I’m writing a series of articles on extension security fundamentals. I’m at part 3 (out of 5-6) and I can already see that I’m packing way too much information into each part. My goal is making this easier to understand than my typical blog post but I’m not getting there.


So the question now is whether I try to make the information easier to digest (and the parts potentially very long) or whether I spit things up even further (10-15 parts?), at the risk of never finishing this. It’s a crazy amount of work…

The funny part: whatever vulnerability class I can come up with, I already have a write-up on it (or multiple). So either I’m not imaginative enough, or I really have all of them covered.

@WPalant Always better out than perfect :)

(Except when talking about libraries with vulns in them :D)

@x_cli That *is* supposed to be sort of a library. Or rather a reference that I can link to from my blog posts, so that I don’t need to explain the same things all the time. So the quality isn’t irrelevant.

@WPalant Absolutely. I'm just advocating that if you never finish, you cannot link to it at all and it will unfortunately help no one :)

If I were you, I would simplify, even if it means not explaining everything you wanted to.

@x_cli Yes, one consideration would be: publish what I have already, leave everything else for later (well knowing that this “later” might never come).

I'd say that still fine, you can also reorganize what you already published later if you someday feel the urge

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.