So it's a $1300 device, and they commit to building them if they get roughly 120 pre-orders.
That sounds like the sort of scale where the NSA will be intercepting every delivery pro-actively in order to install hardware tapping devices or other security bypasses.
edit: I would recommend that Purism take detailed photos of the insides, front and back, and put signed copies of them on the website.
At the three letter agency end of the will spectrum, photographing the original and printing a facsimile is the sort of thing that's all in a day's business...much like ordinary aircraft such as gaining access to and altering the originals. The glitter perhaps slows down industrial espionage but the resources and nonfinancial incentives of state actors tilt the play field.
So at some point paranoia becomes paralyzing. I know I at least am unable to build a laptop or tablet from scratch. I need someone else to do it for me but if I can't trust that person because their scale is too small and I can't trust the other guys because their scale is too big. Then who exactly can I trust?
I suppose we could all just abandon computing entirely. But I kind of like the internet and all that.
It isn't paranoia when NSA was already proven to do stuff like this and the target market consists disproportionately out of people who might be interesting to surveil.
This product feels like a (most likely unintentional) honeypot.
So here's the thing: Any company that solves this problem is by definition a (most likely unintentional) honeypot. Which is about as unhelpful as you can get. The question is what can these companies do to mitigate that risk for their clients.
Expecting someone who needs/wants this sort of security in a laptop to homebrew it is unrealistic. So by your logic everyone should just despair and be completely paralyzed by their inability to protect themselves. Surely there is a better way?
That company is more likely to be a honeypot if it's a profit-motivated, US corporation who can insert a deniable software flaw. There were many such companies in the Snowden leaks.
Im not worried about Purism outside same failures everyone else has. More likely to screw us by accident than anything.
I'm not worried about Purism doing something malicious to their customers; if anything, per the original comment in this thread I'd expect NSA to simply intercept all the shipments en-route and backdoor them, just like they did with other laptops in the past.
It was apparent that they are very selective about stuff like that. You have to be a target of significant value. They could use this attack against specific buyers but I doubt they'll compromise all of them. Risk vs reward.
That sounds like the sort of scale where the NSA will be intercepting every delivery pro-actively in order to install hardware tapping devices or other security bypasses.
edit: I would recommend that Purism take detailed photos of the insides, front and back, and put signed copies of them on the website.