Your submission was sent successfully! Close

Jump to main content
  1. Blog
  2. Article

Guest
on 29 September 2016

Meet ORWL. The first open source, physically secure computer


This is a guest post by Daniel Nelson from Design Shift, makers of ORWL. If you would like to contribute a guest post, please contact ubuntu-devices@canonical.com

If someone has physical access to your computer with secure documents present, it’s game over! ORWL is designed to solve this as the first open source physically secure computer. ORWL (pronounced or-well) is the combination of the physical security from the banking industry (used in ATMs and Point of Sale terminals) and a modern Intel-based personal computer. We’ve designed a stylish glass case which contains the latest processor from Intel – exactly the same processor as you would find in the latest ultrabooks and we added WiFi and Bluetooth wireless connectivity for your accessories. It also has two USB Type C connectors for any accessories you prefer to connect via cables. We then use the built-in Intel 515 HD Video which can output up to 4K video with audio.

The physical security enhancements we’ve added start with a second authentication factor (wireless keyfob) which is processed before the main processor is even powered up. This ensures we are able to check the system’s software for authenticity and security before we start to run it. We then monitor how far your keyfob is from your PC – when you leave the room, your PC will be locked automatically, requiring the keyfob to unlock it again. We’ve also ensured that all information on the system drive is encrypted via the hardware on which it runs. The encryption key for this information is managed by the secure microcontroller which also handles the pre-boot authentication and other security features of the system. And finally, we protect everything with a high security enclosure (inside the glass) that prevents working around our security by physically accessing hardware components.

Any attempt to get physical access to the internals of your PC will delete the cryptographic key, rendering all your data permanently inaccessible!

We’ve created ORWL for anybody who wants to keep their information private. This obviously includes people who have a formal obligation to protect the data in their care: people such as lawyers and people in healthcare fields. It’s also true of people who create valuable data such as photographers and videographers, musicians, authors, and many others. But it’s also true of everyday PC users: those of us who just have online banking credentials, medical records, or family photos or videos on their computers, and who want the peace of mind that if their PC is stolen they won’t see those files on the Internet next week. It also is the first PC in the world that is truly an appropriate base for storing the private keys of any block-chain based currency you may own, rather than keeping them with a third party. It maybe goes without saying, as we have plenty of pictures to communicate the point, that anybody who values the aesthetics of a beautifully designed appliance may well want an ORWL just because it’s vastly nicer to look at than a beige or black box!

ORWL comes with Ubuntu, Windows 10, or Qubes OS pre-installed, but users can install and run any modern 64 bit Intel-compatible operating system. Ubuntu is our preferred choice of system as it provides a very strong balance of features. It is noted for it’s installation scripting and default system configuration working well with a wide variety of modern hardware and is reliable and stable. Ubuntu offers all the following ease-of-use features that people like in Windows, but with the code auditability that security conscious users like in Linux-based operating systems.

With the code being auditable, it makes them leaders in cryptography as an OS, which is a vital component to our project. As the more people are able to fully understand the details of how the product works, the more secure we can make it.

And to see a demo of ORWL, view this short 2-minute video below!

Plus to learn more about their Crowd Supply campaign, see here.

Guest Post: Daniel Nelson from Design Shift, makers of ORWL

Related posts


Canonical
26 September 2023

CVE 우선순위 지정을 통한 오픈 소스 보안

Security Security

최근 연구에 따르면 엔터프라이즈 시장의 애플리케이션 중 96%가 오픈 소스 소프트웨어를 사용합니다. 오픈 소스 환경이 점점 더 세분화됨에 따라 조직에 대한 잠재적인 보안 취약점의 영향을 평가하는 작업이 엄청날 수 있습니다. 우분투는 가장 안전한 운영 체제 중 하나로 알려져 있습니다. 하지만 그 이유는 무엇일까요? 우분투 보안팀은 매일 알려진 취약점에 대해 업데이트된 소프트웨어 패키지를 수정하고 릴리스하기 때문에 ...


Canonical
19 September 2023

라이브패치(Livepatch)에 새로운 13개월 슬라이딩 지원 기간이 있습니다. 여러분에게 어떤 의미가 있을까요?

Security Security

라이브패치는 시스템을 즉시 재부팅할 필요 없고 런타임에 중요하고 높은 보안 커널 공통 보안 취약성 및 노출(CVE)을 수정하는 유용한 툴입니다. 그러나 정기적인 유지 관리 기간 및 재부팅을 대체하는 용도로 사용해서는 안 됩니다. 좋은 기업 정책에는 시스템이 안정적이고 안전하게 유지되도록 라이브패치와 정기적인 재부팅이 모두 포함되어야 합니다. 그 이유는 펌웨어 또는 장치 드라이버 업데이트와 같은 일부 시스템 CVE는 ...


Aaron Whitehouse
12 September 2023

Ubuntu Explained: How to ensure security and stability in cloud instances—part 1

Cloud and server Article

The LTS philosophy, releases, updates and repositories explained Since we launched Ubuntu Pro’s Expanded Security Maintenance for additional packages, and we now integrate more closely with public cloud update management tools, more people have been asking us about the Ubuntu archive and how this is divided and security patched. In this b ...