It's criminally irresponsible to sell such a computer, because it will easily result in data loss and not all users are educated enough to understand the consequences of such a flawed "security" design. Of course, you can claim that it's ultimately the customers fault in this case, and I agree, but they should nevertheless expect some lawsuits.
There is always a tradeoff between security and data integrity, something which the people who downvoted my post apparently don't understand. When even your mom can mount a 100% successful denial of service attack with a screwdriver, then you're screwed.
If you disagree, I challenge you to show me a use reasonable case that couldn't also be solved by actual physical security or by locking down booting and the BIOS and using tamper-evident seals.
It's not illegal or irresponsible to sell a computer that deletes data when tampered with when "deletes data when tampered with" is _advertised as one of the primary features of the machine_.
The same argument could be applied to nearly any product. Knowing how to use the product is the user's responsibility and helping educate users is the manufacturer's responsibility. If you don't have data back ups, regardless of the type of computer, then you're setting yourself up for disappointment.
True, maybe I overreacted. What worries me is that is apparently supposed to be sold as a general computing device. Tamper-resistant hardware may be used in the military to protect implementations and keys stored in hardware that will eventually get stolen. For other types of data stored? Probably not so much. As I said, reasonable uses for this kind of device are limited.
For ordinary users, deleting everything immediately when someone tampers with it is a recipe for disaster. Sure, they can backup everything in encrypted form, but then the data is not really deleted when somebody tampers with the machine, isn't it?
Regarding the security, well, apart from software-based attacks, how about installing a tiny USB keylogger inside a USB cable that is already used by the user? Or in the keyboard itself? Or a camera that records your keystrokes?
That's what the <insert agency or special interest group of your choice> would be doing in such a case.
> Knowing how to use the product is the user's responsibility
Not all products are the same. It's irresponsible, but maybe good business strategy, to presume a complicated computer, which runs software that no human can hold in their head is the same as other products people are accustomed to.
There is always a tradeoff between security and data integrity, something which the people who downvoted my post apparently don't understand. When even your mom can mount a 100% successful denial of service attack with a screwdriver, then you're screwed.
If you disagree, I challenge you to show me a use reasonable case that couldn't also be solved by actual physical security or by locking down booting and the BIOS and using tamper-evident seals.