infosex.exchange <3
You are probably looking for the infosec.exchange Mastodon instance
This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.
Discoverability and Archiving
Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.
Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.
Gluttony Section for Search Engines
[oss-security] CVE-2025-48734: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
https://www.openwall.com/lists/oss-security/2025/05/28/6I wonder if the now restricted behavior is useful for
#deserialization gadgets (I couldn't find references to declaredClass abuse, but haven't finished my coffee yet either...)?
@keenancrane I wanted to mention those piggies, glad this design was not lost in time (had think really hard where I saw a similar concept, and it was about 25 years ago) :)
@mttaggart Also, write-only syntax choices that e.g. require counting different kinds of brackets with your fingers...
"[Qualys] discovered a vulnerability in apport [...], and a similar vulnerability in systemd-coredump [...]: a race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump"
https://www.openwall.com/lists/oss-security/2025/05/29/3CVE-2025-5054 CVE-2025-4598
Next Page