infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@pancake @joxean To be fair the issue I brought up only comes up during more "low-level" development (specifically Processor modules), certainly not during scripting. With Python scripts you can just configure a script directory and write your scripts there with any editor, and you can even fire up a headless instance from some vim command to run it. Java is more cumbersome (as Java usually is) but one of my side-quests is to document how to set up a proper devenv for it.
this post | permalink
@pancake Now that I think about it, IIRC this is also related to the certification.manifest issue I described in the other post: it seems like a way to ensure that no intellectual property of dubious origin ends up in the code. You have to explicitly state that new files are OK to be included in the project (kind of an inverse .gitignore).
this post | permalink
[RSS] Don't Be a CVE Dummy

https://jericho.blog/2024/11/28/dont-be-a-cve-dummy/

"So please, if you are writing documentation and need to use dummy CVE identifiers, please use one of the ones MITRE designated a decade ago"
this post | permalink
/cc @molly0xfff
this post | permalink

No camel can perish on the Hungarian internet

https://translate.kagi.com/https://telex.hu/after/2024/11/29/teveclub-nevelde-jatekok-juhasz-balazs-illovszky-viktor

#neopets #sunday

this post | permalink

In other news, enough RE tool dev for today…

this post | permalink

It is just natural that in #Ghidra #Sleigh “The [operator] identifier must appear in the [bit pattern section] as if it were a term in a sequence of constraints but without the operator and right-hand side of the constraint.”, see section 7.4.3:

https://scrapco.de/ghidra_docs/GhidraDocs/languages/html/sleigh_constructors.html

But it seems, you can’t use the identifier in the display of the instruction if it’s part of a constraint.

Error: “wrong type (should be family) in pattern equation”

Why is that?!

(Workaround: define an alias token for the same bits and use that in display)

this post | permalink

If a #Ghidra build throws an error similar to:

“No IP found for $slaspec in module: $dir”

You have to extend the certification.manifest file in $dir.

this post | permalink

If you use #vim to edit #Ghidra sources, beware that some build scripts try to handle all files in a directory, so .swp’s can cause build errors.

#ProTIp

(Neovim stores swap files under your config directory by default, so the situation is better there)

this post | permalink
[RSS] Assessing the attack complexity of a race condition security vulnerability

https://devblogs.microsoft.com/oldnewthing/20241129-00/?p=110588
this post | permalink
Next Page