About
… me
Hi. I’m David. I’m a security geek. Mostly. Well, that’s my job, anyway. In real life, I like to program, goof around with network stuff, watch movies, and other typical geek-like activities. Though I also have three kids, so really what I like most is making them laugh. Which is good, ‘cause that’s about all I have time for. Especially since my biggest extra-curricular activity for the last 4 or 5 years has been supporting Scouting America.
I started this blog because I have geeky ideas and ramblings that I’d like to share with others, and want those thoughts to persist for future readers. As opposed to, say, just threading together a bunch of posts in social media.
I hope you find the things I have to say useful, or at least, entertaining. Feel free to throw virtual Shmooballs at me on the Mastodonion Fediverse (@darthnull@infosec.exchange). If you’d like to talk in more than single-sentence fragments, I’m on just about every service you can imagine. But the best way to get my attention is just to ping me (openly, or in a “not-quite-direct message”) on Mastodon. From there, we can migrate to whatever service you prefer.
You’ll almost always be able to recognize me by my avatar. I’ve been using it since the very early days of Twitter, and hearkens back to the dark ages, when I used a Gandalf-inspired username on dial-up BBSes). I’ve been using DarthNull for quite a while as well, since shortly after the Phantom Menace was released. I like to describe it as “the Dark Lord of Absolutely Nothing.” A powerful role, with a very small remit.
… the site
I’ve been playing with websites and blogs and such for quite a while now. First it was static files built from XML sources. Then I self hosted a couple sites using Drupal for a while. I eventually got tired of how complicated that was, and moved to self-hosted Wordpress, then in 2010 I moved to a Wordpress.com hosted site. Then I kind of went back to the beginning, with a static site built from simple files (that time, built using Markdown instead of XML). For a few years (2014-2017), I used a system based on Second Crack, originally built by Marco Arment. I made a few tweaks, to support a couple different taxonomy structures (lists, as well as tags), but never really went too much further with it. I also pretty much lifted the style directly from Marco’s blog – which I liked, because it was simple and straightforward… But eventually I realized it still needed some work.
Which brings us to today. I’m trying to keep the overall look simple – with a header that’s still inspired by marco.org – but with some extra features that directly threaten that simplicity. You can read everything in the “Everything” section, or you can focus on specific areas of interest. Perhaps if you’re interested in puzzles, but don’t care about the infosec community, you can just bookmark the Puzzles and Fun section of the site and ignore everything else. It’s also built using a new system - Hugo. This very quickly builds a static site, complete with home and sectional pages and tags, that I can then upload to S3 or GitHub or wherever. It natively supports multiple, arbitrary taxonomies (so I can have lists, series, tags, posts, and just anything else I like). It’s also got a pretty strong template system, which makes building out the theme much easier.
I’ve tweaked it here and there over the last few years, and at some point maybe my code will be clean enough that I can share. For now, I’m just happy that most posts end up where I want them.
The site doesn’t have comments (I never got many anyway). RSS feeds are available – most any time you can fetch a page using .html, just add /index.xml instead (for example, https://darthnull.org/index.xml for a feed of the main site, or https://darthnull.org/tags/puzzles/index.xml for a feed of posts tagged “puzzles.”)
You can also follow this blog on Mastodon. New posts will be, if I can remember, posted by @NullBits@infosec.exchange. I used to have an automated script to post to Twitter, but haven’t built that for Mastodon. I may not – having more immediate control over how the post is presented feels more important than automation, especially with the totally random frequency of my updates.

… the content
In addition to my (frequently overdue) efforts to document various crypto puzzles and contests, I try to write about things that I’ve found interesting, neat tricks I’ve discovered or built, bugs I’ve found, and occasionally some crazy ideas. I’ve added some little tweaks to the typical static blog system: in particular, support for cross-posts (local copies of posts I wrote for my employer’s site, or maybe to LinkedIn, if I ever start posting there regularly), references (so I can have a good place for talk slides, white papers, etc.), and lists (basically, special categories which serve to collect specific items together, like a list of all presentations, for example). I also added the concept of a series, a bunch of posts that together form a single, long-form topic.
You can find tags/categories, lists, series, and post types all described in detail on the Topics page.