NitroPC - Powerful and Secure Mini PC

We are excited to publish our new NitroPC - A secure mini PC with latest Intel i7 CPU (10th generation) and fully open source firmware and software.

Powerful, Up-to-Date Hardware
The NitroPC has a current 10th generation Intel Core i7-10510U processor with up to 4.9 GHz and an m.2 SSD with 6 Gb/s, and can thus be used for performance-hungry applications such as programming/compiling and graphics applications. Of course, this also makes it sufficiently equipped for office and web applications.

Open Source Firmware/BIOS
The firmware ("BIOS") consists of the open source systems Coreboot and Tianocore UEFI. This enables independent security audits of the firmware and prevents undetected backdoors. In addition, the PC boots quickly and future enhancements are possible. All PC operating systems including Windows can be used.

Disabled Intel Management Engine
Vulnerable and proprietary low-level hardware parts are disabled to make the hardware more robust against advanced attacks.
The Intel Management Engine (ME) is a type of separate computer within all modern Intel processors (CPU). The ME acts as a master controller for your CPU and has extensive access to your computer (system memory, display, keyboard, network). Intel controls the code of the ME and severe vulnerabilities have already been found in the ME that allow local and remote attacks. Therefore, ME can be considered a backdoor and is disabled in NitroPC.

Preinstalled Ubuntu Linux With Disk Encryption
NitroPC ships with a pre-installed Ubuntu Linux 20.04 LTS with full disk encryption. Ubuntu is one of the most popular, stable and easy-to-use Linux distributions. Switching from Windows to Linux has never been easier.

Optional: Pre-Installed Qubes OS for Highest Security Requirements
Instead of Ubuntu Linux, you can get your NitroPC pre-installed with Qubes OS 4.0 and full disk encryption.
Qubes OS enables highly isolated working by means of virtual machines (VM). A separate VM is started for each application or workspace. This approach isolates applications and processes much more than conventional operating systems. Qubes OS keeps your system secure, even if a vulnerability has been exploited in one of the software applications used. Example: If your PDF viewer or web browser has been successfully attacked, the attacker cannot compromise the rest of the system and will be locked out once the VM is closed.
In addition, separate virtual workspaces can be used, such as an offline workspace for secret data and an online workspace for communication. NitroPC with Qubes OS is technically similar to SINA clients (for governments), but remains transparent thanks to open source. Qubes OS is for users who want maximum security.

Sealed Enclosure
To make it difficult to tamper with your NitroPC, the case screws are individually sealed. We will send you photos of the seals, which you can use to verify if the case has been opened without authorization during transport or at a later time.

Use Cases

For everyone
With NitroPC, you don't have to rely on the security of proprietary BIOS firmware or the backdoor Intel Management Engine. Instead, the secure NitroPC is based entirely on open source software. NitroPC comes with hard disk encryption pre-installed and - if desired - the highly secure Qubes OS. Since it has a powerful 10th generation Intel i7 processor, the NitroPC is also suitable for power-hungry applications.

For Enterprises
The NitroPC can serve as a hardened workstation for Certificate Authorities and other use cases that require high-security computing.

For Government
Government agencies can use the NitroPC to protect against Advanced Persistent Threats (APT) without relying on third-party proprietary technologies.

For Journalists
If you're an investigative journalist serious about protecting your confidential sources, NitroPC can help.

As a Mini Server

The NitroPC is suitable as a small server for home and office.
 

NitroPC at Shop

16.2.2021

Comments

Submitted by meissner on 2. August 2021 - 13:50
No, there are no additional measures against video signal eavesdropping
Submitted by nos34 on 31. July 2021 - 19:43
World it run Witze a Ryzen 7 5700g ?
Submitted by meissner on 2. August 2021 - 13:51
There is no Ryzen configuration available for the NitroPC currently.
Submitted by Pete on 4. September 2021 - 18:04
Hi, when you install Qubes 4.0 does it set up sys-USB correctly? I mean does sys-USB work and contain all the USB outlets and then work the mouse, monitor, etc.? Also do you know of any reason why the NitroPC would not support Qubes 4.1? Thanks,
Submitted by meissner on 5. September 2021 - 22:07
Yup, we can confirm that mice, keyboards work without further configuration out-of-the-box with Qubes. Further we don't see any readon why the NitroPC should not work with Qubes 4.1, we've been already playing around with the 4.1 alpha release and did not encounter any issues so far.
Submitted by Pete on 4. September 2021 - 22:23
Hi again, further to my last question . . . has the NitroPC got a '14-1 mother board header' and would that mean it could accept an after market TPM like the ASUS Tpm-m R2.0 14 Pin Trusted Platform Module E241819 or the MSI MS-4462 TPM 2.0 Motherboard Module? Could you buy one, plug it in and use it as in the NitroPad use case? Thanks,
Submitted by meissner on 5. September 2021 - 22:14
There is no such header on the motherboard and we are not aware of any other TPM modules, which might work. So, the answer is: no, this is not possible.
Submitted by Tony on 28. September 2021 - 21:15
Hello, can I install any linux distro on NitroPC? (I'm asking because on your wiki you have dedicated OS images for this device) How iso from your docs differ from those provided by os maintainers (e.g. canonical)?
Submitted by meissner on 30. September 2021 - 0:07
Generally you can install any distribution which supports UEFI. We provide the OEM iso-images for transparency reasons, as those are the ones being used for installation before they are shipped. They differ just marginally from the original iso images with things like: oem start (on first boot set up a user etc.), nitrokey-app is pre-installed, some amazon ads are removed. You can see the details on github in the repositories ending with -oem, e.g., https://github.com/Nitrokey/ubuntu-oem
Submitted by Anonymous on 2. December 2021 - 14:13
Hello, Can you tell me what is the generation of USB 3 and USB-C? Is it USB 3.2 Gen 2 or Gen 1?
Submitted by meissner on 2. December 2021 - 14:30
The Type-A slots are USB 3.0, the Type-C Slot is USB 3.1 without monitor delivery.
Submitted by Analysator on 6. December 2021 - 23:13
With which desktop environment is the NitroPC delivered when ordering Debian 10 German? Could it be possible to have only the desktop of my choice preinstalled?
Submitted by meissner on 7. December 2021 - 12:27
The package 'task-gnome-desktop' is installed, which will lead to a gnome based desktop. Our products are prepared for shipping using fully automated tools to maximize security and minimize efforts, please understand that we cannot manually install alternative/additional software without compromising the aforementioned.
Submitted by Analysator on 11. December 2021 - 11:59
Ordered on December 7th, but still haven't received a delivery confirmation. Are there currently delivery delays due to the pandemic?
Submitted by meissner on 13. December 2021 - 15:49
Currently the main reason for delays is the holiday-season i.e., December. I would suggest to wait some more days, or write an E-Mail to [email protected] with your order-number (SOxxxxxx) to check for your status.
Submitted by Freda on 4. April 2022 - 17:33
Good day! Would you mind if I share your blog with my facebook group? There's a lot of people that I think would really appreciate your content. Please let me know. Many thanks
Submitted by meissner on 4. April 2022 - 18:37
Of course not, feel free to share it
Submitted by Doc Dre on 17. July 2022 - 21:20
What about the heat in that small case? I have concerns that either temperature warnings might pop up or the fan (if there is one) keeps blowing all the time?
Submitted by meissner on 18. July 2022 - 11:46
Hey, inside a NitroPC a "U"-type CPU is working, which is mostly used within laptops. There have been no reports about temperature warnings popping up and during regular use the fan noise rarely can be noticed.
Submitted by JK on 7. August 2022 - 22:10
Dear, 2 questions: 1. I can see that i7-10510U has possibility to set TDP-down to 10 W. Is it possible to set NitroPC to have 10 W permanently? 2. Is it possible to change/add hard drive without loosing guarantee?
Submitted by meissner on 8. August 2022 - 16:40
1. Yes, technically this would be possible, but we do not offer this right now. So sorry, this is not possible within the scope of this product. 2. Yes, you can replace the hard-drive w/o voiding the warranty - obviously the hard disk itself cannot be used as a reason for the warranty anymore.
Submitted by Kira on 20. August 2022 - 5:36
Do you mind if I quote a couple of your posts as long as I provide credit and sources back to your site? My blog site is in the exact same niche as yours and my visitors would truly benefit from a lot of the information you present here. Please let me know if this okay with you. Thanks a lot!
Submitted by meissner on 21. August 2022 - 15:04
Hey Kira, sure no problem feel free to quote and link our posts, while providing credit and sources.
Submitted by JJ on 2. September 2022 - 22:30
Hi, please consider an audio-out port on the rear panel for the next revision. This allows to conveniently connect speakers in the back and head phones can be connected to the front port without having to constantly reconnect speakers and headphones, and without having to connect speakers to the front port which is really not ideal. Majority of mini PCs don't have rear audio ports which is really disappointing and it forces me to build my own mini PC on an ITX board. Thanks
Submitted by meissner on 3. September 2022 - 11:19
Hey thanks for the input, we'll consider this if possible for a next revision. Generally you could also try a USB soundcard for your use-case, maybe this helps.
Submitted by JJ on 4. September 2022 - 0:48
Thanks for your reply! Yes, I've considered using a USB sound card but the downside is that the speakers will not be automatically switched off when I connect head phones to the front port. Also external sound cards often have poor quality of the mic port.
Submitted by zapzap on 26. November 2022 - 20:42
Question, is boot guard disabled in the nitroPC? also, if you put coreboot and intel me in disabled mode, is there any way that it can be undone? Aka, supposedly there is something called Intel's Firmware Support Package Also, I thought intel's 10th gen, or for that matter even as early as their 4th gen and onward blocked people from using the graphics onboard or the sound as well from working without blobs. In essence, wondered if there are any enabled remote backdoors enabled that still work when you do your changes to the NitroPC. And as a last note, wondering if you guys ever plan to make your own, durable, low heat usage netbook type device with the above ideas in place, more or less. I probably will send you a message via email at some point, regarding this, for more info.
Submitted by meissner on 29. November 2022 - 0:11
Intel ME is to the best of our knowledge disabled through the mechanism common for the 10th gen. Although there still is the FSB blob from intel inside the coreboot image otherwise the system would not work. This means that the risk for backdoors is significantly reduced, although there might be risks we don't know due to the FSB, but as of today we are not aware of any. Building our own netbook type device with your ideas is not really possible for us as Nitrokey at this point.
Submitted by Anonymous on 31. December 2022 - 1:27
Hello, Are you planning, in the near future, on offering a newer version of the nitro PC with more recent hardware? Thanks
Submitted by meissner on 31. December 2022 - 18:08
Hey hey, nope - not in the near future.
Submitted by Anonymous on 5. January 2023 - 11:38
Thanks
Submitted by Porpheus on 4. April 2023 - 9:12
Is it possible to install the most recent an encrypted version of Debian or MX or Arch on the NitroPC? I remember that some time ago there was an issue with Heads on your Laptops, so that Debian 11 couldn't be installed right away. I don't know if it ever was a problem on the PC. I´m just asking. Second question: can I connect a 4K display, i.e. is the graphics adapter in NitroPC good enough? Do you habe the NitroPC in stock?
Submitted by meissner on 5. April 2023 - 15:22
Yes, there is no issue in installing latest Distributions on the NitroPC, it comes with Tianocore, which is a UEFI enabled firmware. For displays, please check the product description in the shop (i.e., the display details), generally 4K works fine - it's better to use DisplayPort compared to HDMI. The shop gives an accurate indication, if some product is not in stock, so you can rely on that. As of today the NitroPC is in stock.
Submitted by Nik on 2. August 2023 - 20:14
Do you delivery it to Russian federation?
Submitted by meissner on 6. August 2023 - 17:54
Nope, sorry we do not offer shipping to Russia currently.
Submitted by Mr smith on 31. January 2024 - 20:05
What ram is compatible with the nitro pc mini I have CORSAIR Vengeance SODIMM 32GB (2x16GB) DDR4 3200MHz but having issues with unresponsive shell
Submitted by meissner on 31. January 2024 - 22:29
For 32GB we usually use Crucial CT32G4SFD832A. Please try to avoid asking the same question on multiple channels if possible, thank you.
Submitted by Chris on 10. March 2024 - 21:12
The last question is more than 15 months old, so I would like to ask again: Can you promise your customers a newer version of the Nitro PC in the near future? Thank you very much!
Submitted by meissner on 11. March 2024 - 10:50
We are currently investigating a new revision, thus we have at least some hopes that the NitroPC will be available again - but currently we have no specific candidate for a successor with a more powerful CPU.
Submitted by Chris on 11. March 2024 - 17:52
Thanks for your reply! My use case would be a home server with a low power consumption. It could it be a good idea to offer at least two CPUs for different use cases. ;-)

Pages

Add new comment

Fill in the blank.