broadcasting every nascent thought that pops up in the head to the internet.
I don't think this is helpful, it's unnecessarily antagonistic and dismissive.
GP's point seems reasonable to me; I don't see anything here that means that the Thinkpad x230 couldn't be modified before installation/paring, or that the tools themselves couldn't be modified before the laptop was shipped. If there is a reason to trust the initial build process, the linked page isn't explaining what it is.
I think you mean "broadcasting every nascent thought that pops up into your head to the internet".
I did read the article!
I'm sorry that you feel hurt by me not trusting your hardware company but it's a problem that you will have to overcome if you are going to sell this more secure hardware to people. Maybe not insulting people who have valid concerns about your product might also be a good place to start.
Anyway, good luck with it, I hope you find a business here that is useful.
ThinkPad X230 (in my limited and skewed opinion) is still the second best laptop ever made (for purposes like mine), behind only its predecessor, the X220 which has (what I and many others consider) the best laptop keyboard ever made.
It’s easy to find one with an i5 that’s perfectly adequate for most ordinary business tasks. Pretty good screen, ports, battery life. Upgradable, sturdy, repairable. Highly unlikely to be stolen. $150 in like new condition.
I’ve bought them for all my non-tech friends and family who I support, all are happy. Please buy these and keep the market for parts alive.
Anyway, for secure communication (email, IRC, Jabber etc) this hardware will suffice with the current specification.
Disclaimer: I work with Nitrokey.
What use are the hidden volumes if it is already pretty obvious that they will be there? I am pretty sure that whichever party you are trying to protect yourself from with this, will know that a Nitrokey will have hidden volumes.
Disclaimer: I work with Nitrokey.
Until we mere mortals are capable of growing our own chips in carefully maintained vats, we are always going to be at the mercy of the wizards in their high tower, which represents the computing world today.
Computers are simply not something we can safely trust, for as long as they are built from a wide and diverse variety of components, and even then there is not a clear or responsible class of society capable of providing safe audits of silicon designs, without being immediately corruptible.
The only ways computing can contribute to trust is when society evolves, hopefully using a bit of computing power along the way, to trust itself inherently.
Even these third-party, open-source, audited systems are too untrustworthy. We need complete and open design and manufacture, the entire chain audited along the way, to come even close to having trustworthy systems.
With this in mind, I resist efforts of third parties to claim safe/security in their system integration efforts. Please, by all means maintain enthusiasm for the subject, but wake me up when the vat is warming up and the chips are growable, locally ..
We are to assume the firmware running the vats is secure? That they won't be secretly (or openly through legal compulsion) infecting everything they grow? You know, to protect the children.
Maybe this was a translation to English, but it makes it seem like they're not sure what the Intel ME is.
Closest to your description is Nitrokey Storage, which in feature terms is a Nitrokey Pro, but extended with an encrypted storage on an SD card.
Disclaimer: I work with Nitrokey.
[1] https://www.nitrokey.com/news/2018/nitrokey-partners-purism-...
Disclaimer: I work with Nitrokey.
I don't get how you can call this secure. Without those CPU's it certainly would be an interesting device. But advertising it as secure and then using something like Qubes where those bugs break the very isolation Qubes is based upon ...
Disclaimer: I work with Nitrokey.
PS Due to comments' post limit my replies might be delayed.
I'm surprised nobody is going so far as to do the other common mods (1920x1080 IPS, x220 keyboard swap, make the X220 keyboard have all its native functionality, whitelist mods, i7/16gb config) to offer the fully hotrodded ultimate form. Having done them myself and seeing the amount of work, maybe the market isn't such that they would sell at a price that makes sense for the seller.
