last updated: 9/18
I somewhat frequently talk with friends on startup ideas. Some dumb and silly, some pertinent to what we need. Ideas are a dime-a-dozen. It’s all in the execution.
Here is a (living?) collection of these dumb conversations. Will definitely be pretty off-the-cuff.
Shamir’s Secret Sharing Password Manager
First, password managers are good. Use one. Honestly even just an encrypted text file on your system will solve 90% of people’s threat models.
Still, I’m paranoid. One problem with password managers is that they largely have a single point of failure– you. Sometimes its just a master password, sometimes its your device, sometimes it’s both, sometimes its your mother’s maiden name and street you grew up on.
LastPass does the first, Chrome and Apple do the second, and the last… I hope not, but it’s gotta be out there.
The issue is this one bit of information can be obtained by an adversary and you’re hosed. In a server environment, they could just be a bad company, or have a vengeful employee because you didn’t like the lemon bars he made at the last potluck.
Locally, e.g. malware, they can guess your password, or just make a call to CryptUnprotectData. While you can certainly just use bcrypt to mitigate brute forcing, it’s not too helpful for credential stuffing– plus, honestly, so many people still use “password” as a password.
Rephrased another way, there needs to be a better way to distinguish “real” user behavior from “malicious” behavior. Many ways I’ve seen have been things like geolocation, time of normal use, key rotation, making better lemon bars that don’t piss people off, etc.
The issue is, these solutions are annoying. It’s annoying updating my settings, or getting new keys, or calling customer service because I pinky promise I’m in Chicago and calling from “my number”. Further, with multi-factor auth, if you lose one method, you’re again hosed. They very much imperfect approximations, and very inconvenient to change.
Perhaps the best approximation is hardware keys e.g. YubiKey or Titan USB Key, but these are inconvenient if lost, are limited to just 2FA, and honestly are kinda expensive because I’m a cheapskate.
Enter Shamir’s Secret Sharing. The TL;DR is that, given a secret
S, it can be divided into
s_1, s_2...s_k chunks such that only
n chunks (for n<k) are needed to reconstruct
These n shares are split among several devices, like MFA. If you attempt to authenticate on any single device, it prompts all the other devices for their “share”, and these prompted devices may do some extra challenge or zero-knowledge proof to determine if its a genuine request.
Unlike MFA, you don’t need all of them. Complex features like geolocation and time-of-day or biometrics are unnecessary, and so the problem is reduced to needing physical devices. But simultaneously, all the annoyances of current physical keys are also unnecessary, as it’s essentially as easy as updating an ssh key (OK hush, sometimes this can be hard. It all depends.)
I’m aware several kinks have to be worked out. But these kinks just reduce to basically a PKI problem. But as a user of password managers, these are the problems that I have, and how I believe they can be addressed.
Granted, as with nearly all things, implementation is largely more of an issue than protocol. I am also unsure how much of a market there would be for this. Something like this addresses some MFA problems, but getting people to use MFA in the first place is incredibly difficult already. Heck, even getting people to not use “password” as a password is incredibly difficult.
It also seems the idea is easier for LastPass to just subsume, rather than an area for a startup to disrupt. Depends on a lot of things.
Wet cat food dispenser
Dry cat food dispensers work well because it is shelf stable and easily bulked. Further, if you are on vacation, just fill it up for a week and your cat will be fine.
Wet cat food dispensers are not a thing. Wet food spoils easily, and also cannot just be “thrown” in a box. You don’t get 20 pound bags of wet food.
To address the first problem, just make your food dispenser refrigerated, i.e a glorified mini-fridge. To address the second problem, you can just stack 20 tuna cans in this mini-fridge and have a can opener inside, with a mechanism that pushes each stack of cans to be automatically opened. put some
Friend’s idea, that I thought was hilarious, but then I remembered juicero and laughed even harder.
Non-invasive biometric monitoring
Pulse oximeters/SpO2 monitors have gained huge notoriety over the pandemic as a metric for when you really need a ventilator for Covid, i.e. if you get it, you can bear through it in bed, but if your SpO2 dips below e.g. 85%, call 911.
To me, the way these work is super cool.
These black lines are Fraunhofer lines, created because every element has a certain quantum of activiation energy to force it to accept/emit an electron. These lines are present because some molecule has absorbed a photon, and we can detect the difference.
Your blood has oxygen, and your cells absorb this oxygen. If there’s not enough oxygen, we can just shine a light through your finger, see how much is absorbed, and detect this difference.
This is similar to how MRIs work, by the way, at least in regards to the stimulus. Deoxygenated blood and oxygenated blood have some tiny, normally imperceptible magnetic difference, and it can be detected with a sufficiently strong magnet.
I believe the space is ridiculously ripe for methods to pull more metrics from the body, and the pandemic has drawn extra attention to these biomechanics. It just needs some creative applications of physics by those who know more biology than myself. Below are some ideas I’ve found fascinating. Apologies ahead of time for my ignorance; I’m just a coder.
Many attempts at this tech have failed (I think one failed due to arsenic leakage in the eye– which is a little suboptimal!), but I’m not entirely convinced the idea is infeasible.
The capillaries in the eyes are incredibly fragile, to the point that early diabetes may be detected. Further, the eyes require an insane amount of oxygen and glucose, second only to the brain, although the two are very tightly coupled anyways (e.g. glucose consumption is reduced while it’s dark). Furthermore, the standing reserves are usually rather small– there’s not much real estate in the eye for extra “fat” cells to hold glucose– so flow of glucose is quite rapid. All told, this initially sounds like a reliable candidate for investment.
Many failures I’ve read about often cite the reliability as a “smoking gun” for why eye monitoring will never work. Doesn’t every detection mechanism for glucose have reliability issues? Is there something particular to the eye that makes it especially difficult, more so than the general problem space? The many eye startups I’ve seen fail have failed not due to the implausability of the idea, but the issue of tooling.
SO. I’m bullish.
Pre-Silicon Hardware Security Tooling
Though I say pre-silicon, similar issues exist for post-silicon and/or companies with hardware products. I speak mostly on chip development, rather than development on chips.
Hardware is hard. Feedback loops in hardware can take weeks. Patching is not really an option, as bugs are permanent. Thus, verifying and testing these designs are often held to a radically higher standard than software architectures.
The growth in computing would not be possible without decades and hundreds of billions of dollars invested into a hardware verification ecosystem. Synopsys and Cadence, two of the giants in the EDA industry, are each worth almost 50 billion as of today. And, having used their products, it’s well deserved.
This ecosystem is non-existant for security.
I touch on this a little here, and while there is some efforts both academically and in industry, many I’ve seen require a non-trivial amount of effort to use and incorporate into methodologies. Additionally, many tools like Safeside can and do help with hardware security aspects, it doesn’t address the need for pre-silicon security tooling.
That would be like asking “Why don’t you test your cache coherence with software?” While you can, and sometimes do, it is more supplementary and doesn’t address the core need for scalable verification tooling. The closer a tool’s integration with the design flow, the tighter the feedback loops, and the more productive you can be in bug hunting.
What currently exists is promising, but it needs more maturation. Much like how it took decades of developing today’s verification ecosystem, I believe it will require the same amount of effort in security applications.
Again, as I touch on here, software has/is still undergoing this maturation–
I say kinda because, well, for all the 2000s work in standardization and OWASP classification, the number of CVEs never slowed. It was only thanks to some ridiculously impressive tools to enable verification of these standards that the industry of “software security” really came to fruition.
The sheer amount of software security companies that exist prove to me that security is a lucritive field– Cloudflare, Fastly, Fireye, Crowdstrike. Security is hard, and any way to make it less hard is something people will pay hand over fist for.
Hardware is also hard. So combine hardware and security? Damn.
It’s hard for me to describe concretly what I believe are some solutions without a longer post, but ultimately many solutions just need someone to Just Do it ™℠®. One example is what I briefly went over in the post above, which to detect a simple bug like that, is just a parser problem.
This is one framework I’ve been exploring lately. I believe that LLVM was a boon to the software security industry, and this is an effort to provide the same in the hardware industry.
In any case– I think this is unsexy, but I see potential.
Climbing Tree Gym
How many people used to climb trees as a kid?
Bouldering and rock-climbing are ridiculously popular in the Bay Area– not so much during COVID times, but I used to have a membership. Rock climbing was also just added to the Olympics in 2020, proving it’s a growing trend not just around me.
What if you could climb a tree instead?
Trees can be forced to grow branches in various directions to create varying difficulties. They may also be shipped from other locations if a certain type is really necessary. Different trees have different smells as well, providing a more natural aesthetic than the typical chalky-gym smell you might get elsewhere.
Climbing routes also, to some extent, can’t change much. The rock positions may change, and the socket positions to a certain extent, but funamentally the routes only rotate between 3-4 selections. After a year, it can get boring as you do it all. With trees, a limb may grow a centimeter extra out of your reach. Climbing routes are planned, tree growth is not (or at least, as the option to be unplanned).
Perhaps the location can be not just a climbing gym, but a birthday location as well if treehouses are built in some of the trees. Treetop routes can be built for more adventurous people to jump from treetop to treeptop. If there are enough trees, even 3D tag or dynamic tree-chasing can happen, making for even more fun birthday parties or perhaps even combat practice for militaries.
Climbing gyms, however, are quite safe. Incredibly soft landings, multiple failsafes to catch. The biggest risk really is falling onto other people. Comapared to treetops, one misstep in balance and you can fall 15 feet on your back on a thick trunk. It’d be harder to attach a harness to people– after all, part of the appeal of running around in trees is the lack of a harness.
I’m not totally sure how one would solve a safety problem, at least completely. You could simply make people sign a waiver and call it a day– let the free market decide if people are fine with an increased risk of serious injury relative to other climbing establishments– but I haven’t thought about this fully yet. I honestly just want to climb some trees and would myself pay a lot of money for it.