F-Secure Foundry recently launched a crowdfunding campaign for their new, tiny form factor USB Armory MK II computer. The device which comes with a form factor that looks like a usb flash drive is an open-source, full featured USB computer with Bluetooth, USB-C ports, 512MB RAM and 900MHz and was developed as an improvement to the USB Armory computer dongle launched far back in 2014.
The USB Armory MK II comes with the more efficient NXP i.MX6ULZ ARM Cortex TM – A7 processor, a 16GB eMMCflash memory chip and new security features like;
- High Assurance Boot (HABv4) that enables the on-chip internal Boot ROM to authenticate the initial boot loader with a digital signature.
- Secure non-volatile storage that includes a secure RTC, master key control, security state machine and tamper/violation detection and reporting.
- True Random Number Generator which when included in the Linux kernels enables the component within the Linux framework.
- External cryptographic co-processors (A71CH and ATECC) that provide high-endurance monotonic counters used for external verification of firmware rollback/downgrade attacks.
- eMMC Replay Protected Memory Blocks that feature replay – protected authenticated access to flash memory using a shared connection between the eMMC and the host.
All of these features are not surprising, as, according to F-secure foundry, the USB MK11 was developed to help users with potential security applications like;
- Password manager with integrated web server
- OpenSSH client and agent for untrusted hosts
- Router for end-to-end VPN tunneling
- Portable penetration testing platform
- Hardware security module
- Tor bridge
- Authentication token
Some of the highlight features of the USB Armoury MK11 hardware include;
- NXP i.MX6ULZ ARM Cortex TM – A7 Processor at 900MHz
- U-blox ANNA-B112 BLE Bluetooth module
- 512MB DDR3 RAM
- USB 2.0 port and 2 USB type-C ports (Dual Role Power Receptacle and Upstream Facing Port
- Small form factor (Dimension – 66mm x 19mm x 8mm )
- Slide switch for boot mode selection between microSD and eMMC
- External security elements – NXPA71CH + Microchip ATECC608A
Intro Video
The NXP i.MX6ULZ ARM Cortex TM – A7 processor along with superior speed (900MHz) and other features that meet current trend like USB-C ports are some of elements that gives the new MK11 an edge over the earlier MK1. A summary of the features of both boards is provided in the table below to highlight the difference between them.
The USB Armory MK II supports full TCP/IP connection to/from it via USB CDC Ethernet emulation along with wireless connectivity over BLE, and serial communication over USB or physical UART using the Debug board. It should be noted that HDMI video is not supported over the 2 USB-C ports; only the USB 2.0 protocol is supported over the USB-C ports.
More details on the USB Armory MK II and the Crowdfunding campaign can be found on the project page on Crowdsupply. Over $20000 has already been committed by backers and all orders are expected to be shipped by the end of 2019 or in early 2020 with free shipping to backers in the US and a $15 service charge to ship to the rest of the world.