This is my formal response to variations of the question, Why do you always link to paragonie.com in your technical discussions? which some people have asked (or implied while accusing me of being up to no good).
The short answer is because I always try link to the most relevant answer I can provide to a specific technical question, and the most relevant way to introduce a point I'm about to make is usually a blog post that I've already written.
But more importantly, I stand by everything written on that website. If a blog post doesn't line up with my current understanding of security engineering, cryptography, and the art/science of web development in PHP, I'll go back and change the post to keep it in line with new information.
Many of the blog points explain, in significant detail, a technical matter that I don't feel like reiterating every time someone is about to make the same mistake that the community has already learned from.
Typically, when someone makes this accusation, they imply that I'm only interested in self-promotion. But...
P.I.E. has no advertisements! We don't make a dime from you reading our blog.
Furthermore, the number of clients we've gotten from my freely giving the community better security advice than what's available is currently zero.
Spam is usually done for a purpose, and most often that purpose is profit.
We're literally losing money (as a consequence of less demand for our services by improving the quality of code in the PHP ecosystem) here, and people still accuse of nefarious and selfish intentions.
If you're wondering, "Why do you bother then?" it's simply because we believe in acting responsibly to benefit the community we thrive in. If you're a developer, we literally have nothing to sell you, unless you're the decision-maker for a business needing security expertise that you don't have the staff for. (Then we should talk.)
Every time a developer learns to secure their applications, the needle moves away from the current state of affairs, where the same vulnerabilities crop up year after year, even though the fix for them is known.
That said, if I've ever linked to something on paragonie that wasn't adequately relevant and useful to the topic at hand, please let me know and I'll remove the link or find a more appropriate one.