infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

getting things merged into Ghidra

RE: https://chaos.social/@weirdunits/115937461017927780
this post | permalink
@mttaggart @gdupont This whole thing reminds of kids playing war games on the playground. they are playing "revolution" now. they heard revolutions need constitutions, and they happen to have these text writing toys and potato stamps so they worked *really* hard to produce a "constitution" that they can show their shareho^W parents and the enemy kids over at the sandbox.
this post | permalink
@lazyb0y ...until you try to touch it :)
this post | permalink
@raptor This guy is out of this world
this post | permalink
[RSS] X41 Audited Mullvad VPN AB API

https://x41-dsec.de/security/research/news/2026/01/20/mullvad/
this post | permalink
[RSS] Windows Internals: Check Your Privilege - The Curious Case of ETW's SecurityTrace Flag

https://connormcgarr.github.io/securitytrace-etw-ppl/
this post | permalink
[reddit] Possible new SSO Exploit (CVE-2025-59718) on 7.4.9?

https://www.reddit.com/r/fortinet/comments/1qibdcb/possible_new_sso_exploit_cve202559718_on_749/

/via @Hetti

#Fortinet
this post | permalink
I feel I have this instinct to feed programs data that they won't be able to handle.

Unfortunately this is mostly true for tools I'd like to use, not targets I review.
this post | permalink
Humble request for vibe-coders: report your runtime errors!

LLM tends to insert Pokémon exception handlers everywhere, making problems (of which vide-code has a *lot*) hard to even notice.

Slightly related illustration:
this post | permalink
@troed I'm no lawyer, but my understanding is if the infra is legally owned by an EU legal entity they can (at least in theory) say FU to the mothership
(they can threaten to fire the leadership ofc, but can't send them to jail etc.). This can also be used by AWS as an argument not to screw their EU business ("we would comply, it's just those picky EU judges!").

But yeah, we've seen how complicit people can become when they get nasty looks (see DOGE)...
this post | permalink
Next Page