infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@david_chisnall I think the parentheses placement is a typo here: "and one that (as an open-source platform, we strongly encourage!)"
this post | permalink
Today I realized I need a portable pencil holder for my books (mostly the technical ones) so I won't search in panic when I want to take some super important notes.

After a quick search using an adjustable elastic band is a straightforward design, but I like the binder clip idea even better:

https://www.wendaful.com/2017/03/diy-make-elastic-pen-loop-holder/

#books #diy
this post | permalink
A very fancy way to obtain RCE on a Solr server
https://www.hacefresko.com/posts/rce-on-solr-server-via-replication

#fromBsky
this post | permalink
Created a #CodeQL Cheat Sheet to document what I struggled with recently:

https://scrapco.de/codeql-cheat-sheet/cpp/cpp-conditionals-cfg/

Will push updates as they pop to my mind. Contributions/ideas are also most welcome!

https://github.com/v-p-b/codeql-cheat-sheet
this post | permalink
[RSS] To some people, time zones are just a fancy way of sounding important, episode 2

https://devblogs.microsoft.com/oldnewthing/20250307-00/?p=110946
this post | permalink
[RSS] Micropatches Released for SCF File NTLM Hash Disclosure Vulnerability (No CVE)

https://blog.0patch.com/2025/03/micropatches-released-for-scf-file-ntlm.html
this post | permalink
@wdormann @cR0w I start to feel like a Kagi sales person here, but may I suggest to give Orion a try (mac only)? https://kagi.com/orion/
this post | permalink
[RSS] Ungarble: Deobfuscating Golang with Binary Ninja

https://invokere.com/posts/2025/03/ungarble-deobfuscating-golang-with-binary-ninja/
this post | permalink
[RSS] PostgreSQL: Privilege Escalation Vulnerability via pg_cron

https://github.com/google/security-research/security/advisories/GHSA-j8p5-79jf-g575
this post | permalink
I got badly nerd sniped by Qualys:

Dreams in #CodeQL - Quest for the Perfect GOTO

https://scrapco.de/blog/dreams-in-codeql-quest-for-the-perfect-goto.html
this post | permalink
Next Page