infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@Sempf
- Would NVD be a venue for credit-seeking if they ever did proper evaluation of reports instead of slapping CVSS 9.8 on any report including the world "overflow"? Or if there was a proper process for getting CVE's rejected/updated (see https://daniel.haxx.se/blog/2024/02/21/disputed-not-rejected/)? Blame the process, not the people!
- Do people monetizing their vulns on "the Dark Web" also request CVE's for them? That's new!
- If someone wants a bounty they will have to go through a proper evaluation process before any chance of a CVE being assigned by the vendor. The reporter can request one of course (see my first point), but that's not relevant from monetary perspective.

The article also elegantly ignores the Linux kernel CNA, that literally spams the CVE database these days...
this post | permalink
I *am* cheating but also really proud of this one :)

#IBMi
this post | permalink
@VirusBulletin "To circumvent the VMDK file's protections, Akira first temporarily powered down the domain controller's virtual machine."

Sneak 100
this post | permalink
[MS-SMB] Message Signing Example

https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-smb/8b80e60b-7514-442b-baf4-eb785d0b0e2c

h/t @eckes
this post | permalink
@eckes Thanks, the second one is exactly what I needed!
this post | permalink
@Blort @cra1g @briankrebs wasnt the point that the first and third vessels never went anywhere?
this post | permalink
#LazyWeb Can you recommend a good overview on the technical implementation of SMB signatures?
this post | permalink
@stf good point! I'm wondering if "elszarni" adequately covers the meaning, as something more frequently used in everyday speech? Like "Elon elszarta a Twittert"?
this post | permalink
@dan131riley @briankrebs Would be interested in the title if you find it!
this post | permalink
@briankrebs “To summarize: it is a well-known fact that those people who must want to rule people are, ipso facto, those least suited to do it.
To summarize the summary: anyone who is capable of getting themselves made President should on no account be allowed to do the job.” - Douglas Adams
this post | permalink
Next Page