infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[cts🌸 @ X] twitter is more funny if you replace "machine learning" with "money laundering". So i made a chrome extension that does this

https://github.com/stong/ml-to-ml
this post | permalink
[Csaba Fitzl @ X] RT by @theevilbit: Here with a fun one, CVE-2023-44077: ShareBrowser Privilege Escalation

https://khronokernel.com/macos/2024/01/18/CVE-2023-44077.html
this post | permalink
Theory: LLMs will probably not take your job, but they can expose your lack of skill that may result in losing your job:

- Are you really that good if you obviously use an LLM for the most simple tasks?
- More importantly: by increasing your output, there is a higher chance of messing up big time if you don't know where/how to look for inconsistencies (like this story: https://yro.slashdot.org/story/23/05/30/2049253/lawyer-cited-6-fake-cases-made-up-by-chatgpt-judge-calls-it-unprecedented).
this post | permalink
[dmnk@infosec.exchange @ X] Everything in fuzzing is gut feeling, and all gut feeling is wrong

https://twitter.com/domenuk/status/1749481363013603352
this post | permalink
CVE-2023-46589 Apache Tomcat - Information Disclosure

"Incomplete POST requests triggered an error response that could contain
data from a previous request from another user" o.O

https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz
this post | permalink
Arbitrary Code Execution in Pillow - CVE-2023-50447

"PIL.ImageMath.eval()" Yeah that sounds safe!

https://duartecsantos.github.io/2023-01-02-CVE-2023-50447/
this post | permalink
@hajovonta Before I found the above linked piece I already knew the wisdom saying "Writing is nature's way to tell you how crappy your thinking is" (can't attribute it unfortunately), which has a follow-up saying "Coding is nature's way to tell you how crappy your writing is" :)
this post | permalink
@lauren @tychotithonus Is this a motto for GRU? :)
this post | permalink
@hajovonta I also write a lot just to clarify my own thoughts - this other piece has also been an inspiration to do so:

https://re.alisa.sh/notes/about.html
this post | permalink
"Writing is the process by which you realize that you do not understand what you are talking about."

Excellent piece!

https://fs.blog/writing-to-think/
this post | permalink
Next Page