NitroPad X230 laptop

Hi,

I’m a bit surprised that there is not much discussion on the forum about NitroPad X230, which is one of the two laptops that officially support QubesOS. I consider buying NitroPad X230 and would like to know a little bit more about it from those who use it or know it.

[1] First of all, what is the graphics output? According to Intel it’s eDP/DP/HDMI/SDVO/CRT but by looking at the photos on the page it might be Mini DisplayPort/VGA.

[2] What could they mean by “For increased security, we can expand the radio interfaces”?

[3] I also have impression that their photos are inconsistent. For example physical WiFi kill switch is present on one photo, but not on the other.

[4] I don’t see killswitch for microphone or bluetooth either so I guess they are not available.

[5] Why does it have “pressure marks on the screen”? It looks like major flaw to me.

[6] I suppose it might be safer to order it without QubesOS and install it by myself. But is it difficult to install it by myself?

[7] Do you have any other remarks / comments related to this laptop?

Thanks for your help!

Hi,

I hope I can give a little more information. I don’t have a NitroPad, but I recently bought a X230 and plan to use it like a NitroPad (install heads & qubes).

[1] The graphics output connector on the laptop Mini-Displayport and VGA. Docking Stations are available that have DVI and DisplayPort and VGA.

[2] I could not find this text anywhere on the product page, where do you have this from?

[3] Same thing, can’t find anything about a “kill switch”. The stock X230 has a switch to disable radios, but it will not physically disconnect the wifi card.

[4] A microphone kill switch is not a feature of a stock X230. I guess they won’t add such a switch to the NitroPads.

[5] The X230 is not produced anymore. So all NitroPads will be refurbished, used devices, hopefully in good condition, but not in new condition.

[6] Setting it up yourself requires lots of knowledge. The NitroPad does not only have Qubes installed (if you select that option), but also coreboot & heads. This means re-flashing the BIOS chip.
I have not done it yet, but I guess I’ll manage to get it done. If you think you can handle compiling coreboot/heads and re-flashing the BIOS, you can do that. But yes, it will be difficult.
A used X230 is of course cheaper than a fully installed NitroPad.

[7] If you decide to get one, get the best equipped version. Qubes uses lots of RAM, so you should go for 16GB (sadly the X230 doesn’t handle any more than that). Also I guess using qubes from a spinning disk will be very slow, so SSD is a must.
You can probably get a used X230 on ebay for less than half the price of an equally equipped NitroPad, but you’ll spend a lot of time until you have something resembling a real NitroPad on the software side.
I even found some X230 on ebay with qubes installed (from the UK), but they were very expensive.

hey there @newqubesosuser welcome. Now when it comes to a hardened x230 you are in my back yard.

Re the nitropad resold/refurbished variant, im sure those folks have taken every precautions as much as a seller that provides the hardware and physical/USB auth token simultaneously can do. But I’ll try to answer your questions as best I can based on my personal x230 history.

[1] built in screen, (s)VGA and DisplayPort. You can also get a dock with a DVI and a key lock.

[2] im not sure what that means, can you link to where you saw that? I don’t see that on https://shop.nitrokey.com/shop/product/nitropad-x230-67

[3] Every x230 has a physical wifi kill switch. That switch, as I understand it, does not physically cut power to the Wifi chipset - but it tells the hardware to power down/become unavailable the wifi module. Read into that as you will. They were made that way in the factory. to my knowledge, Nitro X230’s are refurbished factory X230’s. but yes, every x230 has a physical kill switch for wifi. I have never seen the wifi module become available to the OS when the switch is ‘off’. If you are that concerned, pull the wifi card out the laptop and use a usb wifi

[4] There is no kill switch for the mic. It is also ridiculously easy to physically remove the bluetooth module with no ill effect. I do that as standard on my X230’s and any X230 I resell.

[5] I have refurbished countless X230s and own several X230’s - the screens are usually perfect. I have never had one where there was a screen problem. Wait, thats not quite true - I did break one as I committed the crime of lifting the machine up by the screen. It cracked. I ordered a replacement LCD from (auction site) for (i think) about 40 EUR and fitted it. If you can take a laptop apart, this procedure is childsplay.

[6] QubesOS is as easy to install as any other linux OS. The challenge comes with how to use the key and sign heads firmware to the install.

[7] The NitroPad X230 is, ultimately, a very well hardened X230, made for people who want anti-evil-maid protection and firmware attestation - but who dont want to take a laptop apart and use SOIC clips to flash heads firmware. If you have the technical know-how, there is nothing that Nitro’s X230 is that you cannot achieve by buying a X230 from an auction site, buying a yubikey, flashing heads, and installing QubesOS.

edit @qubes-curious I’m sorry i didn’t see your reply before jumping in - you totally seem like a heads contributor. I imagine our paths have crossed.

I’m flattered that my response made that impression, but no, I am not affiliated with heads in any way (other than planning on using it in the future).
But I also see more than one X230 in my future, those are wonderful devices. Like a T430, but light enough for travelling with it

Thank you a lot! I have one more question, what are the advantages / disadvantages of providing / not providing name and e-mail in the buying process? I mean this part “The PGP key will be generated with the following information. Leave the fields empty to avoid creating the PGP key with personal information”.

The NitroKey safely stores an OpenPGP private key. The keys are associated with one or more “identities”, usually you use your name and email address for this, since PGP is used for encrypted email.
If you actually want to use the key for encrypted email, you should provide your information. If you don’t plan on using the key for encrypted/signed communication (also something like signing git commits comes to mind), there is no need for that information.
And maybe you want some plausible deniability like “this is not my laptop/nitrokey”, then having your name in the key would be a bad idea (but I’m sure there is a lot more that you need to consider if you want deniability).

In doubt, you could also edit your key later and change/add/remove identities. This would ideally be done before you distribute your public key to others, as others might never check to see if anything has changed.

I feel obligated to mention that while it is cheaper to buy from eBay or another online store, please keep in mind that sufficiently powerful adversaries may “interdict” your package in-transit and install sophisticated malware that will permanently compromise your machine and cannot be easily or effectively removed, at least not with any strong certainty. Additionally, eBay sellers may themselves be targets of such attacks, or of supply-chain attacks against replacement ThinkPad parts, or may themselves be adversarial fronts. If this is part of your threat model, then the extra cost of a NitroPad may be worth it due to the high-assurance measures taken to protect it from tampering and verify that it has not underwent clandestine modification.

Because NitroPads also require an online purchase that will be shipped to you, however, this necessitates trusting that NitroPad’s anti-tampering measures are sufficient to secure the device from unauthorized modification during transit and that the device is not tampered with in ways that NitroPad/NitroKey is unable to prevent—and, of course, trusting the company itself.

If you are not comfortable with this degree of trust either, or otherwise consider it insufficient for your threat model, the only other option that includes an X230 with a NitroPad-like setup is to buy the used X230 laptop locally from someone else, preferably a known and trusted associate but otherwise someone with no association with you and who knows nothing about you, and personally configure the system to your liking. Such a purchase may be best done anonymously during a local meet-up or at a local used electronics store, using cash or a private cryptocurrency like Monero, and with minimal delay between first contact and having the laptop in your hands. This approach is very inconvenient and may not even be rational; it will likely require diligence in searching for a listing and patience in waiting for one to show up in a local newspaper ad or Craigslist listing, since creating a listing yourself of your interest in purchasing one can serve as an attack vector in which you are sold an intentionally malicious machine by an adversary that suspects you to be the lister. Having ample luck will make it all much easier, though, so use it if you have any.

But even this maddeningly inconvenient and paranoid method is not bulletproof, because it ultimately just shifts the trust to less known actors and attempts to achieve additional security through obscurity, all with unclear privacy gains. Not a very good situation. For example, there is no guarantee that the used machine is not already compromised, or that the seller has not at some point themselves been a target by a powerful adversary, or how many hands that machine as passed through, or whether any of those other people may have been targets, or whether any original or replacement parts in the machine may have themselves been victims of supply-chain attacks, or that the seller themselves is not an adversary.

My point here is that without understanding the threat model, it is unclear what exactly may be the best course of action; but as the threat model’s adversary grows ever larger and more powerful, further steps may be necessary to mitigate increasingly more costly and sophisticated attacks. Unfortunately, there comes a point at which there is actually no way to mitigate a sufficiently powerful adversary, especially not with used hardware with many more unknowns in its history than there might be with a locally purchased new device from a physical retailer.

Were it not for the fact that we are talking about the NitroPad, a device intended for high-assurance security, I would not lead us all down this rabbit hole. If you are someone who is seriously considering a fully decked out NitroPad (as much as ~$1,400 USD for a modded refurb from 2012 is quite an investment), however, then you are also someone who may seriously need to consider the extent to which purchasing a NitroPad even makes sense for your threat model.

For the vast majority of people, including probably the vast majority who ever consider a NitroPad, the assurance level that the NitroPad provides is more than adequate. Even if not, compelling arguments can be made that alternative methods of achieving the same general setup, such as those described above, are actually worse and expose one to more risk than does an online NitroPad purchase, even when trust in NitroPad/NitroKey is less than certain.

As you all surely know, this is why threat modelling matters, as is one’s tolerance for jumping through hoops. If physical killswitches are on your radar and you are wondering if installing Qubes OS on a NitroPad yourself is safer, though, then the above considerations might deserve to be, too.

why would you pay them 530 euro Plus for a thinkpad and free bios ( that you can get free on the internet ). They are basically charging a premium for someone else free work . How could you possibly think that is a good deal ?

https://www.ebay.co.uk/sch/i.html?_from=R40&_nkw=thinkpad+x230&_sacat=0&_sop=15

same laptop and same cpu for less then 120 euro from collection within the UK.

So tell me what exactly they have done to charge an extra 400 euro on the price. ?

learn the skills yourself and make your own laptop. because off three reasons

1. You cant guarantee it wasnt tampered with in transit ( Delivery from A to B )

2. you cant guarantee nitrokey havent tampered with coreboot ( You really want to trust your bitcoins to the company who is charging you an already extortion fee to flash coreboot . You should always build and create your own coreboot not leave it to someone else who you have no real knowledge for ,.

3. Because nitro are charging you 400 euro to flash someone else free work , Who would you rather support ? the devs that make this possible who really need to funding to move forward or the company charging a quick buck to flash it,. I would rather put my money behind the coreboot devs as they are ones who deserve it .

People pay for convenience all the time. That is the heart of the service industry. While the NitroPad’s custom setup may not be original, it is just about complete, and it provides this nearly complete setup with high security assurance. If you have more money to spend than you have time, and you accept the threat and security profiles of buying a NitroPad as adequate for your purposes, then paying a premium for someone else to do the work for you is just called business.

Would I do so? No. Might I do so if I was a billionaire? Still no, because I would pay someone else to buy it for me. But other people would and have and will, and sometimes for good reasons, too.

As for NitroPad vs. eBay, I humbly refer to my reply above and point out that part of the service NitroPad is providing is the high security assurance that a typical eBay seller most likely will not, even if you ask them.

NitroKey does provide value by setting up the ThinkPads in a secure way, but I could not find information about them trying to clean out potential malware. Yes, boot sector viruses are easily defeated by inserting a new SSD, and BIOS malware should not survive when coreboot/heads is flashed. But this also holds true for a used ThinkPad bought from ebay that you set up yourself.

At the level of security assurance that NitroPad/NitroKey seeks to provide, I would be more interested in whether they X-ray the casing and bathe it with the RF spectrum to check for RFID chips and passive listening devices injected into the plastic during a supply-chain attack. Probably not, but one can dream.

Even if not, the fact that such considerations might be on the radar just shows the league that NitroPads are in when it comes to publicly available high-assurance security.

Be serious.
Many people struggle with Qubes - that’s obvious.
Many people struggle with Windows and the (intuitive) Macs.
It’s not an option for these people to learn the skills involved in
preparing a secure laptop; they have neither the time nor the inclination.
Forums are full of people struggling with coreboot flashing, and these
are (presumably) somewhat computer literate folk.

As to your “reasons”, they boil down to “Do it yourself”, and “Don’t trust
Nitro”.
I don’t speak for Nitro, but I’m guessing that you have no idea whether
the people at Nitro contribute to coreboot or not: you just don’t like
them.
In fact it takes less than a minute to confirm that they do, so your
argument falls.

As to “charging a quick buck”, they have a product which they sell at a
reasonable price, and they make the firmware,software and hardware
plans freely available.
So buying a laptop from them can be seen as contributing to the
development of the Nitro products.

That’s not to say that I would recommend either of the certified
products - I think both are overpriced. But I don’t use spurious
arguments to diss either of them.

be serious there products are overpriced and not worth that amount of money anybody can see that including you … you even admit that at the end.

Even if they do contribute to coreboot that doesn’t equal the price they charge for what they provide.

My point 1 is valid there is risk of tampering in transit. which is entirely possible, feds do this kinda thing all the time for subjects and organizations of value., replace the bios then put it back into transit.

My point 2 is also valid. Any laptop coming from a third party even a shop has the potential to be tampered with while its being made and flashed. . How can you guarantee every single employee that works at Nitro ? The fact is you cant so there is clearly higher risk involved . This would the same for any company selling these kinda products.

My point 3 is semi valid. They are charging money for the flashing procedure regardless of whether they contributed code to coreboot. Laptops can be flashed with flashrom or a spi programmer in less then a minute so yes i would consider that charging for a quick buck . There isn’t even any soldering involved either so its not rocket science.

Here is an additional point 4 . Just because they have contributed code to a open source bios doesn’t really mean anything in the long run . Check the case of the libre leah who sells her laptops with her own blob-less version of coreboot through a website called mini free. Dozens and dozens of her orders have not even been fulfilled and were never received by the paying customers. Just because a customer can buy from a company or individual selling libre laptops doesn’t guarantee they will even receive there order. Minifree Reviews | Read Customer Service Reviews of minifree.org

I think you’ve made your point and now it’s getting repetitive.

Any product not only those you order via internet could be tampered with. The lemonade in the supermarket could be poisoned (yes, there have been cases).

How did you get your hands on your computers or any technical devices so far?

Flashing coreboot is not rocket science but it can be a bit tricky. Disassembling a laptop isn’t rocket science either but there are people who neither have the time nor the patience to do this. Some people are all thumbs. The procedure can take several hours even if you’re organized and success isn’t guaranteed.

People are reselling stuff all the time in order to make a quick buck but you probably know that. Products are bought cheaply somewhere in China and are re-branded in Europe or the US. Look at amazon marketplace and the price range for the same product.

It has always been the customer’s responsibility to check the reliability of a shop especially nowadays where so many frauds are being committed and reviews can be bought.

Your arguments are a little confused. Someone donating money to a certain cause doesn’t make them a saint. I think that is common sense and not something to point out as an argument (for not buying elsewhere). Weird!

I didn’t post them for your benefit i posted them to clarify to @unman who criticized my perspective.

’ The procedure can take several hours even if you’re organized and success isn’t guaranteed ’
If it takes you several hours to build and flash a coreboot then maybe you are the one who is little bit confused ? .

Perhaps i can suggest you start here as a reference point I will come back several hours later when you managed to read through it .
https://doc.coreboot.org/tutorial/part1.html

Have a good day .

You are a clown.
Disassembling a laptop, flashing and reassembling can take a few hours. Of course, with practice everything can be done more quickly.

I’ve done this several times in the past with different thinkpads and another laptop, so no need to belittle my comment.

For someone who criticizes a good deal you don’t seem to be used to criticism yourself.

Closing off this topic for the day as it was escalating and not leading in a constructive way.

There has been a breach of the code of conduct over “insulting/derogatory comments” and the responsible parties have been warned. Please be civil and respectful of dissenting opinions, everyone.

Please take this time to evaluate how this conversation can evolve in a productive direction and also review the code of conduct:

This topic was automatically opened after 18 hours.