SafeWeb

Jon co-founded SafeWeb in 2000 with Stephen Hsu and James Hormuzdiar and later served as CEO. SafeWeb ran one of the largest web-anonymization services of its era and built Triangle Boy, a proxy system used to reach censored sites. It received the first security investment from In-Q-Tel, a nonprofit strategic investment firm affiliated with the CIA, and was acquired by Symantec in 2003 for $26 million. After the acquisition Jon was director of development for Symantec's clientless VPN appliance line. SafeWeb on Wikipedia →

What the sources show

The historical record is strongest when it includes both sides of the SafeWeb story: independent coverage of anti-censorship use, In-Q-Tel support, and the Symantec acquisition, alongside the documented criticism of the consumer anonymizer. In 2002, Wired, Computerworld, and a USENIX Security paper described JavaScript- and cookie-based vulnerabilities that could deanonymize users, while later trade coverage tracked SafeWeb's shift toward enterprise SSL VPN products and Symantec's acquisition.

  • The Wall Street Journal covered In-Q-Tel's SafeWeb licensing and investment agreement.
  • The New York Times reported on SafeWeb proxy technology in the context of Chinese internet censorship and Voice of America access.
  • RAND analyzed SafeWeb and Triangle Boy in its report on Chinese dissident internet use.
  • Wired and USENIX Security documented anonymizer vulnerabilities; Wired's follow-up covered SafeWeb's response.
  • Le Monde and CRN add international and trade-press context to the In-Q-Tel and acquisition record.
  • Network World and The Register covered Symantec's purchase of SafeWeb as an SSL VPN maker.

SafeWeb to NIST

The through-line is not that web anonymizers and frontier AI systems are the same problem. It is a builder's habit of testing public claims against adversarial use, failure modes, and institutional consequences.

  • 2000 — SafeWeb begins with privacy, anti-censorship access, and web-anonymization infrastructure.
  • 2001-2002 — the public record includes both In-Q-Tel and anti-censorship coverage and independent vulnerability research.
  • 2003 — Symantec acquires SafeWeb and folds the work into clientless SSL VPN products.
  • 2024-2026 — at NIST CAISI, Jon works on LLM evaluation, red-teaming, and ethical auditing: again asking how powerful systems behave under pressure.

Patents — early VPN appliances

The SafeWeb work produced two US patents on what were among the first SSL / clientless VPN appliances. What was novel: secure remote access delivered through an ordinary web browser — no pre-installed client software — by manipulating and re-encrypting traffic at a gateway. It is the architecture the enterprise "clientless VPN" market later standardized on.

  • US 7,730,528 — “Intelligent secure data manipulation apparatus and method” (filed 2001; issued 2010). Originally assigned to SafeWeb, Inc., then to Symantec following the 2003 acquisition.
  • US 8,065,520 — “Method and apparatus for encrypted communications to a secure server” (continuation of a May 2000 application; issued 2011). Assigned to Symantec.

The Human-Centered AI Lab

Jon co-founded the nonprofit Human-Centered AI Lab, an umbrella that lets distributed teams of researchers and domain experts secure funding and collaborate on AI across institutional and disciplinary boundaries — filling gaps traditional academic structures leave open. humancenteredailab.org →


What was SafeWeb?

An internet privacy company Jon co-founded in 2000 and later led as CEO. It received the first security investment from In-Q-Tel, a nonprofit strategic investment firm affiliated with the CIA, and was acquired by Symantec in 2003 for $26 million.

What patents does he hold?

Two US patents, 7,730,528 and 8,065,520, on what were among the first SSL/clientless VPN appliances, arising from the SafeWeb work.

What is the Human-Centered AI Lab?

A nonprofit Jon co-founded that lets distributed teams of researchers and domain experts collaborate on AI across institutional and disciplinary boundaries.