USB Armory: Open Source USB Stick Computer

Crowdfunding Page History

This page is an archive of the original crowdfunding campaign for this project. It may not be up-to-date with the latest updates and product availability. Return to the current project page.

$151,674 raised

of $65,000 goal

Funded! Order Now

Jan 31 2015

funded on

233%

funded

1,468

pledges

Pledge Now

$130

USB Armory

An open-source computer on a stick - designed specifically for high-security application.


$10

USB Host Adapter

Allows the USB Armory to independently use a keyboard, USB display, USB mass storage devices, USB Wi-Fi dongle and more, just like a standard computer, without the need for a separate USB host, such as a laptop or desktop.

Details

An open source USB stick computer for security applications.

As Featured In

ZDNet

ZDNet

Inverse Path USB armory: Secure computer on a stick

Boing Boing

Boing Boing

“Crowdfunding a USB-stick-sized, GNU/Linux-ready computer”

Geek Logo

Geek

“USB Armory puts penetration testing and Tor routing in a thumbdrive”

Hackaday

Hackaday

“This particular processor supports a few advanced security features such as secure boot and ARM TrustZone.”

PCWorld

“USB Armory is the Swiss army knife of security devices”

An open source USB stick computer for security applications.

The USB Armory is full-blown computer (800MHz ARM® processor, 512MB RAM) in a tiny form factor (65mm x 19mm x 6mm USB stick) designed from the ground up with information security applications in mind. Not only does the USB Armory have native support for many Linux distributions, it also has a completely open hardware design and a breakout prototyping header, making it a great platform on which to build other hardware.

Features and Specifications

Hardware

Software

The USB Armory hardware is supported by standard software environments and requires very little customization effort. In fact, vanilla Linux kernels and standard distributions run seamlessly on the tiny USB Armory board:

Connectivity

  • High Speed USB 2.0 On-The-Go (OTG) with full device emulation
  • full TCP/IP connection to/from USB Armory via USB CDC Ethernet emulation
  • flash drive functionality via USB mass storage device emulation
  • serial communication over USB or physical UART

Security

The ability to emulate arbitrary USB devices in combination with the i.MX53 SoC speed and fully customizable operating environment makes the USB Armory an ideal platform for all kinds of personal security applications. Not only is the USB Armory an excellent tool for testing the security of other devices, but it also has great security features itself:

  • ARM® TrustZone®
  • secure boot + storage + RAM
  • user-fused keys for running only trusted firmware
  • optional secure mode detection LED indicator
  • minimal design limits scope of supply chain attacks
  • great auditability due to open hardware and software

The support for ARM® TrustZone®, in contrast to conventional trusted platform modules (TPMs), allows developers to engineer custom TPMs by enforcing domain separation between the “secure” and “normal” worlds that propagates throughout all SoC components, as opposed to limited only to the CPU core.

Applications

$ ssh alice@10.0.0.1

Welcome to your USB armory :)

$ ▌

The following example security application ideas illustrate the flexibility of the USB Armory concept:

  • mass storage device with advanced features such as automatic encryption, virus scanning, host authentication and data self-destruct
  • OpenSSH client and agent for untrusted hosts (e.g Internet kiosks)
  • router for end-to-end VPN tunnelling
  • Tor bridge [see this, for example]
  • password manager with integrated web server
  • electronic wallet [the Electrum Bitcoin wallet works out of the box on the USB Armory. It has been tested with X11 forwarding from Linux as well as Windows hosts.]
  • authentication token
  • portable penetration testing platform
  • low level USB security testing

USB Host Adapter

As mentioned in the first campaign update, there is also a simple USB host adapter that, along with compiling the right Linux kernel modules, allows the USB Armory to independently use a keyboard, USB display, USB mass storage devices, USB WiFi dongle and more, just like a standard computer, without the need for a separate USB host, such as a laptop or desktop.

Connecting a powered USB hub to the adapter ensures that all the connected USB devices have enough power to perform their tasks. Additionally, a micro-USB cable we can power the USB Armory itself. Alternatively, a passive USB hub can be used and a micro-USB charger (such as ones used for most mobile phones) can provide power.

Enclosure

To keep your USB Armory protected and preserved, we’ve developed a custom enclosure in cooperation with Teko, an Italian company that specializes in high-quality enclosure solutions.

The official USB Armory enclosure is a four-piece design customized to accommodate and protect the USB Armory.

The enclosure is easily assembled by snapping together three separate body parts, one of which acts as a sliding cover for the microSD card. A small removable cap protects the 5-pin breakout header.

Note: A cap for the USB plug was included in earlier enclosures but later removed due to width tolerance issues.

Specifications:

  • Body: 61 x 24 x 9 mm
  • Plug cap: 12 x 23 x 7mm
  • Material: NEVIESTER EG83 (PETG)
  • Color: transparent

Community

The USB Armory is an open source hardware and software project created by Inverse Path, an Italian information technology consulting group specializing in securing critical embedded systems in the avionic, automotive, and industrial control sectors. The Inverse Path team, with the help of the open source community, will develop applications that explore the potential of the USB Armory. Please participate!

Manufacturing Plan

Three major revisions of the USB Armory (alpha, beta and release candidate) have been prototyped and manufactured, a local Italian manufacturer has been selected, and the first batch is ready for production.

The funds raised by this campaign will go toward covering the cost of parts, fabrication, assembly, and shipping. A margin for unexpected expenses and application development has been reserved, but otherwise the price has been kept as low as possible in order to make the USB Armory a reality.

There are no bulk discounts or early bird deals to ensure that everyone has the possibility of obtaining the USB Armory at the lowest price.

At present, an Italian board fabricator and assembly house will produce the USB Armory and all units will be shipped to backers of the campaign through Crowd Supply’s fulfillment service in the US.

First 40 Units Ship Immediately

The first 40 USB Armory units sold will be shipped as soon as the campaign has reached its funding goal. These units have already been produced as part of the final test batch and are identical to those that will be in the main production run, which will ship approximately six weeks after the campaign reaches its funding goal.

Ask a Question

Have a question not answered in the description above or in the Updates?

Ask Inverse Path a Question or Browse the Crowd Supply Guide

Credits

Inverse Path

Dedicated to secure software, hardware, and mission-critical IT infrastructures.


Andrea Barisani

Inverse Path

Andrej Rosano

Inverse Path

Daniele Bianco

Inverse Path


Teko

Enclosure design partner & manufacturer

Cipierre Elettronica

Recommended

PCB Assembler

TVR

Recommended

PCB Manufacturer

Subscribe to the Crowd Supply newsletter, highlighting the latest creators and projects: