Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Open Source Privacy Security Hardware

Physically-Secure 'ORWL' Computer Expands Its Open Source Policy (crowdsupply.com) 68

Last month DESIGN Shift successfully crowdfunded their physically-secure (and open source) ORWL computer. But this week long-time Slashdot reader Dr. Crash raised concerns that "releasing only the equivalent of 'assembly code' (PDFs of the schematic, Gerber files) and requiring an NDA for the BIOS and mechanical security just doesn't cut it... " Slashdot contacted the company, which two hours ago posted a response: After feedback from some of you and more internal discussion, we've decided to open the schematics source files under CC-BY-NC-SA 4.0... Our reasoning is that the benefit of being able to much more easily inspect the inner workings of ORWL far outweighs the minimal risk of infringement by a third party. Even if a third party does decide to copy ORWL for profit, they would quickly discover the real work is in the layout, not the schematic, as is the case in most hardware...

[T]he firmware will be licensed under GPL 3 rather than CC-BY-SA 4.0. This change is in line with the Creative Commons's own recommendations regarding software licensing. We also realized that some of our firmware uses libraries provided under NDA. We will clearly identify which components are protected under NDA and how to go about securing such an NDA.

They've already released a .zip file of their schematics, and in addition announced that "we're committing to opening the PCB layout sources once we've sold a total of 3,000 ORWL unit." Their announcement includes a link for feedback from the community.
This discussion has been archived. No new comments can be posted.

Physically-Secure 'ORWL' Computer Expands Its Open Source Policy

Comments Filter:
  • First of its kind... (Score:5, Interesting)

    by mlts ( 1038732 ) on Monday October 10, 2016 @03:19PM (#53050267)

    I'm actually impressed by this machine. Yes, a new NUC can probably do more, but the ORWL with a glass case is pretty impressive when it comes to security, especially if it can handle virtualization with the supported Ubuntu distro, so one can use it to run Windows 10 in a secure manner if need be. PCs designed for security from the ground up are not very common.

    My only wish would be if they could add two ports for a fiber optic cable loop. This could be S/PDIF or any form factor. The goal is to have a fiber optic cable that could be looped around a desk or sturdy object, similar to a Kensington lock. If the cable is cut or unplugged, the machine goes into a locked state. This way, it turns the theft into "just" hardware.

    • Sorry I don't have mod points today. I like the fiber optic cable idea.
      With any luck thieves would get it in their head that there are easier pickings elsewhere...
      Bonus points if the manufacturer could get the cable to strobe red when disturbed and glow blue when it was at rest.
    • by Anonymous Coward

      How does the fiber optic cable loop increase security beyond what ORWL already claims to do? Seems like the whole point of the device is that data theft isn't possible by means of physical access alone. Not saying the loop idea isn't a good one for other computers, but it doesn't seem necessary here.

      • by mlts ( 1038732 )

        The loop means that the computer stays put (barring removal of the table it sits on.) If a would-be thief wants the data, they would be stopped as soon as they disconnect the cable.

        It also provides a theft deterrent function against would-be skulkers. If they knew that they disabled a device that would be worthless to a fence just by disconnecting it from a cable, they likely would leave it alone.

        Of course, a Kensington lock slot wouldn't hurt either, especially if there were some way to detect someone tr

        • by rthille ( 8526 )

          Doesn't it lock when the accelerometer detects movement?

          • Yes, when the BT detects the user to be not within 10meter of the device, and the device is moved, it goes into Shut down. I don't see the real need for this fiber cable, is there something I don't see?
            • Yes. If the loop is cut it doesn't go into shutdown, it goes into brick. You can't remove the device from its environment to attack it at your leisure.
    • Wouldn't it just be easier to have a mechanism to store the encryption key on an external device that you take with you rather than on the machine itself? That way you wouldn't need an elaborate custom-built chassis and you eliminate the threat by just not storing the data and the password in the same place.
      • by chill ( 34294 )

        That would mean it couldn't reboot unless you were physically right there -- making it useless for any form of remote application.

        • That would mean it couldn't reboot unless you were physically right there -- making it useless for any form of remote application.

          You could send it the encrypted encryption key remotely too, doesn't need to be a physical external device.

          • by chill ( 34294 )

            Let me know if you figure out how to do that with an encrypted SSD drive. You'd essentially need a boot device that was able to reach out to the Internet to get a key to unlock the 2nd stage device. It gets complicated, because then you have to secure THAT.

            • A bootloader with network access isn't that complicated and you have to secure your network access regardless of what you're doing anyway.
            • by tlhIngan ( 30335 )

              Let me know if you figure out how to do that with an encrypted SSD drive. You'd essentially need a boot device that was able to reach out to the Internet to get a key to unlock the 2nd stage device. It gets complicated, because then you have to secure THAT.

              Or OPAL devices which require an ILO type mechanism because the boot firmware works with the SSD boot code to get a password. The unlock program is stored on the SSD and is run prior to bootup. Inevitably, they require a keyboard and monitor to enter the

    • I think I know which industry you work in :-). Yeah, those are a pretty neat safety feature, cut the fibre and the device it's attached to turns into a brick. So if you want to attack it, you have to perform the attack in-place.
    • My only wish would be if they could add two ports for a fiber optic cable loop. This could be S/PDIF or any form factor. The goal is to have a fiber optic cable that could be looped around a desk or sturdy object, similar to a Kensington lock. If the cable is cut or unplugged, the machine goes into a locked state. This way, it turns the theft into "just" hardware.

      Pretty much this - if you can just toss the machine into a pocket and take it to where it can be worked on at leisure, it's security theatre.

    • by AmiMoJo ( 196126 )

      Doesn't the power cable cover that function? Kind of hard to steal it without unplugging it, and once unplugged the data can't be decrypted without the key. Or did you mean some kind of anti-theft state where you can't even format the SSD and reuse it?

      • Doesn't the power cable cover that function? Kind of hard to steal it without unplugging it, and once unplugged the data can't be decrypted without the key.

        Awkward but by no means impossible. Don't try at home!

        Strip the outer insulation of the power cable. This is not hard.

        Separate off the live and neutral and strip off the insulation and tap into them.

        You could then for example connect and spin up a synchronus machine on to the cable, with the rest of the mains acting more or less as an infinite bus bar.

        No

  • This seems like bullshit. They tagged on encryption and wireless identification to create what looks like a fragile system that could decide to do a data wipe at any time. If you try to break into it, it wipes your data. I wonder if that's preventable?

    Maybe you could couple an inductor to the hard drive ribbon to prevent signalling while you cut through the case (and ribbon), then extract the drive; but the key is probably stored elsewhere, and wipeable. There's got to be a way into this thing.

    • The problem is that for many if not most threat scenarios you definitely don't want your data wiped immediately once somebody tries to access your computer. But has it could have its uses, e.g. as a secure server that doesn't store anything precious. You might want to physically disable the USB ports for some uses, though.
    • by raymorris ( 2726007 ) on Monday October 10, 2016 @03:51PM (#53050513) Journal

      > There's got to be a way into this thing.

      If there aren't ways to get data in and out, it's kinda pointless as a computer. That's what computers do, of course, they accept input, process it, and produce output. So yeah, there are ways in.

      Physically haven't seen the hardware, so we don't know what the "wire mesh" looks like - perhaps you could drill a couple of half inch holes through the case. Every $10,000 safe can be drilled without triggering the relockers, so you can bet that this can be as well. Most locksmiths drill to just unlock a safe; I drilled holes in the bottom of one and then completely disassembled the mechanism using long tools, like building a ship in a bottle.

      For example, this computer has an HDMI port and two USB ports. I bet those aren't covered with a fine mesh screen, so you can probably drill them out and and start working from there.

      • by AmiMoJo ( 196126 )

        Okay, you drill your hole, now what? What can you actually do with it?

        The only attack I can think of would be to attach some probe wires to the SATA bus or maybe the memory bus. If you somehow managed to do that without crashing the system you might get some data from it, although probably not much of use. The encryption for the SSD is not stored in main RAM, it's stored in the SSD's controller's RAM inside a sealed IC where it can't be probed through your hole or without an electron microscope.

        To be honest

        • > attach some probe wires to the SATA

          Once you have probes on the SATA pins, you can read the entire drive. Just plug the other end into the USB-SATA adapter on your laptop and dump the drive with ddrescue. If the ORWL isn't busy reading and writing to the drive at the same time, you won't even get errors causing ddrescue to retry those sectors.

          > The encryption for the SSD is not stored in main RAM, it's stored in the SSD

          Which is good in some ways, but bad in this case because as long as the drive is p

        • by archi1 ( 4713085 )
          The secure mesh prevent any access to the internal. Any break on the mesh will shutdown the device and lose the SSD key. So no attack on SATA possible as device wont boot again and key is lost as soon as you opened it... see more details on the security features here https://www.crowdsupply.com/de... [crowdsupply.com]
      • by archi1 ( 4713085 )
        You can't drill through the mesh. There are some picture on the page here https://www.google.com.tw/sear... [google.com.tw] The secure controller is designed to prevent drill, die opening and other temperature attacks. Side channel protection is also included. So you will need to sharpen your pencil to find a way in. We also target FIPS 140-2 certification and it will be verified by third parties... A lot more details on the security features here; https://www.crowdsupply.com/de... [crowdsupply.com] HDMI and USB data are obviously accessi
      • Let me answer to some of the points you make. 1/2 inch holes through the mesh..... Unnoticed. This is a picture of the mesh we implemented. Both trace width and pitch are sub millimeter. A secure microcontroller monitors the integrity of them with pseudo random signals. http://media.bestofmicro.com/I... [bestofmicro.com] USB and uHDMI not covered by the security mesh. As you can see in the image, the actual connectors are excluded from the mesh, any connection to the main board is covered by the mesh. So yes, you can try y
        • Thanks for the info and picture of the mesh. Looks like your team did a pretty good job. Nothing is impenetrable of course, but nice work.

          From the pic, that looks like a micro USB? I have one here where I pulled out the board/contacts portion, leaving the metal shell, then drilled the top 1/3rd deeper to provide room for an extra chip attached to the replacement contacts. The assembly method used for some micro ports make it easy to pull out and replace the contacts portion- they hold the new contacts

    • You really want to read up on what this device does to establish physical security. Very similar to what is built into every POS terminal. Product Spec: https://www.orwl.org/wiki/inde... [orwl.org] https://www.crowdsupply.com/de... [crowdsupply.com] ==> Enveloping Active Mesh Thanks
      • It's actually some way removed from what's built into POS terminals. Terminals have to be as cheap as possible and the vendors cut corners at every opportunity (what's certified is often not what's shipped). You can defeat the physical security of many POS terminals using a few items you can pick up at your local hardware store. The ORWL is another matter entirely.
    • by archi1 ( 4713085 )
      Attacking the device is a lot more complicated than using an inductor and cutting. There is an active mesh and a secure controller that protect the key. There is a second Die mesh on the secure controller... also temperature protection, side channel protection... A good read here of all the features put in place : https://www.crowdsupply.com/de... [crowdsupply.com]
      • Interesting. It's important to remember that attacking a pin-tumbler lock is way more complex than attacking a ward lock (a skeleton key will bypass a ward lock; pin-tumbler locks require more-complex manipulation, and can be hardened against some attacks). It's difficult to make a device resistant to physical compromise (false-negative: no attack detected) without having the device fail permanently under false-positive states.

  • We also realized that some of our firmware uses libraries provided under NDA. We will clearly identify which components are protected under NDA and how to go about securing such an NDA.

    An NDA does not provide protection. What it does is confirm which parts of your machine and firmware cannot be trusted. Choosing to base their machine around an Intel chip was perhaps the greatest mistake they made.

    • We thought about the platform selection for a long time. In the end the compatibility with existing infrastructure, OS support .... pushed us in the Intel direction. While some features like ME is certainly less than desirable, we think we 1) minimized the reach of ME to a good extent with our secure micro controller having control of power of the Intel system 2) Most secure solutions today rely on Intel today 3) we are further minimizing the ME reach through our Coreboot development and utilizing the most
      • ME is closed source and it should be assumed that it has a backdoor.

        In the end the compatibility with existing infrastructure, OS support .... pushed us in the Intel direction.

        What this tells me is that you simply lacked the knowledge of how to build a platform, so you cut corners and probably made a deal with Intel.

        1) minimized the reach of ME to a good extent [...]

        You cannot minimize the reach of ME because it load before everything else. If you believe that you have then you are either ignorant or you have deluded yourself.

        2) Most secure solutions today rely on Intel today

        no they don't because anything with ME is not actually secured.

        • Some more comments on your replies: .............. so you cut corners and probably made a deal with Intel. Do you really think Intel would make a deal with us? We are applying the most open design practices we can think off, while still staying in business. We publicized the product definition, the SOW for contractors we work with, the code for the several Firmware developments we did and have contracted out will be available as soon as it is in Beta release. the Hardware design is open to the public and re
    • by Kjella ( 173770 )

      An NDA does not provide protection. What it does is confirm which parts of your machine and firmware cannot be trusted. Choosing to base their machine around an Intel chip was perhaps the greatest mistake they made.

      Neither does documentation of the API, unless you have the actual transistor circuitry blueprints and can verify that the chips are built according to them the hardware can do pretty much anything in secret. Open source firmware on closed source hardware doesn't really change much, you don't really control it anyway just the driver code that runs on the CPU. Well, if you can trust the CPU that is.

      • While true, backdoors happen less often in hardware because of the additional costs associated development. However, a RISC-V chip made using direct lithography would solve this problem.

    • by archi1 ( 4713085 )
      Intel CPU was recommended by the QUBES OS team for performances and security. TAILS, TOR and QUBES OS all run on Intel...
      • Intel CPU was recommended by the QUBES OS team for performances and security. TAILS, TOR and QUBES OS all run on Intel...

        I've looked over their recommendations and I see no indication that they recommend Intel over AMD or vice versa.

  • Sorry for the length of the post, but I felt it was necessary. Until we start talking about the complete corresponding release of all the needed components like as what has been done with the EOMA68 project you can't even begin to talk about designing a truly secure computer. Intel and AMD are holding back important bits of code that we need to be able to examine to determine whether or not the remote control functionality includes a backdoor. We can be reasonably confident that these pieces do in fact cont

    • You forgot one important distinction: ORWL is a ready-to-ship pretty secure computer with a small amount of black-box parts. EOMA68 is a non-secure gedanken experiment with quite a bit of black-box parts if you try and actually implement it.
      • It is very hard to implement a system that solves all problems at once, all done open source, without any involvement of any of the known software and semiconductor players. We are making good progress towards opening up closed code bases and hardware designs. I think Bruce Byfield is making this point much better than I can. https://t.co/pBeRkE7ajp [t.co] Thanks
        • Yeah, I think you guys are doing a great job, sort of what IBM tried to do 15 years ago with their 4758, but failed due to hardware constraints (you had to run some funky embedded OS with equally funky IBM-specific development tools). The one thing that'd be nice to have is what someone suggested in a previous thread, a fibre-optic link that can be used to lock it into a physical location, so an attacker can't steal it and attack it at their leisure.
  • by Anonymous Coward

    Insufficient. You still have nothing until you can audit the schematic-to-PCB translation, and audit the preboot (including BIOS, SMM, etc).

    Without that, you can still fall to a port-knock with the digits of Pi, taking every fifth digit and grouping into a port number from 0 to 9999, starting at the 1,234,567,890th digit of pi. Or something else equally outlandish.

Almost anything derogatory you could say about today's software design would be accurate. -- K.E. Iverson

Working...