infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[RSS] Securing the Future: Changes to Internet Explorer Mode in Microsoft Edge

https://microsoftedge.github.io/edgevr/posts/Changes-to-Internet-Explorer-Mode-in-Microsoft-Edge/
this post | permalink
@Sempf Oh OK, the TCP-level DDoS protection is obviously secret sauce, so you'll end up in trial&error. My educated guess is that if you are not too aggressive with timings and do proper TCP handshakes (-sT IIRC) you should be fine, and if something triggers than suddenly all your connections will fail so -vvv and keep an eye on logs.
this post | permalink
@Sempf why on earth would you nmap a cdn? you won't see the origin ports, and even at the application layer you'd only see the proxy. there may be some L7 proxy trickery or even some TCP level magic that works, but nmap is not the right tool to test those.
this post | permalink
[RSS] In-depth analysis and deobfuscation of Zelix KlassMaster's flow obfuscation

https://github.com/LvStrnggg/zkm-flow
this post | permalink
[RSS] Hacking the Nokia Beacon 1 Router: UART, Command Injection, and Password Generation with Qiling

https://spaceraccoon.dev/nokia-beacon-router-uart-command-injection/
this post | permalink
@foolishowl @danirabbit do you have an idea why they won't use Signal? It's free and easy, but I got similar responses about installing it before, never knew why.
this post | permalink
@jautero This reminds me that the Sun isn't very hot, there's just lots of it[1] :)

I think this is a reasonable stance. What I do find unreasonable are design choices that (sorry, example again) make people shovel down megabytes of code into a client-side VM to display black on white text. I don't think this would cross anyones mind 20y ago, and not only because perf constraints. But our thinking changed at some point.

[1] https://www.youtube.com/watch?v=6tu0mIpX8nU
this post | permalink
@jautero I qouted an example and there are others in the post. Also, not even considering performance, have you ever used MS Teams and thought "hmm, that's some fine piece of software"?
this post | permalink
[RSS] Reverse Engineering Denuvo in Hogwarts Legacy

https://momo5502.com/posts/2025-10-03-reverse-engineering-denuvo-in-hogwarts-legacy/
this post | permalink
[RSS] Analyzing and Breaking Defender for Endpoint's Cloud Communication

https://labs.infoguard.ch/posts/attacking_edr_part5_vulnerabilities_in_defender_for_endpoint_communication/
this post | permalink
Next Page