final polish before committing

updated footer, landing and blog
2025-10-27 15:04:03 -04:00 · 2025-10-24 22:41:12 -04:00
11 changed files with 187 additions and 157 deletions
--- a/_config.yml
+++ b/_config.yml
@ -6,7 +6,7 @@ url: "https://caution.co"
 banner: "https://caution.co/assets/base/caution-thumbnail.png"

 header_pages:
- index.md
+  - index.md

 style: dark
 listen_for_clients_preferred_style: false
@ -16,8 +16,7 @@ theme: jekyll-theme-console
 permalink: blog/:title.html

 plugins:
- jekyll-feed
-
+  - jekyll-feed
 # Exclude from processing.
 # The following items will not be processed, by default.
 # Any item listed under the `exclude:` key here will be automatically added to
--- a/_includes/blog-about-caution.html
+++ b/_includes/blog-about-caution.html
@ -0,0 +1,32 @@
+<h2>About Caution</h2>
+
+<p>
+	Caution is the verifiable compute platform, making it easy to run sensitive
+	workloads with cryptographic proof, not blind trust.
+</p>
+<p>
+	Our platform gives developers the simplest path to verifiable, end-to-end
+	integrity: portable across clouds and hardware, and free from vendor lock-in,
+	complexity, or delay. Whether protecting financial data, securing healthcare
+	systems, proving the integrity of AI models, or safeguarding industrial
+	control and aeronautical systems, Caution makes it fast to set up and
+	effortless to run.
+</p>
+<p>
+	Our team has built and secured some of the world’s highest-risk systems
+	through our consulting company,
+	<a
+		href="https://distrust.co/"
+		title="Visit distrust.co"
+		target="_blank"
+		rel="noopener noreferrer"
+	>
+		<strong>Distrust</strong></a
+	>. This includes vaulting infrastructure at BitGo, Unit410, and Turnkey, as
+	well as security work with electrical grid operators, industrial control
+	systems, and other mission-critical environments.
+</p>
+
+<!-- <p>We handle the hard parts, so you can stay focused on building.</p>
+ 
+[Explore how it works →] -->
--- a/_includes/blog-about-distrust.html
+++ b/_includes/blog-about-distrust.html
@ -1,5 +0,0 @@
-<h2>About Caution</h2>
-
-<p>The Caution team has helped build and secure some of the highest-risk systems in the world via their consulting company Distrust. This includes vaulting infrastructure at BitGo, Unit410, and Turnkey, as well as security work with electrical grid operators, industrial control systems, and other mission-critical systems.</p>
-
-
--- a/_includes/footer.html
+++ b/_includes/footer.html
@ -0,0 +1,24 @@
+<footer class="site-footer">
+	<div class="footer-middle container">
+		<p class="footer-heading">© 2025 Caution SEZC. All rights reserved.</p>
+		<div class="social-icons">
+			<a
+				href="https://git.distrust.co/public/"
+				target="_blank"
+				rel="noopener noreferrer"
+				aria-label="Forgejo"
+				title="Access source code and documentation"
+			>
+				<img src="/assets/base/social/forgejo-logo.svg" alt="Forgejo logo" />
+			</a>
+			<!-- <a
+				href="#"
+				target="_blank"
+				rel="noopener noreferrer"
+				aria-label="Mastodon"
+			>
+				<img src="/assets/base/social/Mastodon-logo.svg" alt="Mastodon logo" />
+			</a> -->
+		</div>
+	</div>
+</footer>
--- a/_includes/footer.html.bkp
+++ b/_includes/footer.html.bkp
@ -1,70 +0,0 @@
-<footer class="site-footer">
-	<div class="footer-top container">
-		<div class="footer-logo">
-			<a href="/index.html" class="footer-logo">
-				<img
-					src="/assets/base/caution-logo/caution-logo-png/caution-logo-text-white.png"
-					alt="Caution logo"
-				/>
-			</a>
-		</div>
-		<div>
-			<p class="footer-subheading footer-mobile">
-				Sleep better knowing your encrypted data is always recoverable.
-			</p>
-		</div>
-		<div class="footer-links">
-			<div class="footer-column footer-product">
-				<h4>Product</h4>
-				<a href="/dr.html" rel="noopener noreferrer">Overview</a>
-				<a href="/pricing.html" rel="noopener noreferrer">Pricing</a>
-				<a href="#" rel="noopener noreferrer">Docs</a>
-			</div>
-			<div class="footer-column footer-resources">
-				<h4>Resources</h4>
-				<a href="/faq.html" rel="noopener noreferrer">FAQs</a>
-				<a href="#" rel="noopener noreferrer">Brand</a>
-				<a href="#" rel="noopener noreferrer">Contact</a>
-			</div>
-			<div class="footer-column footer-company">
-				<h4>Company</h4>
-				<a href="#" rel="noopener noreferrer">About</a>
-				<a href="/research-and-development.html" rel="noopener noreferrer"
-					>R&D</a
-				>
-				<a href="#" rel="noopener noreferrer">Privacy</a>
-			</div>
-		</div>
-	</div>
-
-	<div class="footer-middle container">
-		<p class="footer-heading footer-desktop">
-			Secure what matters most with Caution.
-		</p>
-		<div class="social-icons">
-			<a
-				href="https://git.distrust.co/public/"
-				target="_blank"
-				rel="noopener noreferrer"
-				aria-label="Forgejo"
-			>
-				<img src="/assets/base/social/forgejo-logo.svg" alt="Forgejo logo" />
-			</a>
-			<a
-				href="#"
-				target="_blank"
-				rel="noopener noreferrer"
-				aria-label="Mastodon"
-			>
-				<img src="/assets/base/social/Mastodon-logo.svg" alt="Mastodon logo" />
-			</a>
-		</div>
-	</div>
-
-	<div class="footer-bottom container">
-		<p class="footer-subheading footer-desktop">
-			Sleep better knowing your encrypted data is always recoverable.
-		</p>
-		<p class="copyright">© 2025 Caution. All rights reserved.</p>
-	</div>
-</footer>
--- a/_includes/header.html
+++ b/_includes/header.html
@ -43,8 +43,12 @@
 		</nav>

 		<div class="nav-cta">
-			<a href="/blog.html" class="btn btn-primary" rel="noopener noreferrer"
-				>Blog →</a
+			<a
+				href="/blog.html"
+				class="btn btn-primary"
+				aria-label="Read our blog"
+				title="Read our latest blog posts and updates"
+				>Blog <span class="arrow">→</span></a
 			>
 		</div>
 	</div>
--- a/_layouts/blog.html
+++ b/_layouts/blog.html
@ -9,12 +9,20 @@
 					<div class="posts">
 						{% for post in site.posts %}
 						<div class="blog-details">
-							<div class="blog-details-date">{{ post.date | date: "%b %e, %Y" }}</div>
-							<div class="blog-details-read-time">{{ post.content | number_of_words | divided_by: 200 }} min read</div>
+							<div class="blog-details-date">
+								{{ post.date | date: "%b %e, %Y" }}
 							</div>
-						<a class="blog-link" href="{{ post.url | relative_url }}" title="{{ post.title }}">
+							<div class="blog-details-read-time">
+								{{ post.content | number_of_words | divided_by: 200 }} min read
+							</div>
+						</div>
+						<a
+							class="blog-link"
+							href="{{ post.url | relative_url }}"
+							title="{{ post.title }}"
+						>
 							<article>
-								<h1>{{ post.title }}</h1>
+								<h1 style="margin: 1.1rem 0 1.5rem 0">{{ post.title }}</h1>
 								<p>{{ post.excerpt | strip_html | truncatewords: 25 }}</p>
 							</article>
 							<div class="arrow-link">
@ -27,13 +35,11 @@
 				</div>

 				<p>
-					{% for author in page.authors %}
-					— {{ author.name }}{% unless forloop.last %}, {% endunless %}
-					{% endfor %}
+					{% for author in page.authors %} — {{ author.name }}{% unless
+					forloop.last %}, {% endunless %} {% endfor %}
 				</p>
 			</main>
 		</div>
 		{%- include footer.html -%}
 	</body>
 </html>
-
--- a/_layouts/landing.html
+++ b/_layouts/landing.html
@ -7,12 +7,21 @@
 		<main>
 			<section class="hero landing">
 				<div class="hero-content landing container">
-					<h1 class="hero-title landing">Verifiable Compute</h1>
+					<h1 class="hero-title landing">Caution makes compute verifiable</h1>
 					<p class="subtext">
-					Caution is the next-gen compute platform – verifiable, portable, and fast to deploy. Built by the security engineers behind <a href="https://distrust.co" target="_blank" rel="noopener noreferrer">Distrust</a>.
+						You deserve to know what runs on your servers. No more black boxes.
+						<br />
+						Caution gives you cryptographic proof, total portability, and no
+						complexity.
 					</p>
 					<div class="hero-cta">
-						<a href="/blog.html" class="btn">Blog →</a>
+						<a
+							href="/blog.html"
+							class="btn"
+							aria-label="Read our blog"
+							title="Read our latest blog posts and updates"
+							>Blog <span class="arrow">→</span></a
+						>
 					</div>
 				</div>
 			</section>
--- a/_layouts/post.html
+++ b/_layouts/post.html
@ -7,20 +7,21 @@
 			<main class="blog">
 				<article class="post">
 					<div class="blog-details">
-						<div class="blog-details-date">{{ page.date | date: "%b %e, %Y" }}</div>
-						<div class="blog-details-read-time">{{ page.content | number_of_words | divided_by: 200 }} min read</div>
+						<div class="blog-details-date">
+							{{ page.date | date: "%b %e, %Y" }}
 						</div>
-					<h1 style="margin-bottom: 40px">{{page.title}}</h1>
-					<div class="entry">
-						{{ content }}
+						<div class="blog-details-read-time">
+							{{ page.content | number_of_words | divided_by: 200 }} min read
 						</div>
-					<hr>
-					{% include blog-about-distrust.html %}
+					</div>
+					<h1 style="margin: 1.1rem 0 1.5rem 0">{{page.title}}</h1>
+					<div class="entry">{{ content }}</div>
+					<hr />
+					{% include blog-about-caution.html %}

 					<p>
-						{% for author in page.authors %}
-							— {{ author.name }}{% unless forloop.last %}, {% endunless %}
-						{% endfor %}
+						{% for author in page.authors %} — {{ author.name }}{% unless
+						forloop.last %}, {% endunless %} {% endfor %}
 					</p>
 				</article>
 			</main>
@ -28,4 +29,3 @@
 		{%- include footer.html -%}
 	</body>
 </html>
-
--- a/_posts/2025-09-29-verifiable-compute.md
+++ b/_posts/2025-09-29-verifiable-compute.md
@ -1,46 +1,40 @@
 ---
 layout: post
-title: Introducing Generalized Verifiable Compute
+title: Introducing generalized verifiable compute
 date: 2025-09-29
 ---

-What if the software running your systems isn't what you think? And if you had to prove what software is on a system, how would you do it?
+#### What if the software running your systems isn't what you think? If you had to prove what software is on a system, how would you do it?

 Most of today’s technologies are black boxes. From firmware and operating systems to compilers and cloud platforms, opacity is the default. Users can send requests to an API or server, but they cannot verify what software, or whose software, they are really interacting with. The issue impacts organizations internally as well, where system managers can't verify whether the code they think they deployed is actually what's running on the server. This is not just a usability issue, it is a systemic design failure and the result is software stacks riddled with blind spots, where compromise can occur at any stage and remain invisible.

-After many years of working with high risk clients and analayzing different technologies, our team has concluded the pieces needed for verifiable systems already exist, but they are underutilized because they are misunderstood and difficult to use, a problem we needed to solve.
+Years of working with high-risk clients and analyzing different technologies have led us to realize that the pieces needed for verifiable systems already exist. They remain underutilized because they are misunderstood and difficult to use, a problem we need to solve.

 Reproducible builds, secure enclaves, and cryptographic remote attestation each solve parts of the problem. Taken together, they form the building blocks for **verifiable compute**, which allows software to be verified. Our work is focused on creating the next generation of cloud hosting platform centered around verifiability and elimination of single points of failure present in current market solutions.

 Like “zero trust” before it, the term verifiable compute is already being hijacked by marketing teams. Companies throw it around to describe partial solutions, usually just proving a binary hash hasn’t changed. We take a stricter view: verifiable compute means the entire supply chain can be checked. Anything less is **not** verifiable compute.

-## The Real-World Risk of Unverifiability
+## The real-world risk of unverifiability

 The risks of unverifiable systems are not theoretical; they’ve already caused some of the most damaging security incidents of the past decade.

-SolarWinds (2020) showed how a compromised software supply chain can cascade globally. Attackers injected malicious code into SolarWinds’ Orion updates, which were then shipped to thousands of companies and U.S. government agencies. Because customers had no way to verify what software they were actually running, the backdoor spread silently through trusted update channels.
+**<a href="https://thehackernews.com/2025/09/solarwinds-releases-hotfix-for-critical.html" target="_blank" rel="noopener noreferrer" title="View article on thehackernews.com">SolarWinds (2020)</a>** showed how a compromised software supply chain can cascade globally. Attackers injected malicious code into SolarWinds’ Orion updates, which were then shipped to thousands of companies and U.S. government agencies. Because customers had no way to verify what software they were actually running, the backdoor spread silently through trusted update channels.

 This is one of the many breaches which demonstrate that without verifiability across the entire stack, organizations have no reliable way to prove the integrity of the systems they depend on.

-## The Building Blocks of True Verifiability
+## The building blocks of true verifiability

-Our team established that three key technologies are essential for making software verifiable end-to-end:
+Three core technologies make end-to-end software verifiability possible:

- Reproducible builds
+- **Reproducible builds.** Reproducible builds force software to be bit-for-bit identical when built from the same source code, and eliminate certain categories of supply chain attacks and would have prevented incidents like SolarWinds. It allows for integrity verification, without which software is opaque and difficult to verify.

-Reproducible builds force software to be bit-for-bit identical when built from the same soruce code, and eliminate certain categories of supply chain attacks and would have prevented incidents like SolarWinds. It allows for integrity verification, without which software is opaque and difficult to verify.
+- **Secure enclaves.** Hardware-isolated execution (e.g., IOMMU-backed enclaves) prevents external processes — even privileged ones — from tampering with sensitive workloads. Enclaves give us strong isolation, but isolation alone doesn’t prove what is running.

- Secure enclaves
+- **Remote attestation.** Remote hardware attestation (TPM2, Intel TDX, AMD SEV, AWS Nitro, and others) measures the state of a machine and provides cryptographic proof of what software is running. Attestation anchors trust at the hardware layer, but on its own it doesn’t guarantee the software’s provenance or build integrity.

-Hardware-isolated execution (e.g., IOMMU-backed enclaves) prevents external processes — even privileged ones — from tampering with sensitive workloads. Enclaves give us strong isolation, but isolation alone doesn’t prove what is running.
+Together, they form the foundation of true verifiable compute: the ability to verify software integrity from the toolchain it’s built with to the hardware it runs on.

- Remote attestation
-
-Remote hardware attestation (TPM2, Intel TDX, AMD SEV, AWS Nitro, and others) measures the state of a machine and provides cryptographic proof of what software is running. Attestation anchors trust at the hardware layer, but on its own it doesn’t guarantee the software’s provenance or build integrity.
-
-Taken together, these three technologies form the foundation of true verifiable compute: the ability to verify the integrity of software from the toolchain it’s built with to the hardware it runs on.
-
-## Why Existing Platforms Fall Short
+## Why existing platforms fall short

 Current offerings from the major cloud providers (AWS, Azure, GCP, etc.) are demanding in terms of both expertise and time to set up. They also lock users into a single vendor’s ecosystem and force reliance and trust in one type of hardware or firmware. For example, AWS requires implicit trust in its proprietary Nitro Card, a black-box technology that customers cannot independently verify.

@ -48,7 +42,7 @@ Other companies, such as Tinfoil, Turnkey, and Privy, offer wrappers around encl

 In short, there are currently no solutions offering full transparency and elimination of single points of failure in the market.

-## “Cautiously” Building the Next Generation of Verifiable Compute
+## “Cautiously” building the next generation of verifiable vompute

 Our team has chosen a no-compromise approach to solving this problem by building a cloud hosting platform, **Caution**, that:

@ -64,5 +58,5 @@ Our team has chosen a no-compromise approach to solving this problem by building

 Caution is the next generation cloud hosting platform launching in 2026. We believe this marks the beginning of a new era of infrastructure: verifiable, open, and resilient by default.

-If you’re interested in collaborating, contributing, or investing, we’d love to talk. Email us at info@caution.co.
-
+We’re building Caution in the open. If you’d like to use it, contribute, or partner with us, get in touch at **<a href="mailto:info@caution.co?subject=Website%20Inquiry" title="Contact our team">
+info@caution.co</a>**.
--- a/_sass/base.scss
+++ b/_sass/base.scss
@ -3,7 +3,9 @@
 :root {
 	--dark: #0f0f0f;
 	--grey: #6f6f6f;
+	--grey-dark: #232b2b;
 	--grey-mid: #ccc;
+	--grey-med: #858585;
 	--grey-light: #e7e7e7;
 	--blue-base: #ecf6fd;
 	--blue-light: #e7f1ff;
@ -105,6 +107,7 @@ html {

 article {
 	font-family: "Plus Jakarta Sans", sans-serif;
+	transition: transform 0.3s ease;
 }

 p,
@ -112,12 +115,12 @@ li,
 a,
 small,
 em {
-	line-height: 1.3;
+	line-height: 1.5;
 	padding: 0;
 }

 strong {
-	font-weight: 600;
+	font-weight: 500;
 }

 .container {
@ -142,8 +145,10 @@ h4 {
 }

 h1 {
-	font-size: clamp(3.5rem, 10vw, 5rem);
+	font-size: clamp(3.2rem, 10vw, 4.2rem);
 	line-height: 1.1;
+	letter-spacing: 0.005rem;
+	word-spacing: 0.3rem;
 }

 h2 {
@ -163,7 +168,7 @@ h4 {
 p,
 li {
 	font-weight: 300;
-	font-size: clamp(1rem, 2vw, 1.125rem);
+	font-size: clamp(1.1rem, 2vw, 1.125rem);
 }

 a {
@ -192,15 +197,16 @@ em {
 }

 .hero-title {
-	max-width: 600px;
-	margin-top: 16.5rem;
+	max-width: 45rem;
+	margin-top: 25rem;
 }

 .subtext {
-	font-size: clamp(1.25rem, 2.5vw, 1.4rem);
-	max-width: 600px;
+	font-size: clamp(1.12rem, 2.5vw, 1.3rem);
+	max-width: 48rem;
 	line-height: 1.5;
 	margin: 0 0 2.5rem 0;
+	word-spacing: 0.05rem;
 }

 /* BUTTONS */
@ -226,6 +232,12 @@ em {
 	box-shadow: none;
 }

+.arrow {
+	display: inline-block;
+	margin-left: 4px;
+	transition: transform 0.3s ease;
+}
+
 .fade-in {
 	opacity: 0;
 	animation: fadeIn ease 1.1s forwards;
@ -335,6 +347,10 @@ img {
 	opacity: 1;
 }

+.btn:hover .arrow {
+	transform: translateX(4px);
+}
+
 .nav-logo {
 	max-width: 50px;
 }
@ -361,8 +377,8 @@ img {

 .site-footer {
 	background-color: var(--dark);
-	color: white;
-	padding: 4rem 0 3.5rem 0;
+	padding: 1.5rem 0 0.75rem 0;
+	align-items: center;
 }

 .footer-mobile {
@ -434,9 +450,8 @@ img {
 }

 .footer-middle {
-	border-top: 1px solid var(--grey-mid);
-	margin-top: 3rem;
-	padding-top: 1.5rem;
+	margin: 2.5rem auto 1.5rem auto;
+	padding: 0;
 }

 .footer-heading {
@ -445,10 +460,10 @@ img {
 	margin: 0.75rem 0;
 }

-.footer-subheading,
+.footer-heading,
 .copyright {
 	font-size: 1.1rem;
-	color: var(--grey-mid);
+	color: var(--grey-med);
 	margin: 0;
 	line-height: 1.7rem;
 }
@ -637,21 +652,37 @@ img {
 //* Blog */

 .blog-link:hover .arrow {
-	transform: translateX(5px);
-	background: none !important;
-	background-color: var(--base-color);
-	color: white !important;
+	transform: translateX(5px) !important;
 }

 .blog {
 	margin: auto;
-	max-width: 700px;
+	max-width: 45rem;
 	margin-top: 120px;
 }

+.posts {
+	margin-top: 12rem;
+	margin-bottom: 41.75rem; //to be removed//
+}
+
+.post p,
+li {
+	font-weight: 300;
+	font-size: clamp(1.125rem, 2vw, 1.18rem);
+	line-height: 1.6;
+	color: var(--grey-dark);
+	letter-spacing: -0.0125rem;
+	word-spacing: 0.1rem;
+}
+
+.post h2 {
+	margin: 3.5rem 0 2rem 0;
+}
+
 .post {
-	max-width: 700px;
-	margin: 100px 0px;
+	max-width: 45rem;
+	margin: 12rem 0 10rem 0;
 }

 .post img {
@ -693,9 +724,11 @@ img {
 }

 .blog h1 {
-	font-size: 2rem !important;
-	line-height: 2rem !important;
+	font-size: 2.1rem !important;
+	line-height: 2.5rem !important;
 	font-weight: 600 !important;
+	letter-spacing: -0.0125rem;
+	word-spacing: 0.1rem;
 }

 .blog h2 {
@ -709,13 +742,16 @@ img {
 }

 .blog h4 {
-	font-size: 1.4rem !important;
-	font-weight: 600 !important;
+	font-size: clamp(1.18rem, 2vw, 1.25rem) !important;
+	line-height: 1.5;
+	font-weight: 500 !important;
+	letter-spacing: -0.0125rem;
+	word-spacing: 0.1rem;
 }

 .blog h5 {
 	font-size: 1.2rem !important;
-	font-weight: 600 !important;
+	font-weight: 500 !important;
 }

 .blog hr {
@ -723,11 +759,11 @@ img {
 }

 .post a {
-	color: var(--pink);
+	text-decoration: underline;
 }

 .post a:hover {
-	text-decoration: underline;
+	color: var(--pink);
 }

 .blog-details {
@ -738,21 +774,22 @@ img {
 }

 .blog-details-date {
-	background: var(--light-grey);
+	background: var(--dark);
 	color: var(--background-color);
 	border-radius: 5px;
-	padding: 2px 10px;
+	padding: 2px 10px 3px 10px;
+	font-weight: 500;
 }

 .blog-details-read-time {
 	padding: 2px 10px;
 	margin-left: 15px;
 	color: var(--pink);
+	font-weight: 500;
 }

 /** end blog */

-
 // ====== PRICES ======= //

 .price {
Author	SHA1	Message	Date
Ksenia Lesko	bc4a54a893	final polish before committing	2025-10-27 15:04:03 -04:00
Ksenia Lesko	b5b8455966	updated footer, landing and blog	2025-10-24 22:41:12 -04:00