infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

windbg.info is down :(
this post | permalink
I'm listening to this set with the smell of the light Summer rain coming in and I really feel like going to the main stage bar for a morning beer and maybe some dancing to move my body a bit...

https://soundcloud.com/bassiani/bassiani-invites-luigi-tozzi-live-podcast-280

...then I realize I'm sitting in the office waiting for some VMs to boot :P
this post | permalink
@0xabad1dea I've heard that putting grids over illegal content was a common practice to avoid automated filtering. With this incident in mind bad actors can move on to deliberate dataset poisoning (assuming the raising FP rate was accidental this time) :(
this post | permalink
Januscape: Guest-to-Host Escape in KVM/x86

https://github.com/V4bel/Januscape

CVE-2026-53359
this post | permalink
[RSS] Hack the Elephant One Bite at a Time: NUL byte SQL Injection in pdo_firebird and NULL Pointer Dereference in PDO via pdo_pgsql

https://swarm.ptsecurity.com/hack-the-elephant-one-bite-at-a-time-nul-byte-sql-injection-in-pdo_firebird-and-null-pointer-dereference-in-pdo-pgsql/
this post | permalink
Does anyone happen to know the algorithm for history retrieval in #Windows cmd.exe?

After *nix it feels like it was designed by a madman, although I'm sure there's some logic to it that I fail to appreciate.
this post | permalink
Speaking of missed opportunities and bad design in development: why do we still have this ritual of updating hardcoded absolute include paths in VS project files in 2026?
this post | permalink
[RSS] If you're a button, you have one job

https://unsung.aresluna.org/if-youre-a-button-you-have-one-job

TIL about situational disability, it explains so many annoyances!
this post | permalink
/cc @joxean
this post | permalink
@stiiin @gsuberland True, although I doubt many ppl spent considerable time on exploitation as the code never got to a release. A "likely exploitable" classification by P0 is also a strong indicator of impact IMO.
this post | permalink
Next Page