[ORWL] is a tamper proof open source physically secure by design endpoint (embedding a workstation computer) that allows its user to operate work with sensitive and/or valuable data within a potentially hostile environment.
This physically protected device will instantly destroy all (hardware encrypted) data it contains at the first physical attempt to tamper with it.
[ORWL] is visionary and first on the market; this is an unrivalled technology. Today no competition has entered this dimension of hardware security.
Plugged Connected to your existing keyboard and screen, [ORWL] will become your best asset to protect your privacy painful it is to manage large amount of devices. This is the reason why [ORWL] is also agile by design.
- HDMI 4k Video with Audio
- 802.11 AC Dual Band 800 Mbps, Plus Bluetooth 4.0
- 5 Gbps USB Connect to Cameras, External Storage, Keyboard & Mouse
- BTLE/NFC Key Access Right Presence Control
- Encrypted SSD Drive
Small & Secure
While ORWL’s fits in the palm of your hand – any attempt to break into it will prevent the device from booting up and shuts it down immediately, like a vault. No other security offering delivers this level of protection.
Hardware Vs. Software Security
ORWL brings security protocols and state-of-the-art authentication technologies to the personal computer, for the first time. In addition, ORWL adds two-factor, a physical key and a password just to power it on.
A Unique Key
Each key fob is unique to each computer with a unique code inside ORWL.
On top of that, if your key gets more than 10 meters away from ORWL, your PC will go into lock mode. The processor is put to sleep, and the USB ports are cut off and HDMI port are turned off… No one but you can access the data.
[ORWL] and OS
[ORWL] is just the same as any other PC from a user perspective. For example, running on Windows if you like, it is the same as Windows on a Dell or an HP. Your interface remains the same, but with the ultimate security features…
ORWL Offers Unrivaled Security Features
- Open source SW
- Open source HW*
- Tamper evident
- Self disabling
- Self locking
- Physical protection (Mesh/pressure switch)
- Side channel protection
- Temperature monitoring
- Protected RAM key
- Time rotating key
- RSA 4096
- Secure boot
- Secure display
- Secure FW upgrade
- Unique user key paired
- Motion/Shocks detection
PC Features & Performance
Sixth-generation Intel Skylake Core m7 processors up to 1.2GHz
- Made for Windows/Linux
- Intel HD Graphics 515 300/1000MHz
- Up to 8GB LPDD3 @ 1600MHz
- Up to 480GB self-encrypted Intel SSD
- Intel Wireless IEEE802.11 a/b/g/n/ac, Dual mode Bluetooth 2.1, BTLE4.2
- Tamper monitoring
- Motion sensor
- Two factor authentication access
- 1x HDMI 4k video output
- 2x USB 3.0 type C outputs
In the Box: ORWL, encrypted keyfob, power adaptor, USB cable, micro-HDMI cable
[ORWL] has been thought out to shield any types of physical attacks:
- Walk-in – Injection of a USB stick
- Sniff-in – Remote key interception
- Break-in – Opening the device, reflashing
- Hack-in – Altering the temperature, drilling holes…
- Walk-out – Removing physically device from location
ORWL is only computer to disconnect USB and HDMI ports until user is 2 factors authenticated and user is present (less than 10m from device). This is managed by a secure controller. There is no ME engine attack possible unless user is present and insert something rogue onto the ports.
All keys (users ID, SSD encryption keys…) are stored in the secure controller preventing many attacks such as die opening. Keys are released only when user are authenticated. See here for die attacks.
Temperature attack and 32k fault injection are also prevented by the secure controller (example includes recent hacks on Trezor)
The system is protected under its active mesh even when power is disconnected preventing memory fault injection, PCB modifications, interfaces snooping and other SPI, I2C, USB… attacks.
The secure controller and keyfob on ORWL have active die shield which is unusual since the side channel is not protected on most system. These attacks can be performed over the air or using SDA / DPA analysis if the attacker monitors the power supply line… Hence any VPN, login key or encryption keys are exposed on a “regular’ type of PC.