### Available immediately with Dasharo TianoCore. Heads support is planned for December 2024 or January 2025. ###
Secure working in insecure environments thanks to unique hardware protection
Do you believe that your computer hardware is secure? Can you rule out the possibility that someone has tampered with your computer in your absence? In a world where most users have no real control over their hardware and must blindly trust manufacturers' security promises, NitroPad offers a refreshingly new security experience. The NitroPad is significantly more secure than normal computers. NitroPad gives you more control over your hardware and data than ever before, while making it easy to use.
Advantages
Tamper detection through Measured Boot
Thanks to the combination of the open source solutions Coreboot, Heads and Nitrokey USB hardware, you can check whether your laptop has been tampered with during transportation or in your absence (so-called Evil Maid Attack). This effectively verifies the integrity of the TPM, firmware and operating system using a separate Nitrokey USB key. Simply connect your Nitrokey to the NitroPad during the boot process and a green LED on the Nitrokey indicates that your NitroPad has not been tampered with. However, if the LED lights up red, this indicates tampering.
As an alternative to Heads and therefore without Measured Boot, TianoCore is offered, which enables the use of Windows.
Deactivatable Intel Management Engine
Vulnerable and proprietary low-level hardware parts can be disabled to make the hardware more robust against advanced attacks.
The Intel Management Engine (ME) is a type of separate computer within all modern Intel processors (CPU). The ME acts as a master controller for your CPU and has extensive access to your computer (system memory, screen, keyboard, network). Intel controls the code of the ME and severe vulnerabilities have already been found in the ME that allow local and remote attacks. Therefore, ME can be considered a backdoor and can be disabled in NitroPad.
Pre-installed Ubuntu Linux with hard disk encryption
NitroPad comes with a pre-installed Ubuntu Linux LTS with full disk encryption. Ubuntu is one of the most popular, stable and easy-to-use Linux distributions. Switching from Windows to Linux has never been easier.
Optional: Pre-installed Qubes OS for the highest security requirements
Instead of Ubuntu Linux, you can get your NitroPad with pre-installed Qubes OS and full hard disk encryption. Qubes OS enables highly isolated working using virtual machines (VM). A separate VM is started for each application or workspace. This approach isolates applications and processes much more than conventional operating systems. Qubes OS keeps your system secure, even if a vulnerability in one of the software used has been exploited. Example: If your PDF viewer or web browser has been successfully attacked, the attacker will not be able to compromise the rest of the system and will be locked out as soon as the VM is closed.
In addition, separate virtual working environments can be used, e.g. an offline working environment for secret data and an online working environment for communication. NitroPad with Qubes OS is technically similar to SINA Clients (for public authorities), but remains transparent thanks to open source. Qubes OS is for users who want maximum security.
Keys under your control
All individual cryptographic keys are only generated directly on the NitroPad during installation and are not stored by us. Nevertheless, all individual keys can be replaced by you. Unlike with “Secure Boot”, the keys for securing the operating system remain under your control and do not depend on the manufacturer's approval.
Nitrokey USB key included
The NitroPad is supplied with a Nitrokey (different models). Its security functions include email encryption (PGP, S/MIME), secure server administration (SSH) and two-factor authentication. Nitrokey Storage 2 also includes encrypted mass storage with hidden volumes.
Modern Hardware
Modern 14th generation Intel Core Ultra processor. There are also numerous high-quality (no stickers) keyboard layouts (languages) to choose from.
Ready to go
With NitroPad, you don't have to worry about opening the case to flash the BIOS chip, install and configure Linux or set up the Nitrokey. We do it for you. The Nitrokey is already configured with your NitroPad so that it can be used for tamper detection without any further configuration effort.
Security-conscious shipping
To make it more difficult to intercept and manipulate your NitroPad, the NitroPad and the Nitrokey USB key can be sent in two separate deliveries on request.
Use Cases
For everyone
With the NitroPad, you can detect tampering with the hardware. For example, if your laptop is checked when crossing the border or if you leave your device unattended in a hotel or while traveling, you can check the integrity of your NitroPad using the Nitrokey.
For enterprises
The NitroPad can serve as a hardened workstation for Certificate Authorities and other use cases that require high-security computers. On business trips, the NitroPad protects against Evil Maid attacks while the computer is unattended in the hotel or in the luggage.
For governments
Authorities can use the NitroPad to protect themselves against Advanced Persistent Threats (APT) without having to rely on third-party proprietary technologies.
For Journalists
If you are an investigative journalist who is serious about protecting your confidential sources, NitroPad can help.
Firmware Dasharo Coreboot
The firmware (“BIOS”) consists of the Coreboot distribution Dasharo, which is published as open source. This enables independent security verification of the firmware and prevents undetected backdoors. In addition, the device boots quickly and Dasharo is continuously developed for up to ten years. Dasharo is available in two versions:
- Heads uses Measured Boot to enable tamper detection of the TPM, the installed firmware and the operating system. This requires a Nitrokey USB key that serves as a trust anchor.
- TianoCore is a slim, fast and, as usual, easy-to-use UEFI. It can be used with all PC operating systems including Windows.
If you order the NitroPad with the firmware HEADS, this includes the Dasharo Entry Subscription by 3mdeb Sp. z o.o. This supports the development and long-term maintenance of the Dasharo open source firmware. Your personal subscription includes:
- Access to the latest firmware versions
- Exclusive newsletter
- Special firmware updates, including early access to updates that improve privacy, security, performance and compatibility.
- Early access to new firmware versions for newly supported desktop platforms.
- Access to the Dasharo Premier Support invite-only live chat channel in Matrix network, facilitating direct engagement with the Dasharo Team and fellow subscribers with personalized and priority assistance.
- Insider’s view and influence on Dasharo features roadmap – you can have a real impact on Dasharo development.
- Dasharo Tools Suite Entry Subscription keys
By purchasing this product, you agree that we send your e-mail address to 3mdeb Sp. z o.o. as well as to their terms. If you order the NitroPad with the TianoCore/UEFI firmware, this does not include a Dasharo entry-level subscription.
Specification
- Processor (CPU): 14th generation, Core Ultra 5 processor 125H up to 4.5 GHz or Intel Core Ultra 7 processor 155H up to 4.8 GHz
- Intel Management Engine: Deactivatable
- Memory (RAM): 8-96 GB, two-port DDR5, 5600 MHz
- Hard disk: 2x 250-4000 GB SSD NVMe PCIe Gen4
- Graphic:
- Intel ARC, Ray Tracing, Variable Rate Shading, Microsoft DirectX 12 compatible, Intel DLBoost: DP4A
- Optional: Nvidia GeForce RTX-4060 8 GB GPU or Nvidia GeForce RTX-4070 8 GB GPU
- Display:
- Models without Nvidia: 16.0" (40.64 cm) FHD+ (1920×1200), aspect ratio 16:10, 100% sRGB, 500 nits, contrast ratio 1200:1, refresh rate 165 Hz, anti-reflective
- Nvidia models: 16.0" (40.64 cm) QHD+ (2560×1600), aspect ratio 16:10, 125% sRGB, 400 nits, contrast ratio 1500:1, refresh rate 144 Hz, anti-reflective IPS panel
- Up to 4 external displays via HDMI (1x) and Display Alt Mode (DP via USB-C, max. 3x). Maximum total screen resolution via HDMI: 4096 x 2304 @ 60Hz (HDMI 2.1 TMDS) / 7680 x 4320 @ 60Hz (HDMI2.1 FRL), DP protocol: 7680 x 4320 @ 60Hz
- Audio:
- HD Audio
- Built in array microphone, can be removed together with the camera
- Two built-in speakers
- WLAN, Bluetooth, optional:
- WiFi 6E + Bluetooth 5.3, Intel AX-210/211 (no vPro) WLAN-Modul 2,4 Gbps 802.11ax
- WiFi 7 + Bluetooth 5.42, Intel BE200 (no vPro) WLAN-Modul 5,8 Gbps, 802.11be
- without
- Webcam: 2,0 MP FHD camera with temporal noise reduction
- Card reader: microSD Push-Push
- Interfaces:
1 x Thunderbolt 4 with Power Delivery DC (Typ C) and Display Alt Mode (DP 2.1)
1 x USB 3.2 Gen 2 with Power Delivery DC (Type C)
1 x USB 3.2 Gen 2 (Type A, powered USB)
1 x USB 3.2 Gen 1 (Type A)
1 x HDMI (Version 2.1 with HDCP)
1 x 2-in-1 Audio combo jack (headphone / microphone)
1 x RJ-45 LAN Gigabit Ethernet
1 x DC-in audio jack - Battery: runtime approx. 8 hours
- Intel graphic models: 73 Wh, lithium-ion
- Nvidia graphic models: 80 Wh, lithium-ion
- Power adapter:
- Intel graphic models: 100~240 V, 50~60 Hz, DC 19 V, 2,37 A, 90 W
- Nvidia graphic models: 100~240 V, 50~60 Hz, DC 19 V, 9 A, 180 W
- Support for Power Delivery charging (PD) via USB-C, min. 100 W
- Keyboard: white backlight with numeric pad
- Pointing device: Integrated touchpad with PTP multi-gesture and scroll function
- Security: TPM 2.0, Kensington lock slot
- BIOS/UEFI: Dasharo Coreboot, optionally TianoCore or Heads
- Operating system: Ubuntu Linux or Qubes OS
- Color: metallic and black
- Dimensions: 358 x 258.6 x 18 mm
- Weight: approx. 1.8 kg incl. battery without power adapter
- Device condition: new
- Scope of delivery: Laptop, power adapter, power cable, Nitrokey if applicable (different models)
- 2 years warranty