infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@slp This keyboard is tripping balls
this post | permalink
[RSS] Capturing the Flags of the Internet: Find 0-days in OSS and write scanners to detect them

https://bughunters.google.com/blog/6752136441233408/capturing-the-flags-of-the-internet-find-0-days-in-oss-and-write-scanners-to-detect-them
this post | permalink
@atomicpoet @dansup Worse: it created friction for legit use-cases (that can't be undone!), creates ~0 friction for illegitimate ones *while* giving a false sense of security.

Limiting discovery is def in the top3 stupidest ideas I've seen during my long time on the Web.
this post | permalink
@Ange you know when some smart bureaucrat draws black rectangles over paragraphs then someone on the Internet does a Ctrl+A Ctrl+C Ctrl+V and publishes the whole text layer
this post | permalink
@Ange considering impact: select to unredact :)
this post | permalink
[RSS] CVE-2024-53141: an OOB Write Vulnerability in Netfiler Ipset

https://u1f383.github.io/linux/2025/01/07/cve-2024-53141-an-oob-write-vulnerability-in-netfilter-ipset.html
this post | permalink
[RSS] Reliable system call interception [with seccomp user notify]

https://blog.mggross.com/intercepting-syscalls/
this post | permalink
I have this favorite story about "the first 3D shopping mall" on the Hungarian Internet: it was of course a massive failure, because the minds behind it didn't realize that people are not going to the mall to use escalators (which was precisely modeled in VRML along with corridors, benches, etc).

I think the recent enthusiasm about GenAI-driven voice/video recognition is similar in this aspect: in many cases people would prefer a system *not* involving human(-like) interaction (or using an escalator), it's just we currently don't have better solutions for many tasks. Assuming a speech/video interface is always better than e.g. a bar code reader results in faster horses, not cars.
this post | permalink
@tychotithonus @stf Inverse example :)
this post | permalink
@tychotithonus I was contemplating the same recently too:

https://infosec.place/notice/Amjet90pSdLoQzLcdE

As @stf pointed out Shibboleths had about the same function throughout the centuries:

https://en.wikipedia.org/wiki/Shibboleth
this post | permalink
Next Page