ORWL PC: The most secure home computer ever

When you really, really don't want your data to end up in the wrong hands.

We’ve all heard tales of foreign intelligence entities breaking into hotel rooms and cloning a person’s hard drive while he or she is in the bar downstairs.

You might dismiss it as the stuff of urban legend or Jason Bourne movies, but this style of attack does highlight one of the most basic weaknesses of today’s PCs: Their data is extremely vulnerable once an attacker has physical access to a machine. Cold boot attacks, USB exploits,or DMA attacks over FireWire, among other breaches, are all possible if a bad actor can get his or her hands on the hardware.

It’s this very attack vector that inspired Design Shift’s ORWL computer (named for writer George Orwell). Now, having exceeded its $25,000 funding goal on Crowd Supply, the super-secure PC is in production.

dsc09442 Gordon Mah Ung

The tiny ORWL is designed to defeat known physical attacks on a PC and even runs on decent hardware.

The ashtray-sized x86 PC is built to prevent entry into the machine. For example, on a typical PC, if you set a BIOS password to prevent tampering, it’s easy enough to bypass it by pulling the BIOS backup battery. And even if you had set the PC to trip an alarm and erase data when the case is cracked open, that won’t matter if the attacker drills a hole into the case and disables the pressure switch.

dsc09425 Gordon Mah Ung

Multiple presssure sensative switches and all-encompassing wire mesh make it nearly impossible to break into the ORWL without tripping an alert.

With the ORWL, the entire shell (available in glass or plastic) features multiple pressure switches and a wire mesh barrier. If the PC is tampered with, it will trigger an alert and erase the PC’s encryption key, making the data totally inaccessible.The ORWL uses an Intel 540-series SSD, which features full drive AES-256 encryption. The encryption key to the drive is stored on a security microcontroller instead of the drive, and only after the microcontroller has verified that the system is secure.

The ORWL’s makers say the wire mesh itself is constantly monitored, its impedance measured with randomly generated data sent by the PC’s security microcontroller. Any attempts to trick, bypass, or short the wire mesh will cause the encryption key to be deleted. The unit’s security processor also monitors movement, and a user can select a setting that will wipe or lock down the PC’s data if it is moved to another location.

The company says the ORWL’s technology is similar to that used on ATMs and other devices that need to safeguard their internal electronics from penetration.

dsc09431 Gordon Mah Ung

You can see how dense the mesh barrier is on the ORWL’s body. Break even just one of the traces and the data on the SSD will be immediately rendered in accessible.

Freezing won’t help either

Lest you think you can freeze the ORWL in order to slow down the electrons in its security controller and render it ineffective, think again. The microcontroller in the ORWL monitors temperatures and any drastic change can trigger an alert and nuke the encryption key.

It’s also been known for years that RAM can retain information for seconds after being powered down. Cool that RAM with compressed air or liquid nitrogen, and it’ll retain the information even longer—long enough to potentially extract an encryption key or any other data that’s in memory. On the ORWL, such an attack is not possible because the RAM is soldered to the motherboard and can’t be easily removed to be read elsewhere.

Design Shift says its design limits the exposure of the encryption key to brief amounts of time, such as during a boot. When the system is sleeping, the key is not stored in main memory or on the SSD but on the security microcontroller.

ORWL said it also designed the boot sequence to wipe the RAM before POST to prevent an attacker from somehow inserting code into the memory during boot.

dsc09423 Gordon Mah Ung

An OLED screen is integrated into the ORWL PC for use during bootup.

Secure keyfob

Your ORWL unlocks by using a secure NFC and Bluetooth LE keyfob. Pressing it against the top of the ORWL and entering a password authenticates the user. Once the user has been authenticated, Bluetooth LE is then ensures that the user is always nearby. Walk away, and the ORWL will lock.

The keyfob communications are encrypted and the fob is also protected by its own on-die security mesh to prevent tampering.

USB and PCIe attacks are also blocked

Design Shift has also taken precautions against the threat from external devices. The ORWL features just two USB Type C ports (in addition to HDMI), and the system cannot boot from external devices unless intentionally set to. ORWL’s designers also say those two USB ports are switched off once the secure keyfob has gone out of range.

orwl teardown close ORWL

The ORWL features Skylake-based Core m3 or Core m7 CPUs and 8GB of RAM.

It’s real hardware, too

The ORWL has surprisingly capable parts, despite its miniscule size. I expected it to be built on a lower-performance Atom X7 or a Bay Trail chip, but the ORWL uses Intel’s Skylake CPUs. There are two configurations: one with Core m3 and one with Core m7. Both configurations have 8GB of RAM, and SSD capacities range from 120GB to 480GB. As mentioned, ports include micro-HDMI and two micro-USB C ports.The Core m3 version with a 120GB drive and Windows 10 costs $749 on CrowdSupply. A Core m7, 480GB SSD, and Windows 10 will set you back $1,099. OS options also include Ubuntu LTS and Qubes.

Why not a laptop?

One big drawback of the ORWL is that it’s not a complete portable solution. You still need a monitor, keyboard, and mouse. When asked why not a laptop, Design Shift officials point to the challenges of having that much more hardware to secure.

The other obvious problem is that hardware security is only half the equation. The ORWL may be difficult to breach physically, but there are countless other threats to our PCs and data that come from the outside, over the internet, via wireless communication, even social engineering. Is the ORWL giving users a false sense of security?

security xkcd XKCD

To be fair, the ORWL doesn’t promise to secure your data from every possible point of attack, but it can at least make getting to the data on your computer a hell of a lot harder.

Join the CSO newsletter!

Error: Please check your email address.

More about DMAIntelNFCUbuntu

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Gordon Mah Ung

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts