Jon Geater Podcast Transcript
Jon Geater joins host Brian Thomas on The Digital Executive Podcast.
Brian Thomas: Welcome to the Digital Executive. Today’s guest is John Geater. John Geater brings his deep expertise in cryptography, cybersecurity, and blockchains to DataTrails. John held senior global technical roles at Thales eSecurity, Trustonic, Arm, and Encipher, where he built chip to cloud solutions for mobile, IoT, payments, and smart cities, while managing large global teams and driving corporate strategy.
John is a serial leader of Open Standards at board committee level, having served Global Platform, Trusted Computing Group, Oasis, the Digital Twin Consortium, and Linux Foundation’s Hyperledger. He is currently co-chair of the IETF Supply Chain Integrity, Transparency, and Trust Working Group.
Brian Thomas: Well, good afternoon, John. Welcome to the show.
Jon Geater: Thanks for having me to be here.
Brian Thomas: Absolutely. Thank you again. Appreciate you making the time and again hailing out of the great country of the UK is just an awesome way to start my day. Obviously, we’ve got a big difference in time, but I do certainly appreciate that. And john, we’re going to jump right into the questions here.
You’ve got quite the career as a software engineer and advisor board member entrepreneur. Now you’re the co-founder, Chief Product and Technology Officer at DataTrails. Could you share with our audience the secret to your career growth and what inspires you?
Jon Geater: Sure. I mean, the secrets are always hard to come by and how to reproduce.
So, I’m not sure how much people can, can sort of follow the exact steps that that I’ve made. But I think a really important thing has always been to take the opportunities that show up, you know, if something is presented to you and it’s exciting and it’s something that you can add value to, go do it. That’s how I’ve always treated these things. It seems to turn out well for me and it keeps life super interesting too.
Brian Thomas: Thank you. Appreciate that. Again, we all have a unique story and we have a unique path that we’ve traveled, traversed, to get to where we are today. So, I appreciate the share. And John, switching gears here, you’re focusing on digital trust, transparency, and provenance, providing a chain of custody or immutable audit trail on data.
What was the genesis behind this idea and how will you bring digital trust to all workplaces?
Jon Geater: So the thing that I’ve worked on pretty much my whole career is I had a brief foray into web design and working on, uh, cemetery systems, all sorts of stuff early on, but I spent nearly 25 years now working on cybersecurity in, in one way or another.
And the really interesting thing about the cyber market is that, of course it’s always working for somebody else. You’re trying to solve some other problem because security on its own is not particularly interesting or useful. You have to have a bank vault to secure or an electric grid to protect before the security really becomes relevant.
So, yeah, I’ve always tried to work in the the most sort of interesting. Yeah. Novel areas where cyber security can actually make a difference and help something else to to take off. So back in the late 90s, early 2000s, it was working on what I think now people would call confidential computing.
But we were doing that in specialized cryptographic hardware. Went on to do things with online payments in the early 2000s, when that was kind of new and paying with credit cards online wasn’t nearly as prominent as it is now and making my way through a variety of industries in telco and then into sort of things like smart cities and some electric grid projects and what we call digital transformation, even self-driving vehicles.
I was fortunate enough to do a little bit of work with. The, the current tools that we’ve built up for sort of building little fortresses around ourselves didn’t quite answer that question of large-scale sort of connected trust systems when you’ve got lots and lots of people working together. They all consider themselves safe, but they might consider most other people’s to be a danger.
How do you connect up all of these systems, make them trust each other and make them work with the real world? Because, of course, we could all get. Blank sheet of paper and come up with an ideal system that works, but the world is not a blank sheet of paper. It’s at least 7000 years of tradition and established expectations.
We have to work with it. And so, the idea of digital trust based on. Immutable audit trails based on being able to kind of verify the provenance of everything you’re dealing with and every digital file that that shows up at your front door and asks to be led in. It’s just the sort of logical next step of everything that we’ve done before.
Which is still great but doesn’t quite meet that challenge of today’s sort of digital first highly connected world. And so the idea of provenance is just the current next frontier of making the world a better place through cyber. And so that’s why I’m doing it
Brian Thomas: love that. And I think that digital trail is so important nowadays not even just for cybersecurity, but for authenticity.
And, you know, if you’re talking about artists and their work and that sort of thing. So I think it’s certainly a big part of our lives going forward. So, John, moving on here, we. Talk a little, a lot about blockchain. We’re built on blockchain. Actually, our, our publication here, but we like to ask if you’re using a common blockchain technology, or did you develop your own platform for your current product?
Jon Geater: So, we wrap up our product in a SaaS interface. So, another of the things that we do to try and make this somewhat slightly futuristic technology available to people today is to make the front door to our product be regular logins. You can use like enterprise single sign on, you can even sign in with Google, if you like.
So, we wrap up the front door with stuff that people really recognize. And then put all of the kind of identity proofing and the crypto and ultimately the sort of wallet keys and everything inside the box. So it’s all verifiable. Of course, it’s all transparent. People can see what’s going on, but they don’t have to worry about managing their own sort of crypto keys and things like that.
And so what also allows us to do is to evolve as the world evolves. So, we’re actually currently on our third generation and planning. Future moves as well to move on as the world moves on. So right now, we run on quorum and quorums, the, the underpinning of most of what we do.
We actually started off with Sawtooth, which is a a Linux Foundation, Hyperledger product. And we’re tracking and actually slightly ahead of some of the new roadmap stuff on the Ethereum roadmap. So, we actually managed to abstract out the proof layer. So that people don’t really need to worry about it.
And of course, that means that we’re able to grow and increase and change as the state of the art improves and as the sort of things like transaction rates and, and third-party technologies for verification and things get better. We’re able to adopt those too. So, we certainly wouldn’t dream of inventing our own crypto.
I think that’s a terrible idea. And there’s a lot of history that says making your own algorithms as a whole. Cool. Is is an issue, but equally, we’re not stuck or tethered to exactly one technology forever because we’ve managed to abstract that out. And that means that our users can evolve as the market does.
Brian Thomas: Thank you appreciate that. And breaking that apart for us is very helpful. John, this leads into our next and final question. You’re obviously leveraging some of that new and emerging technologies in your tech stack. Is there something you might be able to share with us today?
Jon Geater: Yeah, absolutely. So technology has many layers, of course.
And so the thing that’s really exciting, I think, to me and for people who understand not necessarily the crypto bits and bytes layer, but at the practical implementation layer, is the, of course, these trust systems transparency, provenance, anything built on blockchains. You know, it’s all well and good being able to prove mathematically the bits and bytes that you’ve got in your hands, but it’s also really important to understand what those bits and bytes mean in terms of real-world information.
And so, there are a couple of standards emerging which is encouraging for two reasons. One is that there are standards, so we can actually kind of communicate in an interoperable way. But the other is that, of course, it means the world cares about transparency and provenance and immutable audit trails these days.
So, there’s the content authenticity initiative which defines content credentials for media. And of course, our business really Is very, very broad. We have use cases, including things like media for detecting fakes or metadata stripping, misappropriation of IP, but also business documents, movement of nuclear materials and all sorts of things.
So, we deal with all kinds of things. But the media is a particular interest right now with Gen AI and the CAI and a thing called CTPA, which defines content credentials is finally bringing the issue. Interoperability and a common language to describe provenance. So where did this thing come from?
Where has it been and what’s happened to it before it came into my my arena and then next to that at a slightly different layer, but very important layer of the stack in the IETF. I am currently co-chair of a working group in the Internet Engineering Task Force called the Supply Chain Integrity, Transparency and Trust Working Group, and that’s looking at making sure that you can verify things way into the future using an interoperable sort of receipt.
structure. So, taking this idea of blockchains where you can look at the blockchain and you can grab the transaction data and you can see, you know, is this transaction valid or not? In a sense, it’s even taking that one step forward to saying, well, now I can get a receipt for that and I can stash it somewhere.
In my in my vault or with my auditors or wherever I want to put it away from where I first got it so that I’m now certain that whenever I need to rely on this fact, like I paid my bill, or I checked that this invoice was authentic, or I know where I put that can of nuclear material, whatever it is you want to prove, you can actually now interoperably prove that thing using all of the techniques that the sort of more technically minded folks can.
Listening will understand about Merkle tree inclusion proofs and things like that. You can prove all of that offline under your own control with a standard. So, we can start to really roll out these technologies, not just to sort of early adopters, but to the whole world. So, I think that’s the that’s the real.
Interesting practical step forward. I think everybody should know about.
Brian Thomas: That’s awesome. Thank you. And I appreciate you sharing some of those gems there that you’re utilizing in your tech stack. And the thing that I really get excited about when you talk about the IETF. You’re part of that task force because there’s a lot of scammers out there and they claim that you stole one of their pieces of art or whatever it is, and they want you basically to extort payment out of you for something that is totally a farce.
So, I appreciate that. And I, I can’t wait till we tighten this all up and make the world a better place for sure.
Jon Geater: Excellent. Me too.
Brian Thomas: Absolutely. So, John, it was such a pleasure having you on today and I look forward to speaking with you real soon.
Jon Geater: Yeah. Brilliant. Likewise. Thanks very much.
Brian Thomas: Bye for now.
Jon Geater Podcast Transcript. Listen to the audio on the guest’s podcast page.
