Stephanie So
@complicatedisok.bsky.social
CEO of Geeq, a tech start-up in blockchain (not crypto). Ask me anything because I think blockchain, crypto, and tech need a complete do-over - and the only people who can make that happen are the ones who aren't already on the inside.
Have you heard the news about local public key infrastructure?
We're working to make security less dependent on humans trying to outsmart AI.
It would work (it's PKI without the trusted middles).
We could use help to get adoption, all hands are welcome!
We're working to make security less dependent on humans trying to outsmart AI.
It would work (it's PKI without the trusted middles).
We could use help to get adoption, all hands are welcome!
October 22, 2025 at 10:25 PM
Have you heard the news about local public key infrastructure?
We're working to make security less dependent on humans trying to outsmart AI.
It would work (it's PKI without the trusted middles).
We could use help to get adoption, all hands are welcome!
We're working to make security less dependent on humans trying to outsmart AI.
It would work (it's PKI without the trusted middles).
We could use help to get adoption, all hands are welcome!
Please ask me to explain:
2-factor authentication fails to protect consumers.
It asks you to give your credentials without knowing who is on the other side.
That's what happens in help desk scams.
We must have *mutual* authentication in order to be truly secure.
You deserve it. We all do.
2-factor authentication fails to protect consumers.
It asks you to give your credentials without knowing who is on the other side.
That's what happens in help desk scams.
We must have *mutual* authentication in order to be truly secure.
You deserve it. We all do.
October 1, 2025 at 7:42 PM
Please ask me to explain:
2-factor authentication fails to protect consumers.
It asks you to give your credentials without knowing who is on the other side.
That's what happens in help desk scams.
We must have *mutual* authentication in order to be truly secure.
You deserve it. We all do.
2-factor authentication fails to protect consumers.
It asks you to give your credentials without knowing who is on the other side.
That's what happens in help desk scams.
We must have *mutual* authentication in order to be truly secure.
You deserve it. We all do.
I remember that use case! Smart choice, discerning customers.
So nice to meet you!
So nice to meet you!
September 19, 2025 at 10:16 PM
I remember that use case! Smart choice, discerning customers.
So nice to meet you!
So nice to meet you!
Hi!
Yes! NFC technology! Much better than QR codes. Was that your invention? That's excellent.
Supply chain is a natural for blockchains, I agree. We're applying that concept to the information supply chain. We have mints without smart contracts (more secure) and global state awareness. 🥂
Yes! NFC technology! Much better than QR codes. Was that your invention? That's excellent.
Supply chain is a natural for blockchains, I agree. We're applying that concept to the information supply chain. We have mints without smart contracts (more secure) and global state awareness. 🥂
September 19, 2025 at 9:16 PM
Hi!
Yes! NFC technology! Much better than QR codes. Was that your invention? That's excellent.
Supply chain is a natural for blockchains, I agree. We're applying that concept to the information supply chain. We have mints without smart contracts (more secure) and global state awareness. 🥂
Yes! NFC technology! Much better than QR codes. Was that your invention? That's excellent.
Supply chain is a natural for blockchains, I agree. We're applying that concept to the information supply chain. We have mints without smart contracts (more secure) and global state awareness. 🥂
I'm glad to boost your public service announcements.
There's always something, please keep them coming!
Happy Friday.
There's always something, please keep them coming!
Happy Friday.
September 19, 2025 at 9:03 PM
I'm glad to boost your public service announcements.
There's always something, please keep them coming!
Happy Friday.
There's always something, please keep them coming!
Happy Friday.
I retweeted this article, thank you!
I have a fix for this. Now I need to figure out how to sell it to an airline!
I have a fix for this. Now I need to figure out how to sell it to an airline!
September 19, 2025 at 8:43 PM
I retweeted this article, thank you!
I have a fix for this. Now I need to figure out how to sell it to an airline!
I have a fix for this. Now I need to figure out how to sell it to an airline!
Very happy to answer!!
September 8, 2025 at 1:50 PM
Very happy to answer!!
Awful.
Yet each phase sounds like the same problem. A spoof.
That's why I'd like our local public key infrastructure to be adopted.
Check the blockchain ledger for the public key of whoever is requesting contact with you. If it's not there, don't reply.
Lookup and challenge can be automated
Yet each phase sounds like the same problem. A spoof.
That's why I'd like our local public key infrastructure to be adopted.
Check the blockchain ledger for the public key of whoever is requesting contact with you. If it's not there, don't reply.
Lookup and challenge can be automated
September 1, 2025 at 1:39 PM
Awful.
Yet each phase sounds like the same problem. A spoof.
That's why I'd like our local public key infrastructure to be adopted.
Check the blockchain ledger for the public key of whoever is requesting contact with you. If it's not there, don't reply.
Lookup and challenge can be automated
Yet each phase sounds like the same problem. A spoof.
That's why I'd like our local public key infrastructure to be adopted.
Check the blockchain ledger for the public key of whoever is requesting contact with you. If it's not there, don't reply.
Lookup and challenge can be automated
Cool, yet another attack surface.
I'm working on a secure communications layer where the sender of the message must use a public key.
The recipient is able to identify the sender's signature and need only pay attention to those secret messages.
Do that first, then enjoy steganography.
I'm working on a secure communications layer where the sender of the message must use a public key.
The recipient is able to identify the sender's signature and need only pay attention to those secret messages.
Do that first, then enjoy steganography.
September 1, 2025 at 1:35 PM
Cool, yet another attack surface.
I'm working on a secure communications layer where the sender of the message must use a public key.
The recipient is able to identify the sender's signature and need only pay attention to those secret messages.
Do that first, then enjoy steganography.
I'm working on a secure communications layer where the sender of the message must use a public key.
The recipient is able to identify the sender's signature and need only pay attention to those secret messages.
Do that first, then enjoy steganography.
July 28, 2025 at 6:06 PM
Glad to meet you, @1obit.bsky.social. Thank you for saying you're on the same wavelength. I hope others are too - it's hard to know when people stay quiet ... But I believe.
July 26, 2025 at 1:16 PM
Glad to meet you, @1obit.bsky.social. Thank you for saying you're on the same wavelength. I hope others are too - it's hard to know when people stay quiet ... But I believe.
Should be required reading. Thanks for sharing it.
July 12, 2025 at 3:25 AM
Should be required reading. Thanks for sharing it.
Thank you very much, @at1c.bsky.social.
That's very helpful and encouraging. I will take your advice. 🙏
That's very helpful and encouraging. I will take your advice. 🙏
July 8, 2025 at 5:02 PM
Thank you very much, @at1c.bsky.social.
That's very helpful and encouraging. I will take your advice. 🙏
That's very helpful and encouraging. I will take your advice. 🙏
Thanks for the warning.
June 14, 2025 at 1:45 PM
Thanks for the warning.
Who is able to copy and preserve these kinds of records elsewhere?
I assume there's the actual data that was released, which is public fair use, but what about the other files and records derived from those?
Were releases signed that would allow reproduction elsewhere?
Or is that a pipedream?
I assume there's the actual data that was released, which is public fair use, but what about the other files and records derived from those?
Were releases signed that would allow reproduction elsewhere?
Or is that a pipedream?
June 7, 2025 at 2:37 PM
Who is able to copy and preserve these kinds of records elsewhere?
I assume there's the actual data that was released, which is public fair use, but what about the other files and records derived from those?
Were releases signed that would allow reproduction elsewhere?
Or is that a pipedream?
I assume there's the actual data that was released, which is public fair use, but what about the other files and records derived from those?
Were releases signed that would allow reproduction elsewhere?
Or is that a pipedream?
Sometimes it goes the other way
June 7, 2025 at 2:12 PM
Sometimes it goes the other way
It's a coordination issue.
I think we could re coordinate if there's a Blockchain equivalent where you could leave a forwarding address.
I could provide the back end at least as a pilot.
Would anyone write the app to get to an API and start the publicity?
I think we could re coordinate if there's a Blockchain equivalent where you could leave a forwarding address.
I could provide the back end at least as a pilot.
Would anyone write the app to get to an API and start the publicity?
June 5, 2025 at 5:49 PM
It's a coordination issue.
I think we could re coordinate if there's a Blockchain equivalent where you could leave a forwarding address.
I could provide the back end at least as a pilot.
Would anyone write the app to get to an API and start the publicity?
I think we could re coordinate if there's a Blockchain equivalent where you could leave a forwarding address.
I could provide the back end at least as a pilot.
Would anyone write the app to get to an API and start the publicity?
intend to get into a debate about necessary or sufficient.
Of course that's all true. Nothing is guaranteed and I'd also like some luck:
"It's better to be lucky and stupid than unlucky and smart."
Overall, though, we've collected nearly all the pieces.
Nearly.
Of course that's all true. Nothing is guaranteed and I'd also like some luck:
"It's better to be lucky and stupid than unlucky and smart."
Overall, though, we've collected nearly all the pieces.
Nearly.
May 31, 2025 at 10:23 PM
intend to get into a debate about necessary or sufficient.
Of course that's all true. Nothing is guaranteed and I'd also like some luck:
"It's better to be lucky and stupid than unlucky and smart."
Overall, though, we've collected nearly all the pieces.
Nearly.
Of course that's all true. Nothing is guaranteed and I'd also like some luck:
"It's better to be lucky and stupid than unlucky and smart."
Overall, though, we've collected nearly all the pieces.
Nearly.
needed to find that last, simple, relatable pain that we can solve that people might understand.
I started out with an appreciation of what you said: that despite doing everything wrong, startups have a chance when they have something so excellent, they can focus on getting that right.
I didn't
I started out with an appreciation of what you said: that despite doing everything wrong, startups have a chance when they have something so excellent, they can focus on getting that right.
I didn't
May 31, 2025 at 10:21 PM
needed to find that last, simple, relatable pain that we can solve that people might understand.
I started out with an appreciation of what you said: that despite doing everything wrong, startups have a chance when they have something so excellent, they can focus on getting that right.
I didn't
I started out with an appreciation of what you said: that despite doing everything wrong, startups have a chance when they have something so excellent, they can focus on getting that right.
I didn't
Yes, except we have a business model because we know what infrastructure-as-a-service looks like.
We have a go-to-market but admittedly it hasn't been thoroughly tested. I've been patient, though, because I know we do cryptographic security so well, it's disruptive exactly as in ID, and I needed
We have a go-to-market but admittedly it hasn't been thoroughly tested. I've been patient, though, because I know we do cryptographic security so well, it's disruptive exactly as in ID, and I needed
May 31, 2025 at 10:17 PM
Yes, except we have a business model because we know what infrastructure-as-a-service looks like.
We have a go-to-market but admittedly it hasn't been thoroughly tested. I've been patient, though, because I know we do cryptographic security so well, it's disruptive exactly as in ID, and I needed
We have a go-to-market but admittedly it hasn't been thoroughly tested. I've been patient, though, because I know we do cryptographic security so well, it's disruptive exactly as in ID, and I needed