Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

Purism Launches First Security Key with Tamper-Evident Protection for Laptops (puri.sm) 27

An anonymous reader quotes Softpedia: Purism announced Thursday that its highly anticipated Librem Key security key is now available for purchase as the first and only OpenPGP-based smart card to offer a Heads-firmware-integrated tamper-evident boot process for laptops. Developed in partnership with Nitrokey, a company known for manufacturing open-source USB keys that enable secure encryption and signing of data for laptops, Purism's Librem Key is dedicated to Librem laptop users, allowing them to store up to 4096-bit RSA keys and up to 512-bit ECC keys on the security key, as well as to securely generate new keys directly on the device. Librem Key integrates with the secure boot process of the latest Librem 13 and 15 laptops...

Designed to let Librem laptop users see if someone has tampered with the software on their computers when it boots, Librem Key leverages the Heads-enabled TPM (Trusted Platform Module) chip in new Librem 13 and Librem 15 laptops. According to Purism, when inserted, the security key will blink green to show users that the laptop hasn't been tampered with, so they can continue from where they left off, and blinks red when tampering has occurred.

Purism's web site explains: With so many attacks on password logins, most security experts these days recommend adding a second form of authentication (often referred to as "2FA" or "multi-factor authentication") in addition to your password so that if your password gets compromised the attacker still has to compromise your second factor.

USB security tokens work well as this second factor because they are "something you have" instead of "something you know" like a password is, and because they are portable enough you can just keep them in your pocket, purse, or keychain and use them only when you need to login to a secure site.

This discussion has been archived. No new comments can be posted.

Purism Launches First Security Key with Tamper-Evident Protection for Laptops

Comments Filter:
  • Now Ninja Force: The Awakening will be safe from prying eyes!

  • by Anonymous Coward
    these will probably do more harm than good, as if you lose it you are SOL. This is likely to be a much more common occurence than someone trying to compromise your machine.
  • Designed to let Librem laptop users see if someone has tampered

    I'd prefer Guaranteed to, not Designed to.

  • something you have, AND something you know.

    I'd guess there would be a market to make the green light on the key turn on regardless of the state of the system.

  • Do you know why all the other keys don't have the "COMPLETE USB PLUG" that Nitrokey are so proud of? Because they are completely encapsulated in plastic, the boot process may be tamper evident but the key isn't (and conspicuously Purism and Nitrokey never make that claim) crack it open slap a rubber ducky in the shell glue it closed and you are screwed.
    • by spth ( 5126797 )

      The key not being tamper-evident doesn't make it "Completely useless". The key is small; it can be put on a key ring or into a wallet, both of which (assuming a normal person's way of handling their keys and wallet) make tampering hard.

      The laptop, on the other hand is rather bulky, which makes preventing tampering hard.

      When travelling (or just leaving the house), one will often want to leave a laptop behind (in one's own home, in a hotel room, etc). But one would the key.

  • What I don't understand is why they don't produce a laptop with the OS stored on a ROM that is rendered read-only with a switch.
    • by spth ( 5126797 )

      The switch would not provide tamper-evidence: Anyone with physical access to the laptop could make changes to the OS that would not be noticed.

      That doesn't mean that such a switch would be useless; it just would protect against a different kind of attack compared to the one the security key protects against.

If A = B and B = C, then A = C, except where void or prohibited by law. -- Roy Santoro

Working...