What the USB Armory MkII actually is
The USB Armory MkII is the second-generation open-source secure computer designed by F-Secure Foundry (now WithSecure Foundry) and Andrea Barisani's team in 2018, manufactured and sold through Crowd Supply. Where the original MkI used a Freescale i.MX53 and was already an unusually transparent piece of secure hardware, the MkII shrinks the design to a single PCB the size of a USB flash drive, swaps to the NXP i.MX 6ULZ, and bolts on a thoughtfully selected set of secure-element-grade peripherals: NXP CAAM cryptographic engine, ATECC608 secure element, a μSD slot for storage that is fully removable, and an exposed JTAG/UART debug header for development.
Unlike the YubiKey class of hardware tokens, the Armory is not a fixed-function product. It is a complete ARM Linux computer that happens to be the size of a stick, runs at 900 MHz, has 512 MB of RAM, and presents itself to a host PC as any USB device class you want it to be — mass-storage, network, HID, serial — because the i.MX 6ULZ USB controller supports full device-role operation. That generality is the entire point of the platform and the reason it occupies a category of one in the pentest-hardware market.
SoC, peripherals & the open-hardware reality
The i.MX 6ULZ inside the Armory is a deliberately conservative chip choice. It is a single Cortex-A7 at 900 MHz, ARMv7-A with NEON, TrustZone, an MMU, and a 32 KB L1 / 128 KB L2 cache — old enough that the silicon is well-understood by the security research community, new enough that NXP still issues errata and lifecycle support. The on-die CAAM (Cryptographic Acceleration and Assurance Module) implements AES-128/192/256, 3DES, RSA, ECC (P-256/P-384), SHA-1/2 and PRNG in hardware, with a key-encryption-key tree rooted in fuses that the application core cannot read directly.
The CAAM matters because it is the only commercially available, open-source-friendly secure crypto engine you can drive from your own bare-metal Go runtime. F-Secure Foundry's TamaGo project — a fork of the upstream Go compiler that targets ARM bare-metal without a kernel — was developed specifically for this device and is now used by several other hardware-rooted secure compute projects. Add the ATECC608A secure element (which holds ECC P-256 keys that even the i.MX cannot read) and a fuse-locked HABv4 boot chain, and the Armory becomes one of the few devices where you can credibly say "this key has never seen RAM accessible to anything except the CAAM."
The schematics, PCB layout and bill of materials are fully published on GitHub. There are no NDA-protected components, no signed-only blobs in the boot path you cannot replace, and no closed-firmware secondary processors in the design. That makes the MkII the rare device that genuinely lives up to the "open hardware" claim — most competitors close the boot ROM or hide a co-processor.
Software stack — TamaGo, GoTEE and INTERLOCK
The Armory ships with three reference software stacks, each targeting a different deployment profile.
| Layer | Stock distribution | Research / advanced |
|---|---|---|
| User app | Go binaries (TamaGo) or systemd services | Custom GoTEE app, signed payload, OP-TEE clients |
| Runtime | TamaGo — Go on bare metal, no kernel | GoTEE EL3 monitor + signed payload PE |
| OS | Debian armhf, INTERLOCK, Mullvad-style hardened image | OP-TEE OS / no OS (TamaGo direct) |
| Boot | U-Boot, signed HABv4 image | Closed boot ROM + fuse-locked HABv4 |
| Silicon | i.MX 6ULZ + CAAM + on-die fuses | i.MX 6ULZ TrustZone + DRAM scrub on reset |
TamaGo deserves a section of its own. It is a Go runtime that runs directly on bare metal — no Linux, no microkernel, no RTOS. The runtime is roughly 25,000 lines of audited Go, exposes drivers for i.MX peripherals (USB, CAAM, GPIO, I²C, SPI), and lets you write the entire firmware as a single statically linked Go binary. For projects where the attack surface of a full Linux distribution is intolerable — hardware security modules, hardware wallets, code-signing appliances — TamaGo is genuinely transformative. The binary you sign is the entire executing surface; there is no shell, no package manager, no privileged daemon.
GoTEE is a TrustZone-aware monitor that lets two TamaGo binaries — one in the Secure World, one in the Normal World — communicate via a constrained RPC channel. It is the spiritual cousin of OP-TEE but written in Go, and it gives researchers a far more approachable surface than the C-and-make jungle that surrounds most TEE work.
INTERLOCK is the Armory's flagship reference application: a TLS-served file-encryption appliance with a web UI. Plug the stick into a host, browse to its local-only HTTPS address, upload files, and the Armory encrypts them using AES-256 keys derived from a passphrase + CAAM-bound master key, then writes the ciphertext back to the host. It is a real, shippable artefact — and a useful template if you are building your own Armory-hosted service.
Supported attack & research vectors
- USB-class shape-shifting: present as HID, mass-storage, CDC-ACM, RNDIS or ECM. Useful for BadUSB-style payloads that are far more sophisticated than a Rubber Ducky — including USB-Ethernet attacks (Responder / NTLM relay) and DMA-style abuse of poorly-isolated host stacks.
- Hardware-rooted key custody: store ECC private keys in the ATECC608A or in CAAM-encrypted blobs. Build a portable code-signing or commit-signing token that physically cannot exfiltrate the key.
- Trusted execution research: GoTEE provides a clean two-world TEE for academic and applied work, including remote attestation, sealed-storage and side-channel research.
- Covert payload host: a TamaGo binary on the Armory can present itself as a labelled mass-storage device while quietly running an HID keystroke injector, an HTTP exfil agent or an internal-network pivot when plugged in.
- Pentester drop-box: with the optional Ethernet expansion, the MkII can sit inside a kiosk and beacon out a SOCKS tunnel or WireGuard back to operator infrastructure.
- Secure boot chain teaching: HABv4 fuses, signed U-Boot images, and CAAM-rooted key derivation make this the best teaching device in existence for the i.MX secure-boot pipeline.
Open-source community, customisation & longevity
The community around the Armory is small but unusually competent. The usbarmory GitHub organisation maintains hardware files, firmware, TamaGo, GoTEE, INTERLOCK and the Debian image; the WithSecure Foundry team itself is responsive on issues. Custom enclosures, secondary-board carriers, USB-C-to-USB-A adapters and PoE-injector daughterboards have all been published by hobbyists. There is no large hobbyist community in the Flipper sense — the audience is researchers and product engineers, not red-team enthusiasts — so do not expect a YouTube tutorial for every problem. What you get instead is a small population of experts who answer issues in pull-request comments and the kind of documentation written by people who use the device in production.
Legality & ethical posture
The Armory's legal posture is the cleanest of any device on this site. It is a generic ARM computer in a USB form factor — no regulated radio, no LF / HF reader, no inherently dual-use radio TX hardware. Customs has never been a problem; the device ships from Crowd Supply (US) and Crowd Supply EU with standard ITAR-free commodity classifications. The ethical risk is entirely downstream: a TamaGo binary that performs BadUSB injection or NTLM relay is no different — legally — from any other tool that does the same thing, and the same rules apply (written scope, signed authorisation, target inventory).
Deployment scenarios
Scenario 1 — Hardware-rooted code-signing token
Provision an ECC P-256 key in the ATECC608A, write a TamaGo binary that exposes a PKCS#11 device to the host, deploy as the build-engineer's signing token. The private key never leaves the secure element. INTERLOCK can serve as the reference web UI.
Scenario 2 — Drop-box pivot
Plug into a target kiosk or back-of-rack USB port. The Armory enumerates as a CDC-ECM Ethernet adapter, gets a DHCP lease, and beacons a WireGuard tunnel out to operator infrastructure. Tiny attack surface, no Linux distro footprint, signed boot chain.
Scenario 3 — TEE research
Reproduce published GoTEE attestation flows, then mutate the monitor to test boundary cases. Academic research on TrustZone has historically required custom development boards; the Armory replaces a $400 NXP eval kit and ships with the monitor source.
Scenario 4 — Personal HSM
Run an INTERLOCK-style encrypted vault on a stick that lives on your keyring. CAAM-bound master key, microSD ciphertext, optional decoy partition. Quietly superior to TrueCrypt-on-USB for any threat model that includes hostile hosts.
How the MkII stacks up against the alternatives
| Spec | USB Armory MkII | Raspberry Pi Zero 2 W | BeagleBone Black |
|---|---|---|---|
| Form factor | USB-A stick (66 × 19 × 8 mm) | Pi Zero W board (65 × 30 mm) | BeagleBone Black (86 × 53 mm) |
| SoC | NXP i.MX 6ULZ — 1× ARM Cortex-A7 @ 900 MHz | Broadcom BCM2835 — 1× ARM11 @ 1 GHz | TI AM3358 — 1× ARM Cortex-A8 @ 1 GHz |
| RAM | 512 MB DDR3 (on-package) | 512 MB LPDDR2 | 512 MB DDR3L |
| Storage | microSD only — no eMMC | microSD only | 4 GB eMMC + microSD |
| Secure crypto IP | NXP CAAM (AES-128/256, RSA, ECC, SHA-2) | None | None |
| Secure Boot | HABv4 + per-device fuses | No (Pi 4+ optional only) | TI Secure Boot (limited) |
| TrustZone | ARMv7 TrustZone — supported via GoTEE | Not exposed | Not productised |
| Native USB role | Device + host (OTG, USB 2.0 HS) | OTG via micro-USB | Host only |
| Bus interfaces | I²C, SPI, GPIO, UART (debug header) | I²C, SPI, GPIO, UART (40-pin) | I²C, SPI, GPIO, UART, CAN, PRU |
| Power | Bus-powered, ~500 mA peak | Bus-powered, ~700 mA peak | Bus or 5 V barrel, ~600 mA |
| Street price | ~$169 (Crowd Supply, sporadic) | $15 (Pi Zero 2 W) | $60–80 (BBB rev C) |
The Pi Zero 2 W wins on price and community. The BeagleBone wins on industrial I/O. The Armory wins — uniquely — on cryptographic trust posture: it is the only device on this page where the boot ROM, the secure element and the runtime are all auditable open source, and where you can prove that a private key has never been outside the silicon. For 90% of hobby projects the Pi is fine; for the 10% where attestation matters, nothing else exists at this price point.
Pros & cons
Buy the MkII if…
- You are building a hardware-rooted signing or key-custody appliance.
- You need a covert, USB-stick-sized drop box with a small attack surface.
- You are doing serious TrustZone or TEE research and the OP-TEE jungle is too much.
- You value reproducible, fully open-source firmware and PCB design.
- You are teaching i.MX secure boot or CAAM-rooted crypto.
Skip the MkII if…
- You want a beginner-friendly hardware tinker box — buy a Flipper or a Pi.
- You need GPU, video out, or anything graphical — there is no display path.
- You expect tutorials for every problem — the audience is researchers, not hobbyists.
- You need 4 cores / 4 GB RAM / NVMe — wrong tool, look at a Pi 5 or RK3588 board.
- You buy on availability — Crowd Supply runs are sporadic, wait lists routine.
Verdict
The USB Armory MkII is a niche device — and within its niche, there is no honest competitor. If your work involves building portable, hardware-rooted secure compute appliances, TrustZone research, or covert pentest payloads that must survive an evidence-bag teardown, the MkII is the single best $169 you can spend in 2026. If you do not have a specific reason to need a CAAM-bound key, a fuse-locked HAB boot chain, or a TamaGo bare-metal runtime, buy a Raspberry Pi instead. The Armory rewards expertise the way the Flipper rewards curiosity; both are good devices for the audience they were designed for.
