infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@kimzetter Thank you! So DOGE still doesn't have the authority but lower-ranking staff basically obey their requests that don't align with cabinet secretaries or agency heads? Why don't they just go full-on Cheryll on these requests?
this post | permalink
@kimzetter I didn't say you said that. The article have this line though:

"As federal agencies, *under the direction of DOGE*, continue to fire thousands of workers"

Also I read phrases like:
- "driven out"
- "pushed out"
- "sidelined" (in the Politico article)

I'm curious how this all looks in practice, incl. what formal authority DOGE has (e.g. can they formally direct agencies to do things?). Based on previous discussions my current understanding is that DOGE has no formal power, while people with actual power (e.g. management in agencies) make dumb decisions because DOGE looked them the wrong way.

I hope I am wrong. Based on the general quality of your reporting I hope you could explain the situation better or point me to some good resource.
this post | permalink
@kimzetter could you EIL5 (or give link(s)) what DOGE specifically does to get ppl fired? AFAICT they can't make HR decisions on Pentagons behalf, right?
this post | permalink
Wow, this was fast! #OffensiveCon25 videos are up!

https://www.youtube.com/watch?v=goEb7eKj660&list=PLYvhPWR_XYJk0p40BrX7K2z-_j_tJmvhc
this post | permalink
[RSS] Telegram Gave Authorities Data on More than 20,000 Users

https://www.404media.co/telegram-gave-authorities-data-on-more-than-20-000-users/
this post | permalink
[RSS] Remembering The ISP That David Bowie Ran For Eight Years

https://hackaday.com/2025/05/19/remembering-the-isp-that-david-bowie-ran-for-eight-years/
this post | permalink
#EU reaction as Orbán is about to kill independent press and civil society in #Hungary

https://youtu.be/UIPSvIz9NDs?si=Sbe2wHqsHkqPtjm6&t=40
this post | permalink
CVE-2024-11182 also seems like a stored XSS: "attacker can send a specially crafted HTML e-mail message with JavaScript in an img tag" - The '90s called and they want their webmail bugs back!!

RE: https://mastodon.social/@cisakevtracker/114535806650652126
this post | permalink
I found that CVE-2024-27443 doesn't qualify for XSS Reflections as it seems to be a stored XSS. Pretty neat vuln though!

https://github.com/v-p-b/xss-reflections

RE: https://mastodon.social/@cisakevtracker/114535804613431399
this post | permalink
@cR0w I wish I was ignorant enough to think these are exaggerations...
this post | permalink
Next Page