infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

I could not find an existing phrase so I'm inventing a new one:

"Yes Man Design" is the principle of implementing a system so it always reports desired results and hides any errors. This often serves to achieve faster adoption than competing, more honest designs, forcing out alternatives.

I use the #LLM tag for no particular reason.
this post | permalink
@tychotithonus did they start supporting normal webauthn without passkeys again??
this post | permalink
[RSS] RCE and arbitrary file write in Vitess vtbackup via untrusted MANIFEST fields

https://neurowinter.com/security/2026/05/18/RCE-and-arbitrary-file-write-in-Vitess-vtbackup-via-untrusted-MANIFEST-fields/
this post | permalink
@algernon wow, this is unusually stupid, esp. if we consider: https://www.schneier.com/blog/archives/2026/02/llms-generate-predictable-passwords.html
this post | permalink
[RSS] Pen & paper quantum computing

https://bfswa.substack.com/p/pen-and-paper-quantum-computing
this post | permalink
[RSS] SeppMail Secure E-Mail Gateway: Critical RCE and LFI Vulnerabilities

https://labs.infoguard.ch/posts/seppmail_secure_e-mail_gateway_rce_vulnerabilities_cve-2026-2743_cve-2026-7864_cve-2026-44127_cve-2026-44128/
this post | permalink
[RSS] The Biometric AuthToken Heist: Cracking PINs and Bypassing CE via a Long-Ignored Attack Surface

https://www.darknavy.org/blog/the_biometric_authtoken_heist/
this post | permalink
[RSS] Instrumenting QT6 desktop apps with Frida - Part 1

https://blog.samanl33t.com/writings/0x0003-frida-on-qt6-part-1/
this post | permalink
[RSS] Hack the Elephant One Bite at a Time: JPEG-Related Memory-Safety Bugs in PHP

https://swarm.ptsecurity.com/hack-the-elephant-one-bite-at-a-time-jpeg-related-memory-safety-bugs-in-php/
this post | permalink
Deep dive into the Object creation flow in Windows

Part 1 - Allocation & Pre-Initialization
https://winware31.blogspot.com/2026/04/deep-dive-into-object-creation-flow-in.html

Part 2 - Access check internals
https://winware31.blogspot.com/2026/05/deep-dive-into-object-creation-flow-in.html

Part 3 - Post-Initialization & Name Lookup
https://winware31.blogspot.com/2026/05/deep-dive-into-object-creation-flow-in_0798478475.html
this post | permalink
Next Page