Featured Articles

Trusted Boot (Anti-Evil-Maid, Heads, and PureBoot)
Introducing BusKill: A Kill Cord for your Laptop
Crowdfunding on Crowd Supply (Review of my experience)
Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)
Continuous Documentation: Hosting Read the Docs on GitHub Pages (2/2)
Detecting (Malicious) Unicode in GitHub PRs
WordPress Profiling with XHProf (Debugging & Optimizing Speed)
WordPress Multisite on the Darknet (Mercator .onion alias)
Hardening Guide for phpList
previous arrow
next arrow

Manually Downloading Container Images (Docker, Github Packages)

This article will describe how to download an image from a (docker) container registry.

Intro

Remember the good ‘ol days when you could just download software by visiting a website and click “download”?

Even apt and yum repositories were just simple HTTP servers that you could just curl (or wget) from. Using the package manager was, of course, more secure and convenient — but you could always just download packages manually, if you wanted.

But have you ever tried to curl an image from a container registry, such as docker? Well friends, I have tried. And I have the scars to prove it.

It was a remarkably complex process that took me weeks to figure-out. Lucky you, this article will break it down.

Examples

Specifically, we’ll look at how to download files from two OCI registries.

Docker Hub GitHub Packages Terms

First, here’s some terminology used by OCI

OCI – Open Container Initiative blob – A “blob” in the OCI spec just means a file manifest – A “manifest” in the OCI spec means a list of files Prerequisites

This guide was written in 2024, and it uses the following software and versions:

debian 12 (bookworm) curl 7.88.1 OCI
. . . → Read More: Manually Downloading Container Images (Docker, Github Packages)

Guide to Finding Lemmy Communities (Subreddits)

How To Find Lemmy Communities

This article will show reddit refugees how to easily search-for and subscribe-to to popular lemmy subreddits communities across all lemmy instances.

tl;dr use the Lemmy Community Browser https://browse.feddit.de/ Intro

Lemmy is a federated reddit alternative that started in 2019. Thanks to funding from NLNet, Open Collective, Patreon, and Librapay, the project has two full-time developers.

Unlike Reddit, all of Lemmy’s code is open-source under the AGPL.

Context

In 2008, Reddit launched an API that allowed third-party clients to use Reddit. This API has been free for 14 years.

In April 2023, Reddit announced that they would begin charging for use of their API, starting just 3-months later. This made headlines when one developer calculated that reddit’s proposed fee structure would cost them $20 million per year. As a result, most popular reddit apps including Apollo, RIF, ReddPlanet, and Sync are all shutting down in July.

In protest, hundreds thousands of subreddits are participating in a reddit blackout on June 12th.

At the time of writing, all the apps still work and protest hasn’t even started yet, but already thousands of reddit refugees have flocked to lemmy — at a rate of about 2,000 new users per day. And because
. . . → Read More: Guide to Finding Lemmy Communities (Subreddits)

How to check Whonix version in Qubes

Whonix 14 just came out last month. I went to update, but I couldn’t figure out what version I was currently running. The documentation said to run this command, but the output didn’t make sense when I ran it on my whonix-gw TemplateVM.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: How to check Whonix version in Qubes

fix phplist 500 error due to random_compat

So you’ve just done a fresh install of phplist, but when you attempt to load it in your browser, you get a 500 Internal Server Error. But the error log is empty! It’s possible that phplist is suppressing the errors produced by the included library random_compat. This blog post will describe this possible issue, and how to resolve it.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: fix phplist 500 error due to random_compat

UCF Wifi Rant

While I frustratingly waited to connect to the UCF Wifi after a recent change to their system, I typed up the following email complaint to the UCF DoIT Manager. If *you* have also had issues with unstable/dropped connections, slow bandwidth, latency, or the inability to connect to the UCF Wifi, I urge you to also contact the UCF Department of Information Technology via:

cst@ucf.edu = General bob.yanckello@ucf.edu = Bob Yanckello (UCF Chief Technology Officer) lou.garcia@ucf.edu = Lou Garcia (UCF Network Manager [responsible for wireless services]) chrisv@mail.ucf.edu = Chris Vakhordjian (Information Security Office) tim.larson@ucf.edu = Tim Larson (ERP Consultant) jim.ennis@ucf.edu = Jim Ennis (Enterprise Systems & Operations) andy.hulsey@ucf.edu = Andy Hulsey (Telecommunications [includes Network Services]) aaron.streimish@ucf.edu = Aaron Streimish (Project Performance & Management Office)

Email below

While I understand the benefit of encrypted wireless communications, UCF’s decision to require all student wireless clients to use WPA without preparing to sufficiently upgrade the wireless infrastructure has rendered the UCF Wifi *unusable*.

Allow me to provide a brief log of my Internet Experience this afternoon (2011-09-15).

12:02 – attempt to connect to WiFi – fail for 9 minutes 12:11 – connected 12:11 – google ’email ucf department of information technology’ 12:12 – disconnected
. . . → Read More: UCF Wifi Rant

Welcome Back!

This blog has been down for a few months while my servers were physically being moved. However, I finally purchased VPS hosting, and downtime should no longer be an issue! To celebrate, I’m going to provide my Google Alphabet as filler for this post (an interesting experiment I saw here http://www.rosshuggett.com/2010/12/my-google-alphabet.html)

a is for aol b is for bank of america c is for craigslist d is for dictionary e is for ebay f is for facebook g is for gmail h is for hotmail i is for ikea j is for jetblue k is for kmart l is for lowes m is for mapquest n is for netflix o is for orlando sentinel p is for publix q is for quotes r is for rate my professor s is for southwest airlines t is for target u is for ucf v is for valencia community college w is for walmart x is for xl 106.7 y is for youtube z is for zillow

The list is quite curious. I disable Web History in all my Google accounts, so these suggested words are most likely regional. It’s interesting to see what others in your area are searching for, though.


. . . → Read More: Welcome Back!

My Cycling Blog

1Guy2BikeTrips Banner Photo

Much to my surprise, I discovered that I have 25 registered users to this web blog. I’d like to take this opportunity to point out that I’ve since created another “blog specifically to document a ~3,000 mile bicycle trip that a friend and me are embarking on this summer (2010). The website is: 2guys1biketrip.com”:http://www.2guys1biketrip.com.

Although this new blog is (obviously) _mostly_ cycling-oriented, there are some technological posts as well. For example, I plan on “plotting our trek in real-time on a Google Maps mashup using a GPS-enabled cell phone”:http://2guys1biketrip.com/wp/?page_id=59. For more info, see “my ‘GPS Tracking’ post on 2guys1bike trip”:http://2guys1biketrip.com/wp/?p=69.

Also, one of the many obstacles I’m trying to dodge for this trip is “how to charge my batteries”:http://2guys1biketrip.com/wp/?p=51. I’ve considered “pedal-power”:http://blog.makezine.com/archive/2009/06/how-to_pedal-powered_phone_charger.html and solar power.

To monitor our progress as we prepare for this epic trip, be sure to subscribe to our “2guys1biketrip RSS feed”:http://2guys1biketrip.com/wp/?feed=rss2. I’m sure there will be some solar panel hacking posts on 2guys1biketrip in the not-too-distant future.

Also, if you’ve found any of these postings to be helpful or you just feel like being exceptionally nice, please consider “contributing to our trip”:http://2guys1biketrip.com/wp/?page_id=6. Donations of any amount will be _much_ appreciated (we are both college students,
. . . → Read More: My Cycling Blog

Thermite

Note: Thermite is a dangerous pyrotechnic mixture. I am not a licensed professional; I am merely a pyrotechnic hobbyist. If you plan on experimenting with thermite, be sure to research safety precautions of making, storing, reacting, and cleaning-up thermite. Also, be sure to check with your local law-enforcement agency to see if thermite is legal in your area.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Thermite