Librem One Affected By Nasty Security Bug On Launch Day, Acknowledges Rebranded Apps

Written by Michael Larabel in Free Software on 1 May 2019 at 08:00 PM EDT. 6 Comments
FREE SOFTWARE
Yesterday Purism launched the Librem One suite of services that initially consists of a privacy-minded, but even with priding themselves on security, there ended up being a nasty launch-day security issue uncovered. The fact that their offered software was quietly re-branded open-source software also rubbed some users the wrong way.

The security issue yesterday affected Librem Chat and allowed any user into any account on the service due to a typo in the Matrix.org code. The issue ended up being reported and after some brief downtime taken care of, as outlined via the Purism blog. While it happened on launch day, so far there are less than two thousand users, so the overall impact isn't that much and it doesn't appear the issue was exploited for nefarious intent.

With Librem One costing $7.99 USD per month or $14.99 USD for a "family pack", a number of users have been expressing frustration with Purism largely just re-branding various pieces of open-source software that comprise this suite. As to that, they sought to address those concerns in How Purism Works Upstream and Gives Back. Purism argues that re-branding these pieces of software provides convenience and gives them a leg up in competing with tech giants like Apple and Google. From the linked blog post, "By putting services under a centralized brand, we make these decentralized services just as convenient to use as the big tech alternatives. That way an end-user doesn’t have to know what Matrix, ActivityPub, or even IMAP are or try to find all of the applications that work with those services on their particular platform. Instead, they just need to know that they want to chat, join social media, or send email."

We'll see how well the Librem One suite ends up working out especially with Purism being stretched so thin as is trying to deliver their Librem 5 smartphone next quarter, which is already coming two quarters later than originally anticipated.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week