infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[RSS] Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices

https://www.evilsocket.net/2026/04/02/Mongoose-Preauth-Remote-Code-Execution-and-mTLS-Bypass/
this post | permalink
[RSS] Review of AzireVPN and Malwarebytes Privacy VPN

https://x41-dsec.de/security/research/news/2026/04/02/malwarebytes/
this post | permalink
@jdonoghue Exactly, see my other replies in the thread!
this post | permalink
@troed This may be it, thanks! Still, a shortsighted stance a and a very badly phrased sentence.
this post | permalink
@twomikecharlie OK this sounds plausible, but I find it hard to come to this conclusion (or any) from the original sentence. Esp. because the "only sane way to stay safe" part is simply false (see supply chain issues, breaking changes, etc.).
this post | permalink
@twomikecharlie But CVEs have very little to do with exploits. Also, there is a whole range of perfectly valid strategies to manage risk from vulns (see my 2nd post in the thread).

I'm all for fixing all vulns, but reality just doesn't work like that and I don't see how the problem statement (some vulns are becoming easier to discover) would affect this.
this post | permalink
1) "people will finally understand that security bugs are bugs" - Tautology?
2) "the only sane way to stay safe is to periodically update" - What about attack surface reduction? Risk based mitigations? How does this assertion relate to 1)?
3) "without focusing on 'CVE-xxx'" - CVEs are useful to find information to implement appropriate controls (see 2)). Unless of course the CNA spams the database with useless data....
this post | permalink
'people will finally understand that security bugs are bugs, and that the only sane way to stay safe is to periodically update, without focusing on "CVE-xxx"'

Anyone care to explain the logical flow of this sentence? o.O

https://lwn.net/Articles/1065620/

#Linux #LLM
this post | permalink
Is it just me or this photo is also a great capture of a toddlers view on their first introduction to the potty? :D

https://www.space.com/space-exploration/artemis/theres-a-bit-of-toilet-trouble-on-nasas-artemis-2-mission-to-the-moon
this post | permalink
@jcoglan The general view is that most code doesn't have to be good at all, it just needs to be written.
this post | permalink
Next Page