public
/
website
5
0
Fork 0
Code Issues 8 Pull Requests 3 Packages Projects Releases Wiki Activity

Compare commits

base: public:3881a8275bbfa47cba6048199b67a540b408f331
Branches Tags
public:main
public:feat/blog
public:fix/header-line-heights
public:feat/website-updates
public:feat/highlite-active
public:feat/website-feedback
public:feat/website-upgrades
public:feat/refactor
public:ryansquared/layouts
public:feat/contact-page-form
public:fix/margins
public:fix/git-sig-link
public:feat/add-og-tags
public:chore/update-about-page
public:feat/add-git-sig
public:carousel
public:lrvick/oci
...
compare: public:3f5242abfedb1e5dea660b5db5785930944daa0d
Branches Tags
public:feat/blog
public:fix/header-line-heights
public:main
public:feat/website-updates
public:feat/highlite-active
public:feat/website-feedback
public:feat/website-upgrades
public:feat/refactor
public:ryansquared/layouts
public:feat/contact-page-form
public:fix/margins
public:fix/git-sig-link
public:feat/add-og-tags
public:chore/update-about-page
public:feat/add-git-sig
public:carousel
public:lrvick/oci

83 Commits
3881a8275b ... 3f5242abfe

Author SHA1 Message Date
Anton Livaja 3f5242abfe
clean up blog styling and add bybit content 2025-03-20 21:00:24 -07:00
Anton Livaja 1d043466cc
replace initial blog post with bitby report 2025-03-20 19:05:00 -07:00
Ryan Heywood e5aad264af
fix: add .html to blog permalinks 2025-03-20 19:02:25 -07:00
Ryan Heywood 7b127dc75a
fix: blog formatting 2025-03-20 19:02:24 -07:00
Anton Livaja 69a5e47055
fix: add context about orgs supporting stagex 2025-03-20 19:02:21 -07:00
Anton Livaja df71d00bdc
fix: spacing and blog path 2025-03-20 19:01:57 -07:00
Anton Livaja 86bb746fa9
fix: format blog 2025-03-20 19:00:56 -07:00
Anton Livaja 5d1e103d5c
fix: paths 2025-03-20 19:00:53 -07:00
Anton Livaja f588943084
chore: more blog edits 2025-03-20 18:58:57 -07:00
Anton Livaja 0310d90b69
feat: first blog draft 2025-03-20 18:58:54 -07:00
Anton Livaja affd5eb9b5
chore: comment out latest post on landing page 2025-03-20 18:58:49 -07:00
Anton Livaja 1cbde623ef
feat: add rss 2025-03-20 18:56:28 -07:00
Anton Livaja ba73017071
fix: remove title in post so preview displays properly 2025-03-20 18:52:12 -07:00
Anton Livaja 045146fc15
feat: add blog 2025-03-20 18:52:07 -07:00
Anton Livaja 4111cd2eaf
add taglines for preview 2025-03-18 18:36:09 -07:00
Anton Livaja 9aa78273c4
add unique thumbnails for all pages except contact 2025-03-18 18:26:42 -07:00
Anton Livaja 8c1eb2bc18
update thumbnail image to one with black background 2025-03-18 14:49:54 -07:00
Anton Livaja a635f8d803
fix open graph tags 2025-03-18 13:51:18 -07:00
Anton Livaja c49bc5a9ec
add thumbnail pic 2025-03-18 13:29:03 -07:00
Anton Livaja d46b5b662e
fix roadmap quote size on mobile 2025-03-18 08:00:35 -07:00
Anton Livaja 199885d2eb
update powered by section 2025-03-18 07:56:46 -07:00
Anton Livaja 0622b62643
more mobile responsivness fixes 2025-03-18 07:36:52 -07:00
Anton Livaja d49e454a74
fix order of mobile nav items 2025-03-18 07:09:28 -07:00
Anton Livaja 2a5742c9a4
fix services top margin for mobile 2025-03-18 07:05:05 -07:00
Anton Livaja 1c593d6870
add back style for landing page video 2025-03-17 20:48:18 -07:00
Anton Livaja 287415aab0
add fallback videos 2025-03-17 20:45:44 -07:00
Anton Livaja 91d77d6f55
more pill adjustments 2025-03-17 20:09:34 -07:00
Anton Livaja cae6b4ea1e
update pill color 2025-03-17 20:07:35 -07:00
Anton Livaja ac5ba433d4
more minor adjustments 2025-03-17 19:50:13 -07:00
Anton Livaja 35ef894156
fix submit mini text 2025-03-17 19:07:02 -07:00
Anton Livaja 1954d6e55a
many updates 2025-03-17 18:58:06 -07:00
Anton Livaja 175fa156bf
more nice tealeness 2025-03-17 12:56:29 -07:00
Anton Livaja 7d5a02957a
remove line from roadmap and make theme teal 2025-03-17 12:52:04 -07:00
Anton Livaja 30f5993f25
change roadmap cta 2025-03-17 12:29:14 -07:00
Anton Livaja 31c79c8a18
minor copy cleanup 2025-03-17 12:17:29 -07:00
Anton Livaja ad3dc87277
fix ctas and improve roadmap item copy 2025-03-17 11:34:40 -07:00
Anton Livaja 6008b5c6c9
minor changes 2025-03-16 18:02:40 -07:00
Anton Livaja 7ce2b212e5
fix team cards 2025-03-16 17:53:05 -07:00
Anton Livaja 01a2b79bb0
add visual for services 2025-03-16 17:22:44 -07:00
Anton Livaja eb37ae7888
fix contact form button color 2025-03-16 14:19:30 -07:00
Anton Livaja 9a6adaf9c3
fix cta button color 2025-03-16 14:14:24 -07:00
Anton Livaja 4428087c51
more styling 2025-03-16 14:09:47 -07:00
Anton Livaja 849c28d3c3
minor styling improvements 2025-03-16 13:20:25 -07:00
Anton Livaja 6a13fad03c
add visuals to landing and roadmap 2025-03-16 11:17:28 -07:00
Anton Livaja 44c5e2cc67
more mobile friendliness 2025-03-15 14:46:08 -07:00
Anton Livaja d6d51fb57f
fix footer 2025-03-15 14:23:24 -07:00
Anton Livaja 325129c261
add some mobile responsiveness 2025-03-15 14:13:57 -07:00
Anton Livaja 6052208509
fix roadmap line 2025-03-15 13:14:43 -07:00
Anton Livaja 483e569d06
fix contact form input field heights 2025-03-15 12:08:50 -07:00
Anton Livaja 42a7b0e9b5
animate nav bar items on hover 2025-03-15 07:01:43 -07:00
Anton Livaja 9520dbb3e7
make company learn more take you to roadmap 2025-03-15 06:42:38 -07:00
Anton Livaja 6d3c71e33a
re-order manifesto 2025-03-14 20:21:04 -07:00
Anton Livaja f3442b162a
make cool arrows 2025-03-14 20:20:13 -07:00
Anton Livaja 1aaf8b248f
big redesign 2025-03-14 19:45:15 -07:00
Ryan Heywood 1bc67ea96a
allow zooming in on mobile 2024-09-24 22:37:46 -04:00
Ryan Heywood c2dad595b3
fix background for menu on mobile 2024-09-24 21:39:28 -04:00
Ryan Heywood 33005b251c
shorten layout between segments, fix spacing on buttons 2024-09-24 21:06:56 -04:00
Ryan Heywood fbfb421243
fix headers across site 2024-09-24 12:27:53 -04:00
Ryan Heywood d60c8cd1b8
make left side of nav flex 2024-09-24 12:17:04 -04:00
Ryan Heywood 2c0df37f56
fixup spacings 2024-09-24 12:06:14 -04:00
Ryan Heywood 9d169cd29a
begin migration towards sexy looking homepage 2024-09-24 11:18:42 -04:00
Ryan Heywood 795ea2754c
Merge branch 'feat/contact-page-form' 2024-09-04 23:59:43 -04:00
Ryan Heywood d0b5b314ed
contact: compress fields 2024-09-04 23:59:22 -04:00
Ryan Heywood dae80e4eca
fix: styling and formatting of text on contacts page 2024-07-10 17:54:36 -04:00
Anton Livaja 9e58de5115
fix: add Danny and update required form fileds 2024-07-10 17:26:29 -04:00
Ryan Heywood 8171d2a889
Merge remote-tracking branch 'distrust/fix/margins' 2024-07-10 17:10:20 -04:00
Ryan Heywood d3378425b8
Merge remote-tracking branch 'distrust/fix/git-sig-link' 2024-07-10 17:10:11 -04:00
Ryan Heywood 0a592aafeb
Merge remote-tracking branch 'distrust/feat/add-og-tags' 2024-07-10 17:09:52 -04:00
Anton Livaja a04c40fc7e
feat: add contact form 2024-06-28 14:18:33 -04:00
Anton Livaja 6a298f7abc
fix: increase margin for sections 2024-06-28 11:43:06 -04:00
Anton Livaja 935ae2aa01
fix: update link for git-sig 2024-06-21 11:54:07 -04:00
Anton Livaja 49d18d4226
fix: remove extra tag 2024-05-22 10:37:45 -04:00
Anton Livaja 35a33d681b
feat: add default og:image for non page sites 2024-05-21 14:18:12 -04:00
Anton Livaja 705c87ab12
fix: remove extra word 2024-05-21 14:13:21 -04:00
Anton Livaja c57925b3f4
feat: add conditional statements for og tags and additional tags 2024-05-21 14:06:52 -04:00
Ryan Heywood 760559843d
style: fix various spacings 2024-05-19 23:05:55 -04:00
Anton Livaja 3a705aae2b
fix: add og:image:secure_url for https 2024-05-13 16:26:39 -04:00
Anton Livaja 7b737dd834
fix: og:image link 2024-05-13 16:24:57 -04:00
Anton Livaja c63e566a2d
feat: add og tags for nicer previews 2024-05-13 16:16:06 -04:00
Lance Vick 561761f581
Merge remote-tracking branch 'origin/chore/update-about-page' 2024-05-13 11:29:26 -07:00
Lance Vick 2d4f2453e9
Merge remote-tracking branch 'origin/feat/add-git-sig' 2024-05-13 11:28:21 -07:00
Anton Livaja 6a4a2927e1
chore: update about content 2024-05-02 13:25:19 -04:00
Anton Livaja 7089ef4305
feat: add git-sig to tools page 2024-04-07 11:28:59 -04:00
45 changed files with 2885 additions and 1103 deletions
Show Stats Expand all files Collapse all files

9
.editorconfig Normal file
View File

@ -0,0 +1,9 @@
root = true
[*]
indent_style = tab
indent_size = 2
end_of_line = lf
insert_final_newline = true
trim_trailing_whitespace = true

1
Gemfile
View File

@ -1,2 +1,3 @@
source "https://rubygems.org"
gem "jekyll-theme-console", path: "./_vendor/jekyll-theme-console"
gem 'jekyll-feed'

47
_config.yml
View File

@ -1,45 +1,30 @@
# Welcome to Jekyll!
#
# This config file is meant for settings that affect your whole blog, values
# which you are expected to set up once and rarely edit after that. If you find
# yourself editing this file very often, consider using Jekyll's data files
# feature for the data you need to update frequently.
#
# For technical reasons, this file is *NOT* reloaded automatically when you use
# 'bundle exec jekyll serve'. If you change this file, please restart the server process.
#
# If you need help with YAML syntax, here are some quick references for you:
# https://learn-the-web.algonquindesign.ca/topics/markdown-yaml-cheat-sheet/#yaml
# https://learnxinyminutes.com/docs/yaml/
#
# Site settings
# These are used to personalize your new site. If you look in the HTML files,
# you will see them accessed via {{ site.title }}, {{ site.email }}, and so on.
# You can create any custom variable you would like, and they will be accessible
# in the templates via {{ site.myvariable }}.
title: Distrust
email: lance@distrust.co
description: >- # this means to ignore newlines until "baseurl:"
Trust Nothing
baseurl: "" # the subpath of your site, e.g. /blog
url: "https://distrust.co" # the base hostname & protocol for your site, e.g. http://example.com
email: info@distrust.co
description: Security without blind trust.
baseurl: ""
url: "https://distrust.co"
banner: "https://distrust.co/assets/base/distrust-thumbnail.png"
header_pages:
- index.md
- about.md
- services.md
- tools.md
- roadmap.md
- company.md
- blog.md
- contact.md
style: dark # dark (default), light or hacker
listen_for_clients_preferred_style: false # false (default) or true
style: dark
listen_for_clients_preferred_style: false
footer: '2023 Distrust, LLC'
footer: '© 2025 Distrust LLC'
# Build settings
theme: jekyll-theme-console
permalink: blog/:title.html
plugins:
- jekyll-feed
# Exclude from processing.
# The following items will not be processed, by default.
# Any item listed under the `exclude:` key here will be automatically added to

16
_includes/footer.html
View File

@ -1,4 +1,14 @@
<footer style="height: 40px">
<span><img src="assets/base/distrust-white.svg" width="20px" alt="copyleft"/></span> {{ site.footer }}
<script type="text/javascript" src="/assets/js/main.js"></script>
<footer>
<div class="footer-container">
<div>
{{ site.footer }}
</div>
<div>
<a class="footer-link" href="/services.html">Services</a>
<a class="footer-link" href="/roadmap.html">Roadmap</a>
<a class="footer-link" href="/company.html">Company</a>
<a class="footer-link" href="/contact.html">Contact</a>
</div>
</div>
<script type="text/javascript" src="/assets/js/main.js"></script>
</footer>

132
_includes/head.html
View File

@ -1,43 +1,119 @@
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="icon" type="image/png" sizes="32x32" href="/assets/favicons/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="96x96" href="/assets/favicons/favicon-96x96.png">
<link rel="icon" type="image/png" sizes="16x16" href="/assets/favicons/favicon-16x16.png">
<title>{{ page.title }}</title>
<meta content="{{ site.title }}" property="og:site_name" />
{% if page.robots %}
<meta name="robots" content="{{page.robots}}" />
{% if page.noindex %}
<meta name="robots" content="noindex" />
{% endif %}
<link rel="stylesheet" type="text/css" href="{{ "/assets/main.css" | relative_url }}">
<link rel="stylesheet" type="text/css" href="{{ "/assets/main-dark.css" | relative_url }}">
{% if page.title %}
<meta content="{{ page.tagline }}" property="og:title" />
<meta content="article" property="og:type" />
{% else %}
<meta content="website" property="og:type" />
{% endif %}
<!-- "Really, there is nothing interesting to see here. It is a static website. -->
<!-- Here is the terraform code that deployed it, and here is the site source repo. -->
<!-- If you find anything interesting or want to talk to us, reach out via our /contact page!" -->
<!-- https://git.distrust.co/public/stack -->
<!-- https://git.distrust.co/public/website -->
{% if page.summary %}
<meta content="{{ page.summary }}" property="og:description" />
{% else %}
<meta content="{{ site.description }}" property="og:description" />
{% endif %}
<!-- mobile menu content -->
<div class="menu-content" style="display: none">
<div class="inner-menu-content">
<div>
<a href="/index.html">Home</a>
</div>
<div>
<a href="/about.html">About</a>
</div>
<div>
<a href="/services.html">Services</a>
</div>
<div>
<a href="/tools.html">Tools</a>
</div>
<div>
<a href="/contact.html">Contact</a>
</div>
{% if page.url %}
<meta content="{{ site.url }}{{ page.url }}" property="og:url" />
{% endif %}
{% if page.date %}
<meta
content="{{ page.date | date_to_xmlschema }}"
property="article:published_time"
/>
<meta content="{{ site.url }}/about/" property="article:author" />
{% endif %}
{% if page.thumbnail %}
<meta content="{{ site.url }}{{ page.thumbnail }}" property="og:image" />
{% else %}
<meta content="{{ site.banner }}" property="og:image" />
{% endif %}
{% if page.categories %}
{% for category in page.categories limit:1 %}
<meta content="{{ category }}" property="article:section" />
{% endfor %}
{% endif %}
{% if page.tags %}
{% for tag in page.tags %}
<meta content="{{ tag }}" property="article:tag" />
{% endfor %}
{% endif %}
<!-- Twitter Cards -->
<meta name="twitter:card" content="summary" />
<!--<meta name="twitter:site" content="@{{ site.share.twitter_username }}" />-->
<!--<meta name="twitter:creator" content="@{{ site.share.twitter_username }}" />-->
{% if page.title %}
<meta name="twitter:title" content="{{ page.title }}" />
{% else %}
<meta name="twitter:title" content="{{ site.title }}" />
{% endif %}
{% if page.url %}
<meta name="twitter:url" content="{{ site.url }}{{ page.url }}" />
{% endif %}
{% if page.summary %}
<meta name="twitter:description" content="{{ page.summary }}" />
{% else %}
<meta name="twitter:description" content="{{ site.description }}" />
{% endif %}
{% if page.header-img %}
<meta
name="twitter:image:src"
content="{{ site.url }}{{ page.thumbnail }}"
/>
{% endif %}
{% if page.robots %}
<meta name="robots" content="{{page.robots}}" />
{% endif %}
<link rel="stylesheet" type="text/css" href="{{ "/assets/main.css" | relative_url }}">
<link rel="stylesheet" type="text/css" href="{{ "/assets/main-dark.css" | relative_url }}">
<!-- "Really, there is nothing interesting to see here. It is a static website. -->
<!-- Here is the terraform code that deployed it, and here is the site source repo. -->
<!-- If you find anything interesting or want to talk to us, reach out via our /contact page!" -->
<!-- https://git.distrust.co/public/stack -->
<!-- https://git.distrust.co/public/website -->
<!-- mobile menu content -->
<div class="menu-content" style="display: none">
<div class="inner-menu-content">
<div>
<a href="/services.html">Services</a>
</div>
<div>
<a href="/roadmap.html">Roadmap</a>
</div>
<div>
<a href="/company.html">Company</a>
</div>
<div>
<a href="/blog.html">Blog</a>
</div>
<div>
<a href="/contact.html">Contact</a>
</div>
</div>
</div>
</head>

12
_includes/header.html
View File

@ -1,9 +1,9 @@
{%- assign page_paths = site.header_pages | default: default_paths -%}
<header>
<div class="menu">
<div>
<div class="left-menu">
<a id="home-link" href="/index.html">
<img class="menu-logo" src="assets/base/distrust-text-white.svg"
<img class="menu-logo" src="/assets/base/distrust-text-white.svg"
alt="Distrust broken chain logo with white text" />
</a>
</div>
@ -18,8 +18,14 @@
{%- endif -%}
{%- endfor -%}
<li class="show">
<a href="/contact.html" class="action-button">Free Consultation</a>
<a href="/contact.html" class="mega-inverted button">Work with us</a>
</li>
<li class="show">
<a href="/feed.xml" style="vertical-align: middle;">
<img style="filter: grayscale(100%); width: 22px; vertical-align: sub" src="/assets/base/rss.png" />
</a>
</li>
</ul>
<div id="hamburger-menu" class="hide menu-button-container" for="menu-toggle">
<input id="menu-toggle" type="checkbox" />

96
_layouts/about.html
View File

@ -1,96 +0,0 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
<div class="container">
{%- include header.html -%}
<main>
<section>
<h2>Approach</h2>
<p>Like most security firms, we often start relationships with full stack audits. We also have enough experience in this industry to admit another firm will find bugs we missed, and vice versa. Our true goal in audits is to understand your threat model and find a path to fundamentally remove entire classes of relevant attack surface.</p>
<p>We tend to start with a consultation where try to help you understand your true attack surface by answering tough questions:</p>
<ul>
<li>Can your Google Authenticator codes be phished?</li>
<li>Can your SMS 2FA solution be SIM Swapped?</li>
<li>Can someone tamper with your Git repos or CI/CD systems?</li>
<li>Would it be profitable for someone to buy a $50,000 0day to compromise employee devices?</li>
<li>What happens when the FedEx guy leaves a tampered USB C cable on a conference table?</li>
<li>Who reviews the code of your third party dependencies?</li>
<li>What happens when your IT administrator is compromised? Or a production engineer?</li>
<li>Can a change in local political landscape fundamentally halt your business?</li>
<li>Can someone buy a server next to yours and steal your secrets via a side channel attack?</li>
<li>How do know the offline laptop with the keys to the kingdom has not been tampered with?</li>
<li>Do you have a plan for <i>when</i> your production systems are compromised?</li>
</ul>
<br />
<br />
<a href="/contact.html" class="action-button">Free Consultation</a>
</section>
<hr />
<section>
<h2>Values</h2>
<br />
<h4>Distrust</h4>
<ul>
<li>We will never ask you to give us access to production systems or have any power over your org.</li>
<li>Anyone with access to significant value is at personal risk. We teach distrust to protect people.</li>
<li>We will always provide a way for you to build and verify any binaries we provide yourself.</li>
<li>We are happy to provide you any background research we legally can so you can make your own conclusions.</li>
</ul>
<br />
<h4>Transparency</h4>
<ul>
<li>We regularly open source our research and common advice to get input and corrections from others in our industry.</li>
<li>Prices are always public. We will sometimes adjust based on demand, but everyone is offered the same rates.</li>
<li>With the exception of fully Open Source projects, which we offer a universal 15% discount on.</li>
</ul>
<br />
<h4>Security</h4>
<ul>
<li>Our internal threat model assumes well funded entities are interested in our clients and our work.</li>
<li>All client work is performed in dedicated local virtual machines under an offline host OS.</li>
<li>All authentication, and password management is done via dedicated pin+touch controlled personal HSMs.</li>
<li>We exclusively use End-To-End cross-verified encrypted chat internally.</li>
</ul>
<br />
<h4>Privacy</h4>
<ul>
<li>Your data and IP are always stored with AES256 encryption unlockable only with our personal HSMs.</li>
<li>Your data and IP are never exposed in plain text except on your systems or systems we physically control.</li>
<li>Everyone on our team has hardware-backed PGP keys to encrypt documents and emails if you prefer.</li>
</ul>
<br />
<h4>Freedom</h4>
<ul>
<li>We feel every customer has a path to not need us anymore, and we will encourage it.</li>
<li>We exclusively use Open Source internally and help make improvements when needed.</li>
<li>All general purpose security tools and research we create is Open Source by default.</li>
<li>We ensure you have a free path to replicate any of our findings yourself.</li>
<li>We will always favor solutions that minimize lock-in with third parties.</li>
</ul>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

102
_layouts/company.html Normal file
View File

@ -0,0 +1,102 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<section style="margin-top: 170px">
<div class="video-background-container">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/globe.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/globe.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<br>
<br>
<div class="about-special video-content" style="max-width: 700px">
<br>
<h2>the world is built on blind trust. we are here to change that.</h2>
<br>
<br>
<br>
<p class="hero-p">Too often, security is an afterthought—based on dogma, checklists, and outdated best practices. Distrust was founded to redefine security by developing new methods to eliminate single points of failure, and building systems in a manner where they don't need to be blindly trusted.
</p>
<p class="hero-p">We dont just advise on security. We build it. We open-source it. And we teach organizations how to think critically about risk—because security isnt about checking boxes.
</p>
<a href="/roadmap.html" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</section>
<section class="flex-container who-we-are-section">
<div class="team flex-container-inner">
<div class="team flex-container" style="margin-bottom: 0px">
<div class="flex-container-inner card">
<h5>Lance Vick</h5>
<p>Co-Founder</p>
<p>Security Engineer</p>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/6B61ECD76088748C70590D55E90A401336C8AAA9">PGP: 36C8AAA9</a>
</div>
<div class="flex-container-inner card">
<h5>Anton Livaja</h5>
<p>Co-Founder</p>
<p>Security Engineer</p>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D">PGP: 52E0BA4D</a>
</div>
</div>
<div class="flex-container">
<div class="flex-container-inner card">
<h5>Ryan Heywood</h5>
<p>Security Engineer</p>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/88823A75ECAA786B0FF38B148E401478A3FBEF72">PGP: A3FBEF72</a></p>
</div>
<div class="flex-container-inner card">
<h5>Danny Grove</h5>
<p>Security Engineer</p>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD">PGP: 193F2DBD</a>
</div>
</div>
</div>
<div class="flex-container-inner who-we-are">
<h2 class="gradient-text">who we are</h2>
<p class="hero-p" style="max-width: 550px">Distrust is made up of engineers behind some of the most security-critical projects in the world—including BitGo, Turnkey, and Unit410.</p>
<p class="hero-p" style="max-width: 550px">Weve helped hundreds of companies by conducting security reviews, building out their security infrastructure, and aiding them in launching products which can withstand the modern threat landscape. We dont just secure systems. We build them.</p>
<div class="button-container">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</div>
</section>
<section class="flex-container tall-section">
<div class="flex-container-inner">
<h2 class="gradient-text">our manifesto</h2>
<p class="hero-p">Every day, we apply these guiding principles to how we think, build, and secure systems.</p>
</div>
<div class="flex-container-inner">
<ol dir="rtl" style="font-size: 30px; text-align: right">
<li>eliminate centralized trust</li>
<li>open source everything</li>
<li>security beyond compliance</li>
<li>move thoughtfully and improve things</li>
<li>impact over profit</li>
</ol>
</div>
</section>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">We help organizations that can't afford to fail. If security is mission-critical for your company, let's talk.</p>
<div class="button-container center">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

115
_layouts/contact.html Normal file
View File

@ -0,0 +1,115 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<section class="capsule-header">
<div class="center">
<div class="capsule">contact</div>
</div>
<br>
<h2 class="gradient-text center contact-header">tell us about your biggest security challenges</h2>
</section>
<section class="flex-container" style="margin-top: 80px">
<div class="flex-container-inner">
<div class="form-container card">
<form onsubmit="return validateForm()" action="/submit-email" method="post">
<div class="form-flex-container">
<div>
<label for="name" class="form-label">Your name</label>
<input type="text" id="name" name="name" class="form-input">
</div>
</div>
<label for="email" class="form-label required">Your email</label>
<input placeholder="Enter your business email..." type="email" id="email" name="email" class="form-input" required>
<label for="company-name" class="form-label">Company name</label>
<input type="text" id="company-name" name="company-name" class="form-input">
<label for="service" class="form-label required">What service are you interested in?</label>
<select id="service" name="service" class="form-select" required>
<option value="" disabled selected>Select option</option>
<option value="software-security-assessment">Security assessment</option>
<option value="retained">Retainer / Fractional CISO</option>
<option value="engineering">Software engineering</option>
<option value="digital-asset-custody">Digital asset custody</option>
<option value="general-inquiry">General inquiry</option>
</select>
<label for="help" class="form-label required">How can we help?</label>
<textarea id="help" name="help" class="form-textarea" required></textarea>
<div id="other-field" style="display:none;">
<input type="text" id="other-source" name="other-source" class="form-input" placeholder="Please specify">
</div>
<!-- TODO: add captcha of some sort -->
<button type="submit" class="contact-button">Submit</button>
<p class="center submit-policy">We respect your privacy. The information you provide will only be used to respond to your inquiry and will never be shared externally.</p>
</form>
</div>
</div>
</section>
<section style="margin-bottom: 0px">
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>
</main>
<br />
{%- include footer.html -%}
</div>
</body>
<script>
function toggleOtherField() {
var hearAbout = document.getElementById('hear-about').value;
var otherField = document.getElementById('other-field');
if (hearAbout === 'other') {
otherField.style.display = 'block';
document.getElementById('other-source').required = true;
} else {
otherField.style.display = 'none';
document.getElementById('other-source').required = false;
}
}
function validateForm() {
var inquiryType = document.getElementById('inquiry-type');
var services = document.getElementById('services');
var hearAbout = document.getElementById('hear-about');
if (inquiryType.value === "") {
alert("Please select a valid Inquiry Type");
return false;
}
if (services.value === "") {
alert("Please select a valid Service you are interested in");
return false;
}
return true;
}
</script>
</html>

283
_layouts/landing.html
View File

@ -1,194 +1,105 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<div class="video-background-container">
<video autoplay muted loop playsinline style="left: 85%; width: 200px !important" class="video-background">
<source src="assets/videos/landing-globe.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/landing-globe.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<body>
<div class="container">
<section class="flex-container video-content landing-page-header">
<div class="flex-container-inner">
<div class="text-well">
<h1 class="gradient-text hero-header landing-header">security without blind trust</h1>
<p class="hero-p" style="margin-top: 0px">Distrust applies a first principles approach to securing mission critical infrastructure. No guessing, no shortcuts, only verifiable security.</p>
<br />
<a href="/contact.html" class="mega button">Work with us</a>
<br />
</div>
</div>
<div class="flex-container-inner">
</div>
</section>
{%- include header.html -%}
<section class="mid-tall-section">
<div class="flex-container-inner">
<div class="text-well center">
<h4 class="carousel-title" >trusted by industry leaders</h4>
</div>
</div>
<main>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h2>Understand and mitigate security threats others won't see coming.</h2>
<p>We believe security compromises to your systems and personnel are <b>inevitable</b>. Allow our team of experienced security engineers to help you reduce the likelihood and impact of risks by thinking from first principles.</p>
<br />
<a href="/contact.html" class="action-button">Free Consultation</a>
<br />
</div>
</div>
<div class="flex-container-inner carousel-container">
<div id="carousel"></div>
<br>
<div style="margin-left: 10px; font-size: 14px">
<a style="color: rgb(73, 73, 73)" href="../assets/js/carousel-items.json">Full list of articles</a>
</div>
</div>
</section>
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>
<hr />
<section>
<div class="center">
<div class="capsule">what we do</div>
</div>
<br>
<h3 class="gradient-text center">our services today, our vision for tomorrow</h3>
<br>
<div class="flex-container">
<a href="/services.html" class="arrow-link">
<div class="flex-container-inner card">
<div class="text-well">
<h4>services</h4>
<p>We dont just assess risks—we eliminate them. Our first principles approach removes single points of failure, protects mission-critical systems, and ensures verifiable security. Whether you need a full audit, architecture review, incident response, or ongoing retained support we have you covered.</p>
<br>
Learn more
<span class="arrow">&#x2192;</span>
</div>
</div>
</a>
<a href="/roadmap.html" class="arrow-link">
<div class="flex-container-inner card roadmap-card roadmap-card-teal" style="background: #00191E; border: 1px solid #01586A">
<div class="text-well">
<h4>roadmap</h4>
<p>Security is always evolving—so are we. Distrust is building the next generation of security infrastructure that eliminates reliance on any single computer, person, or system. Using full-source bootstrapping, determinism, and quorum-based security, we ensure verifiable, trustless protection at every layer.</p>
<br>
View roadmap
<span class="arrow">&#x2192;</span>
</div>
</div>
</a>
</div>
</section>
<section class="">
<div class="flex-container-inner">
<div class="text-well">
<h2>We specialize in working with high risk clients.</h2>
<p>If you protect valuable assets or data, or provide software to others that do, your adversaries will not play fair. We want to help you protect your team and users, and remove single points of failure in your stack.</p>
</div>
</div>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">We help organizations that can't afford to fail. If security is mission-critical for your company, let's talk.</p>
<div class="button-container center">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</section>
<br />
<div class="flex-container-inner">
<div class="companies">
<div>
<a href="https://coinbase.com">
<img style="height: 30px" src="assets/base/companies/coinbase-white.svg" />
</a>
</div>
<div>
<a href="https://bitgo.com">
<img src="assets/base/companies/bitgo-logo-white.svg" />
</a>
</div>
<div>
<a href="https://bishopfox.com">
<img style="height: 30px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);" src="assets/base/companies/bishop-fox-dark.png" />
</a>
</div>
</div>
<div class="companies">
<div>
<a href="http://www.falconx.io/">
<img style="height: 20px" src="assets/base/companies/falconx-white.svg" />
</a>
</div>
<div>
<a href="http://www.turnkey.io/">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" />
</a>
</div>
<div>
<a href="https://exodus.com">
<img src="assets/base/companies/exodus-white.svg" />
</a>
</div>
</div>
<div class="companies">
<div>
<a href="https://siderolabs.com">
<img style="height: 60px" src="assets/base/companies/sidero-labs-white.png" />
</a>
</div>
<div>
<a href="https://zoom.com">
<img style="height: 35px;" src="assets/base/companies/zoom-white.png" />
</a>
</div>
<div>
<a href="https://mystenlabs.com">
<img style="height: 25px" src="assets/base/companies/mysten-labs-white.svg" />
</a>
</div>
</div>
<div class="companies">
<div>
<a href="http://www.ankr.com/">
<img style="height: 75px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);" src="assets/base/companies/ankr.png" />
</a>
</div>
<div>
<a href="http://www.hashicorp.io/">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" />
</a>
</div>
<div>
<a href="http://www.b1.com/">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" />
</a>
</div>
</div>
<div class="companies">
<div>
<a href="http://www.ledn.io/">
<img src="assets/base/companies/ledn-white.svg" />
</a>
</div>
<div>
<a href="https://fitbit.com">
<img src="assets/base/companies/fitbit-white.png" />
</a>
</div>
<div>
<a href="https://dfns.co">
<img src="assets/base/companies/dfns-color.png" />
</a>
</div>
</div>
</div>
</section>
<hr/>
<section class="">
<div class="flex-container-inner" style="align-items: baseline">
<div class="text-well">
<h1>Services</h1>
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, want to create or improve an open source security tool, or want to focus on assessing a specific aspect of your organization or system - we are here to help. Our experienced staff will collaborate closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
<div class="button-container">
<a class="action-button" href="/services.html">Learn more</a>
<a href="/contact.html" class="action-button">Free Consultation</a>
</div>
</div>
</div>
<div class="flex-container-inner">
<div class="">
<br />
<hr />
<br />
</div>
<div class="text-well">
<h3>Security Assessment</h3>
<p>We offer full stack security assessments, covering anything that is in scope for a sophisticated adversary, such as compromising a third party library, bribing a devops engineer, finding a oversight in your code, or otherwise. While we will point out specific flaws we find, we feel we offer the most value in helping you identify where you can make strategic improvements to your architecture to take entire classes of risk off the table.</p>
</div>
<br />
<hr />
<br />
<div class="text-well">
<h3>Security Engineering</h3>
<p>Our team is comprised of security engineers with past lives as full time system administrators and software engineers. We have extensive first hand experience in implementing custom security defenses for high risk organizations. We are happy to get as deep into the weeds planning new defense strategies as you like, from Linux kernel hardening, to supply chain signing, to code quality, library choices, and beyond.</p>
</div>
<br />
<hr />
<br />
<div class="text-well">
<h3>Retained Security Support</h3>
<p>We offer monthly retainer contracts to augment your existing security team with access to our combined experience as needed. You can drop questions to our team in a chat, or include us in security-relevant meetings. Almost anything an in-house security team might do to protect your organization is in scope for us as well, including qualifying candidates, conducting interviews, reviewing code, evaluating third party risks, or being a security voice in the room when you are planning new products.</p>
</div>
<br />
<hr />
<br />
<div class="text-well">
<h3>Research & Development</h3>
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique situations. If we are doing public work you would like to see more of, or that -almost- meets your needs, we would love to hear that and figure out a path to see your needs met.</p>
</div>
</div>
<br />
<br />
<a href="/contact.html" class="action-button">Free Consultation</a>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

26
_layouts/post.html Normal file
View File

@ -0,0 +1,26 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container blog">
<main>
<article class="post">
<h1>{{ page.title }}</h1>
<div class="entry">
{{ content }}
</div>
<p>
{% for author in page.authors %}
— {{ author.name }}{% unless forloop.last %}, {% endunless %}
{% endfor %}
</p>
</article>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

503
_layouts/roadmap.html Normal file
View File

@ -0,0 +1,503 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<div class="video-background-container">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/turq-blocks.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/turq-blocks.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<section class="flex-container capsule-header video-content" style="margin-top: 80px">
<div class="flex-container-inner" style="padding-top: 0px">
<div class="text-well center">
<div class="capsule-teal">roadmap</div>
<br>
<h1 style="max-width: 1000px; margin: auto">verifiable security without single points of failure</h1>
<br>
<p class="hero-p center">Most systems still rely on single individuals or computers, unverifiable software, and opaque processes. Were redesigning security for transparency from the ground up.</p>
<div class="button-container center">
<a href="#roadmap" class="mega-teal button">View roadmap</a>
</div>
</div>
</div>
</section>
<section class="flex-container mid-tall-section">
<div class="flex-container-inner">
<h3>creating the building blocks for provable security</h3>
<p class="hero-p">Modern software systems still rely on trust in individuals—maintainers, IT admins, or third-party providers. But what happens when they are compromised? How do you verify that the software running on your systems hasnt been tampered with?</p>
<p class="hero-p">Weve identified critical missing pieces needed to remove single points of failure at every level. Our approach covers the complete lifecycle of software from your toolchains and dependencies to how your code is built, signed, verified and deployed.</p>
<p class="hero-p">By combining multi-party trust, remote attestation, and bit-for-bit reproducibility, we are methodically eliminating trust assumptions, ensuring security isnt just a claim—its provable.</p>
<a href="#roadmap" class="arrow-link">
See what we're building
<span class="arrow">&#x2192;</span>
</a>
</div>
<div class="flex-container-inner"></div>
</section>
<span class="roadmap" id="roadmap">
<h2 class="center gradient-text">our roadmap</h2>
<p style="margin-top: 20px" class="hero-p center">We are actively working on a number of different projects, and looking to fund others. Here is what's on the way and what's coming next.</p>
<section id="sourceid" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">SourceId</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">source code integrity</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-grey">fundraising</div>
</div>
</div>
<p>SourceId ensures that source code integrity is verifiable. It prevents tampering of archives and other formats used for delivering source code by standardizing code and generating a hash-based fingerprint of the tree which includes all essential files.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/sourceid" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="sigrev" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">SigRev</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">crowdsourced code review</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-grey">fundraising</div>
</div>
</div>
<p>SigRev is a crowdsourcing framework extending SourceID with signed code reviews. It enhances open-source security by making comprehensive manual reviews discoverable, overcoming the limitations of static analysis tools.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/sigrev" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="stagex" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">StageX</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">deterministic reproducibility</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>StageX is a hermetic, deterministic and reproducible toolchain providing multi-signed OCI images for popular software. This approach removes single points of failure in sofware builds.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://codeberg.org/stagex/stagex" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="repros" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">ReprOS</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">ephemeral build environments</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-yellow">in-progress</div>
</div>
</div>
<p>ReprOS is a bare-bones immutable OS designed for securely reproducing and signing software. Each build is executed in a one-time use environment, eliminating persistent risks.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#bootproof">
<div class="capsule-transparent">Bootproof</div>
</a>
</div>
</div>
<a href="https://codeberg.org/stagex/repros" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="keyfork" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Keyfork</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">deterministic key management</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>Keyfork simplifies cryptographic material management by deriving any number or type of keys from a single entropy source. This greatly simplifies secret management complexity while maintaining security.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/keyfork" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="icepick" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Icepick</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">cryptographic operations</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>Icepick provides a framework for offline verified cryptographic signing operations. Its modular design provides a unified interface for a wide range of cryptographic signing tasks.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/keyfork" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="airgapos" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">AirgapOS</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">air-gapped OS</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>AirgapOS is a minimal, immutable offline first environment for secret management. It ships with a swiss-army knife of tools and an extensibility framework to cover most secure administration needs.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#keyfork">
<div class="capsule-transparent">Keyfork</div>
</a>
<a href="#icepick">
<div class="capsule-transparent">Icepick</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/airgap" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="bootproof" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Bootproof</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">remote attestation</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-grey">fundraising</div>
</div>
</div>
<p>Bootproof provides a way to prove what software booted on a given system by leveraging platform hardware or firmware remote attestation technologies.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/bootproof" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="enclaveos" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">EnclaveOS</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">trusted execution environments</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-yellow">in-progress</div>
</div>
</div>
<p>EnclaveOS is a minimal and immutable operating system for running security critical software with high accountability. It can be extended to support multi-party management of secrets such that no person can control them alone.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#keyfork">
<div class="capsule-transparent">Keyfork</div>
</a>
<a href="#bootproof">
<div class="capsule-transparent">Bootproof</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/enclaveos" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="vault" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Vault</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">prescriptive key management</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-yellow">in-progress</div>
</div>
</div>
<p>Detailed set of practices, ceremonies and documentation for generating, backing up and using secrets that you can't afford to lose. Combines the best of tactics of major custodians as an open framework available for everyone.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#airgapos">
<div class="capsule-transparent">AirgapOS</div>
</a>
<a href="#keyfork">
<div class="capsule-transparent">Keyfork</div>
</a>
<a href="#icepick">
<div class="capsule-transparent">Icepick</div>
</a>
<a href="#bootproof">
<div class="capsule-transparent">Bootproof</div>
</a>
</div>
</div>
<a href="https://qvs.distrust.co/" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
</span>
<section class="flex-container">
<div class="flex-container-inner"></div>
<div class="flex-container-inner">
<h4 class="quote" style="filter: brightness(50%)">❝Our mission is to use our knowledge to improve the security, privacy, and freedom of as many individuals as possible. We believe having verifiable foundations on which technologies can be built is a fundamental step toward improving the wellbeing of our species and solving the coordination problem.❝ — Distrust team</h4>
</div>
</section>
<section style="margin-bottom: 0px;" class="flex-container">
<div class="flex-container-inner">
<h2 class="powered-header gradient-text center">powered by distrust</h2>
<p class="hero-p center" style="margin-top: 20px; max-width: 700px">Companies are already choosing to adopt our methodologies and tooling to help secure their systems.<p>
</div>
</section>
<section style="margin-top: 40px;" class="flex-container powered-by">
<div class="flex-container-inner">
<div class="text-well card">
<img src="assets/base/companies/turnkey-black.svg" style="filter: invert(100)">
<p>Using StageX and ReprOS to improve their supply chain security story.</p>
<a href="https://whitepaper.turnkey.com/foundations#abstract" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well card">
<img src="assets/base/companies/mysten-labs-white.svg" style="width: 250px">
<p>The SUI cryptocurrency is leveraging StageX to build their nodes in a deterministic manner in order to eliminate single points of failure.</p>
<a href="https://github.com/MystenLabs/sui/issues/13476" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well card">
<img src="assets/base/companies/sidero-labs-white.png" style="filter: grayscale(); width: 150px">
<p>Using StageX to build their widely used Talos Linux distribution specialized in delivering kubernetes features.</p>
<a href="https://github.com/siderolabs/talos/releases/tag/v1.10.0-alpha.2" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">want to help with our vision?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">If you would like to help us, please sponsor our work or get involved as a contributor.</p>
<div class="button-container center">
<a href="/contact.html" class="mega-teal button">Get in touch</a>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

216
_layouts/services.html
View File

@ -1,104 +1,130 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<div class="video-background-container" style="top: 350px">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/swirly-lines.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/swirly-lines.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<section class="flex-container capsule-header video-content">
{%- include head.html -%}
<div class="flex-container-inner">
<div class="text-well center">
<div class="text-well" style="text-align: center; margin: auto">
<div class="capsule">services</div>
</div>
<br>
<h1 class="services-header hero-title gradient-text hero-header">
hire Distrust to solve your hardest security challenges
</h1>
<br>
<p class="hero-p center">Built by engineers behind BitGo, Unit410, and Turnkey, we apply hard-earned lessons from securing critical infrastructure to build transparent, resilient, and universally applicable security solutions.</p>
<div class="button-container">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</div>
</div>
</section>
<body>
<div class="container">
<section class="flex-container mid-tall-section">
<div class="flex-container-inner">
<div class="text-well">
<h3>security assessments</h3>
<p style="max-width: 540px">Our assessments go beyond identifying vulnerabilities—we strategically eliminate risks at their source. Using a first-principles methodology, we pinpoint single points of failure and deliver clear, actionable recommendations to secure your systems against sophisticated threats.</p>
<ul>
<li>Secure architecture review</li>
<li>Threat modeling</li>
<li>Penetration testing</li>
<li>Secure code review</li>
</ul>
<br>
<a href="/contact.html" class="arrow-link">
Schedule an assessment
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well">
<h3>retainer or fractional CISO</h3>
<p style="max-width: 540px">Gain continuous, high-level security leadership tailored precisely to your organization's needs. We work closely with your teams, providing strategic security direction, eliminating blind trust, and protecting critical infrastructure from sophisticated threats.</p>
<ul>
<li>Security program development</li>
<li>Incident response</li>
<li>Due diligence</li>
<li>Vetting security talent</li>
</ul>
<br>
<a href="/contact.html" class="arrow-link">
Work with us
<span class="arrow">&#x2192;</span>
</a>
</div>
</section>
{%- include header.html -%}
<main>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h2>How can we help you?</h2>
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, want to create or improve an open source security tool, or want to focus on assessing a specific aspect of your organization or system - we are here to help. Our experienced staff will collaborate closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
<br />
<a href="/contact.html" class="action-button">Free Consultation</a>
<br />
</div>
</div>
<div class="flex-container-inner">
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner"></div>
<div class="flex-container-inner">
<h2 class="gradient-text why-distrust">why Distrust?</h2>
<p>
Why choose Distrust? Because security shouldn't be based on blind trust, it should be based on <b>dis</b>trust, and verifiability. Most organizations treat cybersecurity like people once treated hygiene—poorly.
</p>
<p>At Distrust, we've identified fundamental methods to eliminate entire categories of risk at their source. Similarly to how handwashing revolutionized public health by preventing unseen threats like bacteria, our first-principles security methodology brings new levels of security to our clients by eliminating single points of failure, and providing verifiable, resilient protection for critical systems.
</p>
<ul class="narrow-list">
<li><b>First-principles security</b> 
<p>Attack surface area reduction through eliminating root causes.</p>
</li>
<li><b>Proven methodology</b>
<p>Methodology tested in high-stakes, mission-critical environments.</p>
</li>
<li><b>Seamless collaboration</b>
<p>Clear, actionable engagement steps—start immediately.</p>
</li>
</ul>
</div>
</section>
<hr />
<section class="">
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Security Assessment</h3>
<p>We offer full stack security assessments, covering anything that is in scope for a sophisticated adversary, such as compromising a third party library, bribing a devops engineer, finding an oversight in your code, or otherwise. While we will point out specific flaws we find, we feel we offer the most value in helping you identify where you can make strategic improvements to your architecture to take entire classes of risk off the table.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Penetration Testing</li>
<li>Secure Code Review</li>
<li>Cloud Configuration Review</li>
<li>Threat Modeling</li>
</ul>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">We help organizations that can't afford to fail. If security is mission-critical for your company, let's talk.</p>
<div class="button-container center">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</section>
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Security Engineering</h3>
<p>Our team is comprised of security engineers with past lives as full time system administrators and software engineers. We have extensive first hand experience in implementing custom security defenses for high risk organizations. We are happy to get as deep into the weeds planning new defense strategies as you like, from Linux kernel hardening, to supply chain signing, to code quality, library choices, and beyond.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Secure Code Development</li>
<li>Cryptocurrency Custodial Solutions</li>
<li>Quorum Authentication Design and Implementation</li>
<li>Cryptographic Key Escrow / Signer</li>
<li>Reproducible / Deterministic Builds</li>
<li>Production Engineering Practice</li>
</ul>
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Retained Security Support</h3>
<p>We offer monthly retainer contracts to augment your existing security team with access to our combined experience as needed. You can drop questions to our team in a chat, or include us in security-relevant meetings. Almost anything an in-house security team might do to protect your organization is in scope for us as well, including qualifying candidates, conducting interviews, reviewing code, evaluating third party risks, or being a security voice in the room when you are planning new products.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Security Program Development</li>
<li>General Security Consulting</li>
<li>Assistance With Hiring Security Talent</li>
<li>Business Continuity Planning</li>
<li>Physical Security</li>
</ul>
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Research</h3>
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique needs. If we are doing public work you would like to see more of, or that <i>almost</i> meets your needs, we would love to hear from you and figure out a path to see your needs met.</p>
</div>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>
</main>
{%- include footer.html -%}
</body>
</html>

113
_layouts/tools.html
View File

@ -1,113 +0,0 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
<div class="container">
{%- include header.html -%}
<main>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h2>Tools</h2>
<p>Distrust develops open source tooling to help make the internet a safer place!</p>
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique needs. If we are doing public work you would like to see more of, or that <i>almost</i> meets your needs, we would love to hear from you and figure out a path to see your needs met.</p>
</div>
</div>
<div class="flex-container-inner">
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>AirgapOS</h3>
<a href="https://git.distrust.co/public/airgap" target="_blank" rel="noopener noreferrer">https://git.distrust.co/public/airgap</a>
<p>A live buildroot based Linux distribution designed for managing secrets offline.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Deterministic binary verification</li>
<li>Small footprint (< 100MB)</li>
<li>Immutable and diskless</li>
<li>Network drivers removed</li>
</ul>
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Keyfork</h3>
<a href="https://git.distrust.co/public/keyfork" target="_blank" rel="noopener noreferrer">https://git.distrust.co/public/keyfork</a>
<p>An opinionated and modular toolchain for generating and managing a wide range of cryptographic keys offline and on smartcards from a shared bip39 mnemonic phrase..</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>BIP39 style key derivation from OS or hardware entropy</li>
<li>Sharding mechanism allows "M-of-N" recovery</li>
<li>Built deterministically</li>
<li>Intended for use with air-gapped systems</li>
</ul>
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>StageX</h3>
<a href="https://codeberg.org/stagex/stagex" target="_blank" rel="noopener noreferrer">https://codeberg.org/stagex/stagex</a>
<p>Minimalism and security first repository of reproducible and multi-signed OCI images of common open source software toolchains full-source bootstrapped from Stage 0 all the way up.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Fully verifiable and deterministic build toolchain</li>
<li>Deterministic packages of commonly used software (rust, go, openssl, curl and many more)</li>
<li>Flexible drop in replacement for existing software</li>
<li>Available on <a href="https://hub.docker.com/u/stagex" target="_blank" rel="noopener noreferrer">dockerhub</a></li>
</ul>
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>EnclaveOS</h3>
<a href="https://git.distrust.co/public/enclaveos" target="_blank" rel="noopener noreferrer">https://git.distrust.co/public/enclaveos</a>
<p>A minimal, immutable, and deterministic Linux unikernel build system targeting various Trusted Execution Environments for use cases that require high security and accountability.</p>
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Immutable: Root filesystem is a CPIO filesystem extracted to a RamFS at boot</li>
<li>Minimal: < 5MB footprint and nothing is included but a kernel and your target binary by default</li>
<li>Deterministic: multiple people can reproduce the build and verify its integrity</li>
<li>Hardened: No TCP/IP network support, most unnecessary kernel features disabled and follows <a href="https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project" target="_blank" rel="noopener noreferrer">Kernel Self Protection Project</a> recommendations</li>
</ul>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

106
_posts/2025-03-20-bitby-report.md Normal file
View File

@ -0,0 +1,106 @@
---
layout: post
title: bybit incident report and mitigating controls
date: 2025-03-20
cover_image: "/assets/images/whale_shark.jpg"
authors:
- name: Anton Livaja
---
The ByBit incident is an example of a nation state actor using a series of sophisticated attacks to compromise high value targets. When the value at stake is such that it justifys spending funds on buying 0-days, in some cases multiples, and combining them into elaborate exploit chains, attacking multiple different layers of the tech stack, highly targetted social engineering, compromise of individuals, planting of moles or even phsyical attacks, the threat model which needs to be assume to adequately address risks needs to be extreme.
### Threat Model Assumptions
The assumptions we make about nation state actors at Distrust:
* All screens are visible to the adversary
* All keyboards are logging to the adversary
* Any firmware/boot-loaders not verified on every boot are compromised
* Any host OS with network access is compromised
* Any guest OS used for any purpose other than prod access is compromised
* At least one member of the Production Team is always compromised
* At least one maintainer of third party used in the system is compromised
* Physical attacks are viable and likely
* Side-channel attacks are viable and likely
The suggested mitigating controls following in this report consist of tools which we developed to address exactly this type of threat model and are at varying levels of maturity. The good news is the reference designs and concepts are available to you today, but some of the tooling needs more work - so if you care about these issues and want to help us complete the work on the missing pieces, please talk to us.
### The Method
This report highlight the major single points of failure, which rely on a single individual and/or computer, thus creating an opportunity for compromise. Blockchains benefit from security of the network via strong cryptography and decentralization. More "traditional" parts of the infrastructure historically have not had the ability to distribute trust, but with some clever tactics we can achieve a decentralization of trust which helps us ensure that no single individual or computer can compromise a system.
---
## Root Cause Analysis and Mitigating Controls
### I. Developer Workstation Compromise
> Earliest known malicious activity was identified, when a developers Mac OS workstation was compromised, likely through social engineering. ([Sygnia report](https://www.sygnia.co/blog/sygnia-investigation-bybit-hack/))
#### Primary Mitigation
Day-to-day work machines should not be used for production access / managing tokens for production access. This is an operational security shortcoming, as any interaction with production systems, whether via an API token, or web interface should be done via a dedicated computer or highly isolated environment (hardware-based virtualization like QubesOS/Xen preferred) with minimal dependencies only used for carrying out production tasks. Any interactions outside of production related tasks create opportunities for the system to be compromised - downloading and opening files, downloading and running software libraries (such as Docker which was the source of malware in this case), visiting websites (yes, the browser sandbox can be broken) etc.
#### Advanced Mitigation
Another way to mitigate this risk is to use a hardened server, such as a secure enclave, which is immutable, and can remotely attest to the code it's running. Setting up that server to only deploy code that's signed by x trusted PGP (or other signing algorithms) can achieve a state where no single individual has the ability to modify the infrastructure.
- Use [EnclaveOS](https://git.distrust.co/public/enclaveos) - a minimal and immutable operating system for running security critical software with high accountability on secure enclaves. EnclaveOS can also be extended to support multi-party management of secrets such that no person can control them alone. This can be used to set up secure enclave which acts as the deployment system. EnclaveOS is a reference implementation, but we are happy to help invest energy into making this tool easier to use for everyone.
- Use [Bootproof](https://git.distrust.co/bootproof) alongside EnclaveOS to prove which software booted on a given system by leveraging platform hardware or firmware remote attestation technologies. This tool is designed but not yet in development. Currently EnclaveOS can be used with Nitro VMs on AWS with some work to achieve remote attestation - and several Distrust clients are using this setup in production today. Our team would be happy to invest energy to develop this tooling if anyone is willing to help fund it. It would unlock use of general hardware like TPMs and other remote attestation technologies to allow deploying remote attestation setups to different cloud platforms for more security via diversity.
#### Additional notes
* This isn't the first time an attack like this happened. Those who have been around for a while will remember the [Axie Infinity Hack](https://www.bleepingcomputer.com/news/security/hackers-stole-620-million-from-axie-infinity-via-fake-job-interviews/) which also happend due to compromise of a developer who used their day to day machine for managing cryptographic material and accessing production systems.
* The use of tools like MDM on systems for production access is not recommended, as they create a single point of failure. Most MDM solutions mean that a third party has complete access to the fleet of computers it's "protecting", and even if self hosted creates a large single point of failure which is challenging to mitigate to a resonable degree. Instead, the approach should rely on making the surface area for attack so minimal that introducing anything else introduces more risk than benefit. For illustrative pruposes, imagine a hardware-based virtual machine which only has a minimal operating system, the CLI tool for the preferred cloud platform, and a network interface which has a firewall configuration permitting only connections to a specific production asset. If this sytem is only used for accessing that specific asset, the introduction of anything additional, including an MDM or anti-malware/anti-virus software, actually increases the surface area for attack. Of course, this is a stepping stone to improve controls around accessing production systems until better mitigating controls can be put in place, making it impossible to directly interact with and change production systems as an individual.
* Additional resiliency can be achieved by deploying a system for deployment across multiple accouts with different ownership or even different cloud platforms. This is out of scope of this report which focuses on mitigating controls where most companies should start their journey to improve their supply chain security.
* It is also worth noting that it appears a Docker container with network connectivity was used to compromise a developer's machine initially. This points to an often overlooked issue, which is that Docker is not a secure containerization technology, as it makes it fairly trivial to move files across the container boundary, as part of its design. This is useful for some usecases but not for strict isolation - which should instead rely on hardware-based virtualization.
### II. JavaScript Code Tampering
> Preliminary incident reports by both Sygnia and Verichains were shared by Bybits CEO, Ben Zhou in his X post. Both reports highlighted the same attack vector the modification of JavaScript resources directly on the S3 bucket serving the domain app.safe[.]global. ([Sygnia repors](https://www.sygnia.co/blog/sygnia-investigation-bybit-hack/))
#### Primary Mitigation
Ensure that the bucket / server serving the website can not be modified by a single individual. Set up immutable infrastructure by deploying software using a hardened server—such as an enclave—that only serves software reproduced across multiple systems and signed by a set of trusted parties. The software is then deployed to an immutable server or bucket for secure delivery to clients. The main risk to mitigate here is the "root" access account controlling the infrastructure. However, secure enclaves and remote attestation can effectively reduce this risk ([EnclaveOS](https://git.distrust.co/enclaveos) + [Bootproof](https://git.distrust.co/bootproof)).
#### Advanced Mitigation
* Leverage bit-for-bit reproducibility to ensure that the software being delivered has not been tampered. In the case of JS code, which is not compiled but interpreted, the source code can be reviewed, and hashed to have a way for checking integrity of the code. This process of hashing should be done in trusted isolated environments, and ideally on multiple machines to ensure that no single computer has the ability to tamper with the code.
* [This video](https://antonlivaja.com/videos/2024-incyber-stagex-talk.mp4) (4:30-6:30) explains how reproducibility helps protect the integrity of software. For those new to reproduction and determinism, it's advised to watch the whole video.
* This attack vector actually extends to all underlying software used in the build environment, such as the different libraries, as well as the compiler. To maximally mitigate this risk, a bootstrapped compiler should be used, and all software including the compiler itself should be built deterministically to close off tampering attack vectors across the whole foundation of software used in build environments. This allows one to reproduce the identical bit-for-bit binary in diverse environments (different OS, different chipset, different cloud platform, different access etc.), and ensure that the is still exactly the same - proving there has been no tampering.
* Use [StageX](https://codeberg.org/stagex/stagex) to reproduce your software and close off compiler and environment risks. StageX is a minimalism and security first repository of reproducible and multi-signed OCI images of common open source software toolchains full-source bootstrapped from Stage 0 all the way up. It's currently actively being used by [Talos Linux](https://github.com/siderolabs/talos/releases/tag/v1.10.0-alpha.2), [Mysten Labs (SUI)](https://github.com/MystenLabs/sui/tree/jnaulty/stagex-update) and [Turnkey](https://whitepaper.turnkey.com/foundations) to name a few of the widely known projects.
* Use [ReprOS](https://codeberg.org/stagex/repros) to help with reproduction. It's a bare-bones immutable OS designed for securely reproducing and signing software. Each build is executed in a one-time use environment, eliminating persistent risks. It is in currently in beta testing. This project is currently in beta.
#### Additional Notes
All third party code should be manually reviewed. Currently most companies rely on SAST tools. This is not enough, as SAST tools are unable to detect novel exploits. The cost of using open source code, at a minimum, should be to review every line of code manually. If companies are so stringent about having developers review their first party code, why do companies choose to not apply the same principles to third party code? It is burdensome, but necessary for high risk targets. If you're unfamiliar a good example of what's possible with supply chain attacks is the [xz backdoor](https://en.wikipedia.org/wiki/XZ_Utils_backdoor).
- Distrust's answer to this is [SigRev](https://git.distrust.co/public/sigrev), which helps harness the power of nerds to create a repository of signed reports for reviews of open source software. The idea is that companies can come together to fund review of common open source software, to save money, and simultaneously help secure Open Source software. SIgRev has been designed, but is not yet in development and is seeking funding.
### III. Compromise of WebUI
> Bybit initiated a transaction from the targeted cold wallet using Safe{Wallet}s web interface. The transaction was manipulated, and the attackers siphoned the funds from the cold wallets. ([Sygnia report](https://www.sygnia.co/blog/sygnia-investigation-bybit-hack/))
#### Primary Mitigation
Initializing transactions from a WebUI leaves a lot of surface area for the attack as browsers are known for being difficult to protect. This is due to the nature of what a browser is - a window into the open internet. Additionally, the v8 engine which is the backbone of most browsers is an immensly complex and difficult surface area to defend, resulting in frequent 0-day vulnerabilities, as well as supply chain issues.
* Do not sign transactions involving large sums in a browser.
* Use offline trusted environments for signing, to protect key material, and mitigate the risk of a compromised UI displaying incorrect information. In the case of the ByBit hack in particular, preventing the JS tampering would have mitigated this risk, but other supply chain attack vectors which can achieve the same outcome remain (extensions, v8 engine 0-day exploits etc.). By using a minimal set of CLI tools to sign transactions offline, the WebUI compromise would have been avoided.
* Use [AirgapOS](https://git.distrust.co/public/airgap), which is an immutable, diskless OS used for offline secret management and operations. It is a swiss-army knife which essentially turns a laptop into a hardware wallet. Some modifications for the laptop are required such as removing radio cards from the laptop. Inside of it are [keyfork](https://git.distrust.co/public/keyfork) and [Icepick](https://git.distrust.co/public/icepick) which are tools for generating and managing entropy which can be derived for different cryptographic algorithms, as well as for cryptographic signing operations. Keyfork and Icepick are both extremely minimal and written in rust and currently support Solana, Pyth, Cosmos, Kyve and Seda as we received funding to implement those, but can be extended to support other chains - we are currently working on Bitcoin, but would be happy to add support for Ethereum as well - again this is not a political decision, we just had individual sponsor implementing support for those blockchains first. These three tools are all being used in production today by multiple clients, and have been audited by several security firms whose reports can be found in the respective repositories.
## Extras
We have noticed that many companies still neglect basic security hygiene practices that apply to everyone and could meaningfully improve the security of systems with relatively little effort.
1. Adopt FIDO2 as MFA wherever possible and avoid using SMS, TOTP, Yubico OTP, email codes and push notifications. If your provider doesn't offer FIDO2, you should ask them why as it's objectively the best type of MFA currently available.
2. Use smart cards for FIDO2, and for managing PGP keys which can be used for *signing commits*, and *ssh* access. We built [tooling and guides](https://qvs.distrust.co/generated-documents/all-levels/pgp-key-provisioning.html) which makes it easy to provision PGP keys and load them onto smart cards. Signing commits is helpful as it can help protect modification of code via attacks like commit spoofing, and keeping the SSH key securely inside of a smart card is akin to keeping seed phrases safely stored in HSMs.
## Summary
The Distrust team has helped build and secure some of the highest risks systems in the world such as the vaulting systems at BitGo, Unit410, and Turnkey as well as helping electrical grid operators, industrial control system operators and other. Through working with companies that are exposed to the most sophisticated known attackers where all attacks are viable, Distrust developed a methodology to help mitigate this level of threat. We are now using our hard learned lessons to help everyone improve their security posture by open sourcing all our learnings and creating open source tooling everyone can benefit from.
You can learn more about what we are building on our [website](https://distrust.co)

66
_sass/_dark.scss
View File

@ -3,30 +3,44 @@
*/
:root {
--base-color: #FFFFFF;
--border: solid 2px rgba(219, 219, 219, 0.9);
--selection-background: rgba(219, 219, 219, 0.99);
--selection-text: #000;
--background-color: #282828;
--text-color: var(--base-color);
--placeholder-color: var(--base-color);
--link-color: var(--base-color);
--code-color-1: #aaaaaa;
--code-color-2: #ffffcc;
--code-color-3: #F00000;
--code-color-4: #F0A0A0;
--code-color-5: #b38aff;
--code-color-6: #5ba711;
--code-color-7: #e4e477;
--code-color-8: #000080;
--code-color-9: #05ca05;
--code-color-10: #888888;
--code-color-11: #555555;
--code-color-12: #800080;
--code-color-13: #00d4d4;
--code-color-14: #00c1c1;
--code-color-15: #ed9d13;
--code-color-16: #1e90ff;
--code-color-17: #800000;
--code-color-18: #bbbbbb;
--base-color: rgba(255, 255, 255, 0.87);
--header-color: #ffffff;
--border: solid 2px rgba(219, 219, 219, 0.9);
--selection-background: rgba(219, 219, 219, 0.99);
--selection-text: #000;
--background-color: #0F0F0F;
--text-color: var(--base-color);
--placeholder-color: rgba(0, 0, 0, 0.5);
--link-color: var(--base-color);
/* yoinkt from Material Design 2014, Deep Purple A200 */
--purple: #7C4DFF;
--light-purple: #A998ED;
--mid-purple: #473C68;
--dark-purple: #241846;
--light-teal: #6DD4F1;
--mid-teal: #02CAF2;
--dark-teal: #01586A;
--void-teal: #00191E;
--pink: #F048B5;
--light-grey: #9A9A9A;
--mid-grey: #292929;
--dark-grey: #120F1A;
--code-color-1: #aaaaaa;
--code-color-2: #ffffcc;
--code-color-3: #F00000;
--code-color-4: #F0A0A0;
--code-color-5: #b38aff;
--code-color-6: #5ba711;
--code-color-7: #e4e477;
--code-color-8: #000080;
--code-color-9: #05ca05;
--code-color-10: #888888;
--code-color-11: #555555;
--code-color-12: #800080;
--code-color-13: #00d4d4;
--code-color-14: #00c1c1;
--code-color-15: #ed9d13;
--code-color-16: #1e90ff;
--code-color-17: #800000;
--code-color-18: #bbbbbb;
}

55
_sass/_light.scss
View File

@ -3,30 +3,33 @@
*/
:root {
--base-color: #000;
--border: dashed 1px rgba(0, 0, 0, 1);
--selection-background: rgba(0, 0, 0, 0.99);
--selection-text: #FFF;
--background-color: #FFF;
--text-color: var(--base-color);
--placeholder-color: var(--base-color);
--link-color: var(--base-color);
--code-color-1: #aaaaaa;
--code-color-2: #ffffcc;
--code-color-3: #F00000;
--code-color-4: #F0A0A0;
--code-color-5: #0000aa;
--code-color-6: #4c8317;
--code-color-7: #aa0000;
--code-color-8: #000080;
--code-color-9: #00aa00;
--code-color-10: #888888;
--code-color-11: #555555;
--code-color-12: #800080;
--code-color-13: #00aaaa;
--code-color-14: #009999;
--code-color-15: #aa5500;
--code-color-16: #1e90ff;
--code-color-17: #800000;
--code-color-18: #bbbbbb;
--base-color: rgba(0, 0, 0, 0.87);
--header-color: rgba(0, 0, 0, 0);
--border: dashed 1px rgba(0, 0, 0, 1);
--selection-background: rgba(0, 0, 0, 0.99);
--selection-text: #FFF;
--background-color: #FFF;
--text-color: var(--base-color);
--placeholder-color: var(--base-color);
--link-color: var(--base-color);
--dark-purple: #241846;
--light-purple: #7952EB;
--code-color-1: #aaaaaa;
--code-color-2: #ffffcc;
--code-color-3: #F00000;
--code-color-4: #F0A0A0;
--code-color-5: #0000aa;
--code-color-6: #4c8317;
--code-color-7: #aa0000;
--code-color-8: #000080;
--code-color-9: #00aa00;
--code-color-10: #888888;
--code-color-11: #555555;
--code-color-12: #800080;
--code-color-13: #00aaaa;
--code-color-14: #009999;
--code-color-15: #aa5500;
--code-color-16: #1e90ff;
--code-color-17: #800000;
--code-color-18: #bbbbbb;
}

1710
_sass/base.scss
View File

File diff suppressed because it is too large Load Diff

5
about.md
View File

@ -1,5 +0,0 @@
---
title: About
layout: about
permalink: /about.html
---

BIN
assets/base/company-thumbnail.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 360 KiB

BIN
assets/base/distrust-logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 13 KiB

BIN
assets/base/distrust-thumbnail.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 13 KiB

BIN
assets/base/landing-thumbnail.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 361 KiB

BIN
assets/base/roadmap-thumbnail.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 453 KiB

BIN
assets/base/rss.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.3 KiB

BIN
assets/base/services-thumbnail.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 281 KiB

BIN
assets/fonts/Inter-VariableFont_opsz,wght.ttf Normal file
View File

Binary file not shown.

BIN
assets/images/whale_shark.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.0 MiB

121
assets/js/main.js
View File

@ -1,65 +1,90 @@
const collapsibleButton = document.querySelector("#hamburger-menu");
const menuContent = document.querySelector(".menu-content");
collapsibleButton.addEventListener("click", function () {
menuContent.classList.toggle("active");
if (menuContent.style.display === "block") {
menuContent.style.display = "none";
} else {
menuContent.style.display = "block";
}
menuContent.classList.toggle("active");
if (menuContent.style.display === "block") {
menuContent.style.display = "none";
} else {
menuContent.style.display = "block";
}
});
document.addEventListener('DOMContentLoaded', function () {
fetch('../assets/js/carousel-items.json')
.then(response => response.json())
.then(data => {
createCarouselItems(data);
initializeCarousel();
})
.catch(error => console.error('Error loading JSON:', error));
initializeCompaniesCarousel();
fetch('../assets/js/carousel-items.json')
.then(response => response.json())
.then(data => {
createCarouselItems(data);
initializeCarousel();
})
.catch(error => console.error('Error loading JSON:', error));
});
function createCarouselItems(items) {
const carousel = document.querySelector('#carousel');
items.forEach(item => {
const itemDiv = document.createElement('div');
itemDiv.className = 'carousel-item'
const carousel = document.querySelector('#carousel');
items.forEach(item => {
const itemDiv = document.createElement('div');
itemDiv.className = 'carousel-item'
const link = document.createElement('a');
link.className = 'carousel-link';
link.href = item.link;
link.target = '_blank';
link.rel = 'noopener noreferrer';
const linkText = document.createTextNode(item.description);
const link = document.createElement('a');
link.className = 'carousel-link';
link.href = item.link;
link.target = '_blank';
link.rel = 'noopener noreferrer';
const linkText = document.createTextNode(item.description);
link.appendChild(linkText);
itemDiv.appendChild(link);
carousel.appendChild(itemDiv);
});
link.appendChild(linkText);
itemDiv.appendChild(link);
carousel.appendChild(itemDiv);
});
}
function initializeCarousel() {
const carousel = document.querySelector('#carousel');
const items = Array.from(carousel.children);
const totalItems = items.length;
const middleIndex = Math.floor(totalItems / 2);
let currentIndex = -middleIndex;
const carousel = document.querySelector('#carousel');
const items = Array.from(carousel.children);
const totalItems = items.length;
const middleIndex = Math.floor(totalItems / 2);
let currentIndex = -middleIndex;
function cycleItems() {
currentIndex = (currentIndex - 1 + totalItems) % totalItems;
updateCarouselItems();
}
function cycleItems() {
currentIndex = (currentIndex - 1 + totalItems) % totalItems;
updateCarouselItems();
}
function updateCarouselItems() {
items.forEach((item, index) => {
let positionIndex = (currentIndex + index + totalItems) % totalItems;
let offset = positionIndex - middleIndex;
item.style.transform = `translateY(${offset * 100}%)`;
item.classList.toggle('active', positionIndex === middleIndex);
item.style.visibility = 'visible';
});
}
function updateCarouselItems() {
items.forEach((item, index) => {
let positionIndex = (currentIndex + index + totalItems) % totalItems;
let offset = positionIndex - middleIndex;
item.style.transform = `translateY(${offset * 100}%)`;
item.classList.toggle('active', positionIndex === middleIndex);
item.style.visibility = 'visible';
});
}
updateCarouselItems();
setInterval(cycleItems, 7000);
}
function initializeCompaniesCarousel() {
const slider = document.getElementById('logoSlider');
// Duplicate the existing logos by appending the same HTML again:
slider.innerHTML += slider.innerHTML;
let offset = 0;
const speed = 0.5;
function animate() {
offset -= speed;
slider.style.transform = `translateX(${offset}px)`;
// After half of the total (2 sets) is scrolled, reset
if (Math.abs(offset) >= slider.scrollWidth / 2) {
offset = 0;
}
requestAnimationFrame(animate);
}
requestAnimationFrame(animate);
}
updateCarouselItems();
setInterval(cycleItems, 7000);
}

190
assets/pgp/anton.asc Normal file
View File

@ -0,0 +1,190 @@
anton@distrust.co
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGI/PwIBEACfbDXsSIoZzZP8jrk7h2D98bUW2lRYxxpRqjLfvr5M1z3VNHCC
HaHXIPhqTdu6BXWKJJxcdkvp4z5u6aykcAjcRi0MpcTX5tU9RnSvA1HIdDmLukIy
JFEPHxoCeeFBSgmtWYczn3eSmsAQBKCLFsEmVyjpivGlphFAfzcDqtKLhaQVjVU8
YTPty7JIoiYSvCXTHCdYenfQmbpldFuT/60xsc9PJP6wMGdszDc16XIPZUKBfRtf
qPQZPN37SHczuqCrrOr+8+4q1ZcxBRAZxcPpfPk7WG1UDfTZFLvEdNCIaG0+FDkQ
8yvrS/GC9UgO3uRieZ8K4Cd0iMR96nvizqQFHvB/Wn1VwGlptYnlbEcVXttV7v1F
PBtojkEALKXNUxupesnu4YgY09pJAqdhLB89Yk+7SBZWY7C8Ero79f6+ClkHWzM5
WJHOubKf91syeyqjlqdaxlHhVWH3gqpvFy42seXlmwPSRaKNuaHSwXizPmHinnSs
2uFaRdKevJ4MuhjIxXQlMRFzC74X8CIW5IJ4vK+zcslBFCpe1CuwDQoesY2Wblv+
E40YgtUDuDKO1keintjtxD1z5/8SUFLNQhUPx0v08P+p6C3AaVL5s2OtH7KJiDaP
SuT+V66FaKYLBmi0+ogIuStEJ8abtoRoWj9TWEMhrtnPv+5Qocr32cPgSQARAQAB
tB5BbnRvbiBMaXZhamEgPGFudG9uQGxpdmFqYS5tZT6JAlQEEwEKAD4WIQT0v1yB
7Hil3TQcke7cS30fUuC6TQUCYj8/AgIbAQUJA8JnAAULCQgHAgYVCgkICwIEFgID
AQIeAQIXgAAKCRDcS30fUuC6TRDOD/9DTjXjXvQJEBP0O0DCNEYSOxEeecZNslNo
5z9G7skCjzKU4Ytl7X1w/xE+LtpqrluDXzomLcoHPa5KN3kaiSwnzYXe4FWwv2Xd
1TmPyDzJJ8A/DGGOjYndVSpYKO2kKuxT/S2xg4KrfXr/oc8mIR0rqs3a/46GMqHR
sz4D5Gm62XfK/x+WIHbHi+CQsHAzwfBKUzReeqROLicJya/QKOaMDMtQpoMcTHPs
hLj1uKwl6ThGKM8cEzQvFxv1PknCOcqDdIMTrNHIsgY7VWs/bohGCZ7nf3lJ9aMY
17vZ0RrslJz+wCLUSxgEFqcJwsauHqEttTGAy+Uqi8Iunr9WP+unXsvmjNEWCkpr
OSP6wAb9KaLHc0dL22vRuOtAeLGE4vRrm+++uTuehz2tYHGKP3+AjHXeNTg5ejRe
34KPzl/LbxTDRyqx9n/XdLQLVvOxwo8ecm+bDsFqQ7of16C9/v7FJBGtcLVpQzVe
MD7d/6ABL73MtdGpJNC63fwPZnuNrEIrRKuOmpOq4YZsHmqqzgeuQAochd5PLt+N
Nti+FZ94/WiN5EKzjQO2HsmbXXJslY8lvsz5WHA5K68DMdb6ae0fBzRB4Jdg1+7y
F2LXE5k9rPDC0G0lyCEtZJWDhk4QbR5tEw/EQ0dH73843K2c4YoZjmw59DVMe8LO
rlrlm0qr7IkDSQQTAQoBMwIbAQULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAIZAVMU
gAAAAAAQADpwcm9vZkBhcmlhZG5lLmlkaHR0cHM6Ly90d2l0dGVyLmNvbS9hbnRv
bmxpdmFqYS9zdGF0dXMvMTc2MDczMzM2OTIzNzk1MDUyNzUUgAAAAAAQABxwcm9v
ZkBhcmlhZG5lLmlkZG5zOmFudG9ubGl2YWphLmNvbT90eXBlPVRYVDcUgAAAAAAQ
AB5wcm9vZkBhcmlhZG5lLmlkaHR0cHM6Ly9tYXN0b2Rvbi5vbmxpbmUvQGFudG9u
LxSAAAAAABAAFnByb29mQGFyaWFkbmUuaWRkbnM6bGl2YWphLm1lP3R5cGU9VFhU
FiEE9L9cgex4pd00HJHu3Et9H1Lguk0FAmYEi+AFCQeHs94ACgkQ3Et9H1Lguk3S
DBAAlvb+co0gPU0qJXOZld3UBY8stUK1VYeayWTHJ9977lnZzJ+gKUalbhsKvj5K
i7w6l2Xe+4VJzjpmc1I0pAR9anoKwscR/bdseXuXQJJ6x7E3Xn3ZZNyfk1M8jVns
KeTQ17quVy9m8qYJ3057sQ/oxXACYAD1D+mjhS5FrFU6XfBcEvaRYT26TEAwYadZ
I/KNFZfnEs0ZGDgiw14lrTCkMZuEyWNm0/2qVIC3FCSNTm51NRMmD3YbM4VgAc+l
nk9f9bRurGA2rUZJ/BNvGvalhD1rwxWg71XeXvnbk7+UqCkdtNfRtmVAvdpJ+EzW
VbRSX2CgJHff+E4yv5cCI1sB6GD9ODDTucPTY+uMuZOXM2k9k6lSt2wDp2FJ6bpo
IRoUl1D4pSNQEsGA1znL+CZLC9IEih+EXxfALzV2sy+laaTkMJCmXJQOke5egDhk
VK5E5Z9jyhK9YtFZFOReoo4eecgpxXMIQV/9aeQe/HCJwkYIWNbkRpTDeW6UGyuv
vwQuRG4qYVJL0hDSwLgUhq24eJyrHwSOhcW7f/iYlaGvUvfbELe2AJVYRH0q2iw7
dQ9PZAK89+vFcTc9wBlZGKgt/2pNeUWt6KuPGaRLJ/+eslrNBK8Qv9f8Ypgbf3vB
tIoZPeymyiqXFrkBPGiwf5dmFnrDX+r2au6zK9qxeG7Qyii0J0FudG9uIExpdmFq
YSAoV29yaykgPGFudG9uQGRpc3RydXN0LmNvPokCVAQTAQoAPgIbAQULCQgHAgYV
CgkICwIEFgIDAQIeAQIXgBYhBPS/XIHseKXdNByR7txLfR9S4LpNBQJmBIvgBQkH
h7PeAAoJENxLfR9S4LpNjdkP/197r74C9CbEunom3ZXF0Br21nclOIUuhfxriNgy
Tt4UQ3JdTaGaxN9cyWfXufjSNIWSgJsOCWWNBxO8THQForvbqsDZebJGeTdEsw1y
4P+RMh4feiZ6iBCyEaYS3XCCPds8YLQbsAP/EeGTjn0PU+wtd/QtG/iwcXh4K8A1
GRt2D0GigGN3SebwenMvMv2KiF7onH+3y7IhtgkkTEbOg0F52Qfk6p2gM0X0yqKA
ppU4XAmX6kTXi3GrUB0tsykv7MWvSc38fflI1T4XycoQzoQ94Uk7veDa7QM7BIJv
G73HpJU+e2AISrJSTcu/T1J9GyqyjAMv9Y2POF+Zu9PyJORdNBarOebSnkeZxftf
O/bvjMJxiffYbJ7AkYuaapf5YBEW+Z1plMGZ1KuatUQrswdxnGndfoMQKAF3nLa+
ECH63bbSX7/mlxeI7sjH4qu+dGr0uPn5ZRzSrXrGVcLuCzZdQCbkqTPKtjVTA6OA
ju6L2RL+KvV+zOdivayMEjSceS611X2gVU64agLHemHa82iba7o3PlGuaE3DhAOb
Klq+ued006fVfyqt+hExs3vLt3rgC/izGtSf7IJ1OvBAwTpCCW6kTAGMdRcts2+U
ba9VGBg80LcFWNjDosZnCKGWSqcLfJBTrWUYIpVlXzFP/eCrXhDrYrHoQG+lHAnl
cOnTuQINBGI/QhgBEADV21O5M7mpgNX65XNW1k/ZvyB4Ic7CbV1/DUQhG2BNxujY
61acndlQTP3qBB9h/lIsJpyi6ybYZyRZGK6wDx9CkEiVYwIqgAjMNl4IwaFZ2JB9
4bOkoxIUGH6bScnyvt9QmqvjEbwwHpBxd2qY1Kl+gb4daygjxSl+4YQ85O1ptvBC
AiyHs4MtnW+9G0hobv/WVPJWdmaFlw8tnqPGN+OVdvqn/OeyrQjaKU3Kr2Fy1iz3
Fvg1eO7sYqdBpUUJNusTNIojEK3FneAOVawDd1afF4eR70DD+oWbUCmHfPVopTr3
8pwDTanf6no2HVlRm4Z0NaultI8l3ebWl5PhTMdRYVsmINJZAJXkd+bWOpAlGvSl
ZicxiMmJKK3MFvnME+958W6s8e8/0Z+xafmWM7vCvQbZwrHkz1vasBxHxkkpGZb6
ViQx0sABLxig9bZFU0qKOT6ns7CQbEsxsrOO9+v2JzRqYtufj/yYZpAwMOeJAKD2
dLqeJTzq4liIzOpgU4bZaX+dP0ki6nM97e9xsXB1Fce2WaPedogI3V1xPiG7YEm8
dv5h9R/r0bd3sEQezDCat8L57czeEx5xAJhNgliWOFABQGqFh2KGYxrOkJ68jJXz
u81qhnti2VcwiuEFruOFfpF9e7EZssYEScIsCKhuTjnVgEzMDsZXkotaX2+bNQAR
AQABiQRyBBgBCgAmFiEE9L9cgex4pd00HJHu3Et9H1Lguk0FAmI/QhgCGwIFCQPC
ZwACQAkQ3Et9H1Lguk3BdCAEGQEKAB0WIQThBngeAHq5HJidszJEqGz/H98OhQUC
Yj9CGAAKCRBEqGz/H98OhTwrEACugSSyiATKtS7UW9ETMfL1yCOlB+oa64ALQkOH
O/+1zUBvs+Z6wlIMEiU4nWOV81yzaEcRPzJ8Nr2da8KxVhgHFDg5EZ3i8u1mLkhf
asdFlt+7c71Ezc7j0HOD2U0T6Gx5IZfvtUp2CtVrS6KEZa+omVEqXzq0mDC3mQED
WZKqOowsQeWwJazXw2MmeRtoo1xshgKdaHQwiunVDNGcBhwGU6/2ionVbzevROO1
eYFS+83ubiYIy41hooaynibO8G9j30fMyaMYM8jK7kVc+yyN3xoIV96BE7BlSRbk
ecQyWk2R3jrQov0ic5vA83qr8Ea7hZXsIy4sWG+J7KrK4kQ+kEh0rCxIvI5vq6rz
zKHIsGkTpQQrdGiV3pcXuJji6nYM94MES95eZEedvkeKEqW6YB8ZPxrGIAvt9JaV
0BX9AD1xCGYFdUe2psyPiHgnB5m6oicA65HnDppYAeUQmbxnrOXTg8Ucc73s2/Im
4G16aQ6DlPKJJd0DzoiLrhuafJTxDiDVZY3l2jWdvz/acBIUJZl3lPJeBUKe3rE/
6EjSz2cCAkN8vJbEx+sKX7F/lYL5kVUW2b6nmnYGj/P+aoy+pBgX2RY/sp4DHT2i
GmMkH+j1Wrlxm2bICGyPZoj8FOJsh7r4PR2ILwnE/Q4DgLAEZhBTorihqMDmExwX
x45IdgAPD/9oYRu5WLC6/FtFiXk3jpaqLngoTp01J8uLpSJE6CBN7q+57j+ElvVs
vOzWmmvVQX4ocGt//1mMdaqlxlrfb7Kk7lSVT2x5UXo+EBAzm7F/uvvLvUR4fnnd
Uuo0fm50p033z1th0vjal0ehKUwsTsUdH/phSqlTZ0PMdY2iteF+A5kiFgGXpZf3
PzG/24uKU4Fzg4Fw3XWc5CQ3ZqQwPIuvrlu/LAPXibHMbFGoz5YheHNP4UIp4bCo
2+yTp5giirxbCO89OvZ2pdqVefXI7JZKc1FP5e+Bz85JMVnlOcwVzHPQu2piog5l
rg58NYfApepGeFJDuA2n9EdGVzZJoS2RR08KRguEZWQ1o/VJzMswmzvOS6C5LQG8
VMAaeu98KkFlNmg1yhEqiXGqhKN7XiTY9MmD9J2SQqaOFywMeE+CTfjKFvGfpvx1
S0dW7Yp5MePJQLlsBRphjdIBQFOc546+GVf4+f4UOlwN2M3LWRKqGC3Jfyf8/ELn
F2gd9C8N4v6yQBkvTRCD1M8orIFKbMQaBDSXZo7wm/ftMfxDCvrjMvlF0vSfGpO2
0GVkEtysOpu34am9nmxUX1LTQAdpM6091FxZgN05Uy/QNwhkIQo6yCwMoijuVJ/c
fQBRGENoxOywgIYAy5tn/tbx5o81FvhxFee3coCFffyt0DzpIfai7IkEcgQYAQoA
JgIbAhYhBPS/XIHseKXdNByR7txLfR9S4LpNBQJmBIv9BQkHh7DlAkDBdCAEGQEK
AB0WIQThBngeAHq5HJidszJEqGz/H98OhQUCYj9CGAAKCRBEqGz/H98OhTwrEACu
gSSyiATKtS7UW9ETMfL1yCOlB+oa64ALQkOHO/+1zUBvs+Z6wlIMEiU4nWOV81yz
aEcRPzJ8Nr2da8KxVhgHFDg5EZ3i8u1mLkhfasdFlt+7c71Ezc7j0HOD2U0T6Gx5
IZfvtUp2CtVrS6KEZa+omVEqXzq0mDC3mQEDWZKqOowsQeWwJazXw2MmeRtoo1xs
hgKdaHQwiunVDNGcBhwGU6/2ionVbzevROO1eYFS+83ubiYIy41hooaynibO8G9j
30fMyaMYM8jK7kVc+yyN3xoIV96BE7BlSRbkecQyWk2R3jrQov0ic5vA83qr8Ea7
hZXsIy4sWG+J7KrK4kQ+kEh0rCxIvI5vq6rzzKHIsGkTpQQrdGiV3pcXuJji6nYM
94MES95eZEedvkeKEqW6YB8ZPxrGIAvt9JaV0BX9AD1xCGYFdUe2psyPiHgnB5m6
oicA65HnDppYAeUQmbxnrOXTg8Ucc73s2/Im4G16aQ6DlPKJJd0DzoiLrhuafJTx
DiDVZY3l2jWdvz/acBIUJZl3lPJeBUKe3rE/6EjSz2cCAkN8vJbEx+sKX7F/lYL5
kVUW2b6nmnYGj/P+aoy+pBgX2RY/sp4DHT2iGmMkH+j1Wrlxm2bICGyPZoj8FOJs
h7r4PR2ILwnE/Q4DgLAEZhBTorihqMDmExwXx45IdgkQ3Et9H1Lguk2yfg/9EKog
RzBm3UnPnCYzDAwY2nMT/GCuDfVqvDKeidl9QtdBJS8Imx7726z8+oWWr8tn+Jgx
EYR3Jy8W8MWSMQl4ouAoIWgB68RUsXGghWNZo8+YOqHBZmrnNdfb3zspID0lM8Kl
WLSzKUCuBCs+Zge3qN8YfJ5MUSok8WLGKsV4lPW8F50/dz9KYJKGeN0mjr2n0t8G
6dmdKgsuHOoQu13V/0S+Jv+JuDnFAOvimpqcJVXw7zEhSoexjYGj4dSBY/qXAbjN
lZZsp0fC3wh9gs+vMde4Hy7t7MDtd0p9xvqNqX17YWrEmRFCnmVz8mCvKcO3YDkK
vtttwH3zLsOdJRoS+PE+AY2oVoItzOjIgaYfSKlzU2r0jf45z6VaYbQowOYA1Kye
bi+0kMuGufhG22OroHQMNUdHu6buU4f5QWCjWFnbvVqkELTlxaxhd3JBuZQGBED/
FhRWRBdpZlUKe2hhzJGLnosPDE1M2ZGzdJUDfEITfXmH97imthc6b+FYiIaIczj5
zm12XEKe/LN94ZLr+tVov6tqcsSujZkuCS2NwT66KfBZy7EeqCjXqBb/QFE/HU4S
76D47BcnQs/1L9GV+hJ8WrmAaWdh31DL+ykdVo4E691/BXrP6SPNkGHPF0yqypeS
6QL+1LF8SfJ7g5iGzVCXxHB6c9UgFB4idvVgdhW5Ag0EYj9CgAEQAKLQcs6O7g7o
VRocDoBi0ijc7fY4KhzwPIegzQPT5k4qrzECBkOVZM6j4U20hj8LBwiFL+z85iWS
rNpZiNeTaE2XAuudHQWxYGrrknw1+SSGkTljR8Kro+Fk48hUdFkQC8AcxtY+QF9T
wTLDtcGXsRDwo/Vl76Zs6LC8fRnsFxHKtGB25tHNJf7EVuwLRuQptNkBfYfCFKIl
fLlZZCpMbvB9hUvOCnRuq2iKzg/CQnzgGZTg/cevQEdlS7oRuBKOyKXFsD004rZT
pxF0HYF5qhCALhtNyNWENS1AuZlu/mDxkeX+ozIATxd39cA5ATWv1M204xtB6xii
e/Y7cdWCwH3dyS46eu0u87fKJ3Q3VpXw4lTOc+7KRuMlRaT0l9c7Vm8EJCdFqfAd
x0zf3ANXeJt8tXQ0sH6B9ezVoiEv+rW1sFS6SQLwxmRjT+UP6QGaE+84BxYHs0NR
zS+oRYOrbBUtMH6UHAB5JArA3Udp7HUJQDoedTS5D6sOEdYI5G3/Wk7tbwBhL2wt
FF0kzJ1bzGqPFQNefYmahFzmqwhDnv0MPQARzun9ZdfvGBccsQHhAThjA+jmvCeu
2/XF/CXJNUklpxxRrtg9+VtMYEqVYaiT3Pl17a61XuBNdWaN6dv2r4EIvWNz4dLD
/hKwpdeKRe8i3JsDCK+aII+XOSeSIwhzABEBAAGJAjwEGAEKACYWIQT0v1yB7Hil
3TQcke7cS30fUuC6TQUCYj9CgAIbDAUJA8JnAAAKCRDcS30fUuC6TUxKEACW6cm+
T+DRnWtP4W7pNpwSZ2IcbX1rSsTwTJ+NFXIOg16u0VtuRyZZsLEtNI2HeMD9X/lz
dgXT2MQpdKdogRi8Goonsn4ed8PU66bKg4iZr4S8zLKnAKioyQLNKCDl2e3FnYmM
7EDKUzXiF/2TPLB+/vbcQccWzlHe9A2G0YuerBhGaabbQeTw3rtLQ/r1mcaljsTx
76iatVcY4BJu3h4DPfzgtbyxcZUYCYPityhi9LysuQaiNtBDxs1fW8MTPNVV5lFA
cEo6ox6JDFH7DWDSe+7QcS8aoyQ3L4hqTnDVlQKmgCnnSSlm+iaifZtm14TntRP/
2KPTzhStWlLwE7Un4UNbsayYCJseSM9olPppTsZfCNnO9CNvP+3nITlFWPUHEd0v
0meEIkHOEDRsKoF8R/+B1KK0lLGtXRHE7KqZACNWgxw/1g+Qesq0FbuVQ1JbjdpA
tsCtUeVS/mp4IAljeV8ic+bB8XGQ1lUuKX+RsctXO5vmkh0wEVLAs7y4qTOXFe1q
QzYjh1AO1T15oyKhVgDTR9MeI3vJF1XFi5GrBSJvoGAfKdkOyvMt0/BagtEMIDm2
SgPRJzHp7ziBDuejklrWenPw2Gde7QjZbyvTFyC4gSJLcZaI7nvwoTiO8EevcAel
0N1MSsacKnn6ZxRZOsgcjFfgw/jh7mS9qaPdTokCPAQYAQoAJgIbDBYhBPS/XIHs
eKXdNByR7txLfR9S4LpNBQJmBIv+BQkHh7B9AAoJENxLfR9S4LpNS+4QAJrg+KoY
Yrug4rcpyrFwumZbnD92EpndQlPnbPpjsrahkheF55CJNzBgPhj8PF4xO5qXxjhe
qdwLl1Z+ceoN1lRWlxvHwebYgjabOH57V2RHSaWU9TsWw7HDhxUS1S1THQyNmRSD
e9MAS03MYiQS+J5jtQ831yTaA2Z3ru0S8kSWClS6KaiZzwNOWI7kkiP4IXX+vpe/
LfORcac9vvOkU/FNs3wbTzrM0iSsWd3bBQ3CiYHn8hIXgKypTslklqzJ0HEFukI0
YxjZpGTRbQpjez7ONDP79DmjEFkqDPqvJPAprVlLeOI6mfOH5v0sZAsBhlNhsU9z
My+jbno+aXDrH3ZjzfgO4vHWTuPr/gTcb966keiBZUwzW9o2dW4u5eHQFvLwEbFX
OhoQJk2Fzg9p4cNAEV6v7rSbPPqYcLLxykvh9od1st+Ph5cCs64N8rH1xgLxSXD+
o9NjWIPhBq7HHO2UoJjQOz0A7oRsruP3F2Cih5ynO6prYs7w2/5lsc4G8Hwdcp70
8Yh3OCR4RmDLMPAQMEHH/MN09dJimKs0qthoyWUWii6uOkc835kFR14uMeY33sCS
oIBZ7SOSpX3B7Wg7T3uuKGpSLUY7CakkFliS3RN9HHgoormeDyYx+mJOhRfsamNR
TqIZTulLFdusm8O3fbr6pzO+KjIIfkxWmSOIuQINBGI/QqwBEADVM+ZEQiaigHLI
jJQmbZLDZjFM6z6xBNhDdCFP0pwduxMBUo33w5+45fc0FdyFeu6IkEX1OlSYFIsB
YZBqmGyw45FifFFNFI69eH3QYAwS3qJndoTpJzbyRQhbpk8HzcjhXOHmHR2rZY0M
sSIIvLd82LyGgEhyxhgv1jcLo/vHs7r81OZqHQH2yWEf52mUUeylsWLQRlxqlpJ5
qwQd3I8uCKNYwm9RZotVrE4wcNHkXZ2LB5kfEikEwoYcheA41vMcKQm5Wg6tGVyV
SR+pEdIGK7l6FM6doyAb5901gLJFLHJR91IQwYGwRHwkdAocNzb0G7ckjrMHDgGE
AVYSbibrwQbkn7ZERjy5xJJqzhdatO/+xSJWMJZUXPdXLQ4TdLt9crHTMOxqDZJb
AwliVy/4cbRrjsMax41P1y2CqeK1dXn/JNbIT2hXW7S2U+4U2Xay6eo1dlRe7Tg5
+4WUodxjjvb3lk5TEY+CywBNfZ0UqVlRwpUmwtK69i0A8M2ZLnhIWqnjanXAEQfU
BO4k/ZZh+DbX9FWMZhaaQC5k44jI37ak/GX1CFZjqZvobsfJSONmaWjRsSJXZesB
hh+NX9nAyH/rUpiXH0plgu5/6fM4eqLNKFeeyZWz2n3+xdcvy/1TN/KEGtdzOGKj
VZtfcqE1T+mMn0PUlRrxifrACXa6HwARAQABiQI8BBgBCgAmFiEE9L9cgex4pd00
HJHu3Et9H1Lguk0FAmI/QqwCGyAFCQPCZwAACgkQ3Et9H1Lguk3mMBAAk/vaSdm3
LrZtx5qXr1+atQsNm0+s1KXdCFfcFzMh47dgaSUb7F/UraWxXgVTKYjhXAlgnO8O
6yXqD0YP95bYJWB8VK8QxLpdsurItLfu1mJS42ZbaBIQ7pL1V0MXWJu0fv3KPGYT
5SVrelEb86YjdNoT1lrq//T8qBBkXZx67ELvmVd2RU6DUX0YSN7yboQ+yM4cn/Y2
5R+uOkn03YaBWMlKihZY8A84yD1eh5ok5RDd3F74veWDZBSDpCrzfOp/vNMRlRZR
i7DxTXIAgw0JT8PvYqOrP4nEi3jY4fzX65RIzE7/2GVwoJBY054r34hQuS3PA2/e
xe5wDHOaZz7FmlS7S0TVIHB9rt7d8twcGCSK/40PCgN7gLp259hHKMJLISe5jEI9
5Mk1YFqxQPGFUD4m5fTfRzgjtr6p9pXu8dRsbFeO31oldO+2SgbDHhGXyMnNJZgZ
iAp1VXr7VLcmC1ZiOYgYSzSSGaduevoKZ4S+CcTfwx1IpgH2Pe0DTxX5Jhu5uyfk
0ARXWYLMUBKHYF5ri44PTgCuDBYoUs9W1LpdP3sUvVgBEcuon50yppPuE9H/xb6o
MAt6BWGt8BICA76V3hUAQiC1J9HzTCYocvHv46Zee3o7bTMhBlpYEXNEMb3D5k2m
9i6XdwqrFoonLx0o+OKU74EpXmY+pBcVW0WJAjwEGAEKACYCGyAWIQT0v1yB7Hil
3TQcke7cS30fUuC6TQUCZgSL/gUJB4ewUQAKCRDcS30fUuC6TRSnD/9XtR1l/VSQ
BsJqqIF1+2JjOTUGJseb3CrH9JtAfMyHk0bQIIkmsE/cEbD+JBE1GS6IgyoNo054
U/TSIg24UIWtDDBAW6ujh5E/lcK9xSN/uCRdmRUoDPen2z6FEh0M0SjO2LsWpnrU
5UAPy06zBNbTXT7a21lhPK0ZT+VFZOtUij0CXARkIzCBOITsjhs6LwMcJ4t2Od+D
OqSmu7mTD8g1tsmGArFV79GDDc2L86Tq2vsXkZZ1OeHPOBfiZH5xlmYhjcDX2Z8c
rpA3n819IWQX1WA8zMi7lRRtbT3ELXNStYL4lO1d0Qd2ZZKFgVTbh6+Vx7kOc7Tg
hu9O4QVmlWeruDMYJpOayTZ1PNAOgCu2nfMA2UVhDXRcgAFYxmAF4droIsIpt1Fl
tuGMJbly1SS/LVAY6wAQQeg4mzJbDP4I6ySMM5MBC9yytzastQwptWarznFuK6/h
5jIMmp/fU3zeae7wXcAqpj3fN04LZwA32I2diMegg9BZFc94uSldQLgp+haceo2K
51t44jjYXEQQM1vAplRH6evoRYB/dCa7fbUVNBrLGLcLVxbT4zll1soN0ZEedNwn
Yf2Kt+zYlCosB0/O+u8Ym+4Otjv/3+tK6LZDMjJO5LaKO8oAqKIhyddVZB7W/Avw
fbv5KWxmjZSWuLgbNQWxS4RKyNwed3VV4w==
=azKT
-----END PGP PUBLIC KEY BLOCK-----

BIN
assets/videos/globe.mp4 Normal file
View File

Binary file not shown.

BIN
assets/videos/globe.webm Normal file
View File

Binary file not shown.

BIN
assets/videos/landing-globe.mp4 Normal file
View File

Binary file not shown.

BIN
assets/videos/landing-globe.webm Normal file
View File

Binary file not shown.

BIN
assets/videos/swirly-lines.mp4 Normal file
View File

Binary file not shown.

BIN
assets/videos/swirly-lines.webm Normal file
View File

Binary file not shown.

BIN
assets/videos/turq-blocks.mp4 Normal file
View File

Binary file not shown.

BIN
assets/videos/turq-blocks.webm Normal file
View File

Binary file not shown.

19
blog.md Normal file
View File

@ -0,0 +1,19 @@
---
layout: page
title: Blog
permalink: /blog.html
---
<div class="posts">
{% for post in site.posts %}
<a href="{{ post.url | relative_url }}" title="{{ post.title }}">
<article class="post">
<h4>{{ post.title }}</h4>
<p>{{ post.excerpt | strip_html | truncatewords: 35 }}</p>
<p>{{ post.date | date: "%Y %b %e " }}</p>
</article>
</a>
{% endfor %}
</div>

7
company.md Normal file
View File

@ -0,0 +1,7 @@
---
title: Company
tagline: Distrust | Company
layout: company
permalink: /company.html
thumbnail: /assets/base/company-thumbnail.png
---

16
contact.md
View File

@ -1,19 +1,7 @@
---
title: Contact
layout: home
tagline: Distrust | Contact
layout: contact
permalink: /contact.html
---
Send an email to `sales@distrust.co` to schedule a free introductory consultation.
## Emails
- [sales@distrust.co](mailto:sales@distrust.co)
- [team@distrust.co](mailto:team@distrust.co)
## Team
- Lance Vick \<[lance@distrust.co](mailto:lance@distrust.co)\> [6B61 ECD7 6088 748C 7059 0D55 E90A 4013 36C8 AAA9](https://keys.openpgp.org/vks/v1/by-fingerprint/6B61ECD76088748C70590D55E90A401336C8AAA9)
- Ryan Heywood \<[ryan@distrust.co](mailto:ryan@distrust.co)\> [8882 3A75 ECAA 786B 0FF3 8B14 8E40 1478 A3FB EF72](https://keys.openpgp.org/vks/v1/by-fingerprint/88823A75ECAA786B0FF38B148E401478A3FBEF72)
- Anton Livaja \<[anton@distrust.co](mailto:anton@distrust.co)\> [F4BF 5C81 EC78 A5DD 341C 91EE DC4B 7D1F 52E0 BA4D](https://keys.openpgp.org/vks/v1/by-fingerprint/F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D)
- Shane Engelman \<[shane@distrust.co](mailto:shane@distrust.co)\> [3D7C 8D39 E8C4 DF77 1583 D3F0 A8A0 91FD 3460 01CA](https://keys.openpgp.org/vks/v1/by-fingerprint/3D7C8D39E8C4DF771583D3F0A8A091FD346001CA)

2
index.md
View File

@ -1,5 +1,7 @@
---
title: Home
tagline: Distrust | Home
layout: landing
permalink: /index.html
thumbnail: /assets/base/landing-thumbnail.png
---

8
roadmap.md Normal file
View File

@ -0,0 +1,8 @@
---
title: Roadmap
tagline: Distrust | Roadmap
summary: Open source tools for verifiable security
layout: roadmap
permalink: /roadmap.html
thumbnail: /assets/base/roadmap-thumbnail.png
---

7
services.md
View File

@ -1,5 +1,8 @@
---
title: Services
layout: services
tagline: Distrust | Services
layout: services
summary: Hire Distrust to solve your hardest security challenges
permalink: /services.html
---
thumbnail: /assets/base/services-thumbnail.png
---

5
tools.md
View File

@ -1,5 +0,0 @@
---
title: Tools
layout: tools
permalink: /tools.html
---