infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

After some unexpectedly painful test&debug sessions I'm publishing my #REshare exporter for #BinaryNinja:

https://github.com/v-p-b/reshare-ninja

Sine Binary Ninja supports importing Ghidra projects, technically there is now a conversion path between three major #ReverseEngineering frameworks, but of course I plan to create a REshare importer as well.

Note that there are certainly a *lot* of edge-cases that are not properly handled yet - issues and PRs are welcome as always!
this post | permalink
@david_chisnall While I mostly share your views, as a (former) red teamer I have to tell you that endpoint protection is a massive PITA during initial access. They can always be circumvented of course, but a major pain point is that you (as an attacker) can't test the exact configuration that your target(s) run, esp. with cloud analysis that changes by the minute. (A related concept is binary reputation, that will immediately flag unique binaries).

Click Fix and similar, convoluted attacker techniques have evolved exactly because you can't simply deliver malicious executable code to the target environment these days.
this post | permalink
I know my opinion matters a lot to your webshop, and I'd happily provide it if you didn't require me to:

- spend more than 30s
- answer trick questions
- write essays
- give out my PII
this post | permalink
@rikviergever I know it's a weird thing to ask, but you should create a LinkedIn post about this, as most relevant people are over there. I'd be happy to share too to my many bank IT peers (if the damn thing allows me to log in...).
this post | permalink
I said it before: scale matters, even for digital/intellectual property.

"Careless big-time users are treating FOSS repos like content delivery networks"

https://www.theregister.com/2026/02/28/open_source_opinion/

Illustrative joke:

Little girl: Ice cream man, how much is for an empty cone?
Ice cream man: Oh I'll give that to you for free :)
Little girl: Great, then I'll have 5000 empty cones!

Of course, LLMs are another example of this phenomenon.
this post | permalink
Tired me: shit my code doesn't handle this special case, how could I be so stupid?

Me after sleep: The code actually handles the special case, I just commented out the relevant part for some reason...

Also #ProTip: Always `git status` after getting back to your after some time
this post | permalink
@airwhale @Natasha_Jay @Allinrep I kind of want one...
this post | permalink
[RSS] Total Recall - Retracing Your Steps Back to NT AUTHORITY @MDSecLabs

https://www.mdsec.co.uk/2026/02/total-recall-retracing-your-steps-back-to-nt-authoritysystem/
this post | permalink
@mwichary /cc @airwhale
this post | permalink
@tmr232

"- Didn't you have ads in the 20th century?

- Well, sure, but not in our commit messages. Only on TV and radio. And in magazines and movies and at ball games, on buses and milk cartons and T-shirts and bananas and written on the sky. But not in commit messages. No, sir-ee!"
this post | permalink
Next Page