infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

This comic needed an update
this post | permalink
@timb_machine What kind of information do you hope to extract from this? KEV data is incomplete, CVE data is extremely noisy and incomplete.
this post | permalink
Thanks to
@jasminecarter.bsky.social
my cumulative complexity calculator for #Ghidra now has a cute logo:

https://github.com/v-p-b/rabbithole
this post | permalink
@obivan There is a lot of nuance to consider with these results, incl. feasibility with other models (I'm willing to believe it's doable). But e.g. the FP problem doesn't seem at all that limiting as some suggest and some of the results (with Mythos&others) are very hard to ignore as a vulnerability researcher.
this post | permalink
Fair criticism of the latest @Bellingcat piece about leaked .gov.hu credentials (HU, use your favorite translator):

https://kiber.blog.hu/2026/04/09/tobb_szaz_magyar_kormanyzati_jelszo_kerult_ki_az_internetre_ja_de_mikor

There is *a lot* to report about in Hungarian politics/natsec, but digging up old credential dumps just misdirects attention and discredits relevant investigative work.
this post | permalink
Unfortunately many skeptical takes on #Mythos / #Glasswing remind me of Gell-Mann amnesia:

https://en.wiktionary.org/wiki/Gell-Mann_Amnesia_effect

Every #LLM company and claim deserves ruthless skepticism, but arguments based on falsehoods and misunderstandings don't lead us forward.

Watching this talk is recommended:

https://www.youtube.com/watch?v=1sd26pWhfmg
this post | permalink
@greg @gsuberland @weirdunits
this post | permalink
@greg @weirdunits @gsuberland Have you seen this series: https://www.youtube.com/watch?v=kkfIXUjkYqE ? (I'm so glad someone finally called out kWh!)
this post | permalink
[RSS] Standardizing Rewards in Google VRP: Introducing Information Tiers and Action Criticality

https://bughunters.google.com/blog/standardizing-rewards-in-google-vrp
this post | permalink
@me no it just seems that since Linux package managers overwrite its binaries Firefox refuses to open new tabs until it is restarted which is quite frustrating when you are in the middle of something (esp. if you are also in private mode so your tabs/sessions can't be restored).

recommendation is to use Mozilla's distribution+update mechanism to keep the browser up-to-date.
this post | permalink
Next Page