This is true, but the average homelabber isn’t concerned about supply chain security and would get more for their money from dell.
I’m struggling a little bit to understand who this kind of thing is for (the anti interdiction) except simply to profit off of the badly informed people convinced they need this from lunduke off of twitter.
Is that really true? I definitely care about supply chain security, and am not close to even having a ‘homelab’ yet. Personally, the only thing that would stop me from getting anti-interdiction would be potentially the added cost and the concern that I am just paying for snake oil.
For the low-cost crowd, however, the best option would be to allow for physical pickup. I for one would certainly consider a cross-country car trip if I felt shipping was the most significant obstacle to my security.
They are using an ASpeed chip, so that does seem likely.
It’s interesting that they don’t seem to tamper seal the postal box. In any case I always feel these things are a bit of a gimmick to cater to a particular crowed.
Does anyone know if Librem let you inspect their manufacturing plants and pour over their chip manufacturing contracts and third party suppliers? This in my mind would be step number one in this case, not tamper tape.
Don’t get me wrong, tamper evident tape should be used as standard imo for high value items, but not because the government might put something in there, but to make it evident if its been opened or the contents stolen in transport so that you can get a replacement or money back.
If something is stolen though, it is pretty obvious and it should be (relatively) easy to get the shipping insurance to pay. Interdiction is more important because you might assume all is well until it is too late.
For an example,
Purism mentions the ‘photographing glitter on screws trick’, which really seems like the most reassuring part of it all. Recreating a random glitter pattern on each screw after malicious re-assembly would be near impossible, and reassembly without using any screws would be fairly tamper-evident I would think.
You know that new methods will just integrate the implants into the supply chain before shipping with cooperation from the company involved? Or better yet, will implant almost invisible to the eye chips underneath legitimate chips directly on the motherboard during assembly or manufacturing. You wont find these, tamper tape and glitter wont work, and you’ll never find them without special equipment.
That’s why its a gimmick for someone who actually has supply chain concerns. It’s like all the other half done things out there, closes the front door and leaves the backdoor open. But its done anyway because sets of consumers love the stuff, even if it doesn’t work, they think it does, because they’re ignorant to the whole picture.
Regardless of all that, the NSA isnt putting anything in your hardware despite what they might do for high value targets, because your not a high value target. If you are a target, Librem is not the answer, and this tamper option is wholly insufficient.
It is certainly only transit protection, but some may value that.
Implants prior to shipping would violate their hardware-specific warrant canary. Even if you do not trust them, it might still be beneficial if you are receiving a shipment outside the USA, and do not trust your government.
I would agree that it is probably not worth whatever they are charging for it, but I would not laugh off transit protection (or anti-interdiction) as worthless. It is probably more of a marketing stunt though.