infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

"Employees are using AI tools to create low-effort, passable looking work that ends up creating more work for their coworkers.[...] it shifts the burden of the work downstream, requiring the receiver to interpret, correct, or redo the work. In other words, it transfers the effort from creator to receiver"

Good to see this finally phrased out!

https://hbr.org/2025/09/ai-generated-workslop-is-destroying-productivity
this post | permalink
[RSS] Exploring GrapheneOS secure allocator: Hardened Malloc

https://www.synacktiv.com/en/publications/exploring-grapheneos-secure-allocator-hardened-malloc.html
this post | permalink
Ozzy Man (~6M subs) features Doom hacks (starting around 3:10):

https://www.youtube.com/watch?v=34o23CHh7bo
this post | permalink
@caspicat gotcha! That's an interesting Q that deserves more discussion for sure.
this post | permalink
[RSS] Linux Kernel Runtime Guard (LKRG) 1.0 first mature release + talk slides

https://www.openwall.com/presentations/NullconBerlin2025-LKRG/
this post | permalink
@caspicat @jackwilliambell @timbray "only upgrade occasionally, *or when security fixes land*"
this post | permalink
@inthehands @timbray my first thought too, but if electron is compromised obsidian would not be among our primary concerns (esp. because according to this policy they would likely not update before the incident is noticed). So I think electron is more of an attack surface problem than a supply chain one.
this post | permalink
Fun little #iPhone #privacy leaks by my former teammate Máté:

1) Locked iPhone Arbitrary Phone Call
https://szilak.com/2025-09-18-locked-iphone-arbitrary-number-call.html

2) Locked iPhone Saved Contact Confirmation
https://szilak.com/2025-09-18-locked-iphone-contact-brute-force.html
this post | permalink
[RSS] Project Rain:L1TF

https://bughunters.google.com/blog/4684191115575296/project-rain-l1tf

"a detailed overview of the L1TF vulnerability, a CPU vulnerability on some Intel CPUs (Skylake and older)"
this post | permalink
[RSS] Worst Clock Ever Teaches You QR Codes

https://hackaday.com/2025/09/18/worst-clock-ever-teaches-you-qr-codes/
this post | permalink
Next Page