infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

#ICS #OT crowd: I'm looking for "Production Line Design for Dummies"-type resources. I'm primarily interested in high-level best practices, rules of thumb for making industrial processes work reliably, ELI5 level is sufficient. Let's say I want to build a lemonade factory for my teddy bear!

Any recommendations?
this post | permalink
@stf You mean the solution for the Strait of Hormuz is banning you from CrowdSupply? :)
this post | permalink
@cynicalsecurity TBH I first learned about SSH certs from Facebook of all things:

https://engineering.fb.com/2016/09/12/security/scalable-and-secure-access-with-ssh/

@jpmens
this post | permalink
@cynicalsecurity @jpmens My former company still uses SSH certs. From top of my head:

- auditable root access without su/sudo
- expiration (no left over access)
- user restrictions bound to certs (instead of server config)

+ human user priv keys were HW bound

https://github.com/silentsignal/zsca
this post | permalink
There is currently an insane spy thriller running in #Hungary ICYMI:

https://www.direkt36.hu/en/titkosszolgalati-nyomasra-tortent-hazkutatas-a-tiszat-segito-informatikusoknal-aztan-kibukott-egy-gyanus-muvelet-a-part-ellen/

A 90min interview with the whistleblower was released too that reveals even more pieces of the puzzle. The whole thing screams for a movie (and long prison sentences).
this post | permalink
[RSS] Quick notes on KERNSEAL

https://dustri.org/b/quick-notes-on-kernseal.html

#Linux #PaX
this post | permalink
Who would win: the Balrog or Yoda?
this post | permalink
@mttaggart Plus the store-now-decrypt-later threat model is not really affected by the time of the first practical quantum attack (you just store more data). I think the original announcement is more about the good rate of pqc adoption rather than q-computing breakthroughs...
this post | permalink
@lcamtuf May I recommend the best act of Steve Martin https://www.youtube.com/watch?v=YoWom0CCRKM
this post | permalink
[un]prompted 2026 conference videos

https://www.youtube.com/playlist?list=PLjmt1tu85IhAiVPugOjP-7Cy0Oemi3m7z
this post | permalink
Next Page