infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@addison TBH I just vaguely remember that cosine transform is useful for compression because it tends to group similar values together, and it also works in 2D so it was the first thing that came to my mind, but it's been a looong time since I touched anything related.
this post | permalink
@addison something something cosine transform?
this post | permalink
[RSS] Reverse-engineering a three-axis attitude indicator from the F-4 fighter plane

http://www.righto.com/2024/09/f4-attitude-indicator.html?m=1
this post | permalink
=:)

https://www.youtube.com/watch?v=m-kGHU8kUPk
this post | permalink
I just realized that the "DoD Cyber Crime Center" on GitHub is not just a parody reference to NSA o.O
this post | permalink

If you feel like joining the “fun”, here’s the javadoc for #Ghidra Version Tracking:

https://scrapco.de/ghidra_docs/Features/VersionTracking/javadoc/

(I had to update my script again to include this - digging up docs for NSA sw really has some Quest for Knowledge vibes…)

this post | permalink
1 file changed, 99 insertions
but it ain't fucking work
this post | permalink
Anyone has an idea what I should do with this exception:

ghidra.framework.store.LockException: domain object(s) are busy/locked

I solved like a dozen #Ghidra API mysteries today, but I'm running out of ideas with this one...
this post | permalink
@bouncepaw Let us know how it goes! Last time I checked shaving is a massive PIT...F? without all this disposable crap :(
this post | permalink

@jeffvanderstoep Thanks for your reply! I don’t doubt the validity of your measurement. I’d argue about two things:

  • The simpler thing is communication: the phrase “half-life” or “decay” implies that vulns disappear without explicit dev intervention, e.g. as a side-effect of unrelated code changes (or even the passage of time!). While this may be true in some cases I don’t see how the data would (or could) support such an observation.
  • My understanding is that when we look at overall results of different vuln discovery strategies (your study) or applying the same strategy with “more force” (Böhme-Falk) we basically see the effects of testing coverage, and it’s no surprise we can grow coverage faster in new code. What I think would be more revealing is looking at new vulns(/LoC?) vs code age when a new discovery method (e.g. a new sanitizer or more intelligent test-case generation ) is introduced. FTR: I bet such data would actually confirm your results, but without data about the effect of new discovery methods I think drawing conclusions about code “maturity” is much harder.
this post | permalink
Next Page