Need a tamper-proof, encrypted PC? The portable, open-source ORWL could be what you're looking for
The ORWL locks down data on the device and contains measures to counteract tampering.
There are a number of choices available if you need a small, powerful, yet affordable mini desktop PC, from the $500 Mac Mini, to the cheaper Google Chromebox, or HP Pavilion Mini desktop.
But can more be done to keep these devices secure, not just from the risk of software exploits but also scenarios in which an attacker has gained physical access to the device?
The makers of ORWL, a flying saucer-shaped mini desktop for the security-minded, think it can, providing you're willing to fork out a relatively hefty $699.
ANDROID SECURITY
The team behind the ORWL is taking a second crack at crowdfunding, after the project failed to meet a $175,000 target on Kickstarter last year. This time, the ORWL has a more modest target of $25,000 on Crowd Supply.
ORWL, whose name is inspired by George Orwell, is billed by its maker Design Shift as the first "physically secure computer" due to the lengths the company has taken to lock down data stored on the device.
The device sports an Intel Skylake Core m3 processor, as well as 8GB RAM, and either 120GB or 480GB SSD. It has two USB 3.0 Type C ports, one Micro HDMI port, and supports 4K output.
The system can run Ubuntu and other GNU/Linux systems, Windows 10, or the security-focused Qubes OS.
Key to the device's physical security features is a secure microcontroller (MCU), which is used to store and generate the drive's cryptographic key. According to Design Shift, the MCU is integrated into the motherboard and verifies the integrity of firmware prior to boot.
The other key physical security layer is a so-called 'active mesh' clamshell that encases the gadget. The case borrows from techniques used to physically protect ATMs and security tokens. The material contains a printed circuit board that will shatter when drilled, triggering instructions for the MCU to delete the drive's encryption key. Try to pry the clamshell open and the device's data will be rendered inaccessible in the same fashion.
The ORWL doesn't offer any of the fancier biometric methods for authentication, but instead relies on a paired NFC chip held on a key fob for authentication. The device uses Bluetooth to monitor the proximity of the key fob. If the key fob moves out of range, the device will lock down until the next time the NFC chip is in range again.
Finally, to assure buyers of the ORWL's integrity, the company is promising to open source its hardware and software. This includes schematic and layout files, as well as the firmware for the BIOS, secure controller, and key fob.
But while Apple, Google, and Microsoft are doubling-down on security features for their respective platforms, it's not clear that equipment with security as its main selling point is anything more than a niche product, even after Edward Snowden's leaks about US surveillance capabilities.
Silent Circle, the maker of the encrypted Blackphone, recently revealed weak sales of its device. BlackBerry has also struggled to find a market for its security-focused, Android-powered BlackBerry Priv, though it's taken a second punt on the market with its DTEK50.