infosex.exchange <3
You are probably looking for the infosec.exchange Mastodon instance
This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.
Discoverability and Archiving
Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.
Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.
Gluttony Section for Search Engines
@cR0w @silverwizard PR has to show their worth, I'm pretty sure this wasn't composed by the offensive team
@schrotthaufen That would mean there is an unrelated problem in the signing process that would deserve a separate CVE/advisory.
Updates get MitM'd by middleboxes (using shitty certs) all the time. This is why update packages are digitally signed and why many vendors simply use plain HTTP for delivery.
Yet for some reason Crowd Strike marked this as high severity with a CVSS vector indicating MitM -> full system compromise...
CVE-2025-1146
Next Page