Stephanie So's Avatar

Stephanie So

@complicatedisok.bsky.social

CEO of Geeq, a tech start-up in blockchain (not crypto). Ask me anything because I think blockchain, crypto, and tech need a complete do-over - and the only people who can make that happen are the ones who aren't already on the inside.

185 Followers  |  369 Following  |  101 Posts  |  Joined: 16.11.2024  |  2.0273

Latest posts by complicatedisok.bsky.social on Bluesky

Please ask me to explain:

2-factor authentication fails to protect consumers.

It asks you to give your credentials without knowing who is on the other side.

That's what happens in help desk scams.

We must have *mutual* authentication in order to be truly secure.

You deserve it. We all do.

01.10.2025 19:42 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I remember that use case! Smart choice, discerning customers.

So nice to meet you!

19.09.2025 22:16 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Hi!

Yes! NFC technology! Much better than QR codes. Was that your invention? That's excellent.

Supply chain is a natural for blockchains, I agree. We're applying that concept to the information supply chain. We have mints without smart contracts (more secure) and global state awareness. πŸ₯‚

19.09.2025 21:16 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I'm glad to boost your public service announcements.

There's always something, please keep them coming!

Happy Friday.

19.09.2025 21:03 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0
Preview
✈️ Your Luggage Tag Could Be a Security Risk: Here's What Travelers Need to Know That crumpled paper tag on your suitcase? It might be a golden ticket for scammers.

✈️ That crumpled luggage tag on your suitcase? It could be a scammer’s golden ticket. Learn how baggage tag fraud works and the simple steps to protect yourself when you fly.

πŸ‘‰ Read more: open.substack.com/pub/cyberlif...

#TravelSafety #Cybersecurity #AirTravel #FraudPrevention #Privacy

19.09.2025 19:44 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

I retweeted this article, thank you!

I have a fix for this. Now I need to figure out how to sell it to an airline!

19.09.2025 20:43 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0

Very happy to answer!!

08.09.2025 13:50 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Awful.

Yet each phase sounds like the same problem. A spoof.

That's why I'd like our local public key infrastructure to be adopted.

Check the blockchain ledger for the public key of whoever is requesting contact with you. If it's not there, don't reply.

Lookup and challenge can be automated

01.09.2025 13:39 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Cool, yet another attack surface.

I'm working on a secure communications layer where the sender of the message must use a public key.

The recipient is able to identify the sender's signature and need only pay attention to those secret messages.

Do that first, then enjoy steganography.

01.09.2025 13:35 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Right!

I'm with Hank.

#cybersecurity

28.07.2025 18:06 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Glad to meet you, @1obit.bsky.social. Thank you for saying you're on the same wavelength. I hope others are too - it's hard to know when people stay quiet ... But I believe.

26.07.2025 13:16 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
The zero-day that could've compromised every Cursor and Windsurf user Learn how one overlooked flaw in OpenVSX discovered by Koi Secureity could've let attackers hijack millions of dev machines via an extension supply chain attack. The zero-day threat's been patchedβ€”but...

A pretty extreme example of a supply chain attack. I think at some point, these types of attacks will cause massive damage. #cybersecurity www.bleepingcomputer.com/news/securit...

12.07.2025 01:46 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

Should be required reading. Thanks for sharing it.

12.07.2025 03:25 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

This is what we do. We're on a mission. geeq.io

08.07.2025 17:03 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Thank you very much, @at1c.bsky.social.

That's very helpful and encouraging. I will take your advice. πŸ™

08.07.2025 17:02 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Sara Bareilles: 2025 UCLA Commencement Speech
YouTube video by UCLA Sara Bareilles: 2025 UCLA Commencement Speech

I adore her.

youtu.be/oHwb1MavsxE?...

28.06.2025 17:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Thanks for the warning.

14.06.2025 13:45 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Who is able to copy and preserve these kinds of records elsewhere?

I assume there's the actual data that was released, which is public fair use, but what about the other files and records derived from those?

Were releases signed that would allow reproduction elsewhere?

Or is that a pipedream?

07.06.2025 14:37 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Sometimes it goes the other way

07.06.2025 14:12 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

It's a coordination issue.

I think we could re coordinate if there's a Blockchain equivalent where you could leave a forwarding address.

I could provide the back end at least as a pilot.

Would anyone write the app to get to an API and start the publicity?

05.06.2025 17:49 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

intend to get into a debate about necessary or sufficient.

Of course that's all true. Nothing is guaranteed and I'd also like some luck:

"It's better to be lucky and stupid than unlucky and smart."

Overall, though, we've collected nearly all the pieces.
Nearly.

31.05.2025 22:23 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

needed to find that last, simple, relatable pain that we can solve that people might understand.

I started out with an appreciation of what you said: that despite doing everything wrong, startups have a chance when they have something so excellent, they can focus on getting that right.

I didn't

31.05.2025 22:21 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Yes, except we have a business model because we know what infrastructure-as-a-service looks like.

We have a go-to-market but admittedly it hasn't been thoroughly tested. I've been patient, though, because I know we do cryptographic security so well, it's disruptive exactly as in ID, and I needed

31.05.2025 22:17 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Um, no thanks.

I don't like betting on anything that can make me high. ;)

31.05.2025 22:12 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

A more charitable explanation might be there's no data. 😬

31.05.2025 21:49 β€” πŸ‘ 13    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0

Thanks.

If you don't think 2-FA is a pain point, we obviously don't share the same world view!

What's going to happen when we need to authenticate AI agents - and differentiate them from one another?

Fingerprints? Or cryptographic keys?

Just a thought.

31.05.2025 21:38 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

This is true.

31.05.2025 21:36 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

I am 100% ready for people to batter down my door now and give me money.

Please spread the word to anyone who invests in cybersecurity, Web3, and infrastructure-as-a-service, if you would.

I'm an economist, I understand gains from trade. This will be a very healthy one.

31.05.2025 21:12 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Because I hadn't asked them for it yet.

I've been listening and testing.

We have testnets out and it's taken me time to figure out first product and wedge.

First product is an easy to use, maximally secure replacement for 2-factor authentication that reduces friction for everyone who hates 2FA.

31.05.2025 21:07 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0

I was about to say .

31.05.2025 21:00 β€” πŸ‘ 4    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

@complicatedisok is following 20 prominent accounts