The World's Most Secure Home Computer Reaches Crowdfunding Goal

"If the PC is tampered with, it will trigger an alert and erase the PC's encryption key, making the data totally inaccessible." Last month Design SHIFT began crowdfunding an elaborate "open source, physically secure personal computer" named ORWL (after George Orwell). "Having exceeded its $25,000 funding goal on Crowd Supply, the super-secure PC is in production," reports PC World, in an article shared by Slashdot reader ogcricket about the device which tries to anticipate every possible attack: The encryption key to the drive is stored on a security microcontroller instead of the drive... The ORWL's makers say the wire mesh itself is constantly monitored... Any attempts to trick, bypass, or short the wire mesh will cause the encryption key to be deleted. The unit's security processor also monitors movement, and a user can select a setting that will wipe or lock down the PC's data if it is moved to another location... The RAM is soldered to the motherboard and can't be easily removed to be read elsewhere...

Your ORWL unlocks by using a secure NFC and Bluetooth LE keyfob. Pressing it against the top of the ORWL and entering a password authenticates the user. Once the user has been authenticated, Bluetooth LE is then ensures that the user is always nearby. Walk away, and the ORWL will lock.

Re:... formerly most secure computer

[Orgasmatron]

The headline is crap. The linked article is better, and the wiki has more details. This is a physically secure computer, not generally. The goal is that when you unlock it, it should either be in the same state it was in when you locked it earlier, or it should be obvious to you that it is not.

It has no ethernet or wifi (nor, for that matter any busses capable of reading memory by DMA), but you can add them with USB3, which gets disconnected when you lock it. The case is designed with very little room between the security shell and the glass or plastic case, making it very difficult to add things without you noticing. Opening the secure shell inside wipes the drive encryption keys, so you'll notice if someone does that. And when you first get it, you can open it up to inspect the insides to make sure that nothing was added before it gets to you.

This would be ideal for running a small Certification Authority, for example. The signing key would be well protected inside the shell without you having to wear it on a USB stick around your neck for the rest of your life. Ditto a bitcoin wallet.

But it isn't, nor was it intended to, let you run Windows fresh off the DVD while you browse porn sites in IE and download warez off of shady torrent sites without antivirus.