infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@Jarek Found it at Akamai, thanks: https://techdocs.akamai.com/origin-ip-acl/docs/recommendations-and-caveats

For the sake of my sanity I'd rather not use Azure for anything 😅
this post | permalink
Is Cloudflare really the only CDN provider that supports #IPv6 to the origin servers? (CloudFront and Fastly don't)

https://blog.cloudflare.com/amazon-2bn-ipv4-tax-how-avoid-paying/

#CunninghamsLaw
this post | permalink
[RSS] NIST says exploited vulnerability backlog cleared but end-of-year goal for full list unlikely

https://therecord.media/nist-vulnerability-backlog-cleared-cisa
this post | permalink
[RSS] Arc Browser UXSS, Local File Read, Arbitrary File Creation and Path Traversal to RCE

https://medium.com/@renwa/arc-browser-uxss-local-file-read-arbitrary-file-creation-and-path-traversal-to-rce-b439f2a299d1?source=rss-3f8ae70e3957------2
this post | permalink
@da_667 9 out of 10 dentists say yes!
this post | permalink
#Xen Security Advisory 464 v2 (CVE-2024-45819) - libxl leaks data to PVH guests via ACPI tables

https://seclists.org/oss-sec/2024/q4/80
this post | permalink
@algernon Great to hear that! I really don't want to be that security who says "no." to everything: sometimes a full-blown embedded programming language has its place, we just have to be aware of the risks we're taking.
this post | permalink
@marcan Slightly related: https://devblogs.microsoft.com/oldnewthing/20241112-00/?p=110507
this post | permalink
@algernon I don't mean to criticize this decision, but I think you may enjoy this related talk about "cheap complexity":

https://securityboulevard.com/2018/06/cycon-2018-thomas-dulliens-security-moores-law-and-the-anomaly-of-cheap-complexity/
this post | permalink
[RSS] [Microsoft] Toward greater transparency: Publishing machine-readable CSAF files

https://msrc.microsoft.com/blog/2024/11/toward-greater-transparency-publishing-machine-readable-csaf-files/
this post | permalink
Next Page