infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[RSS] Command and Conquer Ported to the Pi Pico 2

https://hackaday.com/2025/04/06/command-and-conquer-ported-to-the-pi-pico-2/
this post | permalink
@kwayk42 @UncleDuke1969 people turned while pushing, obviously.
this post | permalink
@lethalbit cat /etc/hosts
this post | permalink
@th @babe I love the user interface! Two buttons:
1. Power
2. Destroy

#simplicity
this post | permalink
@jernej__s yup!
this post | permalink
@maldr0id or the world economy: https://www.theverge.com/news/642620/trump-tariffs-formula-ai-chatgpt-gemini-claude-grok
this post | permalink
(CVE-2025-3155) Arbitrary file read by abusing ghelp scheme

https://gitlab.gnome.org/GNOME/yelp/-/issues/221

"Yelp, the GNOME user help application, allows help documents to execute
arbitrary JavaScript. A malicious help document may exfiltrate user files
to a remote server. A malicious website may download a help document
without user intervention, then trick the user into opening a ghelp URL
that references the help document. This notably requires the attacker to
guess the filesystem path of the downloaded help document."

And we just discussed old-school .HLP exploits the other day...

#EnoughEyeballs
this post | permalink
# ./mpclient_x64 ../eicar.com 2>&1 | fgrep EngineScanCallback 

EngineScanCallback(): Threat Virus:DOS/EICAR_Test_File identified.

happy dance

this post | permalink
@wdormann also the prevalence of attacks + ease of exploits
this post | permalink
Here's me face talking about low-level #IBMi security:

@recon 2024 - Control Flow Intergrity on IBM i

https://www.youtube.com/watch?v=0uBbklP9BSE

The video also has some '90s VHS vibes to it, the writeup is still available here (minus the last temporal safety stuff):

https://silentsignal.github.io/BelowMI/
this post | permalink
Next Page