Security

Default secrets

The following are the default passwords used for OEM devices shipped with the PureBoot Bundle:

Important

It is good practice to change the default passwords for PureBoot and the Librem Key.

Component

Default PIN/password

Purpose

Librem Key
GPG User PIN

123456

Primary password used within PureBoot.

Used to re-sign /boot files.

Librem Key
GPG Admin PIN

12345678

Administrative Librem Key operations.

Updating the user PIN
Updating default GPG keys on the device
Resetting the HOTP token

TPM Owner Password

12345678

See also

Changing the GPG user and admin PIN on the Librem Key

Changing the TPM Owner password

The TPM Owner password is used less frequently. You might be prompted for this password if you were to flash a brand new PureBoot firmware and erase any existing settings, or when selecting a new default boot option. The TPM must be reset to change the TPM Owner password, which will erase any existing secrets. This also requires creation of a new HOTP password for the Librem Key. Select Options → TPM/TOTP/HOTP Options → Reset the TPM from the main PureBoot menu and follow the prompts.

Changing GPG keys

Factory-provided GPG keys may be replaced with new ones. To do this:

  1. If applicable, set up the Librem Key and generate GPG keys and subkeys for use on the Librem Key.

  2. Copy the subkeys over to your Librem Key.

  3. If an ASCII-armored GPG public key file (e.g. pubkey.asc) has not yet been created, run:

    gpg --armor --output pubkey.asc --export <youremail@yourdomain.com>

    Note

    The GPG public key file must end with .asc for detection in PureBoot.

  4. Insert a USB flash drive and copy the public key file to it.

  5. Keep the USB flash inserted and reboot into PureBoot.

  6. Select Options → GPG Options → Replace GPG key(s) in the current ROM and reflash. This will detect any GPG public keys you have present on your thumb drive and present them to you so you can select the one to add. Once selected, Heads will replace any existing GPG keys in the keyring with the key provided.

  7. All of the files in /boot must be re-signed with the new key signature after reflash/reboot. Select Options → Update checksums and sign all files in /boot.

Intel Management Engine

The Intel Management Engine (or ME) is a proprietary binary loaded into the firmware of all recent Intel hardware. Purism has gone through many lengths to neutralize and disable the Intel ME, where only the code absolutely essential for the system to boot is left in the ME firmware binary.

See also

Intel ME disablement on Skylake/Kabylake processors

Best Practices

Create Your Own Keys

To make PureBoot easier to use, from the factory we default to well-known and weak PINs for the TPM, GPG user PIN, and GPG admin PIN. We recommend that once get your computer and perform the initial boot, that you change the TPM, GPG admin, and GPG user PINs to something unique.

Update Software With PackageKit

By default PureOS uses PackageKit, integrated with GNOME Software, to perform software updates. If you’ve ever been prompted by the default PureOS desktop to reboot and install updates, this is PackageKit. While you can certainly use other tools (including apt on the command line) to update PureOS, PackageKit offers some additional benefits when you use PureBoot, in particular when it comes to avoiding false positives.

PureBoot alerts you whenever any existing file in /boot changes. This means that any time you update software that changes files in /boot (such as with kernel updates or other system updates that might update the initrd file under /boot), PureBoot will issue an alert the next time you reboot. The easiest way to tell the difference between actual tampering of files in /boot and changes caused by package updates is to re-sign all of the changed files in /boot immediately after they change. The more time that goes by between the legitimate changes and a reboot, the better the chance you will forget about that software update and may interpret a harmless alert about changes in /boot as an attack, or dismiss an alert about a legitimate attack because you assume it’s related to a software update.

If you use PackageKit to perform your updates, the process goes something like this:

  1. Tell PackageKit to reboot and apply updates.

  2. The computer reboots.

  3. PureBoot confirms the firmware and /boot files have not been tampered with and boots into PureOS.

  4. PackageKit applies updates in a restricted environment and then reboots again.

  5. If PackageKit changed files in /boot, PureBoot will alert you.

Since you know the changes occurred only during this PackageKit update window, you can reasonably conclude the changes were caused by PackageKit. Then you immediately re-sign all files in /boot before booting into your OS, thereby sealing the current known good state in a trusted environment. If you get an alert about files changing in /boot at a later date, you have a stronger reason to be suspicious.

Traveling With PureBoot

Traveling presents a higher-than-normal risk for tampering, because you are more likely to leave your computer unattended in an unfamiliar area strangers have access to, potentially for extended periods of time. Whether it’s for relatively brief periods of time during customs or other security checks, or more extended periods of time if you leave your computer in your hotel room, PureBoot can help give you piece of mind when your computer is out of your hands as long as you follow a few best practices.

Travel Best Practice 1: Keep Your Librem Key With You

When you turn on your computer, PureBoot proves that it hasn’t been tampered with by sending a special code over USB to your Librem Key. If the code matches what the Librem Key itself generated, the Librem Key blinks green, notifying you the computer is safe, otherwise it blinks red. This procedure works because you keep your Librem Key with you so even if an attacker tampers with the computer they can’t tamper with the Librem Key. If you leave both your computer and your Librem Key at your hotel room, an attacker could potentially reset both devices (or guess your PIN) and you may not notice until it’s too late. Whenever you leave your computer unattended, unplug your Librem Key and put it in your pocket or purse.

Travel Best Practice 2: Don’t Add/Remove/Update Software While Traveling

Because travel presents a larger risk of tampering, you want to make sure to remove as many false positives as possible, so that if PureBoot does detect tampering, you know to be suspicious. One of the biggest causes of false positives with PureBoot is from software updates, so if you need to install, remove, or update software, do it before you travel. Then before you leave, reboot the computer and boot back into your OS to ensure that PureBoot does not detect any tampering. While you are traveling, try to avoid making changes (in particular software changes) to your computer. That way if PureBoot does detect tampering either during traveling or right when you return, you have a strong reason to suspect tampering.

Travel Best Practice 3: Power Off Your Computer When Unattended, Don’t Suspend

Librem computers encrypt the hard drive by default, and hopefully if you reinstalled a different OS, you also enabled disk encryption. When your computer is suspended, an attacker with enough time alone with your machine can attempt a “cold boot attack” to retrieve disk encryption keys and other secrets from RAM. Beyond that, if your login password is weak, or you disabled screen locking when resuming from a suspended state, an attacker will have an easier time tampering with your machine if it’s suspended. By powering off your computer whenever it’s unattended, you ensure that the attacker has to crack your disk encryption password before they can tamper with anything.

By powering off your computer whenever it’s unattended, it means that when you return to your computer, you will power it on and PureBoot will be able to test the system for tampering. If PureBoot does detect tampering, you will have a better chance of pinpointing when it happened since you are testing the system each time you use it.

Set Up Two-Factor Disk Unlocking

One of the final pieces of the PureBoot technology stack is the use of the Librem Key to enable multi-factor authentication to unlock your disk. This means that instead of typing in a passphrase to unlock the disk, you can use a combination of your Librem Key (something you have) and your Librem Key GPG user PIN (something you know) to unlock the disk. This is not only more secure, it’s also more convenient. This means you can set a very long, difficult passphrase as your fallback disk unlock passphrase, and potentially set a somewhat easier-to-type GPG unlock PIN that you use to unlock the disk normally.

We do not yet enable this feature in PureBoot by default, but if you would like to set up two-factor disk unlocking, we have created a script for PureOS and Debian that can help automate the process while we work with upstream providers to included this functionality in Debian and PureOS by default. In the meantime you can read our guide here on how to download and use our script to enable this feature.