infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[RSS] Linux Kernel Runtime Guard (LKRG) 1.0 first mature release + talk slides

https://www.openwall.com/presentations/NullconBerlin2025-LKRG/
this post | permalink
@caspicat @jackwilliambell @timbray "only upgrade occasionally, *or when security fixes land*"
this post | permalink
@inthehands @timbray my first thought too, but if electron is compromised obsidian would not be among our primary concerns (esp. because according to this policy they would likely not update before the incident is noticed). So I think electron is more of an attack surface problem than a supply chain one.
this post | permalink
Fun little #iPhone #privacy leaks by my former teammate Máté:

1) Locked iPhone Arbitrary Phone Call
https://szilak.com/2025-09-18-locked-iphone-arbitrary-number-call.html

2) Locked iPhone Saved Contact Confirmation
https://szilak.com/2025-09-18-locked-iphone-contact-brute-force.html
this post | permalink
[RSS] Project Rain:L1TF

https://bughunters.google.com/blog/4684191115575296/project-rain-l1tf

"a detailed overview of the L1TF vulnerability, a CPU vulnerability on some Intel CPUs (Skylake and older)"
this post | permalink
[RSS] Worst Clock Ever Teaches You QR Codes

https://hackaday.com/2025/09/18/worst-clock-ever-teaches-you-qr-codes/
this post | permalink
[RSS] exploits.club Weekly Newsletter 86 - KSMBD 0Clicks, Apple Ends Memory Corruption, Mini-Kernels in Zig, And More

https://blog.exploits.club/exploits-club-weekly-newsletter-86-ksmbd-0clicks-apple-ends-memory-corruption-mini-kernels-in-zig-and-more/
this post | permalink
[RSS] Beyond Sandbox Domains: Rendering Untrusted Web Content with SafeContentFrame

https://bughunters.google.com/blog/6715529872080896/beyond-sandbox-domains-rendering-untrusted-web-content-with-safecontentframe
this post | permalink
[RSS] R.E.L.I.V.E. -- open-source re-implementation of Oddworld: Abe's Exoddus and Oddworld: Abe's Oddysee

https://aliveteam.github.io/
this post | permalink
Checking on the website of our local #library and found that there is a dedicated status for orders where "all instances of the document *disappeared* and the librarian sees no good chance that they will be found in the foreseeable future".

I mean, you had one job!

Edit: can't wait for my bank to introduce the "sorry bro, we blew that money on coke" status :D
this post | permalink
Next Page