infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

I think it was @david_chisnall who pointed out earlier that coding LLM's will become much less useful when we stop doing (expensive) training to keep up with breaking changes in API's.

Well, I just spent two hours trying to fix some code that was buggy because the API changed less than a year ago and came to the decision of reading the F manual and write that 200 LoC myself.

(to be fair, I think this would work if the LLM had access to a complier and runtime)
this post | permalink
[RSS] The October 2025 Security Update Review [by ZDI]

https://www.thezdi.com/blog/2025/10/14/the-october-2025-security-update-review
this post | permalink
Give this guy a Nobel Prize (any field would do)

https://www.youtube.com/watch?v=z-8JELUcjMM
this post | permalink
[RSS] Oops! It's a kernel stack use-after-free: Exploiting NVIDIA's GPU Linux drivers

http://blog.quarkslab.com/nvidia_gpu_kernel_vmalloc_exploit.html
this post | permalink
ChkTag: x86 Memory Safety

https://community.intel.com/t5/Blogs/Tech-Innovation/open-intel/ChkTag-x86-Memory-Safety/post/1721490
this post | permalink
Modern iOS Security Features – A Deep Dive into SPTM, TXM, and Exclaves

https://arxiv.org/pdf/2510.09272

#fromTwitter
this post | permalink
@sassdawe and state of the art EDRs like CrowdStrike! :)
this post | permalink
@Downwithdan https://www.youtube.com/watch?v=eMJk4y9NGvE
this post | permalink
[RSS] Securing the Future: Changes to Internet Explorer Mode in Microsoft Edge

https://microsoftedge.github.io/edgevr/posts/Changes-to-Internet-Explorer-Mode-in-Microsoft-Edge/
this post | permalink
@Sempf Oh OK, the TCP-level DDoS protection is obviously secret sauce, so you'll end up in trial&error. My educated guess is that if you are not too aggressive with timings and do proper TCP handshakes (-sT IIRC) you should be fine, and if something triggers than suddenly all your connections will fail so -vvv and keep an eye on logs.
this post | permalink
Next Page