1
0
mirror of https://github.com/PrivSec-dev/privsec.dev synced 2024-12-22 04:41:33 -05:00

New purism picture

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2024-06-10 14:06:55 -07:00
parent 3d93d8ad63
commit 0f1cffa269
Signed by: Tomster
GPG Key ID: 555C902A34EC968F
3 changed files with 3 additions and 3 deletions

View File

@ -139,7 +139,7 @@ The problem with this design is that everything hinges on the boot block doing i
#### PureBoot & Purism
![Librem 14](librem-14.png)
![Purism](purism.png)
Purism sells their laptops with PureBoot, a fork of Heads. It works in pretty much the same way, with a few extra features.
@ -147,7 +147,7 @@ Let's go through some of their claims and contrast that agains reality.
> PureBoot can protect against firmware tampering.
It cannot protect against firmware tampering as discussed in the [Heads](#heads) section.
It cannot protect against firmware tampering as discussed in the [Heads](#heads) section. It does not even work conceptually, and the bypass will always be there. Just to be clear, this is not a vulnerability - this is an inherent flaw in the design that cannot be fixed.
> [The ME is disabled (HAP set to 1), and mostly wiped with `me_cleaner`](https://puri.sm/learn/intel-me/).
@ -181,7 +181,7 @@ Some laptop brands may set up Boot Guard correctly and meet a high HSI level, bu
### Ancient laptops
![Stallman and his Thinkpad](stallma-thinkpad.webp)
![Stallman and his Thinkpad](stallman-thinkpad.webp)
### RYF and the Illusion of Freedom

Binary file not shown.

Before

Width:  |  Height:  |  Size: 369 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 368 KiB