infosex.exchange <3
You are probably looking for the infosec.exchange Mastodon instance
This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.
Discoverability and Archiving
Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.
Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.
Gluttony Section for Search Engines
@xnyhps Yes! More generally: my remote interfaces are files (CGI, PHP, JSP, ...).
@joern It's interesting to approach the problem from the other direction: $technology causing spikes in specific vulnerability classes 🤔
@hdm I'm also interested in bug classes becoming less prevalent (not extinct). IME SQLi's are definitely out there, but rarer than before.
@joern I have no doubts about that, but I don't think they are as easy to come by as in the early days of PHP for example.
Can we say that filesystem path traversals are replaced with URL path traversals (Orange Tsai, Exchange shitshow ...)?
@skyr If you mean self-replication then absolutely! Macros are still going strong AFAICT (default blocking will change that ofc).
It's also interesting how the exposure to trojans (iloveyou.txt.vbs et al.) have been reduced (MOTW, perimteter filtering, ???).
@swapgs @raptor There have been multiple shifts of focus that shaped our perception for sure. I find userland LPEs on Windows still plenty and important though. Also I'm more interested in bug types than impacts (slightly contradicting my other reply about DoS).
Next Page