Featured Articles

Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)
Hardening Guide for phpList
Trusted Boot (Anti-Evil-Maid, Heads, and PureBoot)
Introducing BusKill: A Kill Cord for your Laptop
WordPress Profiling with XHProf (Debugging & Optimizing Speed)
Detecting (Malicious) Unicode in GitHub PRs
WordPress Multisite on the Darknet (Mercator .onion alias)
Continuous Documentation: Hosting Read the Docs on GitHub Pages (2/2)
Crowdfunding on Crowd Supply (Review of my experience)
previous arrow
next arrow

Manually Downloading Container Images (Docker, Github Packages)

By Michael Altfield, on September 3rd, 2024

This article will describe how to download an image from a (docker) container registry.

Intro

Remember the good ‘ol days when you could just download software by visiting a website and click “download”?

Even apt and yum repositories were just simple HTTP servers that you could just curl (or wget) from. Using the package manager was, of course, more secure and convenient — but you could always just download packages manually, if you wanted.

But have you ever tried to curl an image from a container registry, such as docker? Well friends, I have tried. And I have the scars to prove it.

It was a remarkably complex process that took me weeks to figure-out. Lucky you, this article will break it down.

Examples

Specifically, we’ll look at how to download files from two OCI registries.

Docker Hub GitHub Packages Terms

First, here’s some terminology used by OCI

OCI – Open Container Initiative blob – A “blob” in the OCI spec just means a file manifest – A “manifest” in the OCI spec means a list of files Prerequisites

This guide was written in 2024, and it uses the following software and versions:

debian 12 (bookworm) curl 7.88.1 OCI
. . . → Read More: Manually Downloading Container Images (Docker, Github Packages)

3 comments  

Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)

By Michael Altfield, on March 4th, 2024
Nightmare on Lemmy "A Fediverse GDPR Horror Story"

This article will describe how lemmy instance admins can purge images from pict-rs (click here if you just want to know how).

This is (also) a horror story about accidentally uploading very sensitive data to Lemmy, and the (surprisingly) difficult task of deleting it.

Intro

tl;dr I (accidentally) uploaded a photo of my State-issued ID to Lemmy, and I couldn’t delete it.

Friends don’t let friends compose jerboa comments in bed before coffee (@theyshane)

A few weeks ago I woke up to my 06:00 AM alarm, snoozed my phone, rubbed my eyes, and started reading /c/worldnews (on Lemmy).

Still half-asleep, I was typing a comment when my thumb accidentally hit the “upload media” button. Up popped a gallery of images. I tried to click the back button, but I missed. I tapped on a photo. The photo that I tapped-on was a KYC selfie image (that I took the previous day for a service that has no business having such PII anyway).

That was all it took — two consecutive mis-taps while half-asleep in bed, and my dumb-ass just inadvertently uploaded a KYC selfie onto the public internet. And thanks to archaic State authentication systems, anyone with
. . . → Read More: Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)

Leave a comment  

Monitoring Tor .onion Websites (uptime alerts)

By Michael Altfield, on March 12th, 2021
Uptime Monitoring of Tor .onion Websites

This article will present a few simple website availability monitoring solutions for tor onion services.

Problem

So you’ve just setup an Onion Service for your website, but how often do you actually check that it’s working? Maybe it’s a .onion alias to an existing website, and you usually only check it on the clearnet. What’s to prevent the darknet presence of your website from going down for weeks without you noticing?

Indeed, it’s important to monitor your .onion websites so that you can discover and fix issues before your customers do. But how? Most of the popular uptime monitoring solutions (pingdom, freshping, statuscake, etc) certainly can’t monitor .onion websites.

This guide will enumerate some solutions for monitoring .onion websites, so you get an email alert if your site goes down.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Monitoring Tor .onion Websites (uptime alerts)

One comment