Thinkpads vs new laptops (Coreboot wise)

Could someone explain what is the difference in terms of privacy when installing Coreboot/Libreboot of using a good ole Thinkpad x220/x230/T480 vs a modern Coreboot laptop like Systems76, Purism, Novacustoms, Tuxedo, Star Labs etc (im not sure if there are more)

I mean, beside the obvious fact you are using much older computers with the Thinkpads, are there any differences?

I remember reading Thinkpads made possible installing firmware that had less propietary blobs with Libreboot, but apparently modern Libreboot versions reintroduced propietary blobs again, so basically Coreboot and Libreboot ar the same and there is no point in using old Thinkpads unless you just think they are cool? or are you sacrificing something by using a more modern computer?

Do these modern computers allow the same level of privacy by removing the Intel ME at the same level as you can achieve with the older Thinkpads? or are you allowing some crap just to have a faster computer?

Im also confused with the firmware used in the more modern laptops, like Novacustoms uses “Dasharo”. What is that compared to Coreboot or Libreboot, why do they use that?

I just want a private computer, as private as possible, but ideally I don’t want an used computer, unless someone can explain that the Thinkpads are worth it.

I have heard how lack of microcode updates may be exploitable on older Thinkpads that lack them. But what do you know about that? How do you know those so called microcode updates do not contain propietary blobs that include exploits and more features that screw up your privacy?

Im also paranoid about how the more powerful the CPU is probably the more features it has for remote monitoring and who knows what.

I just can’t decide what to do. If it’s worth it, I can invest more, and get a brand new computer, because I don’t like the idea of an used computer, it’s kind of nasty to type on a keyboard that was used for years tbh. But if im getting some cookie cutter toy version of an stripped down Intel ME but not the real thing you get with Thinkpads, then I may consider keep looking for one that is at least at less used as possible.

Btw, I would also need to know how to verify that they did not install something funny on your computer. I assume buying from those companies is safer than some random seller, but I would still would like to know how to that.

Please let me know about these things. Before you ask, the threat model is just that I don’t want my damn data monitored by anyone, or accessed by anyone, because who wants that? It’s just a simple right we should have.

If all you want is privacy, then buy a modern laptop. An +10 years old laptop is not going to give you more privacy, and the old laptops are EOL and don’t receive any security updates from the OEM.

The theoretical discussion about ME is completely pointless, when you know there are real CPU exploits that do all the things people fantasize about ME being capable of doing.

I personally went the NovaCustom route just so I didn’t have to flash Dasharo Coreboot+Heads on it and also get a fairly modern, fast, and spec’ed out laptop with 96 GB of RAM that I know will work wonderfully with Qubes OS. I don’t regret it and I would most likely do it again in a couple years when it’s time for me to upgrade again.

Coreboot is the open source BIOS foundation that’s super minimal and quick to boot.

Dasharo is a version of Coreboot but it’s developed for specific hardware (example: NovaCustom laptops).

Heads is firmware package on top of Dasharo/Coreboot that adds a bunch of neat security features such as measured/verified boot.

I think that’s the very broad descriptions of them all, but, I’m just a noob here and someone feel free to correct me!

Aside from them being EOL and not receiving microcode updates that may or may not be publicly known/available now, it would probably be a pain to get replacement parts if something breaks.

If your threat model isn’t “the CIA is trying to spy on me directly by name”, then I suppose you can use *BSD or whatever flavor of Linux you want and start to de-Google yourself and start self-hosting your own services and using a VPN+Tor with LibreWolf, Tor Browser, or Mullvad Browser.

But, if you’re a tinfoil on head typa person, like me, I feel cozy and comfortable hardening my Qubes OS install every day bit by bit.

These CPU exploits are usually sidechannel attacks only.

I won’t argue for buying an old Thinkpad unless you’re short on money, but it’s simply not true that these exploits are as powerful, easy to exploit or available in the wild as you claim.

Also, the overall number of exploits is not that high. IIRC there are currently 1-2 for e.g. Ivy Bridge CPUs.
A more detailed analysis was done some time ago in this forum for X220 notebooks IIRC.

There is an analysis on the heads github page QSB-107 - Multiple CPU branch prediction vulnerabilities - WILL AFFECT < 8th gen CPU, including some 8th gen CPU: forever

There is also this Qubes OS github issue Downgrade certification status of Thinkpad x230/t430

To me, it seems like the old laptops are only useful to someone who, for whatever reason, wants a laptop without any firmware blobs, and who is less concerned about security.

Yes, these are good resources for a realistic view on these laptops.

This is an interesting perspective (me disabling vs microcode updates). My strategy has been to focus on t430 and t480 because that seemed to be what qubes “recommended” in the past (certification etc).

I believe you used to run a T480, what would you buy in a laptop nowadays ?

Do you have an opinion on whether xeon CPUs (like w2125 and 2145) are less effected than i5s and i7s up to 8th gen ?

Somewhat, basically a HAP bit is set to disable the Intel ME/CSME, whereas older Thinkpads remove various amounts of blobs instead:

You do not until vulnerabilities are publicly disclosed. The main difference is that older CPUs have known vulnerabilities even after microcode updates, while newer CPUs do not necessarily share the same vulnerabilities after microcode updates.

How do you use Heads specifically?
The way I understand it is that Heads generates a “checkpoint” based on the TPM, a sort of a hash of a “good state” that is somehow added into an USB pendrive type of device that confirms this to be the case before you even boot Coreboot, so basically, whoever sells you the laptop ends you the laptop and this pendrive, if you plug it during startup and you get an OK, it just means that the laptop was not tampered it during customs or something, which is great. However, im assuming losing this pendrive does ot lock you from using the computer. Also, I assume you can easily generate new “checkpoints”.

My question is, do you need some fancy device like those Yubikeys, Nitrokeys or whatever, or you can use a regular pendrive? Because I do not like fancy looking things, plus if you break it or lose it, you need to order another, when most people have several pendrives laying around.

In addition, this does not confirm that your Coreboot is a legit install. They could have added funny business on your Coreboot that allows for unwanted extra features. So my question is how do I confirm that the installed firmware matches the sha256 checksum of the official files hosted on the assorted source websites? (github or wherever). I think this is key and for some people people aren’t performing this sanity check, specially if you buy a pre-flashed computer from a seller without a known reputation, but even then, you should still be performing this just in case. But how do you do this?

Finally, what happens if NovaCustom goes out of business? Im asking because they offer a so called “TrustBoot” feature where only signed firmware releases by NovaCustom would install, but if were to stop working on Dasharo for some reason, and you couldn’t find signed firmware releases, that would be a problem.

If you do not enable this, then you can install regular Coreboot or even Libreboot on NovaCustom laptops?

In your opinion, also asking the other fellas above, what do you think about the fact that, in principle, the more modern a computer is the more features it could allow to spy on you? The more limitations there are, the more limitations an attacker would have to stick a whole operating system in there to do all sort of fancy things. That’s just the way I see it. So you are gaining on security for known exploits, but adding unknown unknowns.

I still use the T480, but my main system is my desktop PC.

Not sure what laptop to buy, which is part of the reason why I’ve not replaced the T480.

I personally don’t want to buy a laptop with an Intel CPU, I hate their planned obsolescence. The 13/14th gen stability issues just made me completely abandon Intel, selling a broken CPU and completely ignoring the problem for 2 years, until the problem is impossible to hide, is just not acceptable.

NovaCustom seem like a good company, but they only sell Intel models.

Just to be clear, I’m not recommending AMD, I just see them as the lesser of two evils.

I don’t have an opinion about old Xeon CPUs, my gut feeling is that any EOL Intel CPU is eventually going to have unpatched security issues.

Thanks.

It was ridiculous what they did with the 13/14 gen CPUs, must have been so irritating.

Is AMD better at supporting CPUs with updates past 6 years or does planned obsolescence refer to other Intel flaws ?

It seems I should at least be open to AMD on qubes going forward.

Nothing very notable:

1. Insert the Librem Key (v2).
2. Initialize the Purism Librem 14 v1-01.
3. Wait for the LED on the Librem Key (v2) to blink green.

Video (0:37):

Yes, a USB security token is currently required for using Heads, although theoretically a six digit counter implementation could be used instead.

In the case of Purism’s Librem 14 v1-01, you can install sha256sum, then target the firmware file (sha256sum pureboot-librem_14-Release-30.zip).

Afterwards, compare the computed checksum against the assigned value used in the Coreboot Utility and Updater Script (4af9feae2d1877899eba7f87f373a890a38d5ef48dc9713257acd55656c727fc).

You move on and find another vendor.

No, only Dasharo Coreboot and its supported payload variants against the explicitly defined hardware model:

• https://docs.dasharo.com/unified/novacustom/overview/

Other Coreboot or payload variants are unsupported and will require specialized knowledge and experience to port them over.

I am fine with that compromise/tradeoff. The whole point of security is increasing the cost of time for an attacker to exploit vulnerabilities against you and/or your assets, so upgrading tools and refining behavioural practices are necessary to stay relevant, even if the tools themselves may not necessarily be completely open-source. If I seriously wanted digital privacy, I would have stopped using the Internet long ago instead.

Well, this is pretty lame. Why force you to use whatever Coreboot version? Here we go again. I want to be able to install anything I want as you can do with Thinkpads. If people get bored of maintaining Dasharo then you are cooked. I doubt people ever stop updating base Coreboot (not sure if Libreboot will be continued too, I guess so)

Are all “modern Coreboot laptops” like this? If I buy one, I want one that lets you install whatever you want.

Not every hardware supports Coreboot or its variants, and furthermore, those that do are limited to prior development already completed on the platform. In addition, firmware maintenance and updates become increasingly limited as the product reaches the end of its support cycle. If you want another Coreboot variant supported for a specific device, someone with specialized knowledge and expertise has to port and maintain it.

All Coreboot-supported products share the same issue. Older ThinkPads may have more Coreboot variants to install with, but they may not all be equally maintained or updated regularly in comparison to newer Coreboot-supported products, specifically using Dasharo.

Right I understand now. So for each model there is a firmware for thinkpads too. x200, x220, x230, t480 and even t480s use different images right? and those are maintained independently… so you would be hoping this community of hobbysts continue to update them in the future for longer than your vendor can stay solvent.

As far as Purism, what made you choose this over say Novacustoms? If you are from EU, what do you buy? I think Novacustoms look good because you can give it a generic look, while others have fancy looking logos for instance, which makes you stand out too much, such as the very recognizable System76.

As far as verifying the firmware matching the image source that you can download to guarantee it was flashed with a released non modified image, it’s still not clear to me how to do this. Does each vendor have it’s own script thing to do this?

Yes, each device is only compatible with their respective supported Coreboot variants.

To be very brief, NovaCustom products certified for Qubes OS did not exist during 2021, and the Librem 14 was the first Coreboot + Heads laptop with up to 64 GB of DDR4 RAM fully supporting Qubes OS (R4.0.4) during that time.

Qubes-certified products from Nitrokey or NovaCustom. Note that the NitroPad V54 is not Qubes-certified, but the NovaCustom NV54 is.

Presumably, although I am only familiar with Purism’s end-user tools.

Okay so you bought the Librem and it came with Heads and Coreboot installed. You performed what sanity checks exactly? Like what would you recommend to do first if I buy one (Purism or any of the other 2)

First of all, I guess we should start always by confirming the Coreboot install goes as advertised. For this, you must:

1. Read what firmware you have installed. This step is not clear to me yet. Seems like each vendor may have an script that is specific for each laptop. But from what I’ve looked, why couldn’t we run this:

“flashrom: flashrom -p internal -r ROM.BIN”

Which I think generates a “ROM.BIN” file which is supposedly the firmware that is actually installed on your SPI, and then run sha256sum on this file, then go github and look up for that checksum and then if it’s a legit release it should be there somewhere? Or just search it on duckduckgo or something and find the source.

But I have heard that sometimes this may not work and you need to actually use the clip to read from the SPI directly, I guess you would do this while clipping it:

“flashrom: flashrom -p external -r ROM.BIN”

I was also wondering… what if there is more than one image file? For instance, the X230 I think has 2 SPI chips so wouldn’t that be 2 files?

Please do not run these commands or do anything before an experienced user comments on this method.

2. Disassemble the laptop, look for anything odd on it
3. Proceed to wipe the disk and install your OS of choice
4. Double check that ME is indeed not enabled by using a method such as intelmetool
5. Learn how to use Heads and then generate an “ok-state” once you have everything setup

Of course, im asking myself as I typed this guide, what about Heads? We should also check that the installation of Heads is indeed a legit Heads install. How do we check this?

Because before you do the last step to generate an “ok-state”, you must first check that Heads has not been tampered with. I would also need to check that the device is working as intended. So I thing this may be step number 0. You start from there and build on a verified Heads version after you check the install matches an official build and you check that your device hasn’t got anything funny there. So if someone knows how to perform these steps please let me know.

Beyond this, then it would just be configuring the OS of your liking and then harden it as desired. As for me personally, I like Debian. I know it’s a Qubes forum, but I have actually never used it. Before I consider that, I would first like to have the hardware setup properly.

My procedure was more elaborate than described above:

Basically, I communicated with Purism using GPG over email, had the Librem Key (v2) shipped first, Librem 14 (v1-01) shipped afterwards, performed a blink comparison of the glitter screws, confirmed the results, then reflashed/reinstalled everything thereafter.