Chris VogelSep 17, 2025

On my #Librem14 notebook made by #Purism I use #pureboot which includes #heads and #coreboot. I had to replace the ssd.

I also

  • upgraded from luks1 to luks2 replacing the key derivation function
  • started with a new luks encryption key
  • and a new gpg encrypted passphrase
  • changed my fs from ext4 to #btrfs

To check for the new key/passphrase whether they work I used this command: /usr/lib/cryptsetup/scripts/decrypt_gnupg-sc /etc/cryptsetup-initramfs/cryptkey.gpg | sudo cryptsetup luksOpen --test-passphrase /dev/nvme0n1p3 && echo yippie-yeah

Jan VlugJul 31, 2024

"UEFI Secure Boot on at least 200 device models from at least 5 major vendors is completely compromised by the leak of their Platform Key."

"it is unlikely that these devices will ever see updates addressing this problem."

"#PureBoot is immune to this type of compromise because it does not have centralized signing keys."

https://puri.sm/posts/purisms-pureboot-is-not-affected-by-uefi-key-leaks-again/

#Purism #FOSS #OpenSource #security

Purism's PureBoot is Not Affected by UEFI Key Leaks (Again) – Purism

Purism makes premium phones, laptops, mini PCs and servers running free software on PureOS. Purism products respect people's privacy and freedom while protecting their security.

Purism
PurismJul 29, 2024
Your security, your control. PureBoot isn't affected by UEFI key leaks. No central signing keys means no central point of failure. #PrivacyMatters #PureBoot @pureos
https://puri.sm/posts/purisms-pureboot-is-not-affected-by-uefi-key-leaks-again/
Purism's PureBoot is Not Affected by UEFI Key Leaks (Again) – Purism

Purism makes premium phones, laptops, mini PCs and servers running free software on PureOS. Purism products respect people's privacy and freedom while protecting their security.

Purism
Chris VogelNov 4, 2023

Nitrokey 3 usb-c

https://chrichri.ween.de/articles/a248ad8/nitrokey-3-usb-c

Chris VogelOct 10, 2023

gpg monday

https://chrichri.ween.de/articles/269e88f/gpg-monday

gpg monday

The #GPG key I use to decrypt my harddrive and...

Chris Vogel's microblog
GripNewsSep 13, 2023
🌘 PureBoot 28 - 上游和升級 - Purism
➤ PureBoot 28 - 上游和升級
https://puri.sm/posts/pureboot-28-upstreaming-and-upscaling/
Purism發布了PureBoot 28,其中包含許多改進,特別是針對高分辨率顯示器。此外,他們一直在努力將PureBoot的功能上游到Heads。PureBoot 28現在只包含281行更改,而PureBoot 27則包含2669行更改,減少了89%!
+ Purism一直致力於為其產品提供終身更新,使其變得更好而不是更糟。這是一個很好的特點。
+ 這是一個很好的消息,特別是對於那些使用高分辨率顯示器的人。PureBoot 28的改進將使他們的使用體驗更好。
#PureBoot #Heads #Purism
PureBoot 28 - Upstreaming and Upscaling – Purism

Purism makes premium phones, laptops, mini PCs and servers running free software on PureOS. Purism products respect people's privacy and freedom while protecting their security.

Purism
Chris VogelSep 12, 2023

pureboot and rescue system

https://chrichri.ween.de/articles/5742bec/pureboot-and-rescue-system

pureboot and rescue system

On my #Librem14 I'm running #PureBoot. Before...

Chris Vogel's microblog
Show threadnetrom has movedDec 15, 2022

@frameworkcomputer It would be very interesting to have at some point - maybe something similar to the implementation @purism did.

#coreboot #pureboot

Show threadnetrom has movedDec 13, 2022
@frameworkcomputer @malte Thanks. Looks very interesting. I'll have to look into that - very nice with DIY aspects. But it doesn't seem geared towards privacy, like having #intelmanagementengine turned off (?) and various other things that #purism does. And does it support #pureboot?
Kyle RankinNov 8, 2022

When we say the #Librem5 is a mobile computer in your pocket, this is what we mean.

One of our customers (@primalmotion) hacks on custom versions of #PureBoot firmware for their #Librem14 which always runs the risk of temporarily bricking your computer.

When that did inevitably happen, they were able to connect their Librem 5 to their hardware flashing equipment and run the same tools you'd run on your Linux laptop to re-flash working firmware.