New Laptops/NitroPads With Modern CPU, Tamper Detection - Limited Until April 30th!

We are pleased to introduce the new, long-awaited NitroPads with modern CPU: The NitroPads NV41 and NS50 feature a modern Intel processor Core i5 or i7 of the 12th generation. Available with either a 14" (NV41) or 15" (NS50) screen. In addition, there are numerous, high-quality (no stickers) keyboard layouts (languages) to choose from. Like the previous NitroPads, the NV41 and NS50 have, among other things, tamper detection through Measured Boot and disabled Intel Management Engine. As an alternative to Heads, the NitroPads are offered with TianoCore, which allows the use of Windows.

Features

  • Tamper Detection Through Measured Boot
    Thanks to the combination of the open source solutions Coreboot, Heads and Nitrokey USB hardware, you can verify that your laptop hardware has not been tampered with in transit or in your absence (so-called evil maid attack). The integrity of the TPM, the firmware and the operating system is effectively checked by a separate Nitrokey USB key. Simply connect your Nitrokey to the NitroPad while booting and a green LED on the Nitrokey will show that your NitroPad has not been tampered with. If the LED should turn red one day, it indicates a manipulation.

  • Deactivated Intel Management Engine
    Vulnerable and proprietary low-level hardware parts are disabled to make the hardware more robust against advanced attacks.
    The Intel Management Engine (ME) is some kind of separate computer within all modern Intel processors (CPU). The ME acts as a master controller for your CPU and has broad access to your computer (system memory, screen, keyboard, network). Intel controls the code of the ME and severe vulnerabilities have been found in the ME enabling local and remote attacks. Therefore ME can be considered as a backdoor and has been deactivated in NitroPad.

  • Preinstalled Ubuntu Linux With Full-Disk Encryption
    NitroPad ships with a preinstalled Ubuntu Linux 22.04 LTS with full-disk encryption. Ubuntu is one of the most popular, stable and easiest to use Linux distributions. Switching from Windows to Linux has never been easier.

  • Optional: Preinstalled Qubes OS For Highest Security Requirements
    Instead of Ubuntu Linux, on request you can get your NitroPad with preinstalled Qubes OS and full-disk encryption.
    Qubes OS enables highly isolated working by means of virtual machines (VM). A separate VM is started for each application or workspace. This approach isolates applications and processes much more than conventional operating systems. Qubes OS keeps your system secure, even if a vulnerability has been exploited in one of the software applications used. Example: If your PDF viewer or web browser has been successfully attacked, the attacker cannot compromise the rest of the system and will be locked out once the VM is closed.
    In addition, separate virtual workspaces can be used, such as an offline workspace for secret data and an online workspace for communication. NitroPad with Qubes OS is technically similar to SINA clients (for governments), but remains transparent thanks to open source. Qubes OS is for users who want maximum security.

  • Security Conscious Shipping
    To make it more difficult to intercept and manipulate your NitroPad, the NitroPad and the Nitrokey USB key can be shipped in two separate shipments if desired.
     

Use Cases

  • For Everyone
    NitroPad enables you to detect hardware tampering. For example, if your laptop is being inspected while crossing the border or if you leave your device unattended in a hotel or during travelling, you can check the integrity of your NitroPad with the help of the Nitrokey.

  • For Enterprises
    NitroPad can serve as a hardened workstation for certificate authorities and other use cases requiring high-security computers. On business trips, the NitroPad protects against evil maid attacks while the computer is unattended in a hotel or baggage.

  • For Governments
    Governments can use NitroPad to protect themselves against advanced persistent threats (APT) without relying on foreign proprietary technology.

  • For Journalists
    If you as an investigative journalist are serious about protecting your confidential sources, NitroPad helps you getting there.
     

Availability - Important!

This is a limited time promotion. For the time being, orders are only possible until April 30. We may be able to accept a limited number of additional orders at a later date; however, it is not yet certain how many and when.

A limited quantity of laptops is in stock and will be shipped in May to the first customers. All subsequent customers are expected to receive them between August and September. So it's worth ordering quickly!

The previous NitroPads X230 and T430 will continue to be offered for the foreseeable future.

Buy NitroPad now!

10.7.2023

Comments

Submitted by Stadtverwaltung on 19. April 2023 - 11:45
Endlich eine echte Alternative zu den Librem-Laptops von Purism in Deutschland. Aktuelle Hardware, deaktivierte Intel ME, Qubes OS, Heads und USB-Schlüssel schaffen zusammen neue Maßstäbe in Bezug auf Sicherheit, Verifizierbarkeit und Transparenz.
Submitted by Curiosity on 27. April 2023 - 8:45
Out of curiosity: Is there a particular reason only selling the T430 with an optional Intel D3-S4510 hard drive? I have expected the new models to have this option too.
Submitted by meissner on 27. April 2023 - 23:36
These new Nitropads do come with M.2 hard-disks exclusively and a Intel D3-S4510 has a 2.5'' low profile SATA form factor, which simply doesn't fit mechanically.
Submitted by DrDre on 5. May 2023 - 11:31
Where ist the difference between your limited offer NV41 und the NV41 by NovaCustom? Heads?
Submitted by meissner on 8. May 2023 - 23:00
Generally we are getting the notebooks from the same OEM, so the hardware is (nearly) identical. On firmware side we also offer an open-source UEFI firmware, namely tianocore - but on top we also offer HEADS and thus measured boot through it and the firmware verification through an external device (a Nitrokey).
Submitted by zappity on 12. May 2023 - 3:48
Are all of the remote backdoors, not just intel me, aka... are they all functionless with heads + the hap bit? Aka, is the network stack beneath heads still active enough to send info anywhere? Whether online or offline that could be used for some identifying purpose. Oh and btw, can these computers be used without any non-free/proprietary blobs on the software end? Like, can it be used without debian's non-free drivers and/or firmware. Just was curious is all.
Submitted by meissner on 14. May 2023 - 22:26
The UEFI firmware contains the option to switch off ME. On HEADS, ME will be directly disabled. This Intel generation cannot work without FSP firmware blobs from Intel, which are part of the coreboot build. On userspace side we offer a blob-free WiFi card, apart from that various other hardware components will inevitably come with proprietary firmware (e.g. the m.2 ssd).
Submitted by zappity on 17. May 2023 - 21:51
So effectively, how much is being transmitted via FSP while its on? Was wondering, if FSP itself is a threat remotely? I actually also forgot to ask, how sturdy are these laptops compared to say, T430 or X230? This being said, as a final note, do you plan to make a smaller size in the future? Like 12.5 inch? or 11.6 inch? Very curious
Submitted by meissner on 22. May 2023 - 12:16
Very hard to say, as it is closed source - it cannot be easily told. There are some analysis on this available on the internet, but again it's hard to tell in detail. About sturdiness, the NS51 case is composed mostly of metal materials (alu?) thus will likely withstand more physical stress. We are looking into smaller laptop variants, but this will surely take more time (>6months) for something like this to potentially arrive.
Submitted by zappity on 24. May 2023 - 7:34
I messaged you guys about this via email, but I became aware of the newer nitropads origins. Novacomputers? I think? But you do special changes to it which are well worth it. I wondered what you guys would think about doing the same thing with framework laptops. Sound interesting?
Submitted by meissner on 24. May 2023 - 12:40
Yes, NocaCustom also sells laptops from the same OEM. Using Framework Laptops as Nitropads is currently not planned.
Submitted by zappity on 3. June 2023 - 21:06
That is a shame, as framework does actually have a 13 inch device. Although, I found one that actually has anywhere from 11 inch to 15 inch. starlabs.systems aka. They apparently could serve the purpose you mentioned. Thoughts?
Submitted by meissner on 5. June 2023 - 12:21
yes, we are aware of them. We are looking forward to extend the available screen sizes, it's simply not defined when this will happen.
Submitted by zappity on 11. June 2023 - 19:38
if one of those groups was willing to work with you, would you be open to that? Framework supposedly doesn't have coreboot support because they dont have enough people to work on project/other complications. Would you need them to do anything to provide coreboot heads + your intel me neutered stuff support? Asking theoretically just because curious
Submitted by meissner on 13. June 2023 - 18:01
making coreboot work on device is anything but trivial and involves quite some work from experienced people. How much work this actually is depends on many factors, but mostly on the motherboard chipset used. Doing this without help from the manufacturer is even more complicated as this ends up in a lot of trial and error work. Honestly, it's simply very hard to do such an estimation without doing some part of the actual work e.g., investigating the platform and finding out whats already there to start with. Afterwards one might be able to do a proper estimation of the expected work.
Submitted by zappity on 15. June 2023 - 2:01
I wonder if they'd be willing to work with you guys, assuming, this option is even possible on either end. I cannot say for sure, but regardless, I just felt I should reply. Although, other modular laptop creators probably exist who are easier to chat with. As a last thought, no huge rush for me, but not sure about everyone. Anywho, thanks for responding to my questions.
Submitted by zappity on 15. June 2023 - 2:05
Oh btw, one last thing to mention, there is a cheaper version of NV41, called NV40. That one probably will interest some more than NV41 due to its sheer expensive cost.
Submitted by wayne on 12. May 2023 - 20:18
Its es marketingstrategie, dass ihr es bis 30. april limitiert habt, wie bei manchen bekannten schuhmarken, oder habt ihr da andere gründe? Wenn ich es jetzt bestelle, kommt das wwirklich erst im august/september? Zu gewicht des laptops: könnt ihr bitte beim nächsten Mal im angebot leistungsfähige mit bis zu 64 gb ram laptops mit 1 kg, oder zumindest mit 1,2 kg anbieten? glaubt mir, selbst die hunderte gramme spielen schon die rolle, wenn man öfters lange unterwegs mehrere Sachen in der tasche mit sich trägt.
Submitted by meissner on 14. May 2023 - 22:28
Nein, das ist keine Strategie. Wir haben einfach selbst Einschränkungen was wir wann einkaufen können, dies bildet sich hier ab. Ansonsten bzgl. dem Gewicht: verstanden, nehmen wir mal so als Wunsch mit.
Submitted by wayne on 28. May 2023 - 16:18
derzeit ist technisch unproblematisch die Notebooks mit 64 RAM größe, aktuellem cpu, bis 1 kg und ab 15" bildschirm zu bauen und auf dem markt zu finden. Man würde den kauf lieber bei euch präferieren. Könntet Ihr schon bis zum August solche Notebooks zum Verkauf hinkriegen??
Submitted by meissner on 30. May 2023 - 13:57
Nein, aktuell haben wir einen solchen Laptop nicht in Planung.
Submitted by Moon on 7. July 2023 - 12:01
hi nitrokey. Wenn man nitropad an den tagen bestellt, wird es bereits ab 1. August schon geliefert? oder ab wann frühestens ca. kann man die Lieferung erwarten?
Submitted by meissner on 10. July 2023 - 22:01
Hey Moon, ganz aktuell kann ich dazu noch nichts genaueres sagen als ursprünglich gemeldet, also irgendwann August/September. Die nächsten Tage wird es dazu aber noch ein Statement in Form eines Blog Beitrags geben, der den Zeitraum genauer beschreibt.

Add new comment

Fill in the blank.