infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@embedding_shapes @rickoooooo nix-shell works though, leaving you with tasks that are too complex for that but don't justify a container. Now I'm sure that can be a deal-breaker too, but it's worth keeping in mind that there is room for ad-hoc tasks.
this post | permalink
@rislandr I had an account, forgot the pw, couldn't reregister the last time I tried...
this post | permalink
@hanno I'm bringing this up exactly because when CVSS will be assigned it will either show 0.0 or some really weird non-sense. The former would be likely a better, but still misleading scenario,. My bet is on MITRE publishing some non-sense though.
this post | permalink
@hanno Not saying it's not a vulnerability but I think you won't be able to score this with CVSS that would make CVE registration weird.
this post | permalink
@bert_hubert @signalapp This is exactly why I think sharing some actual unmet requirements would be a good idea.

(FTR I was told they also used GCP as a fallback which apparently didn't work too well)
this post | permalink
Thinking back to last year I remembered the us-east-1 outage, how it affected Signal and how the some of the users freaked out that they have to rely on US hyperscalers.

Wouldn't it be useful if @signalapp (and maybe similar providers) published their infra requirements with little crosses and ticks, so alternative providers could aim for "good enough for Signal" service levels?

Related article by @bert_hubert :

https://berthub.eu/articles/posts/the-european-cloud-ladder/
this post | permalink
[RSS] Reverse Engineering the Miele Diagnostic Interface

https://medusalix.github.io/posts/miele-interface/
this post | permalink
[RSS] Understanding and mitigating a stack overflow in [Raymond Chen's custom] task sequencer

https://devblogs.microsoft.com/oldnewthing/20251231-00/?p=111950

C++ coroutine debugging
this post | permalink
[RSS] Detect Go's silent arithmetic bugs with go-panikint

https://blog.trailofbits.com/2025/12/31/detect-gos-silent-arithmetic-bugs-with-go-panikint/
this post | permalink
The Normalization of Deviance in AI

https://embracethered.com/blog/posts/2025/the-normalization-of-deviance-in-ai/
this post | permalink
Next Page