Project update 1 of 23
Hello, backers! First, thanks for all your support in the first week of the campaign. We’re thrilled to have fielded so many questions and engaged in so many discussions with you all. Here’s a summary.
It’s no surprise that people concerned about hardware security are also concerned about software security. So naturally, when discussing ORWL, a lot of people bring up Qubes OS. From the beginning, we specifically chose hardware that works well with Qubes, including VT-d and VT-x support. We’ve successfully installed and booted Qubes OS, though are still investigating a network initialization problem. Once we have everything working, we’ll post a more detailed update. We’ve added a new section to the campaign page describing how ORWL works with Qubes.
We’ve had a bunch of people interested in how exactly the two microcontrollers (one in ORWL and one in the key fob) interact over NFC and Bluetooth, the security mechanisms in place, and how their firmware can be verified, modified, and reflashed. We’ve added some details about the key fob and our plans for supporting end-user development on ORWL. We’ll post progress as campaign updates here and you can always keep up-to-date on the ORWL wiki.
We added some information on how ORWL protects against USB fuzzing attacks — it simply disconnects the USB data lines when the key fob is out of range.
Whether you have questions about different security vulnerabilities, suggestions for new features, or comments on the project in general, don’t hesitate to get in touch. In the meantime, we’ll be working hard to bring you some more updates and demos showing off what ORWL can do.