 Are you making a secure Linux smartphone system that cannot be tracked, that's sending secure messages, are you trying to make the most secure smartphone in the world? Well trying, I think we're doing that. So yeah basically yes, we are focused on just this one thing which is transferring your intellectual legacy from A to B in the most secure way possible. And you have it right there prototype, we can check it out. This is one of the volume models. So this is like a mock-up, right? It's not yet with the PCB and everything. I don't have it here on me indeed, but yeah we do have the actual prototypes as well, but they're quite expensive, so our developers actually use them on a daily basis. Can we see a little bit what's the concept, like you have a nice size screen, touch screen? Yeah it's simple, let's put it that way, you have a choice of, so this is the chat window you see here. What you can do in the main menu is you have contacts, you have chats, you have passports which is something that people will not be familiar with. And I think that's basically it, so basically let me a little bit clarify what we are doing here. We are doing more new way of messaging solution, not smartphone itself but the messaging device. You can send and receive messages which need to be having additional privacy added on. So basically we decided not to use a generic smartphone but to develop a unique hardware for that. As you can see there are no connectors on the device, so you cannot easily connect some malicious hardware to the device and try to hack it physically. You need to open it and we have a tamper proof mechanism enabled inside, so as a basic feature of this product, so if tamper proof mechanism is broken, so all secrets like messages and encryption keys for sending messages, those are wiped and cannot be restored easily. So I guess you are choosing a specific ARM CPU platform and you are developing custom Linux for the ARM CPU? So we are developing a new concept, we are developing whole from scratch the operating system itself, which is a Linux based operating system, we call it ARMOS, but we also use dual OS design, it means that we have at least two operating systems in our device. One operating system is just general Linux based and second one is a secure operating system which handles all secrets and basically user environment where UI is shown and user can access to is not having any direct access to secrets. So basically physically in terms of inside of the device, those are separated. And do you talk about what kind of Linux you are doing? So we are using an embedded version of Linux as a bootstrap, it's a yok2linux operating system, but we also use OPTI as a trusted execution environment to manage secrets and critical data like messages encryption mechanism. Is OPTI very stable now? It's been going on for a while, I was doing videos with Linaro, they were developing this open source security trusted execution environment and it's easy to implement all the stuff that you need through that Linux that you have. So basically it's not so simple as that, actually we are using Linux here only to implement user interface, let's say we want to boot to our chat application, when you switch on the device, the device boots to only one application, it is chat application, we use Linux here only to interact with the user, when we need to encrypt any messages or decrypt them, we use this secure environment where we store all secrets and keys, and we send information from this unsecured Linux environment to this secure environment, secure environment ciphers so the ciphers data sends it back and user can see it or our system can send it to out the world, to the internet. What's the design, the architecture of your PCB, do you have, and you talk about which ARM CPU you're using and does this one have like extra secure area? Yeah, basically yes, we are using NXP processors, SOCs, those are IMX7 CPUs, they have at least three CPU, this is system on chip solution and we use dual CPU design, one is application CPU and one is secure CPU which is differential power analysis protected. So basically when you ask, even if you are capable to access to our PCB, you decapitate our CPU, you will not get the secrets so easily because those are specific area of CPU which is additionally protected with additional layer of metallization and a lot of countermeasures being done by vendor we use for CPU. So that NXP has, as I remember, Cortex A and M also, right? Yes, we have, actually we have three CPUs inside. We have Cortex A as the application CPU, Cortex M as the supplementary MCU for some additional functionality like physical world interactions like buttons, lights and so on and additional cipher CPU which is fully dedicated for running our trusted execution environment. This is only one component we use. We also use hardware encrypted flash as additional chip. So basically we store all of our Linux components in RPMB partition inside of flash memory which supports hardware encryption. So and you are a Swiss startup, right? Correct. So you are talking about neutrality, Switzerland is famous for not having opinions, I mean not exactly but like what is called like enabling everybody to do what they want. So what is the thinking here by being Swiss based? So the main thing is a neutral base for operations but PIM can actually tell about this a little bit more. Neutrality is the main thing but we realize that just being in Switzerland is not enough. Most people will understand that. But it does give a good basis to, well it gave us a good basis to start this endeavor from a legislative point of view. But much more is needed to actually accomplish that and for that reason we are working with the Swiss academic community. At the EPFL or where you work? With who? Well we are working currently with EPFL with Ost University which is a merger of St. Gallen and excuse me for not knowing this one but another one. SSLU, we work with SSLU, yes. So it's three universities but on this specific part, control system for transparency. We are working with Professor Dr. Natalie Weiler and what is interesting to note is that she also worked on the digitalization of the Swiss referenda system. So this control system for transparency, this should really give our users the best possible insight of what we are doing from, well I say from road to code, so in infrastructure to code to anything basically. We want to be like fully transparent and very opposite to security by obscurity. So you're mentioning that Switzerland is like the most interesting history of their democracy and stuff and I saw that some some contollers are trying to do online voting and stuff like that. Are you saying that the person you're working with has been involved in doing this online voting stuff? Yeah, that's correct. So there is like a lot of things happening in the last 20 years. The internet has been a little bit hijacked by some of these American trillion dollar companies like Google, Apple, Facebook, it seems everybody in Europe for example has no issues sharing their whole lives to these companies and you are trying to provide some kind of alternative especially for enterprise that has secrets that doesn't want for example the Americans to copy their secrets and governments. Is that the thinking a little bit? Well it's not just Americans, everybody's playing this game and we just want to give a truly working alternative to this, to, we're not really here to educate people on that, I mean it's everybody's responsibility what you do with your data. So we're not activists in that sense, you know, everybody can do whatever they want but we just want to have an alternative out there because we personally want to have an alternative and it's not there so that's why we started this in the first place. But to compliment this I would say that for our users we preach the specific behavior to keep the privacy at a pretty high level, we just develop a tool, this tool can be used in different ways like a hammer or drill you use when you do your repairment and we also create a tool and it really depends how you use it, we have pretty good instructions how our users can drastically increase their privacy behaviors in general and we preach this approach. But we also do not aim for a specific user so they can actually, while we also have interests from say the people who like to run away with your data so we're just being neutral and you know we're just on the sideline. So to prove it, to prove it we use such kind of approach that we do not have any server infrastructure and we even cannot physically store any user data on ARMA premises and we cannot reuse it as a like reselling or mongling it and sending it to third parties because we do not own and we do not have user data, user data is stored on user device and devices can communicate between each other without ARMA interaction so basically this is one of killer features we use, we do not need any infrastructure for user to use our solution. So this is not a cloud phone. It is not a cloud phone. You're not going on AWS, you're not going on Google Cloud, you're not doing any of that. So the thing is that there is no cloud, it is just another person computer, there is no cloud, there is some company owns computers and gives these computers for end. We don't have, we don't use it. So your device is especially for messaging, right? So it's right, and calls? No calls for current model, no calls, but no calls and even though our security model assumes that any speaker or microphone can be used tamper. Let's say if we design our device without microphone at all. Physically, there is nothing, no physical device to record the voice. Yeah, so you should keep in mind that this first model of ours, the G1, is really hardcore, so it's focused on the most basic of communications, which is text only. Does it work for your entire, protecting your entire company infrastructure? No, but it does work for your most, say, classified information. And I mean, you cannot safely send a document with it, but you can safely discuss the strategy around the document, just to give you an idea or strategy in general, right? So what ends up in paper usually is harmless, but it's really about the chatter around it. And that is what we secure. There's a lot of controversial things. Somebody could think of talking about, right? I think there was a story about Merkel's phone was being tapped by some kind of Americans at one point. And I guess her messages maybe were read or something like that. And there's always this talk for many years, for like decade, I remember it was like, Obama, what blackberry is he using? He's using some kind of secure blackberry thing, but Trump, he didn't care, right? He gave up. He just said, I want to use my iPhone or whatever he was using to tweet. I think the Hillary Clinton emails is also very... Yeah, it's crazy, yeah. I'm pretty sure she would have wished she would have a G1, because a lot of this email she was sending around, I'll not go in. That was a bit funny that they could do that kind of mistake. Yeah, it wasn't necessary to use your email for that. You know, she would have had a secure system at that point that would have saved a lot of. It's just a little bit controversial, some of the discussions they had about all the world leaders and stuff. I think that was the main kind of issue. I guess there was a lot, lots more, tens of thousands of articles, right? How about all this? There was enough to read. But if we do not go to the political, there is a place for privacy still in this world. So basically, we developed the tool you can use with different means. So basically, you can use it for political communication. You can use it for business. You can use it for civil purposes. But basically, what we see right now, there is no such kind of tool where you can be pretty sure that your data being sent through this tool being kept private. And then I see that you're talking about the NXP doesn't have a modem, right? So you're connecting with this Quacktel on your PCB? So we have different modems. We use different modems as different models. But the main thing is that our model is not part of our SOC chip. It is compartmentalized physically from a CPU where we run our main application. So which means that even if the modem chip is compromised, so attacker cannot access the data because it is physically isolated from our main system. We use currently, we use Ublox, it is Swiss company also. Ublox Tobi L210 modem. It is automotive industry modem. But basically, we use it only because of features we need. We do not have a SIM card itself on our device. Our SIM card is a virtual SIM card. And the SIM card itself is a part of the pool of SIM cards which are rotated periodically. And our device uses different sets of SIM cards for different activities. Because when I watch TV shows and I watch so many TV shows and movies, they always talk about getting a burner phone. And the idea is to get different SIM cards so there you can just swap all the time and have all kinds of different SIM cards virtually. Don't you think that the burner phone is a pretty wasteful technology? So you buy a phone, make one call and throw it back to the garbage. So basically, but burner phone doesn't help you because there is a co-traveller program from NSA and NSA can track your burner phone altogether with your real phone and correlate this information. We don't have this and this is also an approach. We took it to account when designing this hardware. Nice, and then, so do you do a specific kind of architecture in the way the messages are sent around? Is this some kind of peer to peer or how does it work? So we do not use a public internet connectivity at all. We use our network as a transport system for our messaging. When user activates his device, device activates internet connection using this bootstrap SIM card pool and then activates store circuit. When device activates store circuit, each passport, we call it passports for each contact group. We have one passport, each passport has its own only on address. Device publishes its own only on address to the network. And if we have another device knowing this only on address, it can communicate between each other without interaction to any armor systems. This is pretty badass. No, what you doing? Are you are you so you've done a tour messaging hardware phone? Is that what it is? Hardware messaging device, messaging device. And it goes through how many different like if I send a message to my sister, for example, right? How likely is it somebody is going to know it was me that sent it and I was here or is it impossible for them to know? So, so basically why we rotate SIM cards? It means that we we give a hard time to to make a correlation attack. It means that I can send a portion of messages through different operators. When when when let's say third parties or attackers trying to track or even copy my traffic, they need to be at the they need to be in the network of at least three operators at the same time and try to copy this information and correlate it between each other, which will be much, much harder task than just to tap your phone on one operator. So so any person out there basically is a walking beacon, you know, you have your e-mail number and your emcee number. And basically they're they're they're they are unique for a person. So if you want to target a person, it is a matter of seconds. And you can very specifically target any person on this planet. And the New York Times had a very interesting article about that, where they were where they showed how easy it is to track Trump in the White House, but even Pentagon staff employees ridiculous. So and I saw this amazing thing recently with, you know, this capital thing with all these crazy Trump supporters. And I think there was some kind of article where they said that just with the information from the telcos, they could see a small dots with everybody who was going where at what time and exactly they knew exactly what they were. So basically your phone number is somehow attached to your personality. In our solution, user does not have phone number itself. User has a device and his, let's say, passport identity, which is created on the device, managed on the device and destroyed on the device. The identity does not leave the secure compartment. In the case of SIM card data, like phone number, we do not call it as a private information anymore. This is not, it is not attached any how to the physical person, which means that we separate these two things in our model. So we do not, you pay per year and our, so we do as a dual use good to have to identify our buyers. But from that point, we do not latch the physical identity of the person to the network identity. So any device in the network is not identifiable by us to the person. It's totally unrelated. I mean, it sounds kind of a super advanced. Like, is anybody doing anything remotely like this? No. So basically, we have a kind of competitors who are doing smart phone to smart, let's say, secure smart phone. I did a video with the Purism Librem, like three years ago, the video. Is it like the main like story in the world? Very similar to that. But but Purism is more of a phone approach. We don't, we are not, we are not, it is not a phone. So so the arm is built around security and still Purism is yeah, it's more like a commercial convenience thing that has maybe a bit better focus on privacy. But we basically went very hardcore. It is more, it is more like an old school pager. People used maybe a couple of decades ago in 90s for medical or something. But we use it as we revisited this model, this idea and the hardware messaging platform, which is something different than everybody else does, like smart phone or iPad or something like that. It is a new device. Try to understand the tour, how it works and the way you use it. Like, is the message going to, like, you're going to split out the data and send it through a whole bunch of different random peers around the world? And then it goes so basically depending on the region where device latches, we use different sets of bridges to establish the circuit. Tour uses different set of bridges simultaneously when sending the data. It up to six different nodes can be used to send one one. Let's say pocket. So it means that it is much harder to track the starting point and to track the receiving point. And in this case, man in the middle attack is almost impossible, but it is technically possible, but it is very hard. They have to really control the whole world to be able to see chronologically when the packet left where and see which one was the first. And basically, we do not use exit nodes, so we do not send traffic to the public Internet, which means that our traffic does not leave the network. We allow one device to turn network, second device to turn network and they communicate privately through the tour network. And this is just the G1, right? Are you planning G2, G3? Because you were teasing that there could be a voice version? Yeah, basically, Pim, maybe you can pitch it a little bit. We are talking to several parties. We're also talking to special operations guys. And so there could be a satellite edition coming in the next model. But we are also contemplating a G7, which would be a more typical smartphone or a dumb phone in our case, because we don't want them to be too smart. So basically, the next approach is like revisiting the smartphone idea as a new generation communication device with voice, video and so on. But this is the next endeavor, which we are going to do right after we get success with the G1. I guess it's not so easy to send live streaming video through the tour. But we have different blueprint ideas how to do the video and calls in a better way and in private with privacy in mind. So it is another story and those are not still in road map until we launch the G1 in full strength. When people talk about having secure phone lines, right? In movies they always say, are you in the secure line and stuff? It's pretty much just encryption, but they're not hiding who they are, right? It's just encrypting the thing. In contemporary world, this is not enough, basically, because for different third parties, it is enough to know that the event of communication has happened, not the content of communication. And this is the real problem, and this means that if I know that one person contacts to another person, there is enough metadata around these two persons to know about the context of conversation. In our situation, we have a plausible deniability. It means that even if you know that there is some communication between one ARM device and another, you do not know which person is it, because ARM G1 is not connected or attached to some specific person. So I'm hoping, because you showed the mock-up just previously, and I'm hoping it's not too far out, what is the status? Are you... You have prototypes, real prototypes? Yeah, we have real prototypes that are not in case, and those are up and running in a little bit larger... Like little boards? Boards with military boxes, and you can send messages. So our application right now is up and running on our target PCB, but those are not yet in K, in physical case that you look, but it is very, very actively ongoing, and most probably in near time we will marry a mechanical part and the electronics part, and you will see up and running everything inside of this wonderful case. 2021 for sure, right? Yeah, absolutely. Yes, absolutely, yeah. Actually, we almost managed to get a pretty near-perfect first prototype round. We just had some issues with the display. So we couldn't fix an alternative display in the exact same footprint to have it totally closed off. 3.18 inch OLED, right? 3.81. 81, yeah. So I guess to make it very, very secure, you want the connection between the display and the PCB and the memory and all that. How do you make sure people don't just connect something somehow? So basically, we have tamper proof foil inside of the device. We have tamper pins around our PCB, and it is kind of glued all together, and when you try to open the... So we don't have connectors. You cannot connect any celebrate kind of device or some kind of forensic device to it because there are no connectors. We use wireless charging. No USB, nothing like that. And only one way to access, physical access to our hardware is to open it. If you open it, tamper proof mechanism triggers and it wipes different sets of secrets in our device. So basically, we have some kind of additional layer of security here, which gives more hard time for attack, potential attacks. But some very, very talented, skilled kind of super guy might find some kind of way to get around the tamper, no? Yeah, basically, okay, let's assume he opens the case and tamper proof foil did not break and he has access to the board. All data is technically stored on the device in encrypted state. So what he can do? He can try to load his own software to mangle with hardware. But our device is burnt on the factory when it does not accept to boot with unsigned software, which means that we burned some specific encryption key, which we sign all our images. When your image runs on the device, it should be signed and encrypted with proper key. If this key does not correspond to the key burnt on the CPU on the factory, we have called boot, goodbye. So it means that it is not easier to, so additional layer of security. So another thing, like GTAG, if you want to use debug port, we do not propagate this debug port, of course, but this debug port is hardware disabled when it runs out of the factory, which means that we properly test it and then we seal the device. It means that if somebody wants to unseal it, it will be very hard to do something. And another part of the strategy is also to keep changing the hardware. So that any adversaries will not learn from opening the device. And so cybersecurity and the state of security is not something physical. You get the device, which is absolutely secure. It means that there is a process in terms of time and we improve learning some additional techniques and the talks in the future. It means that customer always gets the state of the art technology into his hand when he has a new device. And so I'm trying to figure out how you, right here, I'm just gonna share your screen. It says also that you are, for example, you have some articles about the UK market, Latin America, you are, this is like everybody in the world is interested in this kind of stuff. You have conversations with these, all these people? Yeah, we have inquiries and letters of intent around the world and basically we have, most probably we'll have worldwide sales from day one. So there you have Bolivia, Colombia, what are you talking about, all these different countries? This is one of our collaborations with the academic community, in this case, AIT, which is a collaboration between Colombian universities and Swiss universities. And the UK is maybe interested in hiding their messages from the EU a little bit now about fishing. Yeah, one thing I'm wondering because I guess what's really important also is reliability. And I don't know how reliable is it gonna be that when you send a message, you know it's arriving on the other message because the tour, is it really like, how it's not instant, right? How fast does the message go through the tour? So the approximately time of delivery is six seconds, so which is more than enough for a messaging application. It is not a call, it's not real time, of course, but it is pretty fast to regular user. Can you have one of these little check marks that says that the guy received the message? Yeah, okay, we have different sets of check marks. One of them is a message is delivered, one of them the message is signed by different kinds of additional measures. Let's say, I can agree with you that all messages I sent should be signed with my PIN code or some kind of signature that I did send this message. And when I send this message, other party can tell me this A-party, do they have additional signing requirements or not? If it has additional signing requirements, it will show you the exclamation mark that there is something not right with this message. It means that if you are in a dangerous situation or something, you just can send the message. A sending device will show you that a message is being said correctly and all good and it has been delivered to receiving party but receiving party will see that there is something wrong with this message. And well, receiving user can make a decision based on that. We do not approve like a hundred percent sure that somebody who is sending the message did some wrong thing, like maliciously send some message. It is other story but we can give additional instrument to improve communication security. Can you tease a little bit how you're thinking to do the voice and let's say the dream device with some people will be to be able to browse the internet or even perhaps maybe some kind of way to use some Android apps, but like do it in a secure way. Are you, what's your thinking in that direction? I can tell you something if Pimo proves, wow. Ah, it's a secret, okay. You don't have to say any secret. It's not a secret but this is a... Well, I think we should focus on the G1 first and we have some very good ideas about that but we do not want to give any competition a head start. The purism guys, you don't wanna tell them what you're doing. Yeah, let them do their thing and we will jump in two years from now when we start our G7 and yeah, let's not give away too much strategic. I did the video, I think it was three or four years ago with the purism and I wonder how good is their market? Are they selling a lot of phones or is it working? I'm not even, I do think they have a few series out there but I'm actually, I have no idea but we actually just checked, you know, are these guys in our same market and or not? So yeah, I think if you're not significantly doing something different than the current competitors, then I would just suggest you go home because it doesn't make any sense, right? It's the messenger apps that are out there are a very good example. Then you have Signal, Trima, et cetera and they're already basically known to be, you know, unsecure, let's just put it out there. So, you know, WhatsApp is being followed up by Signal and et cetera, et cetera but it's all the same deal basically, right? Yeah, who's controlling Signal? So yeah, this is a great question because even if you have very, very secure application like Signal, which they state that they have a lot of different checks and validation in the community, you cannot prove the platform because the platform like I also, Android, which is pretty, they collect elementary, everybody knows that. They collect silent microphone data and everybody knows that and you run very, very secure application on that. Is it strange? I think it is pretty strange and you cannot guarantee that a platform on top of which your application runs is 100% secure and enough to run this secure application. Yeah. Which, this is the reason why we did start developing our own hardware, which is pretty hard thing to do and but there is no other option except instead of like running it on Android, well, which means that you're on board the risk that Android has its own bugs and issues, which and you do not have enough resources to manage it or to even to fix it or to overcome it. Well, which is the reason of doing own hardware is obvious. It's already many years ago now that the Edward Snowden story came out and all that stuff. And it was kind of like in movies and everything, everybody always thought and kind of guessed and believed or had proof that the US was kind of like checking everything that everybody's doing, but this is like proving it. But what I'm wondering is, I always kind of hoped that Android was secure and had secure kind of like that, you know, one app cannot check what the other apps are doing but you're saying that it's pretty much easy to prove that actually there's a bunch of stuff happening there that's not really nice. Yeah, basically the platform itself is sending a telemetry. All telemetry is closed. So you cannot guarantee that information being exposed from the device to outer world is not classified as private. So, which means that this is the risk, potential risk of using this kind of platforms, like even for iOS and so on, and this is almost the same approach. They have that any mobile phone can send telemetry data to Google or Apple. I think it's even more simple if you just look at the company itself. If you look what the business model of Google is, it's selling your data. And, you know, if you want to work for a government or as a police officer or whatever, you know, they will check, you know, do you have a criminal record, right? And for me, it's just interesting why would you trust a company like Google that is going, that is making mistakes on a daily basis when it comes to your privacy? Why would you give them the benefit of the doubt, you know? And to me, it's always like, I don't know, a valet parking run by car thieves or something. You know, why would it be any different tomorrow? So obviously what you see with Android is that it's full of holes and, you know, the holes get fixed and then there's a new vulnerability out there and, in my opinion, you're just supposed to be there to give access to all kinds of third parties. And that is the whole deal, basically. What about the Graphene OS people are talking about, which is like the successor of what's called that was before and stuff, right? That's Google-free version of Android? Yeah, I understand that. But basically this... Yeah, I understood what you mean, which platform you mean. So basically this is also a question that these developers are usually taking Android applications and using closed software like drivers, let's say for drivers, those are still closed and you cannot use it. Or otherwise you cannot run it on different types of hardware. And well, this is another story. But basically for drivers, this is also potential risk. In our case, our drivers are pretty low footprint and mainly developed and validated in-house. And open source? Most of them are open source, yeah. Because I guess, as far as I remember, the GPU is still a big issue in the ARM world with closed binaries and all that stuff. I guess the modems is also a big issue. But you found a modem that doesn't have this problem? Okay, for the modem, it is still there. The reasons are different. So there is a lot of IP, which is included into the modem. And the modem has to be validated and certified by a specific set of government. So we use it as a black box. But it is compartmentalized in terms of our hardware architecture. It means that modem cannot have an access to any kind of data without this side mechanism. Like when you have a SIM card which is connected directly to the modem in your regular iPhone or Android phone. And when an operator sends silent SMS to your modem, your application like Android will not show you that there is an event like SMS being received. A modem will run this SMS and send it to the SIM card. SIM card is also a kind of black box computer. And it runs this SMS as an application in the SIM card. And it does something. You cannot know what it does and so on. In our case, there is no SIM card. And all messages being sent to our SIM card firewall and modem is isolated from our application environment at all. We send the AT commands to the modem and modem can be controlled very easily. And also we have such approach that each component in the system can be physically switched off. So we have some switches connected to our application CPU and application CPU can switch off physically modem. So we have a real flight mode, let's say. For flight mode, you send that AT command to the modem and modem does something. It says that it is in flight mode, but there is no such kind of thing like flight mode when you power on the hardware. In our case, we just switched off physically. Nice. No power to it. Yeah. How about the Quectel? Is it called Quectel? Do they have open source kind of drivers? Or do they still don't? So those components are pretty close. The reason is that when they apply to GSM association, GSM association controls and does not want to share this information because this is their intellectual property. But we cannot overcome it and we need to certify the modem. So our modem is certified in all countries worldwide. So basically we can easily run in any region. But the thing is that there is a difference between how our modem is connected to our ecosystem and hardware and how the modem is connected to any regular phone. There is a huge difference. And this is isolated. Yeah, it is not isolated. And basically for cheap Android phones, your modem can share even the memory between your application CPU and the modem, which means that modem can easily write something to the memory where your application is running. Well, in our case, two different chips. Very, very small amount of interfaces connecting these chips and the physical possibility to switch off the component. Could you speak just a little bit about the company and here is the team. So, Pim, that's you, right? And can you explain to some of the other guys what they do? So to my right is Oliver Nadella. We should update the website, by the way. He's our CFO. And then we have Alex Murnov. He's a CISO. Andrei, well, you know Andrei. Are you aware in Ukraine? I'm in the UK. So, London. Yeah, we thought the flags were an interesting addition to the team. But you're from where in Ukraine? I'm from Kiev, yeah. Basically, it's the nationalities that we display here. Yeah, and Dutch? Yeah, that's Tim, Karol, commercial advisor. Tim is doing operations. Can you talk a little bit about your background? Have you worked a lot in security kind of world? What was your projects before? You worked for some big companies or what were you doing? So, yeah, I was doing IT outsourcment in Belarus, mostly. We've done a lot of outsourcment to American and Western European countries. We did that with my company, Binary Labs, for about 10 years. My background was banking at an arts school. Andrei? So, my background is mainly telecom business. I worked for different fixed line operators, like banking operators. I worked with a lot of years in a mobile operator. So, I have some background in the mobile connectivity. And I worked in mobile vendors like Ericsson. And after that, I moved to cyber security market. I opened a small penetration testing company in Ukraine. So, cyber security is more... I have cyber security background and right now I'm working in ARMA as a CTO. Is it true that the best software and engineers in the world are in Ukraine? Even it's better than Belarus, right? I'm joking. But is it like... It's mainly similar for Belarus. But there are more people in Ukraine working in this industry. But very high talent pool there, right? When you talk about outsourcing, maybe the competitor is a little bit like Israel? Or what would you say? Hard to say who is the competitor even. Because there are companies who have 60, 70 or 100,000 developers in one building. So, basically... In Ukraine? In Ukraine, like E-Palm, having huge 7 or 10 offices in the country. And a lot of outsourcing companies, very famous ones. Operating in almost every city, large city in Ukraine. And how much talent is there in Belarus? You say you're working 10 years, Tim, right? Yeah. Well, there's enough talent out there to make it hard to get staff from these countries. So, the prices are going up. So, it's a good sign. In our case, we're not just relying on Belarusian and Ukrainian employees, of course. So, that's why we're also working with Swiss academics. But, yeah. All right. So, are you looking for investors or distributors or just buyers, consumers, enterprise who want to buy 100 pieces? What are you looking for? Yeah, 100 pieces would be nice to tell them today. Is there a price for them or... Sorry? Do you have a price for them? So, we are working with a factory price that is around 6,000 Swiss francs per unit. So, we try not to... We are a bit of a niche product. So, our bandwidth is somewhat small, which is... We prefer to have that situation. And for data and other services, we charge 3,000 Swiss francs per year, per unit. So, you're not trying to do something that's mass market, consumer kind of thing. It's more like high enterprise and governments and stuff like that, right? Yeah. I think... Because a lot of people simply do not care about their privacy in any case. So, we would just... First of all, the technology is very expensive. There's a lot of development costs going in this development. And for some people, 1,000 Swiss francs would not be cheap enough. So, yeah, no, it's really... It's there for people who really need it and understand that they have the need. All right. That's awesome. So, thanks a lot for showing all this. Just trying to come back right here. Thanks a lot for... Yeah, to answer... What you're looking for, the investors and stuff, right? So, we have a minimum budget for operations and development. But, yeah, investors are still welcome. And so, is anyone... Anybody who has a good use case for us, we're also going to set up a larger, say, friendly user... Andrei, help me out there. A friendly user base. So, basically, we are considering to have a first node implementation. So, basically, we have potential references for that in different regions, of course. So, basically, this is the approach we chase now. Do you have an idea how big your market can be? Or, maybe, some examples of who should definitely buy this? Would it be, I don't know, some important enterprises, like financial services? So, the C-suite of any large company would obviously benefit from a solution, which, in military, seems to be also... show an interest. Soldiers of fortune. Maybe a suited Mexican. But, basically, we have a very, very large scale of customers, like medical lawyers, journalists, of course, and political people and so on. But our main target auditor is middle and higher management of large and medium enterprises. And then the 3,000 is global coverage, the whole... Yes. Every country, even North Korea. The reason on that, we do not track user, and we do not know where user should be tomorrow. So, basically, this is the reason and so our packages are included in any country. So, today you are in US, tomorrow in China, no problem. It's a flat fee, indeed. All right. So, thanks a lot for talking about this very unique, crazy advanced security, secure messaging system. And how fast, if this becomes a success 2021, the next things are just going to come fast also. The next impressions. We have a lot of IDs, so let's put it that way. All right. Cool. So, thanks a lot. Thanks for talking about this stuff. Is there anything I forgot to talk about? I mean, I guess you could keep talking for many hours, right? We did one... Cold day. Cold day. Yeah. All right. I think you had very good questions and I think we pretty much covered anything that is worth mentioning, well, at this point, because you really can go on and on. Is there a community of security experts who are, like, really interested in your project and, like, commenting a lot? Is there, like, a community? Do you have, I don't know, a telegram channel or something where people, like, are very excited to see what's happening in your company or... Well, we do not have a channel, but there obviously are a lot of people that are very closely watching what we are doing. So we have a modest amount of people following our LinkedIn profile. But if you look at the people who are actually following us, it's pretty interesting. Nice. And I guess you've been to all these security conferences and stuff, the hacker conferences and all this? Yeah. Basically, we attend CES near time and we attend the DevCon and so on. And basically, right now, there is a pandemic and no conferences are available. This is a conference right here. Yeah, absolutely. Absolutely. Well, actually, one week ago, I was at the Defense Leadership Forum in Florida in Tandestine. I need to update that on the LinkedIn as well still, but so yeah, there are some... That was virtual, right? No, that was live. Oh, you went there? Yeah, I was there. Yeah. So it's still possible to travel. So somehow you got over the Atlantic? Yeah. Yeah. Cool. All right. And there's a bunch of security conferences or, like, a dozen or something every year? But I guess, is it the last couple of years you've been networking and talking a lot with people there or? Andre? So basically, yes, we attend different events in Europe and US and we support this event sometimes. It is in around four to five events per year we show up. Most probably when COVID will finish, we will show up much, much more often. Cool. Awesome. So looking forward to see what happens next and it'll be awesome if... Alexandra Ocasio-Cortez, whoever's the next president is going to be using your phone and the EU presidents and all these people, they'll be like sending messages. It'll be fun to see that in the future if that happens. And I don't know, the CEO of Legos, I don't know. I'm always a total fan of his art. Yeah. All these different. Okay. Cool. So thanks a lot. Thank you.