infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

I updated my MC-NBFX serializer (of WCF's NetTcpBinding fame) for comatibility with the latest @kaitai release:

https://github.com/v-p-b/nbfx/commit/bb588dec57e0dfee6db389de70235d9693ea6d6a

It turned out that the release introduced mandatory consistency `_check()`s for serialization (see Release Notes) that force you to take additional hurdles during development, but unit tests paid dividends as I emphasized in the announcement post:

https://blog.silentsignal.eu/2024/10/28/wcf-net.tcp-pentest/

#pentest #UnitTesting
this post | permalink
I'm looking for a graphics person to turn a portrait into a single color vector image (and possibly a few other tweaks) for later open publication.

DM me if you are interested!

#FediHire #Inkscape #Illustrator #Graphics
this post | permalink
[RSS] Another AI slop story: ChatGPT vs. Human

https://joshua.hu/ai-slop-story-nginx-leaking-dns-chatgpt

This is actually a description of a neat infoleak involving Nginx DNS caching, blue team over-reliance on LLMs is bonus.
this post | permalink
"You should be able to talk to your PC"[1]

^ This is a fundamental misunderstanding that reminds me (again) of one of my favorite failed experiments of '90s internet: the online 3D shopping center.[2]

C-levels of the time spared no expense to build a complete VRML model of a shoping center in the browser, where you could walk around, take the escalator for a better view on the virtual fountain or even rent a virtual space for your goods.

What the inventors didn't understand is that of course people don't go to the mall to use the escalator, but to buy stuff.

Online banking, shopping, etc. became popular even over phone-based services because people realized that clicking on stuff is more effective than talking (and walking).

Chatbots are the 3D escalators of todays technology.

[1] https://www.theverge.com/report/822443/microsoft-windows-copilot-vision-ai-assistant-pc-voice-controls-impressions
[2] https://web.archive.org/web/20070610120220/https://index.hu/tech/net/plaza0607/
this post | permalink
I completely missed that @kaitai v0.11 was finally released with serialization support:

https://kaitai.io/news/2025/09/07/kaitai-struct-v0.11-released.html

This is huge and it's great to see that @nlnet money goes to the right places!
this post | permalink
[RSS] DeXRAY v2.36

https://www.hexacorn.com/blog/2025/12/03/dexray-v2-36/
this post | permalink
This PoC looks convincing enough (I didn't test though!):

https://github.com/msanft/CVE-2025-55182

CVE-2025-55182
this post | permalink
@synnfynn FTR this was it: https://unix.stackexchange.com/questions/503111/group-permissions-for-root-not-working-in-tmp/503169#503169
this post | permalink
@synnfynn nah, no SELinux, and with a brilliant move I now just log to the console :)
this post | permalink
I'm writing this network thing and there are always problems that you only recognize during implementation - this is why it's so enlightening to implement stuff.

What I didn't expect is getting stuck because I can't write to a damn log file as root...
this post | permalink
Next Page