infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

"Our safeguards work **more reliably** in **common**, **short** exchanges. We have learned over time that these safeguards can **sometimes** be **less reliable** in **long** interactions: as the back-and-forth grows, **parts** of the model’s safety training **may** degrade."
this post | permalink
Look at the rate of weasel wording in OpenAI's not-really-apology:

https://openai.com/index/helping-people-when-they-need-it-most/

I'm sick and tired of people pretending they have ways to enforce LLM behavior, while all they do is weigh dices differently - they remain dices.

Trying to enforce security boundaries with a PRNG is one thing, but you definitely can't prevent reinforcing harmful behavior, because you can't even define what it is.

And this can cost lives, as we just witnessed.
this post | permalink
[RSS] The One Where We Just Steal The Vulnerabilities (CrushFTP CVE-2025-54309) - watchTowr Labs

https://labs.watchtowr.com/the-one-where-we-just-steal-the-vulnerabilities-crushftp-cve-2025-54309
this post | permalink
In a somewhat better world this ChatGPT suicide case should at minimum trigger resignations from OpenAI top brass. This won't happen of course, showing what kind of people we are dealing with there.

And yes, this case is different from finding similar information via search engines, because search engines don't pretend to be people who care about you.
this post | permalink
@azonenberg That would spoil the surprise!
this post | permalink
Magical Breakpoints and Where to Find Them
this post | permalink
@TarkabarkaHolgy
this post | permalink
[RSS] Journey to freedom: Escaping from VirtualBox and Unchaining Objects in the Windows Kernel

https://www.reversetactics.com/publications/2025_conf_typhooncon_journeytofreedom/
this post | permalink
[oss-security] libssh2 Base64 Encoding Heap [Overread] in Known Hosts SHA1 Hash Processing

https://seclists.org/oss-sec/2025/q3/137

Related to known_hosts parsing, finding useful vectors seems tricky
this post | permalink
It still doesn't work, but now at least I can debug it...
this post | permalink
Next Page