Ask HN: Can't figure out the next step – any advice for building an audience?

3 points

11 years ago

I'm kind of in a weird rut (possibly related to the paradox of choice) in my efforts to build an audience within the PHP developer community. To clarify, it's not one of those feeling of helplessness situations, more like a lack of any solid ideas.

In the past few months, I have:

* Posted a lot of blog posts explaining application security and cryptography for PHP developers. (These happen to be two areas that I specialize in.) https://paragonie.com/blog

* Authored a bunch of MIT licensed open source tools and libraries: https://paragonie.com/projects

* Responsibly disclosed several security vulnerabilities in moderately popular open source projects, with patches (the most recent one hasn't been resolved, but has a CVE assigned).

* Identified a lot of bad security advice in popular/accepted StackOverflow answers, and subsequently edited/added answers to offer safer advice where I could. I think this was probably the most significant thing I could have done to make developers adopt secure habits by default, but only time will tell if this actually has any significant impact.

* Opened an invitation for the PHP community to ask me if a given StackOverflow answer is secure: https://twitter.com/voodooKobra/status/621107117219561472

* Participated in the discussion on the PHP internals mailing list seeking to improve the state of cryptography in PHP 7.1 through the use of a simple API that supports multiple back-ends (libsodium, openssl, etc.) and offers secure defaults (i.e. only authenticated symmetric key encryption).

* Most recently, I tried to tackle the misleading or outright incorrect information on w3schools, but that was a total non-starter.

(continued)

5 comments