
ORWL – The First Open Source, Physically Secure Computer - trengrj
https://www.crowdsupply.com/design-shift/orwl?utm_source=Crowd+Supply+Newsletter+List&utm_campaign=a75d78f462-Weekly_Blast_8_11_2016&utm_medium=email&utm_term=0_b155e0c31f-a75d78f462-112084497#details-top
======
sounds
This one is going to be fun to break. By which I mean, find a way to execute
an evil maid attack. It supports USB 3 (probably through the Intel chipset).
It also has wifi (very likely the Intel chipset). Get the one with vPro and
use the Intel tools to automatically take over the device?

It also adds the MAX32550 for additional attack surfaces, which may or may not
have direct access to the Bluetooth hardware. If they publish the source for
this chip, it should be possible to wait a few years, then try recent CVEs on
the source code to find one that gives a working exploit.

It sounds like the easiest attack will be just to break the secure mesh around
the computer. Although this will only be a denial of service attack, it will
be brutally effective if the site is to be believed:

> Data is instantly erased as soon as there is a break in the active secure
> mesh surrounding the entire motherboard.

Ironically, I feel like there is a great need for a secure computer. But
slapping together an intel CPU and a MAX32550 is a step in the wrong
direction.

In case it wasn't already obvious, I will not be supporting this during
crowdfunding and will attempt to locate one secondhand.

