Guest
on 29 September 2016
This is a guest post by Daniel Nelson from Design Shift, makers of ORWL. If you would like to contribute a guest post, please contact ubuntu-devices@canonical.com
If someone has physical access to your computer with secure documents present, it’s game over! ORWL is designed to solve this as the first open source physically secure computer. ORWL (pronounced or-well) is the combination of the physical security from the banking industry (used in ATMs and Point of Sale terminals) and a modern Intel-based personal computer. We’ve designed a stylish glass case which contains the latest processor from Intel – exactly the same processor as you would find in the latest ultrabooks and we added WiFi and Bluetooth wireless connectivity for your accessories. It also has two USB Type C connectors for any accessories you prefer to connect via cables. We then use the built-in Intel 515 HD Video which can output up to 4K video with audio.
The physical security enhancements we’ve added start with a second authentication factor (wireless keyfob) which is processed before the main processor is even powered up. This ensures we are able to check the system’s software for authenticity and security before we start to run it. We then monitor how far your keyfob is from your PC – when you leave the room, your PC will be locked automatically, requiring the keyfob to unlock it again. We’ve also ensured that all information on the system drive is encrypted via the hardware on which it runs. The encryption key for this information is managed by the secure microcontroller which also handles the pre-boot authentication and other security features of the system. And finally, we protect everything with a high security enclosure (inside the glass) that prevents working around our security by physically accessing hardware components.
Any attempt to get physical access to the internals of your PC will delete the cryptographic key, rendering all your data permanently inaccessible!
We’ve created ORWL for anybody who wants to keep their information private. This obviously includes people who have a formal obligation to protect the data in their care: people such as lawyers and people in healthcare fields. It’s also true of people who create valuable data such as photographers and videographers, musicians, authors, and many others. But it’s also true of everyday PC users: those of us who just have online banking credentials, medical records, or family photos or videos on their computers, and who want the peace of mind that if their PC is stolen they won’t see those files on the Internet next week. It also is the first PC in the world that is truly an appropriate base for storing the private keys of any block-chain based currency you may own, rather than keeping them with a third party. It maybe goes without saying, as we have plenty of pictures to communicate the point, that anybody who values the aesthetics of a beautifully designed appliance may well want an ORWL just because it’s vastly nicer to look at than a beige or black box!
ORWL comes with Ubuntu, Windows 10, or Qubes OS pre-installed, but users can install and run any modern 64 bit Intel-compatible operating system. Ubuntu is our preferred choice of system as it provides a very strong balance of features. It is noted for it’s installation scripting and default system configuration working well with a wide variety of modern hardware and is reliable and stable. Ubuntu offers all the following ease-of-use features that people like in Windows, but with the code auditability that security conscious users like in Linux-based operating systems.
With the code being auditable, it makes them leaders in cryptography as an OS, which is a vital component to our project. As the more people are able to fully understand the details of how the product works, the more secure we can make it.
And to see a demo of ORWL, view this short 2-minute video below!
Plus to learn more about their Crowd Supply campaign, see here.
Guest Post: Daniel Nelson from Design Shift, makers of ORWL