Stephanie So
@complicatedisok.bsky.social
CEO of Geeq, a tech start-up in blockchain (not crypto). Ask me anything because I think blockchain, crypto, and tech need a complete do-over - and the only people who can make that happen are the ones who aren't already on the inside.
Hi, a few questions:
1. How are compromised keys immediately detected and replays prevented?
2. Is there documentation about the kind of immutable log that's used?
(I understand blockchain and DLTs, I'm very curious.)
3. Does the guarantee basically come down to Microsoft's trusted signature?
1. How are compromised keys immediately detected and replays prevented?
2. Is there documentation about the kind of immutable log that's used?
(I understand blockchain and DLTs, I'm very curious.)
3. Does the guarantee basically come down to Microsoft's trusted signature?
November 23, 2025 at 2:30 AM
Hi, a few questions:
1. How are compromised keys immediately detected and replays prevented?
2. Is there documentation about the kind of immutable log that's used?
(I understand blockchain and DLTs, I'm very curious.)
3. Does the guarantee basically come down to Microsoft's trusted signature?
1. How are compromised keys immediately detected and replays prevented?
2. Is there documentation about the kind of immutable log that's used?
(I understand blockchain and DLTs, I'm very curious.)
3. Does the guarantee basically come down to Microsoft's trusted signature?
More details, please?
November 23, 2025 at 2:20 AM
More details, please?
but clever, because once the malware is accepted, the blockchain is doing what it's supposed to do - make it available.
So, here's the warning for smart contract blockchain users. This was a client-side problem. Don't let your applications execute smart contract data without checking.
Be careful.
So, here's the warning for smart contract blockchain users. This was a client-side problem. Don't let your applications execute smart contract data without checking.
Be careful.
November 13, 2025 at 11:24 PM
but clever, because once the malware is accepted, the blockchain is doing what it's supposed to do - make it available.
So, here's the warning for smart contract blockchain users. This was a client-side problem. Don't let your applications execute smart contract data without checking.
Be careful.
So, here's the warning for smart contract blockchain users. This was a client-side problem. Don't let your applications execute smart contract data without checking.
Be careful.
Have you heard the news about local public key infrastructure?
We're working to make security less dependent on humans trying to outsmart AI.
It would work (it's PKI without the trusted middles).
We could use help to get adoption, all hands are welcome!
We're working to make security less dependent on humans trying to outsmart AI.
It would work (it's PKI without the trusted middles).
We could use help to get adoption, all hands are welcome!
October 22, 2025 at 10:25 PM
Have you heard the news about local public key infrastructure?
We're working to make security less dependent on humans trying to outsmart AI.
It would work (it's PKI without the trusted middles).
We could use help to get adoption, all hands are welcome!
We're working to make security less dependent on humans trying to outsmart AI.
It would work (it's PKI without the trusted middles).
We could use help to get adoption, all hands are welcome!
Please ask me to explain:
2-factor authentication fails to protect consumers.
It asks you to give your credentials without knowing who is on the other side.
That's what happens in help desk scams.
We must have *mutual* authentication in order to be truly secure.
You deserve it. We all do.
2-factor authentication fails to protect consumers.
It asks you to give your credentials without knowing who is on the other side.
That's what happens in help desk scams.
We must have *mutual* authentication in order to be truly secure.
You deserve it. We all do.
October 1, 2025 at 7:42 PM
Please ask me to explain:
2-factor authentication fails to protect consumers.
It asks you to give your credentials without knowing who is on the other side.
That's what happens in help desk scams.
We must have *mutual* authentication in order to be truly secure.
You deserve it. We all do.
2-factor authentication fails to protect consumers.
It asks you to give your credentials without knowing who is on the other side.
That's what happens in help desk scams.
We must have *mutual* authentication in order to be truly secure.
You deserve it. We all do.
I remember that use case! Smart choice, discerning customers.
So nice to meet you!
So nice to meet you!
September 19, 2025 at 10:16 PM
I remember that use case! Smart choice, discerning customers.
So nice to meet you!
So nice to meet you!
Hi!
Yes! NFC technology! Much better than QR codes. Was that your invention? That's excellent.
Supply chain is a natural for blockchains, I agree. We're applying that concept to the information supply chain. We have mints without smart contracts (more secure) and global state awareness. 🥂
Yes! NFC technology! Much better than QR codes. Was that your invention? That's excellent.
Supply chain is a natural for blockchains, I agree. We're applying that concept to the information supply chain. We have mints without smart contracts (more secure) and global state awareness. 🥂
September 19, 2025 at 9:16 PM
Hi!
Yes! NFC technology! Much better than QR codes. Was that your invention? That's excellent.
Supply chain is a natural for blockchains, I agree. We're applying that concept to the information supply chain. We have mints without smart contracts (more secure) and global state awareness. 🥂
Yes! NFC technology! Much better than QR codes. Was that your invention? That's excellent.
Supply chain is a natural for blockchains, I agree. We're applying that concept to the information supply chain. We have mints without smart contracts (more secure) and global state awareness. 🥂
I'm glad to boost your public service announcements.
There's always something, please keep them coming!
Happy Friday.
There's always something, please keep them coming!
Happy Friday.
September 19, 2025 at 9:03 PM
I'm glad to boost your public service announcements.
There's always something, please keep them coming!
Happy Friday.
There's always something, please keep them coming!
Happy Friday.
I retweeted this article, thank you!
I have a fix for this. Now I need to figure out how to sell it to an airline!
I have a fix for this. Now I need to figure out how to sell it to an airline!
September 19, 2025 at 8:43 PM
I retweeted this article, thank you!
I have a fix for this. Now I need to figure out how to sell it to an airline!
I have a fix for this. Now I need to figure out how to sell it to an airline!
Very happy to answer!!
September 8, 2025 at 1:50 PM
Very happy to answer!!
Awful.
Yet each phase sounds like the same problem. A spoof.
That's why I'd like our local public key infrastructure to be adopted.
Check the blockchain ledger for the public key of whoever is requesting contact with you. If it's not there, don't reply.
Lookup and challenge can be automated
Yet each phase sounds like the same problem. A spoof.
That's why I'd like our local public key infrastructure to be adopted.
Check the blockchain ledger for the public key of whoever is requesting contact with you. If it's not there, don't reply.
Lookup and challenge can be automated
September 1, 2025 at 1:39 PM
Awful.
Yet each phase sounds like the same problem. A spoof.
That's why I'd like our local public key infrastructure to be adopted.
Check the blockchain ledger for the public key of whoever is requesting contact with you. If it's not there, don't reply.
Lookup and challenge can be automated
Yet each phase sounds like the same problem. A spoof.
That's why I'd like our local public key infrastructure to be adopted.
Check the blockchain ledger for the public key of whoever is requesting contact with you. If it's not there, don't reply.
Lookup and challenge can be automated
Cool, yet another attack surface.
I'm working on a secure communications layer where the sender of the message must use a public key.
The recipient is able to identify the sender's signature and need only pay attention to those secret messages.
Do that first, then enjoy steganography.
I'm working on a secure communications layer where the sender of the message must use a public key.
The recipient is able to identify the sender's signature and need only pay attention to those secret messages.
Do that first, then enjoy steganography.
September 1, 2025 at 1:35 PM
Cool, yet another attack surface.
I'm working on a secure communications layer where the sender of the message must use a public key.
The recipient is able to identify the sender's signature and need only pay attention to those secret messages.
Do that first, then enjoy steganography.
I'm working on a secure communications layer where the sender of the message must use a public key.
The recipient is able to identify the sender's signature and need only pay attention to those secret messages.
Do that first, then enjoy steganography.
July 28, 2025 at 6:06 PM
Glad to meet you, @1obit.bsky.social. Thank you for saying you're on the same wavelength. I hope others are too - it's hard to know when people stay quiet ... But I believe.
July 26, 2025 at 1:16 PM
Glad to meet you, @1obit.bsky.social. Thank you for saying you're on the same wavelength. I hope others are too - it's hard to know when people stay quiet ... But I believe.
Should be required reading. Thanks for sharing it.
July 12, 2025 at 3:25 AM
Should be required reading. Thanks for sharing it.
Thank you very much, @at1c.bsky.social.
That's very helpful and encouraging. I will take your advice. 🙏
That's very helpful and encouraging. I will take your advice. 🙏
July 8, 2025 at 5:02 PM
Thank you very much, @at1c.bsky.social.
That's very helpful and encouraging. I will take your advice. 🙏
That's very helpful and encouraging. I will take your advice. 🙏
Thanks for the warning.
June 14, 2025 at 1:45 PM
Thanks for the warning.
Who is able to copy and preserve these kinds of records elsewhere?
I assume there's the actual data that was released, which is public fair use, but what about the other files and records derived from those?
Were releases signed that would allow reproduction elsewhere?
Or is that a pipedream?
I assume there's the actual data that was released, which is public fair use, but what about the other files and records derived from those?
Were releases signed that would allow reproduction elsewhere?
Or is that a pipedream?
June 7, 2025 at 2:37 PM
Who is able to copy and preserve these kinds of records elsewhere?
I assume there's the actual data that was released, which is public fair use, but what about the other files and records derived from those?
Were releases signed that would allow reproduction elsewhere?
Or is that a pipedream?
I assume there's the actual data that was released, which is public fair use, but what about the other files and records derived from those?
Were releases signed that would allow reproduction elsewhere?
Or is that a pipedream?