What an ignorant I was.
March last year (2019), I wrote an email to Lee Holloway asking him how he could bootstrap such a great company. Now I know why I haven’t received the answer.
EDIT: I found an email:
Dear Lee Holloway,
Excuse my curiosity, as an Engineer I am not writing this kind of emails a lot, but I have read the blog series by John Graham-Cumming about the company, and it would really help me if you can answer my question about the constant flow of engineering innovations from your company.
I am a security engineer from Europe and would like to know how is it possible, that security team will start producing such a stream of innovative things like Keyless SSL, CFSSL, SIDH implementation, Red October key management server and many more your company already published?
When the "lift and shift" from the open source or vendor stops and internal building start to happen within an organization? Is it a cultural thing where only a small startup can succeed and scale later? Is it about the budget or is it a cultural shift that is non forcible upon them?
Is a prerequisite to the innovation, that almost everything is developed in house? That came to me as a contra productive strategy. I have read Skunk Works and other books, but I am still impressed how that happens regarding to the modern leading IT/infra companies.
I just want to say that ORCA author, Devine Lu Linvega[1], is such a talented and creative person. He build complete ecosystem with it's own language, drag & drop theme support[2] and human readable DB format[3].
He and his girlfriend (cartoonist) Rekka Bell are sailing the ocean and working from their sailboat Pino[4].
Worth to mention that Brazil charged Intercept co-founder Glenn Greenwald with cybercrime charges similar to Assange.
The guy who first met Snowden in HK with Laura Poitras.
Even if it looks like they have "postponed" prosecution for now.
This is really interesting project. I have closed the webpage at first, because I thought it is closed source, but then found your repository on a github.
I do not want to make some promo for other projects, but how you achieve trust with the signed list of fingerprints, is something similar I have read earlier there: https://tech.firstlook.media/keylist-rfc-explainer
Shameless plug: For anybody interested in the cryptographic key management part there is a post about the hardware, people and processes behind the commercial cryptographic key management
https://www.malgregator.com/key-management.html
EDIT: I found an email:
Dear Lee Holloway,
Excuse my curiosity, as an Engineer I am not writing this kind of emails a lot, but I have read the blog series by John Graham-Cumming about the company, and it would really help me if you can answer my question about the constant flow of engineering innovations from your company.
I am a security engineer from Europe and would like to know how is it possible, that security team will start producing such a stream of innovative things like Keyless SSL, CFSSL, SIDH implementation, Red October key management server and many more your company already published?
When the "lift and shift" from the open source or vendor stops and internal building start to happen within an organization? Is it a cultural thing where only a small startup can succeed and scale later? Is it about the budget or is it a cultural shift that is non forcible upon them? Is a prerequisite to the innovation, that almost everything is developed in house? That came to me as a contra productive strategy. I have read Skunk Works and other books, but I am still impressed how that happens regarding to the modern leading IT/infra companies.
Thank you for your time,
...