Purism releases Librem Server, a PureBoot (coreboot) rackmount Xeon server

Uses Intel Xeon processors and has IPMI in a 1U box.

They also tout their anti-interdiction service, which is described in this blog post.

I find it a bit weird that they’re using SATA over SAS on a server, but I dig that there are now officially backed systems using coreboot.

I’m also really curious to know how IPMI was implimented. I’ve always been a bit nervous about IPMI, given it’s control and access over the hardware.

Honestly… not particularly impressed with this setup. If you’re the kind of person who needs supply chain assurance and delivery assurance at a high level you’d get better elsewhere.

1 Like

Yeah, I’m not sold on it either.

I like a lot of their other offerings, but this feels like it landed squarely in “not good enough” territory, with one exception…

Enterprise users can vet their supply chain because of how much they spend. Lockheed doesn’t buy “a server”, they buy datacenters. The average homelabber doesn’t have that option.

If they extend sales of this to non-enterprise customers, I think it has some value. If they’re only willing to sell to enterprise bulk buyers, I concur with your assessment.

2 Likes

This is true, but the average homelabber isn’t concerned about supply chain security and would get more for their money from dell.

I’m struggling a little bit to understand who this kind of thing is for (the anti interdiction) except simply to profit off of the badly informed people convinced they need this from lunduke off of twitter.

If you wanted a free software workstation with no blobs, wouldnt you just get a talos?

1 Like

For real

1 Like

This looks more like a rack mount workstation than a server to me. Specs are really not impressive for the cost.

Maybe 2012.

2 Likes

Hopefully openbmc on it for the ipmi.

Is that really true? I definitely care about supply chain security, and am not close to even having a ‘homelab’ yet. Personally, the only thing that would stop me from getting anti-interdiction would be potentially the added cost and the concern that I am just paying for snake oil.

For the low-cost crowd, however, the best option would be to allow for physical pickup. I for one would certainly consider a cross-country car trip if I felt shipping was the most significant obstacle to my security.

They are using an ASpeed chip, so that does seem likely.

Then you’re not average.

It’s interesting that they don’t seem to tamper seal the postal box. In any case I always feel these things are a bit of a gimmick to cater to a particular crowed.

Does anyone know if Librem let you inspect their manufacturing plants and pour over their chip manufacturing contracts and third party suppliers? This in my mind would be step number one in this case, not tamper tape.

Don’t get me wrong, tamper evident tape should be used as standard imo for high value items, but not because the government might put something in there, but to make it evident if its been opened or the contents stolen in transport so that you can get a replacement or money back.

1 Like

If something is stolen though, it is pretty obvious and it should be (relatively) easy to get the shipping insurance to pay. Interdiction is more important because you might assume all is well until it is too late.

For an example,


Purism mentions the ‘photographing glitter on screws trick’, which really seems like the most reassuring part of it all. Recreating a random glitter pattern on each screw after malicious re-assembly would be near impossible, and reassembly without using any screws would be fairly tamper-evident I would think.

You know that new methods will just integrate the implants into the supply chain before shipping with cooperation from the company involved? Or better yet, will implant almost invisible to the eye chips underneath legitimate chips directly on the motherboard during assembly or manufacturing. You wont find these, tamper tape and glitter wont work, and you’ll never find them without special equipment.

That’s why its a gimmick for someone who actually has supply chain concerns. It’s like all the other half done things out there, closes the front door and leaves the backdoor open. But its done anyway because sets of consumers love the stuff, even if it doesn’t work, they think it does, because they’re ignorant to the whole picture.

Regardless of all that, the NSA isnt putting anything in your hardware despite what they might do for high value targets, because your not a high value target. If you are a target, Librem is not the answer, and this tamper option is wholly insufficient.

It is certainly only transit protection, but some may value that.

Implants prior to shipping would violate their hardware-specific warrant canary. Even if you do not trust them, it might still be beneficial if you are receiving a shipment outside the USA, and do not trust your government.

I would agree that it is probably not worth whatever they are charging for it, but I would not laugh off transit protection (or anti-interdiction) as worthless. It is probably more of a marketing stunt though.

This topic was automatically closed 273 days after the last reply. New replies are no longer allowed.