infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[RSS] opasm: an Assembly REPL

https://github.com/aedrax/opasm
this post | permalink
"IBM Software Download Tips: Three Easy Steps to Make Download Director Work Again"

https://www.ibm.com/support/pages/node/7181432

Free #ProTip for IBM: no one should ever have to use Download Director. Web servers should just not randomly drop connections.
this post | permalink
[RSS] Rising star: Meet Dylan, MSRC's youngest security researcher

https://msrc.microsoft.com/blog/2025/07/rising-star-meet-dylan-msrcs-youngest-security-researcher/
this post | permalink
2 posts I saw today:
- MS spends $80B on AI datacenters, even putting their bottom line at risk
- MS lays off thousands

I so wait for the moment when reality kicks in...
this post | permalink
New x64dbg release: Type System and Modernization

https://x64dbg.com/blog/2025/06/30/release-announcement.html

#debugger #ReverseEngineering
this post | permalink
[oss-security] Xen Security Advisory 470 v2 (CVE-2025-27465) - x86: Incorrect
stubs exception handling for flags recovery

https://www.openwall.com/lists/oss-security/2025/07/01/1

(Potential impact is hypervisor DoS)
this post | permalink
@kpwn UUIDv4 can be based on CSPRNG, in that case it's just as secure as a sid with same number of (secure) random bits. Only problem is that random source can't be identified in a blackbox setting, but statistical methods can give a good estimation about its security.
this post | permalink
[RSS] Does anyone happen to know why certain profile names corrupt text elements in Tony Hawk's Pro Skater for N64?

https://banyaszvonat.github.io/breaking-videogames/2025/06/30/tony-hawks-pro-skatyr.html

#GameHacking #ReverseEngineering
this post | permalink
New sudo LPE's just dropped:

Sudo Host Option Elevation of Privilege (CVE-2025-32462):

https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host

Sudo local privilege escalation via chroot option (CVE-2025-32463):

https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot

Linking oss-security too, because researcher advisories don't like to load for me:

https://www.openwall.com/lists/oss-security/2025/06/30/2

https://www.openwall.com/lists/oss-security/2025/06/30/3
this post | permalink
[RSS] The hidden JTAG in your Qualcomm/Snapdragon device's USB port

https://www.linaro.org/blog/hidden-jtag-qualcomm-snapdragon-usb/
this post | permalink
Next Page