I'm David Llewellyn-Jones and this is my homepage. I'm a researcher in computer security who's also interested in programming and graphics. You might be interested in my research, my software or my random musings.

Want to know more about me? Here's a personality sketch written by a psychologist when I was in school.

“David is of high intelligence, although lacking in true creativity. He has a need for order and clarity, and for neat and tidy systems in which every detail finds its appropriate place. His writing is rather dull and mechanical, occasionally enlivened by somewhat corny puns and by flashes of imagination of the sci-fi type. He has a strong drive for competence. He seems to have little feel and little sympathy for other people and does not enjoy interacting with others. Self-centered, he nonetheless has a deep moral sense.”

Wow. Harsh. But disturbingly accurate.

Control panel:
Site style Disable animation Full width

RSS feed Constantia server Cambridge University Deviant Art Shapeways LinkedIn Twitter Launchpad SourceForge GitLab GitHub PGP Public Key Email


1 Feb 2017 : My certificates have been revoked! #
I discovered yesterday that Mozilla have revoked the StartCom root certificate in Firefox. How did I discover this? After an update to Firefox 51 I find my own website now fails to load, giving a certificate error instead. Admittedly StartCom's service is free, but it would have been nice to be warned by someone.
So while I've enjoyed StartCom's service for many years, it looks like I'll be moving to Let's Encrypt. Which would be fine if I hadn't put certificate pinning on my site, which will prevents the new cert from being accepted for 30 days. I guess that's what happens if you try to be too cocky with security on a budget!
9 Dec 2016 : Cracking PwdHash #
The paper Graham Rymer and I wrote for Passwords 2016 on Cracking PwdHash is now available on my publications page. Check out the blog post about it for a bit more details.
8 Dec 2016 : Deck the Halls! #
Christmas is in 17 days, which is only just slightly beyond tomorrow. The temperature today is 10 degrees C, so snow is imminent. Time for Christmas decorations to go up and snow to fall down on the site. Tidings of the season to everyone!
20 Nov 2016 : Certificate ROL 1 #
The TLS cert on my home server was approaching expiration, and in previous years I've been caught out (on one occasion I was left generating certificates on Christmas day!), so I decided to do it early this year. It's got a lot more complex with certificate pinning. I can't just generate a new certificate and use it, but must now maintain multiple simultaneously shifting them all one to the left each year. It needs much more careful planning, given I'm more than capable of forgetting everything from one year to the next. Still, I'm happy to say it's now all done for another few years, and with an A+ rating from SSL Labs no less.
16 Oct 2016 : Fixing snap apps with relocatable DATADIRS #
Playing around with the new snap packaging format, I came up against this DATADIR issue. Of all the many ways to get around it, here's the approach I took for functy.