Myntex: A case study in security theatre.

Over a year after first coming across these hometown heroes, I visited the new Myntex HQ in Calgary recently. Nestled into a nondescript industrial park, one of the fastest growing start-ups aroundi has created a Googlesque campus for themselves.

So here are some photos, starting with an exterior shot showing the blue sunny skies

Myntex - 1

and an interior shot of the orange twisty slide… for fun and easy access!!1ii :

Myntex - 2

Inside, aside from the slide, the piece de resistance for those interested in steak rather than sizzle was the glass-ensconced server room with multiples of the capacity currently requirediii  and past which every guest walks as they enter the front foyer.iv

Myntex - 3

Across from the server room was the board room, complete with custom concrete slab writing surface. Nifty.

Myntex - 9

Even the bathrooms had personalised touches, such as the organic “handmade” Rocky Mountain soaps and moisturisers, which were perfectly pleasant, at least in contrast to the typically abhorrent automatic sink faucets.v

Myntex - 8

Joining the upstairs and downstairs near the front entrance was a ginormous interior mural complete with cartoon-pop graphics characteristic of your favourite infographic and incorporating logos of all the companies that made the project happen – from banks to engineers to architects to equipment suppliers to… Tesla ? Let’s just hope that Musk’s cash-burning money pit doesn’t rub off on Myntex too much. Unlike Musk, Myntex actually makes money.vi

Myntex - 7

Continuing upstairs were rows of spangly new Steelcase desks and chairs – the latter of which were called “Gesture” and were actually pretty damn cool. Time to do some hiring guys! (They’re currently looking for Android developers fwiw.)

Myntex - 5
Next to the open-concept office space were little breakout nooks / meeting rooms walled by glass on one side and reclaimed wood and brick, respectively, on the other. Oh, next to all the desks (and in the foreground) was also bar. A very, very deep bar.

Myntex - 6

Further upstairs, and despite his humble beginnings as a heavy-duty equipment operator, Geoff’s autodidacticism demanded custom millwork. Cute ladder too.

Myntex - 4

Which brings us to the end of the photos.

Now all of this Googlery is all well and good… as long Geoff doesn’t cash out – or even acceptvii – Bitcoin. There is, after all, no other escape hatch from which one might hope to extract any lasting value from the bezzle. Otherwise it’s just endless streams of fancy Italian espresso machines, tournament-grade air hockey tables,viii and several layers of admittedly well-thought-out redundancy so that there can be guaranteed uptime for what amounts to a digital security blanket – the security theatre.

After all, in order for the politruks to sleep well at night, they need some degree of external affirmation. When they come home each night from their soul-sucking days at Mega[Gov]CorpInternational, they need to tuck in their little ones with the peace of mind that they’ll be able to do the same thing the next night and the one after that. So what do they do ? They pay ~through the nose~ for their +10 Amulets of Invincibility – their Talismans of Untouchability – that which Myntex is all too happy to provide – in the vain and ultimately futile hope that they won’t be strung up by their guts all the same for their intoxicating ineptitude with all the nonchalance of a golfer tossing his misbehaving putter into the lake for nonperformance.ix It only takes a few near-misses. Nothing more. And the politruk never knows when he’s lipped out for the last time. But who does ? He just hopes against hope it’s not tomorrow.

Too bad it doesn’t matter what politruks say, only what they do.

___ ___ ___

  1. To be clear, as far as start-ups go, there are the VC-riddled steroidal monsters and there are self-funded, self-managed, tightly-controlled basement projects. Myntex, much to its credit, is very clearly in the latter camp and claims to be experiencing quadruple-digit YoY growth. Apparently our old pal Snowden has been particularly good for business.
  2. When you think about it, the twisty slide is really analogous to her zipper :

    zip up corset girl

    Or his, depending on which way you swing :

    zip up lycra guy

    Admit it, you just spit out whatever you were eating or drinking all over your monitor. Ya, I dun really get wtf is going on here either. Go Internet!

  3. The owner – Geoff Green – openly admits that this glassed-in room is more showpiece than anything and that the company uses but one of the APC racks at present. But how are the servers actually employed used, you ask ?

    Let’s begin at the beginning. Starting with Symantec’s “Desktop” version of PGP for Mac/Windoze, if clients don’t provide their own keypair then Myntex generates a 4096 bit public/private keypair on behalf of each new user and uploads the privkey to a freshly wiped Blackberry 9900 or similar running “PGP for Blackberry.” After Myntex deletes the keypair on “Desktop” (talk about counterparty risk!!!!) the Blackberry is hand-delivered(!) to resellers before being delivered to clients (mostly in Europe) who then exchange pubkeys with other users of similar devices in order to commence encrypted Blackberry-to-Blackberry communication. Furthermore, for “extra security,” PGP for Blackberry does a little do-si-do using AES-256 session keys to encrypt the RSA-encrypted message.

    Aside from the fact that this only allows users to encrypt the same message to multiple recipients simultaneously (just like normal PGP does) you might ask why AES and not RSA for the session key as well (just like normal PGP does) ? To which I can only imagine the answer is because it’s 1985 or something and full RSA is “too slow” because it’s “too computationally expensive,” which translates in praxis to “we’re too busy being busy and if we get off this hedonic treadmill our sickly hearts will give out!” – which may well be true. Not everyone can be Secretariat, even if this is a criticism more of PGP itself than Myntex’ implementation thereof. (FTR, the 1973 Triple Crown winner’s heart was ~3x larger than that of other thoroughbreds, meaning he brought a gun to a knife fight ; a Porsche 918 to a Boxster meet, if you will.)

    But I digress. It’s also worth noting that these pricey little talismans can only be used to send pgp-grams to other similar devices. They can’t send pgp-grams to desktop machines, they can’t text, they can’t download attachments, they can’t call, and they can’t surf the web. This is it.

    But anyways, back to the servers, they store the encrypted e-mails for 24 hours before deleting them permanently, unless users elect to delete them first, as many do.

  4. Not that having room for growth warrants disapprobation, but one of the primary – if not the primary reason I wanted to visit Myntex HQ was that I (perhaps naively) assumed that it was something akin to a Mormon Temple ; viz. that – once fully operational, as it’s set to be in the coming weeks – a member of the general public, even a well-connected one such as myself, might never have the opportunity to enter into its inner sanctum ever again. Alas, it seems that the Theatre of Security runs deeply through the veins of Myntex and that – quite despite the bulletproof glass, roll-down security doors, intra-wall galvanised steel security mesh, 2`900L diesel tank hooked up to the back-up generator, fancy fire suppression system, Liebert 40kW cooling system and 22.5kW back-up system, and all the rest – there will be many an event going forward.
  5. To be clear, there was nothing at all extraordinary about the bathroom faucets at Myntex. They worked exactly as designed, which is to say, averagely. And that’s the problem, you see. I mean, what if you want warmer water to wash your hands because you’ve just come in from the cold ? Well, that’s too bad because you’re getting “average” temperature water. Want colder water to wash out a cut or fill a water bottle ? Think again because you’re still getting “average” temperature water. So unless, you actually want mathematically optimised water temperatures that come are only activated by a touchy-feely sensor that sometimes works and other times doesn’t, and even when it does there’s a significant delay (>1s) between when you want water and when you actually get it, I’m afraid you’re SOL.

    So what grinds my gears are automatic faucets sensu lato. These unconscionable blights upon good design sense – that is, design centred around actual human controllers as opposed to passive spreadsheets reflecting last quarter’s “average” desired temperatures depending on time of day (survey says!) – might make sense in a hospital setting where shit’s flying everywhere and every patient is immunocompromised to some degree, but it makes absolutely and unequivocally no sense whatsoever in a environment occupied by the active and the living. Enough with the “automatic ur lyf” already (eg. Nest et al.). Give me a turning or lifting tap set and let’s call it a day.

  6. I don’t know exactly what Myntex charges its various Mega[Gov]CorpInternational clients, but competitors like Phantom Encrypt claim to be selling the devices for ~$2000 and the subscription service for ~$200 per month. If Myntex is charging similar prices, then their ~6000 clients are generated ~$12 mn in revenue on the handsets and continue to generate ~$1.2 mn per month in subscriptions, which is definitely “hand-over-fist” money for a small operation headed up by a couple of kids in their late 20s.
  7. Myntex doesn’t accept Bitcoin yet, it’s true, but Geoff’s too savvy not to accept it eventually. I, for one, would be quite interested in the uptake rate given his client base.
  8. Ok, these are cool. I was 1/1 on the night.
  9. Yes, this is a real thing. In fact, the “innocent” instrument may even be so unfortunate as to be horribly disfigured before being discarded. However, like politruks, the surviving putters don’t seem to learn much from the mangled corpses of their predecessors. It’s almost like they’re both built for what they’re built for, damn the consequences.

4 thoughts on “Myntex: A case study in security theatre.

  1. Pete D. says:

    Footnote iii updated.

  2. Pete D. says:

    Updated again. Link regarding “crackability” or “readability” removed because it was, well, unfounded. I should really know better than to cite “Motherboard” as a source shouldn’t I! Anyways, to my knowledge there are no reputable sources who’ve actually cracked one of these gadgets. Apologies to Geoff et al. for the misleading original.

  3. […] in 1956, barely a decade after the war. Not that the latter ever accomplished much more than security theatre, failing to ever score a single air-to-air kill in two decades of service across 1k units produced. […]

  4. […] hate socialism because you’re too fortunate to have been raised without a father ; you hate security theatre because you’re too fortunate to have been raised by priests ; you hate bureaucrats because […]

Leave a Reply to Defined by the extremes. | Contravex: A blog by Pete D. Cancel reply

Your email address will not be published. Required fields are marked *