public
/
website
5
0
Fork 0
Code Issues Pull Requests 3 Packages Projects Releases Wiki Activity

update design and clean up content

This commit is contained in:
Anton Livaja 2023-10-24 12:47:07 -04:00
parent a3e0d2963c
commit b7c99ed354
Signed by: anton
GPG Key ID: 44A86CFF1FDF0E85
17 changed files with 731 additions and 311 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
_includes/footer.html
View File

@ -1,3 +1,4 @@
<footer>
<span><img src="assets/base/distrust-white.svg" width="12px" alt="copyleft"/></span> {{ site.footer }}
<footer style="height: 40px">
<span><img src="assets/base/distrust-white.svg" width="20px" alt="copyleft"/></span> {{ site.footer }}
<script type="text/javascript" src="/assets/js/main.js"></script>
</footer>

25
_includes/head.html
View File

@ -14,8 +14,25 @@
<link rel="stylesheet" type="text/css" href="{{ "/assets/main.css" | relative_url }}">
<link rel="stylesheet" type="text/css" href="{{ "/assets/main-dark.css" | relative_url }}">
<!-- "Really, there is nothing interesting to see here. It is a static website. Here is the terraform code that deployed it, and here is the site source repo. If you find anything interesting or want to talk to us, reach out!" -->
<!-- https://codeberg.org/distrust/infra -->
<!-- https://codeberg.org/distrust/distrust.co -->
<!-- "Really, there is nothing interesting to see here. It is a static website. -->
<!-- Here is the terraform code that deployed it, and here is the site source repo. -->
<!-- If you find anything interesting or want to talk to us, reach out via our /contact page!" -->
<!-- https://git.distrust.co/public/stack -->
<!-- https://git.distrust.co/public/website -->
<div class="menu-content" style="display: none">
<div class="inner-menu-content">
<div>
<a href="/index.html">Home</a>
</div>
<div>
<a href="/about.html">About</a>
</div>
<div>
<a href="/services.html">Services</a>
</div>
<div>
<a href="/contact.html">Contact</a>
</div>
</div>
</div>
</head>

32
_includes/header.html
View File

@ -3,16 +3,30 @@
<div class="menu">
<div>
<a id="home-link" href="/index.html">
<img class="menu-logo" src="assets/base/distrust-text-white.svg" alt="Distrust broken chain logo with white text"/>
<img class="menu-logo" src="assets/base/distrust-text-white.svg"
alt="Distrust broken chain logo with white text" />
</a>
</div>
<ul>
{%- for path in page_paths -%}
{%- assign my_page = site.pages | where: "path", path | first -%}
{%- if my_page.title -%}
<li><a href="{{ my_page.url | relative_url }}">{{ my_page.title | escape }}</a></li>
{%- endif -%}
{%- endfor -%}
</ul>
<div class="right-menu">
<ul class="header-page-links show">
{%- for path in page_paths -%}
{%- assign my_page = site.pages | where: "path", path | first -%}
{%- if my_page.title -%}
{%- if my_page.title != 'Home' -%}
<li><a href="{{ my_page.url | relative_url }}">{{ my_page.title | escape }}</a></li>
{%- endif -%}
{%- endif -%}
{%- endfor -%}
</ul>
<div class="show">
<a href="/contact.html" class="action-button">Request a Quote</a>
</div>
<div id="hamburger-menu" class="hide menu-button-container" for="menu-toggle">
<input id="menu-toggle" type="checkbox" />
<label style="display: inline-block">
<div class='menu-button'></div>
</label>
</div>
</div>
</div>
</header>

96
_layouts/about.html Normal file
View File

@ -0,0 +1,96 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: " en" }}">
{%- include head.html -%}
<body>
<div class="container">
{%- include header.html -%}
<main>
<section>
<h2>Approach</h2>
<p>Like most security firms, we often start relationships with full stack audits. We also have enough experience in this industry to admit another firm will find bugs we missed, and vice versa. Our true goal in audits is to understand your threat model and find a path to fundamentally remove entire classes of relevant attack surface.</p>
<p>We tend to start with a consultation where try to help you understand your true attack surface by answering tough questions:</p>
<ul>
<li>Can your Google Authenticator codes be phished?</li>
<li>Can your SMS 2FA solution be SIM Swapped?</li>
<li>Can someone tamper with your Git repos or CI/CD systems?</li>
<li>Would it be profitable for someone to buy a $50,000 0day to compromise employee devices?</li>
<li>What happens when the FedEx guy leaves a tampered USB C cable on a conference table?</li>
<li>Who reviews the code of your third party dependencies?</li>
<li>What happens when your IT administrator is compromised? Or a production engineer?</li>
<li>Can a change in local political landscape fundamentally halt your business?</li>
<li>Can someone buy a server next to yours and steal your secrets via a side channel attack?</li>
<li>How do know the offline laptop with the keys to the kingdom has not been tampered with?</li>
<li>Do you have a plan for <i>when</i> your production systems are compromised?</li>
</ul>
<br />
<br />
<a href="/contact.html" class="action-button">Request a Quote</a>
</section>
<hr />
<section>
<h2>Values</h2>
<br />
<h4>Distrust</h4>
<ul>
<li>We will never ask you to give us access to production systems or have any power over your org.</li>
<li>Anyone with access to significant value is at personal risk. We teach distrust to protect people.</li>
<li>We will always provide a way for you to build and verify any binaries we provide yourself.</li>
<li>We are happy to provide you any background research we legally can so you can make your own conclusions.</li>
</ul>
<br />
<h4>Transparency</h4>
<ul>
<li>We regularly open source our research and common advice to get input and corrections from others in our industry.</li>
<li>Prices are always public. We will sometimes adjust based on demand, but everyone is offered the same rates.</li>
<li>With the exception of fully Open Source projects, which we offer a universal 15% discount on.</li>
</ul>
<br />
<h4>Security</h4>
<ul>
<li>Our internal threat model assumes well funded entities are interested in our clients and our work.</li>
<li>All client work is performed in dedicated local virtual machines under an offline host OS.</li>
<li>All authentication, and password management is done via dedicated pin+touch controlled personal HSMs.</li>
<li>We exclusively use End-To-End cross-verified encrypted chat internally.</li>
</ul>
<br />
<h4>Privacy</h4>
<ul>
<li>Your data and IP are always stored with AES256 encryption unlockable only with our personal HSMs.</li>
<li>Your data and IP are never exposed in plain text except on your systems or systems we physically control.</li>
<li>Everyone on our team has hardware-backed PGP keys to encrypt documents and emails if you prefer.</li>
</ul>
<br />
<h4>Freedom</h4>
<ul>
<li>We feel every customer has a path to not need us anymore, and we will encourage it.</li>
<li>We exclusively use Open Source internally and help make improvements when needed.</li>
<li>All general purpose security tools and research we create is Open Source by default.</li>
<li>We ensure you have a free path to replicate any of our findings yourself.</li>
<li>We will always favor solutions that minimize lock-in with third parties.</li>
</ul>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

183
_layouts/landing.html Normal file
View File

@ -0,0 +1,183 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: " en" }}">
{%- include head.html -%}
<body>
<div class="container">
{%- include header.html -%}
<main>
<section class="">
<div class="flex-container-inner">
<div class="text-well">
<h2>Understand and mitigate security threats others won't see coming.</h2>
<p>We believe security compromises to your systems and personnel are <b>inevitable</b>. Allow our team of expert technologists to help you reduce the likelihood and impact of security risks by thinking from first principles.</p>
<br />
<a href="/contact.html" class="action-button">Request a Quote</a>
<br />
</div>
</div>
<div class="flex-container-inner">
<!-- <canvas id="canvas"></canvas> -->
</div>
</section>
<hr />
<section class="">
<div class="flex-container-inner">
<div class="text-well">
<h2>We help secure the industry leaders.</h2>
<p>Some of the most sophisticated and sensitive systems in the industry have benefited from Distrust helping ensure that they are properly secured. Our clients see us as someone who will help them catch risks that aren't on other firm's radars.</p>
</div>
</div>
<div class="flex-container-inner">
<div class="companies">
<div>
<a href="https://coinbase.com">
<img style="height: 30px" src="assets/base/companies/coinbase-white.svg" />
</a>
</div>
<div>
<a href="https://bitgo.com">
<img src="assets/base/companies/bitgo-logo-white.svg" />
</a>
</div>
<div>
<a href="https://bishopfox.com">
<img style="height: 30px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);" src="assets/base/companies/bishop-fox-dark.png" />
</a>
</div>
</div>
<div class="companies">
<div>
<a href="http://www.falconx.io/">
<img style="height: 20px" src="assets/base/companies/falconx-white.svg" />
</a>
</div>
<div>
<a href="http://www.turnkey.io/">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" />
</a>
</div>
<div>
<a href="https://exodus.com">
<img src="assets/base/companies/exodus-white.svg" />
</a>
</div>
</div>
<div class="companies">
<div>
<a href="https://siderolabs.com">
<img style="height: 60px" src="assets/base/companies/sidero-labs-white.png" />
</a>
</div>
<div>
<a href="https://zoom.com">
<img style="height: 35px;" src="assets/base/companies/zoom-white.png" />
</a>
</div>
<div>
<a href="https://mystenlabs.com">
<img style="height: 25px" src="assets/base/companies/mysten-labs-white.svg" />
</a>
</div>
</div>
<div class="companies">
<div>
<a href="http://www.ankr.com/">
<img style="height: 75px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);" src="assets/base/companies/ankr.png" />
</a>
</div>
<div>
<a href="http://www.hashicorp.io/">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" />
</a>
</div>
<div>
<a href="http://www.b1.com/">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" />
</a>
</div>
</div>
<div class="companies">
<div>
<a href="http://www.ledn.io/">
<img src="assets/base/companies/ledn-white.svg" />
</a>
</div>
<div>
<a href="https://fitbit.com">
<img src="assets/base/companies/fitbit-white.png" />
</a>
</div>
<div>
<a href="https://dfns.co">
<img src="assets/base/companies/dfns-color.png" />
</a>
</div>
</div>
</div>
</section>
<hr/>
<section class="">
<div class="flex-container-inner" style="align-items: baseline">
<div class="text-well">
<h1>Services</h1>
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, need help building a security program from scratch, or want to focus on a specific aspect of your organization or system - we are here to help. Our experienced staff will work closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
<div class="button-container">
<a class="action-button" href="/services.html">Learn more</a>
<a href="/contact.html" class="action-button">Request a Quote</a>
</div>
</div>
</div>
<div class="flex-container-inner">
<div class="">
<br />
<hr />
<br />
</div>
<div class="text-well">
<h3>Security Assessment</h3>
<p>Holistic assessments of systems tailored to your needs. We leverage our in house expertise to analyze your system, thinking from first principles, in order to ensure its design, implementation and deployment all work coherently to establish a strong security posture.</p>
</div>
<br />
<hr />
<br />
<div class="text-well">
<h3>Security Engineering</h3>
<p>Our team consists of engineers who are experts in a wide range of areas ranging across applied cryptography, HSMs, secure coding using languages such as rust and golang, quorum authentication, kernel hardening, CI/CD hardening and more. Leverage our experience to ensure your systems are secure by design, and use the best available architecture patterns.</p>
</div>
<br />
<hr />
<br />
<div class="text-well">
<h3>Retained Security Support</h3>
<p>If you need additional security support, you can hire our team on retainer to have us available when you need us most. Our varied expertise allows us to assist you with a wide variety of security related challenges and activities.</p>
</div>
<br />
<hr />
<br />
<div class="text-well">
<h3>Research & Development</h3>
<p>Our team is active in both open source development and security research. We strive to build the tools that we feel will have the most impact on the overall security and privacy of internet users.</p>
</div>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

122
_layouts/services.html Normal file
View File

@ -0,0 +1,122 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: " en" }}">
{%- include head.html -%}
<body>
<div class="container">
{%- include header.html -%}
<main>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h2>How can we help you?</h2>
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, building a security program from scratch, or want to focus on assessing a specific aspect of your organization or system - we are here to help. Our experienced staff will work closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
<br />
<a href="/contact.html" class="action-button">Request a Quote</a>
<br />
</div>
</div>
<div class="flex-container-inner">
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Security Assessment</h3>
<p>Holistic assessments of systems tailored to your needs. We leverage our in house expertise to analyze your system, thinking from first principles, in order to ensure its design, implementation and deployment all work coherently to establish a strong security posture. The methodologies we leverage vary based on the context, and client needs.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Penetration Testing</li>
<li>Secure Code Review</li>
<li>Cloud Configuration Review</li>
<li>Threat Modeling</li>
</ul>
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Security Engineering</h3>
<p>Our team consists of engineers who are experts in a wide range of areas ranging across applied cryptography, HSMs, secure coding using languages such as rust and golang, quorum authentication, kernel hardening, CI/CD hardening and more. Leverage our experience to ensure your systems are secure by design, and use the best available architecture patterns.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Secure Code Development</li>
<li>Cryptocurrency Custodial Solutions</li>
<li>Quorum Authentication Design and Implementation</li>
<li>Cryptographic Key Escrow / Signer</li>
<li>Reproducible / Deterministic Builds</li>
<li>Production Engineering Practice</li>
</ul>
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Retained Security Support</h3>
<p>If you need additional security support, you can hire our team on retainer to have us available when you need us most. Our varied expertise allows us to assist you with a wide variety of security related challenges and activities.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Security Program Development</li>
<li>General Security Consulting</li>
<li>Assistance With Hiring Security Talent</li>
<li>Business Continuity Planning</li>
<li>Physical Security</li>
</ul>
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Research & Development</h3>
<p>Our team is active in both open source development and security research. We strive to build the tools that we feel will have the most impact on overall security and privacy of internet users.</p>
</div>
</div>
<div class="flex-container-inner">
<h4>Development</h4>
<ul>
<li><a href="https://git.distrust.co/public/keyfork">keyfork: a hierarchical deterministic key management toolkit</a></li>
<li><a href="https://git.distrust.co/public/ocirep">ocirep: oic base images for deterministic builds</a></li>
<li><a href="https://git.distrust.co/public/airgap">airgap: a minimal linux distro for high risk scenarios</a></li>
<li><a href="https://git.distrust.co/public/git-sig">git-sig: a multi-sig trust toolkit for git</a></li>
</ul>
<h4>Research</h4>
<ul>
<li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39910">CVE-2023-39910</a></li>
<li><a href="https://milksad.info">MilkSad</a></li>
<li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9234">CVE-2018-9234</a></li>
<li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9057">CVE-2018-9057</a></li>
<li><a href="https://www.vice.com/en/article/3kxy4k/high-tech-japanese-hotel-service-robots-easily-hackable">Japanese Robot Hotel</a></li>
</ul>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

2
_sass/_dark.scss
View File

@ -7,7 +7,7 @@
--border: solid 2px rgba(219, 219, 219, 0.9);
--selection-background: rgba(219, 219, 219, 0.99);
--selection-text: #000;
--background-color: #424242;
--background-color: #282828;
--text-color: var(--base-color);
--placeholder-color: var(--base-color);
--link-color: var(--base-color);

262
_sass/base.scss
View File

@ -11,11 +11,11 @@
* Style variables
*/
$base-font-family: 'Rubik', monospace !default;
$base-font-size: 16px !default;
$mobile-font-size: 16px !default;
$base-font-size: 1.125rem !default;
$mobile-font-size: 1.125rem !default;
$base-line-height: 1.5 !default;
$container-width: 90% !default;
$container-max-width: 800px !default;
$container-max-width: 1000px !default;
/**
* Global
@ -30,7 +30,12 @@ h6 { font-size: 16px; }
h1, h2, h3, h4, h5, h6 { margin: 0px; margin-top: 12px; margin-bottom: 12px; font-weight: bold; color: var(--text-color); }
p, ul, ol { margin: 0px; color: var(--text-color); }
a { text-decoration: underline; color: var(--link-color); }
a:hover { color: var(--background-color); background-color: var(--base-color); }
a:hover {
color: var(--background-color);
background-color: var(--base-color);
transition: background-color 0.3s ease-in-out, color 0.3s ease-in-out;
}
@media only screen and (max-device-width: 500px) { * { font-size: $mobile-font-size; } }
/**
@ -39,35 +44,174 @@ a:hover { color: var(--background-color); background-color: var(--base-color); }
.container { width: $container-width; max-width: $container-max-width; margin-right: auto; margin-left: auto; }
p { word-wrap: break-word; word-break: break-word; white-space: pre-wrap; margin-bottom: 15px; }
footer { color: var(--text-color); border-top: var(--border); margin-top: 0; padding-top: 10px; text-align: right; }
header { margin-top: 20px; margin-bottom: 10px; }
header { margin-top: 50px; margin-bottom: 50px; }
header p { text-align: left; margin: 0; }
footer { margin-bottom: 20px; }
hr { margin-top: 20px; }
/**
* Menu Logo
* Navbar
*/
.menu-logo {
height: 60px;
}
#home-link:hover {
background: none; text-decoration: none;
background: none;
text-decoration: none;
}
.header-page-links {
margin-right: 10%;
}
.header-page-links li:before {
content: ''
}
.header-page-links a {
margin: 0px 15px;
font-size: 1.3rem;
text-decoration: none;
}
.header-page-links a:hover {
background-color: transparent;
color: lightgrey;
}
.right-menu {
width: 70%;
display: flex;
justify-content: flex-end;
align-items: center;
}
.menu-button-container {
display: none;
width: 50px;
height: 50px;
cursor: pointer;
flex-direction: column;
justify-content: center;
align-items: center;
}
#menu-toggle {
display: none;
}
.menu-button,
.menu-button::before,
.menu-button::after {
display: block;
background-color: #fff;
position: absolute;
height: 4px;
width: 30px;
transition: transform 400ms cubic-bezier(0.23, 1, 0.32, 1);
border-radius: 2px;
}
.menu-button::before {
content: '';
margin-top: -8px;
}
.menu-button::after {
content: '';
margin-top: 8px;
}
#menu-toggle:checked + .menu-button-container .menu-button::before {
margin-top: 0px;
transform: rotate(405deg);
}
#menu-toggle:checked + .menu-button-container .menu-button {
background: rgba(255, 255, 255, 0);
}
#menu-toggle:checked + .menu-button-container .menu-button::after {
margin-top: 0px;
transform: rotate(-405deg);
}
.menu-content {
position: absolute;
display: none;
background: #282828;
text-align: right;
margin-top: 100px;
width: 100%;
z-index: 2;
}
.inner-menu-content {
border-bottom: 1px solid white;
}
.menu-content div {
margin: 50px 30px 50px 30px;
}
@media (max-width: 1020px) {
.right-menu {
width: 40px;
height: 40px;
}
.menu-button-container {
display: flex;
}
#menu-toggle ~ .menu li {
height: 0;
margin: 0;
padding: 0;
border: 0;
transition: height 400ms cubic-bezier(0.23, 1, 0.32, 1);
}
#menu-toggle:checked ~ .menu li {
border: 1px solid #333;
height: 2.5em;
padding: 0.5em;
transition: height 400ms cubic-bezier(0.23, 1, 0.32, 1);
}
.menu > li {
display: flex;
justify-content: center;
margin: 0;
padding: 0.5em 0;
width: 100%;
color: white;
background-color: #222;
}
.menu > li:not(:last-child) {
border-bottom: 1px solid #444;
}
}
/**
* Buttons
*/
.action-button {
border-radius: 10px;
background-color: #349ff7;
padding: 10px 20px;
color: white;
display: inline-block;
padding: 10px 20px 9px 20px;
margin-top: 10px;
border-color: white;
border: solid 1px;
color: black;
background-color: white;
text-decoration: none;
}
.action-button:hover {
background-color: transparent;
border-color: white;
border: solid 1px;
color: white;
}
.button-container {
padding: 20px 20px;
padding: 30px 0px;
}
/**
@ -82,6 +226,8 @@ hr { margin-top: 20px; }
:not(.menu) > ul { list-style: none; }
:not(.menu) > ul { list-style-type: none; }
:not(.menu) > ul > li:before { content: "-"; margin-right: 9px; }
.right-menu > ul > li:before { content: "" !important; margin-right: 9px; }
/**
* Header/Navigation
@ -91,12 +237,10 @@ hr { margin-top: 20px; }
display: flex;
justify-content: space-between;
align-items: center;
padding-bottom: 5px;
padding-bottom: 25px;
}
.menu ul { margin-top: 12px; margin-bottom: 12px; padding-left: 0px; list-style-type: none; text-align: right; }
.menu ul li { display: inline; margin-left: 10px; }
.menu ul li a { text-decoration: none }
.menu ul li a:hover { text-decoration: none; }
/**
@ -116,23 +260,51 @@ textarea { vertical-align: top; }
/**
* Homepage
*/
.particles-wrapper {
background-color: #222;
width: 100%;
height: 100%;
padding: 0;
margin: 0;
overflow: hidden;
}
.flex-container {
display: flex;
justify-content: space-between;
display: flex;
justify-content: space-between;
align-items: center;
}
.flex-container-inner {
width: 100%;
}
section {
padding-top: 30px;
padding-bottom: 30px;
padding-top: 100px;
padding-bottom: 100px;
}
.sub-container {
width: 50%;
padding: 10px;
.companies {
display: flex;
justify-content: space-between;
align-items: center;
margin: 30px 0px;
}
.companies div {
width: 27%;
text-align: center;
display: flex;
align-items: center;
justify-content: center;
height: 120px;
border-bottom: 1px solid;
}
.companies a img {
height: 30px;
height: 45px;
filter: grayscale(100%);
text-align: center;
}
.companies a:hover {
@ -141,6 +313,11 @@ section {
text-decoration: none;
}
.text-well {
max-width: 600px;
padding-right: 35px;
}
/**
* Code and syntax highlighting
*/
@ -205,3 +382,42 @@ pre { background-color: var(--background-color); border: none; padding: 0; ma
.highlight .vg { color: var(--code-color-7); } /* Name.Variable.Global */
.highlight .vi { color: var(--code-color-7); } /* Name.Variable.Instance */
.highlight .il { color: var(--code-color-14); } /* Literal.Number.Integer.Long */
.hide {
display: none;
width: 100%;
}
.show {
display: inline-block;
}
/**
* Media Queries
*/
@media (max-width: 1020px) {
.flex-container-inner {
width: 100% !important;
}
.flex-container {
display: inline-block;
}
.hide {
display: inline-block;
}
.show {
display: none;
}
}
@media (max-width: 600px) {
.companies {
flex-wrap: wrap;
}
.companies div {
width: 100%;
height: 170px;
border-bottom: none;
}
}

62
about.md
View File

@ -1,63 +1,5 @@
---
title: /about
layout: home
title: About
layout: about
permalink: /about.html
---
## Approach
Like most security firms, we often start relationships with full stack audits. We also have enough experience in this industry to admit another firm will find bugs we missed, and vice versa. Our true goal in audits is to understand your threat model and find a path to fundamentally remove entire classes of relevant attack surface.
We tend to start with a consultation where try to help you understand your true attack surface by answering tough questions:
- Can your Google Authenticator codes be phished?
- Can your SMS 2FA solution be SIM Swapped?
- Can someone tamper with your Git repos or CI/CD systems?
- Would it be profitable for someone to buy a $50,000 0day to compromise employee devices?
- What happens when the FedEx guy leaves a tampered USB C cable on a conference table?
- Who reviews the code of your third party dependencies?
- What happens when your IT administrator is compromised? Or a production engineer?
- Can a change in local political landscape fundamentally halt your business?
- Can someone buy a server next to yours and steal your secrets via a side channel attack?
- How do know the offline laptop with the keys to the kingdom has not been tampered with?
- Do you have a plan for <i>when</i> your production systems are compromised?
---
## Values
### Distrust
- We will never ask you to give us access to production systems or have any power over your org.
- Anyone with access to significant value is at personal risk. We teach distrust to protect people.
- We will always provide a way for you to build and verify any binaries we provide yourself.
- We are happy to provide you any background research we legally can so you can make your own conclusions.
### Transparency
- We regularly open source our research and common advice to get input and corrections from others in our industry.
- Prices are always public. We will sometimes adjust based on demand, but everyone is offered the same rates.
- With the exception of fully Open Source projects, which we offer a universal 15% discount on.
### Security
- Our internal threat model assumes well funded entities are interested in our clients and our work.
- All client work is performed in dedicated local virtual machines under an offline host OS.
- All authentication, and password management is done via dedicated pin+touch controlled personal HSMs.
- We exclusively use End-To-End cross-verified encrypted chat internally.
### Privacy
- Your data and IP are always stored with AES256 encryption unlockable only with our personal HSMs.
- Your data and IP are never exposed in plain text except on your systems or systems we physically control.
- Everyone on our team has hardware-backed PGP keys to encrypt documents and emails if you prefer.
### Freedom
- We feel every customer has a path to not need us anymore, and we will encourage it.
- We exclusively use Open Source internally and help make improvements when needed.
- All general purpose security tools and research we create is Open Source by default.
- We ensure you have a free path to replicate any of our findings yourself.
- We will always favor solutions that minimize lock-in with third parties.

10
assets/base/companies/coinbase-logo-blue.svg
View File

@ -1,10 +0,0 @@
<svg width="359" height="64" viewBox="0 0 359 64" fill="none" xmlns="http://www.w3.org/2000/svg">
<g clip-path="url(#clip0)">
<path d="M72.3094 17.8676C59.2941 17.8676 49.1245 27.7478 49.1245 40.9744C49.1245 54.2011 59.0371 63.9967 72.3094 63.9967C85.5816 63.9967 95.6666 54.032 95.6666 40.8899C95.6666 27.8323 85.754 17.8676 72.3094 17.8676ZM72.3972 54.4646C64.9854 54.4646 59.5542 48.7082 59.5542 40.9777C59.5542 33.1594 64.8976 27.4063 72.3094 27.4063C79.8089 27.4063 85.2369 33.2472 85.2369 40.9777C85.2369 48.7082 79.8089 54.4646 72.3972 54.4646ZM98.5091 27.9201H104.974V63.1414H115.316V18.7262H98.5091V27.9201ZM23.0971 27.403C28.5283 27.403 32.8374 30.7528 34.4733 35.7351H45.4202C43.4364 25.0842 34.6457 17.8676 23.1849 17.8676C10.1696 17.8676 0 27.7478 0 40.9777C0 54.2076 9.9127 64 23.1849 64C34.3887 64 43.3518 56.7834 45.3356 46.0446H34.4733C32.922 51.027 28.6128 54.4646 23.1817 54.4646C15.6821 54.4646 10.4265 48.7082 10.4265 40.9777C10.4298 33.1594 15.6008 27.403 23.0971 27.403ZM295.013 36.6815L287.429 35.566C283.81 35.0522 281.224 33.8489 281.224 31.013C281.224 27.9201 284.587 26.3753 289.153 26.3753C294.152 26.3753 297.342 28.5218 298.031 32.0439H308.029C306.907 23.1101 300.012 17.8708 289.413 17.8708C278.466 17.8708 271.227 23.4549 271.227 31.3577C271.227 38.9158 275.968 43.2998 285.533 44.6722L293.117 45.7877C296.825 46.3015 298.893 47.765 298.893 50.5131C298.893 54.0353 295.274 55.4955 290.275 55.4955C284.154 55.4955 280.707 53.0043 280.19 49.2253H270.02C270.97 57.9021 277.777 64 290.187 64C301.479 64 308.975 58.8453 308.975 49.996C308.975 42.0932 303.547 37.9694 295.013 36.6815ZM110.145 0.42929C106.353 0.42929 103.508 3.1774 103.508 6.95645C103.508 10.7355 106.35 13.4836 110.145 13.4836C113.937 13.4836 116.783 10.7355 116.783 6.95645C116.783 3.1774 113.937 0.42929 110.145 0.42929ZM261.919 33.9334C261.919 24.3134 256.059 17.8708 243.648 17.8708C231.927 17.8708 225.377 23.7996 224.083 32.9057H234.34C234.857 29.3836 237.615 26.4631 243.476 26.4631C248.735 26.4631 251.32 28.7819 251.32 31.6179C251.32 35.3124 246.578 36.2555 240.718 36.8572C232.789 37.7157 222.964 40.4638 222.964 50.7733C222.964 58.764 228.912 63.9154 238.393 63.9154C245.804 63.9154 250.458 60.8226 252.787 55.9248C253.132 60.3055 256.407 63.1414 260.976 63.1414H267.009V53.9507H261.922V33.9334H261.919ZM251.749 45.1015C251.749 51.0302 246.578 55.4109 240.285 55.4109C236.406 55.4109 233.131 53.7783 233.131 50.344C233.131 45.9633 238.389 44.76 243.216 44.2462C247.87 43.8169 250.455 42.7859 251.749 40.8086V45.1015ZM196.849 17.8676C191.073 17.8676 186.247 20.2742 182.8 24.3102V0H172.458V63.1414H182.627V57.3005C186.074 61.5088 190.989 64 196.849 64C209.259 64 218.655 54.2076 218.655 40.9777C218.655 27.7478 209.087 17.8676 196.849 17.8676ZM195.298 54.4646C187.886 54.4646 182.455 48.7082 182.455 40.9777C182.455 33.2472 187.971 27.4063 195.382 27.4063C202.882 27.4063 208.137 33.1627 208.137 40.9777C208.137 48.7082 202.709 54.4646 195.298 54.4646ZM147.721 17.8676C140.999 17.8676 136.602 20.6157 134.017 24.4825V18.7262H123.759V63.1382H134.101V39.0004C134.101 32.213 138.41 27.403 144.788 27.403C150.736 27.403 154.44 31.6114 154.44 37.7125V63.1414H164.782V36.9417C164.786 25.7704 159.013 17.8676 147.721 17.8676ZM358.275 39.5175C358.275 26.8046 348.967 17.8708 336.469 17.8708C323.197 17.8708 313.457 27.8356 313.457 40.9777C313.457 54.8093 323.886 64 336.642 64C347.416 64 355.862 57.642 358.015 48.6236H347.24C345.689 52.575 341.897 54.8093 336.811 54.8093C330.173 54.8093 325.174 50.6855 324.055 43.4689H358.272V39.5175H358.275ZM324.66 36.0799C326.3 29.8942 330.953 26.8892 336.297 26.8892C342.157 26.8892 346.639 30.2389 347.673 36.0799H324.66Z" fill="#0052FF"/>
</g>
<defs>
<clipPath id="clip0">
<rect width="358.275" height="64" fill="white"/>
</clipPath>
</defs>
</svg>
Side by Side

Before

Width:  |  Height:  |  Size: 3.7 KiB

8
assets/base/companies/coinbase-white.svg Normal file
View File

@ -0,0 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- Generator: Adobe Illustrator 24.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 1101.64 196.79" style="enable-background:new 0 0 1101.64 196.79;" xml:space="preserve">
<style type="text/css">
.st0{fill:#FFFFFF;}
</style>
<path class="st0" d="M222.34,54.94c-40.02,0-71.29,30.38-71.29,71.05s30.48,70.79,71.29,70.79c40.81,0,71.82-30.64,71.82-71.05 C294.16,85.58,263.68,54.94,222.34,54.94z M222.61,167.47c-22.79,0-39.49-17.7-39.49-41.47c0-24.04,16.43-41.73,39.22-41.73 c23.06,0,39.75,17.96,39.75,41.73S245.4,167.47,222.61,167.47z M302.9,85.85h19.88v108.3h31.8V57.58H302.9V85.85z M71.02,84.26 c16.7,0,29.95,10.3,34.98,25.62h33.66c-6.1-32.75-33.13-54.94-68.37-54.94C31.27,54.94,0,85.32,0,126s30.48,70.79,71.29,70.79 c34.45,0,62.01-22.19,68.11-55.21H106c-4.77,15.32-18.02,25.89-34.72,25.89c-23.06,0-39.22-17.7-39.22-41.47 C32.07,101.96,47.97,84.26,71.02,84.26z M907.12,112.79l-23.32-3.43c-11.13-1.58-19.08-5.28-19.08-14 c0-9.51,10.34-14.26,24.38-14.26c15.37,0,25.18,6.6,27.3,17.43h30.74c-3.45-27.47-24.65-43.58-57.24-43.58 c-33.66,0-55.92,17.17-55.92,41.47c0,23.24,14.58,36.72,43.99,40.94l23.32,3.43c11.4,1.58,17.76,6.08,17.76,14.53 c0,10.83-11.13,15.32-26.5,15.32c-18.82,0-29.42-7.66-31.01-19.28h-31.27c2.92,26.68,23.85,45.43,62.01,45.43 c34.72,0,57.77-15.85,57.77-43.06C950.05,129.43,933.36,116.75,907.12,112.79z M338.68,1.32c-11.66,0-20.41,8.45-20.41,20.07 s8.74,20.07,20.41,20.07c11.66,0,20.41-8.45,20.41-20.07S350.34,1.32,338.68,1.32z M805.36,104.34c0-29.58-18.02-49.39-56.18-49.39 c-36.04,0-56.18,18.23-60.16,46.23h31.54c1.59-10.83,10.07-19.81,28.09-19.81c16.17,0,24.12,7.13,24.12,15.85 c0,11.36-14.58,14.26-32.6,16.11c-24.38,2.64-54.59,11.09-54.59,42.79c0,24.57,18.29,40.41,47.44,40.41 c22.79,0,37.1-9.51,44.26-24.57c1.06,13.47,11.13,22.19,25.18,22.19h18.55v-28.26h-15.64V104.34z M774.09,138.68 c0,18.23-15.9,31.7-35.25,31.7c-11.93,0-22-5.02-22-15.58c0-13.47,16.17-17.17,31.01-18.75c14.31-1.32,22.26-4.49,26.24-10.57 V138.68z M605.28,54.94c-17.76,0-32.6,7.4-43.2,19.81V0h-31.8v194.15h31.27v-17.96c10.6,12.94,25.71,20.6,43.73,20.6 c38.16,0,67.05-30.11,67.05-70.79S642.91,54.94,605.28,54.94z M600.51,167.47c-22.79,0-39.49-17.7-39.49-41.47 s16.96-41.73,39.75-41.73c23.06,0,39.22,17.7,39.22,41.73C639.99,149.77,623.3,167.47,600.51,167.47z M454.22,54.94 c-20.67,0-34.19,8.45-42.14,20.34v-17.7h-31.54v136.56h31.8v-74.22c0-20.87,13.25-35.66,32.86-35.66c18.29,0,29.68,12.94,29.68,31.7 v78.19h31.8v-80.56C506.69,79.24,488.94,54.94,454.22,54.94z M1101.64,121.51c0-39.09-28.62-66.56-67.05-66.56 c-40.81,0-70.76,30.64-70.76,71.05c0,42.53,32.07,70.79,71.29,70.79c33.13,0,59.1-19.55,65.72-47.28h-33.13 c-4.77,12.15-16.43,19.02-32.07,19.02c-20.41,0-35.78-12.68-39.22-34.87h105.21V121.51z M998.28,110.94 c5.04-19.02,19.35-28.26,35.78-28.26c18.02,0,31.8,10.3,34.98,28.26H998.28z"/>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 2.9 KiB

BIN
assets/base/companies/zoom-white.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 69 KiB

BIN
assets/base/companies/zoom.webp
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 21 KiB

26
assets/js/main.js Normal file
View File

@ -0,0 +1,26 @@
const collapsibleButton = document.querySelector("#hamburger-menu");
const menuContent = document.querySelector(".menu-content");
collapsibleButton.addEventListener("click", function () {
menuContent.classList.toggle("active");
if (menuContent.style.display === "block") {
menuContent.style.display = "none";
} else {
menuContent.style.display = "block";
}
});

2
contact.md
View File

@ -1,5 +1,5 @@
---
title: /contact
title: Contact
layout: home
permalink: /contact.html
---

146
index.md
View File

@ -1,147 +1,5 @@
---
title: /home
layout: home
title: Home
layout: landing
permalink: /index.html
---
<h2>Understand and mitigate security threats others won't see coming.</h2>
We believe security compromises to your systems and personnel are *inevitable*. Allow our team of expert technologists to help you reduce the likelihood and impact of security risks by thinking from first principles.
<br/>
<a href="/contact.html" class="action-button">Request a Quote</a>
<br/>
---
<section>
<h4>Some of the companies we have provided security services for include...</h4>
<br />
<div class="flex-container companies">
<div>
<a href="https://bitgo.com">
<img src="assets/base/companies/bitgo-logo-white.svg" />
</a>
</div>
<div>
<a href="https://coinbase.com">
<img src="assets/base/companies/coinbase-logo-blue.svg" />
</a>
</div>
<div>
<a href="https://bishopfox.com">
<img src="assets/base/companies/bishop-fox-dark.png" />
</a>
</div>
<div>
<a href="http://www.ledn.io/">
<img src="assets/base/companies/ledn-white.svg" />
</a>
</div>
</div>
<br>
<div class="flex-container companies">
<div>
<a href="http://www.turnkey.io/">
<img src="assets/base/companies/turnkey-black.svg" />
</a>
</div>
<div>
<a href="https://exodus.com">
<img src="assets/base/companies/exodus-white.svg" />
</a>
</div>
<div>
<a href="https://siderolabs.com">
<img src="assets/base/companies/sidero-labs-white.png" />
</a>
</div>
<div>
<a href="https://zoom.com">
<img src="assets/base/companies/zoom.webp" />
</a>
</div>
</div>
<br />
<div class="flex-container companies">
<div>
<a href="https://mystenlabs.com">
<img src="assets/base/companies/mysten-labs-white.svg" />
</a>
</div>
<div>
<a href="http://www.distributedglobal.com/">
<img src="assets/base/companies/distributed-global.jpeg" />
</a>
</div>
<div>
<a href="http://www.hashicorp.io/">
<img src="assets/base/companies/hashicorp-white.png" />
</a>
</div>
<div>
<a href="http://www.b1.com/">
<img src="assets/base/companies/block-one-dark.svg" />
</a>
</div>
<div>
<a href="https://fitbit.com">
<img src="assets/base/companies/fitbit-white.png" />
</a>
</div>
</div>
<br />
<div class="flex-container companies">
<div>
<a href="http://www.falconx.io/">
<img src="assets/base/companies/falconx-white.svg" />
</a>
</div>
<div>
<a href="https://dfns.co">
<img src="assets/base/companies/dfns-color.png" />
</a>
</div>
<div>
<a href="https://polychain.capital/">
<img src="assets/base/companies/polychain-capital.png" />
</a>
</div>
<div>
<a href="http://www.ankr.com/">
<img src="assets/base/companies/ankr.png" />
</a>
</div>
</div>
<br />
<br />
</section>
---
<section>
<h1>Services</h1>
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, need help building a security program from scratch, or want to focus on a specific aspect of your organization or system - we are here to help. Our experienced staff will work closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
<div class="flex-container">
<div class="sub-container">
<h3>Security Assessment</h3>
<p>Holistic assessments of systems tailored to your needs. We leverage our in house expertise to analyze your system, thinking from first principles, in order to ensure its design, implementation and deployment all work coherently to establish a strong security posture.</p>
</div>
<div class="sub-container">
<h3>Security Engineering</h3>
<p>Our team consists of engineers who are experts in a wide range of areas ranging across applied cryptography, HSMs, secure coding using languages such as rust and golang, quorum authentication, kernel hardening, CI/CD hardening and more. Leverage our experience to ensure your systems are secure by design, and use the best available architecture patterns.</p>
</div>
</div>
<div class="flex-container">
<div class="sub-container">
<h3>Retained Security Support</h3>
<p>If you need additional security support, you can hire our team on retainer to have us available when you need us most. Our varied expertise allows us to assist you with a wide variety of security related challenges and activities.</p>
</div>
<div class="sub-container">
<h3>Research & Development</h3>
<p>Our team is active in both open source development and security research. We strive to build the tools that we feel will have the most impact on the overall security and privacy of internet users.</p>
</div>
</div>
<div class="button-container">
<a class="action-button" href="/services.html">Learn more</a>
</div>
</section>

57
services.md
View File

@ -1,58 +1,5 @@
---
title: /services
layout: home
title: Services
layout: services
permalink: /services.html
---
## Services
Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, building a security program from scratch, or want to focus on a specific aspect of your organization or system - we are here to help. Our experienced staff will work closely with you to understand your unique needs and create a tailor made solution that works for you.
---
### Security Assessment
Holistic assessments of systems tailored to your needs. We leverage our in house expertise to analyze your system, thinking from first principles, in order to ensure its design, implementation and deployment all work coherently to establish a strong security posture. The methodoligies we leverage vary based on the context but some things an engagement may consist of but are not limited to are:
* Penetration Testing
* Secure Code Review
* Cloud Configuration Review
* Threat Modeling
---
### Security Engineering
Our team consists of engineers who are experts in a wide range of areas ranging across applied cryptography, HSMs, secure coding using languages such as rust and golang, quorum authentication, kernel hardening, CI/CD hardening and more. Leverage our experience to ensure your systems are secure by design, and use the best available architecture patterns. Some examples of what clients rely on us to assist with:
* Secure Code Development
* Cryptocurrency Custodial Solution Design, Architecture, and Review
* Quorum Authentication Design
* Immutable Infrastructure
* Cryptographic Key Escrow / Signer
* Reproducible / Deterministic Builds
* Production Engineering Practices
---
### Retained Security Support
If you need additional security support, you can hire our team on retainer to have us available when you need us most. Our varied expertise allows us to assist you with a wide variety of security related challenges and activities. We aid our clients in a variety of security related areas such as, but not limited to:
* Security Program Development
* General Security Consulting
* Assistance With Hiring Security Talent
* Business Continuity Planning: Black Swan Events
* Physical Security
---
### Research & Development
Our team is active in both open source development and security research. We strive to build the tools that we feel will have the most impact on overall security and privacy of internet users.
#### Development
* [keyfork](https://git.distrust.co/public/keyfork)
* [ocirep](https://git.distrust.co/public/ocirep)
* [airgap](https://git.distrust.co/public/airgap)
* [gitsig](https://git.distrust.co/public/git-sig)
#### Research
* CVE-2023-39910: Weak entropy in Libbitcoin Explorer 3.0.0 through 3.6.0
* [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39910](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39910)
* [https://milksad.info](https://milksad.info)
* [CVE-2018-9234 - GnuPG: Able to certify public keys without a certify key present when using smartcard](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9234)
* [CVE-2018-9057 - Terraform: Weak password generator for AWS IAM roles](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9057)
* [Japanese Robot Hotel](https://www.vice.com/en/article/3kxy4k/high-tech-japanese-hotel-service-robots-easily-hackable)