infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

Note to self: if you think extensions will be sufficient to distinguish between files in a directory, start reorganizing into subdirectories
this post | permalink
Common PKCS#7 / CMS parsing issues in OpenSSL, WolfSSL, Bouncy Castle, & GnuPG

https://blog.calif.io/p/how-to-format-a-ciphertext

From this oss-sec thread:
https://seclists.org/oss-sec/2026/q2/1000

CVE-2026-34182 CVE-2026-5500
this post | permalink
This is a fun one :)

[CVE-2026-50160] Hoppscotch: Unauthenticated JWT Secret Overwrite

https://seclists.org/oss-sec/2026/q2/1007

"The POST /v1/onboarding/config endpoint allows an unauthenticated attacker to inject arbitrary InfraConfig keys including JWT_SECRET and SESSION_SECRET"
this post | permalink
First, cookie banners are not "perceived as excessive EU regulation", but as bad and unenforcable (unenforced?) regulation. There is a difference!

"the tracking industry is so terrified of consumers being able to simply say ‘no’ that, after a bit of lobbying, everyone gives in." -> if you expect the corporations to behave irrationally (i.e. not lobbying for their interests), you are going to have a bad time - as demonstrated by cookie banners. Why not put pressure on those in the EU who were bought by Google and Meta?

@noybeu

RE: https://mastodon.social/@noybeu/116798116428582650
this post | permalink
I'm sorry.
this post | permalink
[RSS] Apple Container Internal[s]

https://u1f383.github.io/container/2026/06/23/Apple-Container-Internal.html
this post | permalink
[RSS] Out of Shift: How a Shared State Bug in V8's AsmJS Parser Broke the Ubercage

https://blog.exodusintel.com/2026/06/22/out-of-shift-how-a-shared-state-bug-in-v8s-asmjs-parser-broke-the-ubercage/
this post | permalink
I read a story about how Hungary's first semiconductor plant burned down, and how lucky the city population was as the dangerous chemicals (SiH2Cl2 was mentioned) were blown by the wind toward uninhibited areas.

https://telex.hu/g7/vallalat/2026/05/24/katasztrofa-tanulsagok-mikroelektronikai-vallalat-felvezetogyarto-uzem-40-ev

Completely unrelated to recent events I wonder if such chemicals are still in use in similar plants?
this post | permalink
[RSS] Hacking fun with zip-slips, tar-slips, symlinks, hardlinks, collisions, and more

https://joshua.hu/tarslip-zipslip-symlink-hardlink-generator
this post | permalink
[RSS] Snowboard Kids 2 is Recompiled

http://blog.chrislewis.au/snowboard-kids-2-is-recompiled/
this post | permalink
Next Page