We speak to the CEO of Purism about their totally free software phone and laptops but before that, a new Plasma desktop is out, and Ubuntu and elementary OS have proposed some controversial changes for their next releases.
News
Plasma 5.12.0 LTS is out and the pineapple fund makes it rain
Ubuntu wants to collect user metrics
elementary OS AppCenter changes
Admin
FOSS Talk Live tickets are now available!
Entroware
This episode of Late Night Linux is sponsored by Entroware. They are a UK-based company who sells computers with Ubuntu and Ubuntu MATE preinstalled. They have configurable laptops, desktops and servers to suit a wide range of Linux users. Check them out and don’t forget to mention us at checkout if you buy one of their great machines.
Purism
We are joined by Todd Weaver who is the CEO and founder of Purism to talk about the completely FOSS-friendly phone that they are planning to deliver in January next year and their laptops that are available right now. Can they really deliver something good as well as private and secure? Todd certainly thinks they can.
Digital Ocean
If you are looking for for a Linux VPS with full root access, check out Digital Ocean. With our affiliate link you can get $10 credit.
See our contact page for ways to get in touch.
RSS: You can subscribe to the MP3 feed or the Ogg feed.
Really nice interview with Todd. You were able to ask all the questions you have raised previously about the Librem 5, and he was able to give Purism’s response. Ultimately, we just have to wait and see if they deliver over the next year.
Given how much you highlight RISC-V and KDE, I am surprised you haven’t highlighted either of these stories:
First RISC-V SoC that can run Linux:
https://www.sifive.com/products/hifive-unleashed/
It was possible to run arbitrary code in KDE by plugging in a USB stick:
https://www.theregister.co.uk/2018/02/12/kde_naming_usb_drive_vuln/
While that RISC-V board is interesting, it’s rather expensive so only really aimed at manufacturers rather than hackers.
The KDE vulnerability has been patched now so it’s not particularly interesting.
Yeah, I’m waiting for lowRISC…. Still, the first board that can run Linux seems noteworthy to hackers waiting for the first board to Linux that is affordable : )
The KDE advisory doesn’t say, but in looking into it more I found that the default is to present a dialog asking the user if they want to mount the drive and show the drive name, so that makes it less serious than I thought. The advisory made it seem that one could just walk past someone’s laptop and plug in a USB stick and own their user account without any interaction (not even opening the lock screen). Still, looking in the git log, I see this vulnerability was around for at least 4 years….
That was supposed to be a reply to Joe….
You didn’t ask the question I wanted answering. The thing I wonder about is how safe/private will these devices be knowing how the US government can insist on a company installing malware or worse and then legally silencing the company. So how secure is a product that is made/sold in the US?
I would be a lot more interested if the company was in another country. preferably a non 5-Eyes one.
Remember, 5 eyes is just part of the equation; but I get your point and agree with you.
The last time I looked at this link [1], there were 14 eyes all up (yep, still 14 eyes now) and some good information to avoid some of these issues, such as not buying from a US based company as well as other good links and information to help protect privacy.
I’m surprised, given the pure nature of his views, that Todd has a LinkedIn [spy’s wet dream, ran by M$] account… I have one too, but it is just a place holder and I don’t intend to make it anything more.
[1] https://privacytoolsio.github.io/privacytools.io/