Recently Greg Ferro published an e-book for bloggers, “Arse First Method of Technical Blogging.” It has some great suggestions (although I’m not sure what an arse is), but after reading it, I realized it really doesn’t apply to security blogging. Without further ado, here are some of my tips for good infosec blog posts.
1. Use clever, jokey titles that only appeal to and impress other security bloggers. Ignore SEO, because it’s for peasants who seek adulation of the unwashed masses. You are deemed great by the number of security bloggers and researchers who read your posts, not the common brutes.
2. Use obscure literary, artistic and cultural references, thereby reducing the post to a postmodernism cliché. Greek mythology, Abstract Expressionist painters and foreign films are the best.
3. Condescend to readers so they believe wizards astride magical unicorns fly out of your butt with each post, that you are in the realm of the angels and they are less than slugs on the food chain of life.
4.Use frequent grammatical errors and misspellings. You do this in order to give the illusion that you are an uber-hacker from a foreign country or an uneducated, self-taught genius who has no patience for silly things like grammar.
5. Your post must be excessively long, including barely intelligible political or philosophical rants. Make sure you don’t make it too technical or actually explain how you created an exploit in such a way that might allow the reader to replicate your work. It is imperative to confuse the reader within the first 20 words in order to assure your position in the Security Firmament.
6. Write all your blogging ideas on half-used napkins, old junk mail or magazine subscription cards. Put in purse or pants pocket and hope you don’t lose. If you still have this at the end of the week, then it’s fate and you should turn these random thoughts into an actual post!