[Ms-J]

Someone doesn't need to work for Palantir or the military to understand that cellular security is fundamentally broken and completely insecure.

That is a lot of highly polished for the camera media you dropped into that post. The way that you word things, such as "Cape is not a honeypot." but don't delve any deeper, to start, gives someone less than zero confidence or trust in your words.

I have seen enough in the industry to say that your words are meaningless.

[alek-cape]

John's account was throttled since it's new. Posting this on his behalf. ----

You're right that you don't need to do those things, but I would argue that my background made me uniquely situated to understand and care about these problems deeply enough to spend years of my life building a company in response.

I say "Cape is not a honeypot" a lot just so I don't appear to be mincing words. If you want to delve deeper on how we treat customer data, a couple of good resources are our privacy policy: https://www.cape.co/privacy-summary

And our trust page: https://trust.cape.co/

You can also check out our blog for a bunch of posts on specific features we've built, etc.

[dang]

Yikes, sorry guys (I'm a mod here). I've marked his account (and yours!) legit so this won't happen again.

It's my least favorite thing about HN that high-quality new accounts, such as founders jumping into threads about their work, sometimes get throttled by the software. Gah.

[alek-cape]

Appreciate it, and totally understand the need for it.

Glad to see we won't run into it again, and that our workaround wasn't a problem.

[johndoylecape]

Thanks! No worries. I'm trying to respond to a few more comments, but seems like the thread is winding down.

[close04]

> but I would argue that my background made me uniquely situated to understand and care about these problems deeply enough to spend years of my life building a company in response.

Maybe but this line of argumentation also opens the door to more criticism. Anyone looking at Palantir from the outside only knows their reputation and involvement in unsavory projects before taking a job. You chose to take the job with that knowledge covering most of your field of view. You stayed to work for that company contributing to that kind of work. That's a signal that's brighter than the valuable experience you gathered there. Tech can be learned but the values needed to support or even tolerate Palantir's activities don't get easily changed.

The premise of your company pivots on trust, not technology, the same tech is known and available to everyone else too. And it's trust in you that you will do what you say, not that you can do what you say. The latter is a given, you clearly have the knowhow. The former is putting any promise in doubt.

> Cape routes your traffic through our US-based mobile core.

This sounds like an anti-feature when it comes to privacy or the paranoid.

> I say "Cape is not a honeypot" a lot just so I don't appear to be mincing words.

I appreciate you saying it but Crypto AG probably also said that a lot (figuratively).

> Cape does not keep this data.

Unfortunately you are limited in what you can do here. Having or processing this data for any amount of time, even without keeping it, puts you in the position to be compelled to provide it.

[bsstoner]

This is valid feedback and it’s on us to earn trust over time through our actions. I will say that Cape is a company of almost 100 people from many different backgrounds. Prior to Cape I spent almost a decade at DuckDuckGo. We’re a group of people that is frustrated with the status quo in the telco industry and want to do better.

One of the efforts we’re working on now is an audit of our data retention claims. We recently posted an RFC on Reddit if anyone from this community has input: https://www.reddit.com/r/CapeCellular/s/zTn7HQ0emo

We plan to continue to do more things like this that increase transparency and build trust over time.

[UnreachableCode]

What about some form of external auditing down the line to add legitimacy to these honeypot claims? Maybe open sourcing the technology as well?

[bsstoner]

We’re working on an audit now. There’s an RFC on Reddit looking for input: https://www.reddit.com/r/CapeCellular/s/zTn7HQ0emo

[simfree]

What can be open sourced (GrapheneOS) already is, and the remainder is business logic that they have described for the MVNO that is likely carrier specific and tied to the oddball MVNO platform they are using.

Very hard to make the latter usable by anyone else IMO.

[j-bos]

> The way that you word things, such as "Cape is not a honeypot." but don't delve any deeper, to start, gives someone less than zero confidence or trust in your words.

Neither or against either perception but this reminds me of https://barrypopik.com/blog/i_know_its_not_true_but_lets_mak...