Anti-Interdiction¶
Overview¶
Whether you face extreme threats or want some extra peace of mind, you might want to be able to detect if someone tampers with your laptop when it is not in your possession. Anti-Interdiction services can be particularly handy for the initial hardware delivery and while traveling.
Ordering a Purism device with optional Anti-Interdiction services ensures that any tampering within the delivery process is much more easily recognizable. With this service, Purism may initiate a secure line of communication with the customer (via encrypted email or chatroom) in order to arrange this.
Important
Anti-Interdiction Custom tier services require direct customer communication to arrange custom assembly and fulfillment.
Anti-Interdiction often delays order fulfillment by several business days, the pace at which is largely dependent on customer responsiveness.
Anti-Interdiction orders will be converted to the Anti-Interdiction Standard tier if customers cannot be reached after several attempts.
Anti-Interdiction must be purchased for every device customers wish to have these measures applied to. This is to reflect the customization and additional work to process and apply the Anti-Interdiction measures at our fulfillment center.
What is Interdiction?¶
The word interdiction in our context refers to a computer being intercepted between the time it leaves our fulfillment center and the time you receive and open the box. The goal of the attacker is to implant malicious hardware or software, often to give them a remote backdoor into the system, without the recipient knowing. While this may seem far-fetched, and it’s certainly not something every Purism customer needs to worry about, there is precedent for these concerns for certain high-risk customers. While the most famous example might be the NSA interdiction of network hardware as part of the Snowden revelations, there are similar concerns for other governments as well.
You don’t have to be targeted by a nation state to be at risk of interdiction. Hardware kill switches don’t just protect you from a nation state that might snoop on your webcam and microphone, but also a random digital attacker or a vengeful ex who might install a Remote Access Trojan on your system to snoop on and extort you. Likewise, anyone along the shipping route from a customs official to a delivery person or even someone at the destination, like a malicious neighbor or vindictive ex, might be motivated to install spyware on your system.
How Our Anti-Interdiction Services Work¶
The goal with our Anti-Interdiction services isn’t to make it impossible for any adversary regardless of their capabilities from interdicting your computer, and we don’t claim to *prevent* interdiction. What we offer instead is a way to *detect* interdiction — a set of measures custom-tailored to you and your threat that should make the job of interdicting your computer without your knowledge much more difficult and your computer much safer than with the normal shipping process. While some of the individual measures have countermeasures, the idea is that in aggregate (and customized for each individual) these measures become increasingly more difficult to defeat. A customs official who isn’t looking to implant anything may not care about arousing suspicion–they may just cut through tamper-evident seals — but someone who wants to modify your computer does care about leaving a trace. For them, failure to defeat all of the measures risks alerting you to the tampering.
The Anti-Interdiction services aim to detect tampering, not prevent tampering; if someone does tamper with your computer in shipment, that’s something outside of our control. If a shipment is tampered with, however, the Anti-Interdiction process will help us determine what was tampered with and we can work with you to bring the computer back to a from-the-factory state.
We can customize the process for each customer based on their risk and their own capabilities, and this service ends up requiring a lot of back-and-forth between us and a customer as we pick which measures we’ll use and which we won’t. Some options include:
Customized tamper-evident tape on the sealed plastic bag surrounding the computer itself.
Customized tamper-evident tape on the internal, branded box.
Glitter nail polish covering the center (or all) screws on the computer.
High-resolution pictures of all of the above, plus pictures of the inside of the computer before sealing the case.
All pictures may be sent to the customer. We only send them to customers upon request as they are very large images, sometimes 50+ MiB.
Important
If you were not sent the Anti-Interdiction measures pictures and wish to receive them, contact our Operations department (ops@puri.sm) and include your order number.
Measures¶
Computers¶
Security seal tape around the computer and/or around the product box, inside the shipping box.
- Glitter nail polish.
Color preference (options may vary).
Custom PIN (Librem Key and PureBoot).
Ship Librem Key to a separate address.
Postpone shipping the computer until the customer has confirmed receipt of the Librem Key.
Phones¶
Security seal tape around the phone and/or around the product box, inside the shipping box.
- Glitter nail polish.
Color preference (options may vary).
Service Levels¶
We currently offer two tiers of our Anti-Interdiction service: Standard and Custom.
Standard¶
This requires no interaction from the customer. This is designed for customers who want extra protection but do not want direct involvement in the process. Purism staff selects all of the security measures in-house at random for the customer.
For Anti-Interdiction Standard orders:
A random nail polish color is selected.
A random PIN is chosen, if applicable.
Custom¶
With this option, we contact the customer and they choose their own custom options. The Anti-Interdiction liason will initiate contact through email. The first email is intentionally vague, to mask that this is for Anti-Interdiction, in case the customer wants to communicate over a secure channel only.
If we do not hear from you within 5 weeks of the order date or our initial email, your order will automatically be converted to our Anti-Interdiction Standard tier and processed.