infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[RSS] Security Bulletin: IBM i is vulnerable to a user gaining elevated privileges due to an unqualified library call [CVE-2024-55898].

https://www.ibm.com/support/pages/node/7183835?myns=swgother&mynp=OCSWG60&mynp=OCSSB23CE&mynp=OCSSTS2D&mynp=OCSSC5L9&mynp=OCSS9QQS&mync=A&cm_sp=swgother-_-OCSWG60-OCSSB23CE-OCSSTS2D-OCSSC5L9-OCSS9QQS-_-A
this post | permalink
[RSS] Pluralistic: Ad-tech targeting is an existential threat

https://pluralistic.net/2025/02/20/privacy-first-second-third/
this post | permalink
@4Dgifts "Von Neumann himself attributed his generation's success to 'a coincidence of some cultural factors' that produced 'a feeling of extreme insecurity in the individuals, and the necessity to produce the unusual or face extinction'" (The Man from the Future, the Visionary Ideas of John von Neumann, quoting from Stanislaw Ulam's Andventures of a Mathematician)
this post | permalink
Writing a #Ghidra processor module

https://irisc-research-syndicate.github.io/2025/02/14/writing-a-ghidra-processor-module/?ref=blog.exploits.club

"In this article we will create a Ghidra processor module for the iRISC processors, these processors are embedded in the ConnectX series of NICs from NVIDIA/Mellanox."

Not a beginners tutorial, as it skims over many important steps and details, but still good to have more of these as there's always a trick or two to learn.
this post | permalink
PostgreSQL 17.4, 16.8, 15.12, 14.17, and 13.20 Released

https://www.postgresql.org/about/news/postgresql-174-168-1512-1417-and-1320-released-3018/

This fixes a regression introduced by the latest vulnerability fix:

"The fix for CVE-2025-1094 caused the quoting functions to not honor their string length parameters and, in some cases, cause crashes."
this post | permalink
CVE 2025-26794 - SQL injection in Exim

https://exim.org/static/doc/security/CVE-2025-26794.txt

Configs using SQLite may be vulnerable.
this post | permalink
[RSS] LSA Secrets: revisiting secretsdump

https://www.synacktiv.com/en/publications/lsa-secrets-revisiting-secretsdump
this post | permalink
@dey OK it says "network debugging is supported" then lists no compatible NIC's :D
this post | permalink
It's so cold outside my balls are freezing off, yet the sun is shining so bright I can't read my screen because the wall behind it is white.

I could really use some climate change rn...
this post | permalink
@dey problem is COM ports don't show up at all, independently from the debugger setup. kdnet NIC diagnostics seem useful though!
this post | permalink
Next Page