infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@cR0w How could we forget the coolest name in the biz?
this post | permalink
In light of recent events, let me re-share a classic:

Mary Ann Davidson - No, You Really Can’t

https://web.archive.org/web/20150811052336/https://blogs.oracle.com/maryanndavidson/entry/no_you_really_can_t

#Oracle
this post | permalink
#LLM
this post | permalink
@joxean I don't have a tested answer, but I think the solution will be around Memory.getAddressSourceInfo():

https://ghidra.re/ghidra_docs/api/ghidra/program/model/mem/Memory.html#getAddressSourceInfo(ghidra.program.model.address.Address)

What is unclear to me is how the resulting AddressSourceInfo objects are created as Loaders (plugins that map file contents to Memory Blocks for Ghidra) don't necessarily provide source information when creating a mapping (see e.g. the createUninitializedBlock() method).
this post | permalink
[RSS] Writing a Pascal script emulator

https://blag.nullteilerfrei.de/2025/03/30/complete-first-correct-later-writing-a-pascal-script-emulator/
this post | permalink
[RSS] The Curious Case of CVE-2015-2551 & CVE-2019-9081 - Doom and Gloom! Or not.

https://jericho.blog/2025/03/30/the-curious-case-of-cve-2015-2551-cve-2019-9081-doom-and-gloom-or-not/

My guess here is both CVE's were for deserialization gadget chains (one in JRE, the other in Laravel) which can't be trivially categorized as vulnerabilities (classes do what they are supposed to, only dev decided to YOLO unrelated parts of their code).
this post | permalink
An even better Microsoft Account bypass for Windows 11 has already been discovered

https://www.windowscentral.com/software-apps/windows-11/an-even-better-microsoft-account-bypass-for-windows-11-has-already-been-discovered

Shift+F10 then `start ms-cxh:localonly`
this post | permalink
@rekettye Good to know it wasn't because YT thinks I'm a desperate alcoholic <3
this post | permalink
The state of affairs is well illustrated by the fact that the video

"Turning children's glue into drinkable alcohol"

has a 1.4M view count currently on YT.

(I know this because it's also in my recommendations for some unfathomable reason)
this post | permalink
[RSS] Stored XSS in My Flow To RCE in Opera Browser #2

https://medium.com/@renwa/stored-xss-in-my-flow-to-rce-in-opera-browser-2-51ccb2eae988?source=rss-3f8ae70e3957------2
this post | permalink
Next Page