Using Nitro PC Pro without dasharo

Can I buy the nitro pc without subscription for dasharo? Can I use dasharo fully anonymously?

1 Like

Would be nice if someone from Nitrokey answers

1 Like

Hi @Schinzo,
I’m Piotr Król, Founder of 3mdeb, the company behind Dasharo. Thank you for your questions about Dasharo.

According to Nitrokey and 3mdeb agreement announced during Dasharo User Group #2, MSI Z690-A are sold only with Dasharo Entry Subscription. May I know what concerns you regarding the subscription?

It depends on what you mean by that and to what extreme anonymous you want to be. Anonymity is not a binary state but a spectrum in the same way as privacy and security. We (3mdeb) don’t get any of your data except the email to which the firmware update would be sent when released. If you want to avoid firmware updates and don’t care about our support, provide a fake email; our messages will not bother you.

  • If you decide to provide an email, which, with certain precautions, may be completely disconnected from your real-life identity, we will send update notifications to that email address.
  • You can download binaries from our self-hosted Nextcloud instance. Please consider going through VPN and Tor to mask your IP address if 3mdeb self-hosted infrastructure is concerning in your threat model.
  • To download binaries, you must use the received password (we are working on improvements to make it passwordless). If you don’t like or don’t trust pre-built binaries, there are various extremes you can go with:
    • You can decide that buying hardware with flashed Dasharo is dangerous; you can buy the same hardware in another shop and compile the source code yourself. Code is publicly available on GitHub (please note that Github may log your IP, etc.).
    • You can decide that buying hardware from Nitrokey is not an issue, but downloading binaries from the 3mdeb server is, so then you can compile binaries yourself when you decide it makes sense to do an update and flash them using delivered tools or your method of choice,
    • You may decide you don’t trust the tools provided by 3mdeb. Those are also open-source and available publicly and can be compiled from source; all documentation for that is available in Dasharo Documentation

Please let me know if I missed anything regarding your concerns about the anonymous usage of Dasharo. We would be glad to extend the Dasharo FAQ so all potential users can learn the best practices for using Dasharo anonymously.

1 Like

Beforehand I apologize for my newby english. Your message was very informative, thank you.
Yes, its about providing personal information like E-Mail and an delivery adress, so the system is in some kind relateable to my personal information. So as I understood you get only the E-Mail from Nitrokey and nothing else, to this email you will send a password which I can use to authentificate myself as a subscription owner, right? So you can relate my IP to the E-Mail/delivery adress/subscription. To use a vpn/tor before the connection to your server I will need additional hardware, right? Can you also tell me the permissions of your server when connected to my system?

Gesendet von Proton Mail für Mobilgeräte

-------- Original-Nachricht --------

1 Like

Yes or you can compile publicly available source code and resign from getting updates from us.

Anytime you connect to a server, your IP is known to that server unless you use VPN and/or Tor and/or proxy. So, if you connect to our server without any protection, our server will receive your IP as any server does because it has to know where to send packets. There are various ways to mitigate that. Then, after providing a password, we theoretically can match that IP with the email. If you have a static IP tied to your delivery address in that way, you can leak your location, but if you care about not revealing your identity there are ways to protect it.

I’m unsure why and what “additional” means in this context. Do you mean additional to Nitro PC Pro? No additional hardware is needed to set up VPN and/or Tor if that is your question - those are just software running in the operating system. Of course, you can gain assurance and reliability by using dedicated hardware, e.g. for VPN, but that is not required.

There are no permissions. Our server does not connect to you. When we send an update, you may click the link in the email to download that update, and in that way, you connect to our server as you connect to the server hosting this forum.

Anonymity topic is highly complex. If you are interested in diving deeper into this topic, Whonix has excellent documentation.

Understanding your threat model before diving deeper into ways you can protect yourself from leaking your identity would be great.

I think I missunderstood something from begining.
The Dasharo updates will just be sent through E-Mail, I dont need any extra software which communicates with your server, so theoretically I dont need to login anywhere to use your service, right? For example I could just download the updates on any phone and update the BIOS then? So my E-Mail isnt linked somehow to any ID/serial whatever of my system? Its just an seperate subscription which isnt related in any form to the system itself, is that right?

-------- Original-Nachricht --------

The link to download the Dasharo update will be sent by email.

Correct, you don’t. Just a web browser.

You have to provide the password to download the update.

Yes, you can do that.

Yes. We have no means of associating systems bought from our partners with emails.

Of course, if in the future you will need our support and it will be related to hardware compatibility, we may ask you about some system details if that would be necessary to provide quality service, but that would be your choice if you want to provide it.

Thank you very much. So there isnt any generated hardware ID or something in this direction, which could be related to the E-Mail or delivery adress? I can just login to your dashboard/site from any system I want to through a webbrowser and download an update which I can flash inside the BIOS via usb or whatever not needing a internet connection for that?

Gesendet von Proton Mail für Mobilgeräte

-------- Original-Nachricht --------

There is no hardware ID associated with the subscription.

Yes.

2 Likes

Thank you very much for your answers.

1 Like