OK, if you have lots of Twitter embeds in your website, I've written an easy(ish) way to replace them with static images & alt text.

https://github.com/edent/Tweet2Img

Run:
python tweet2img.py 1234

And you'll get a ready-to-paste piece of HTML with a data-encoded image.

<a href="https:/ /twitter.com/edent/status/123"><img src="data:image/webp;base64,Ukl..." width="550" height="439" alt="text from tweet."/></a>

It also saves the WebP and alt text if you need them.

Let’s say I want to keep the latest version of each file as they are replaced or removed; essentially I want a “trash can”-like behavior. For this, I create the following script and store it as /Users/jb/bin/onlylatest.sh (i.e. the bin directory in my home directory):

It's just been one security disaster after another for Intel the last few years. Meltdown, Spectre variant after variant and this week the "Microarchitectural Data Sampling" aka Zombieload attack have all required performance-degrading fixes and workarounds. There is no way around turning hyperthreading off to be safe from MDS/Zombieload and this is a rather high performance-price to pay. So what if you don't want to?

Disabling SMT/HyperThreading to get full protection against MDS/Zombieload on top of the mitigation code for "meltdown", several "spectre" variants and other security-issues discovered on Intel CPUs is a high price to pay for security on Intel CPUs. The total performance-penalty in many workloads is adding up. Unfortunately there is no safe and secure way around the performance-penalties - so you may want to..

Das STUN-Protokoll erkennt Clients, die sich bspw. hinter einem Router oder einer Firewall befinden und eine NAT-Adresse haben. Mit Hilfe des STUN-Servers können NAT-Clients ihre öffentliche IP-Adresse erfahren und sind anschließend in der Lage eine direkte Kommunikationsverbindung zwischen (zwei) Teilnehmern herzustellen. Um die Übermittlung der IP-Adresse an externe Anbieter zu vermeiden, könnt ihr einen eigenen STUN- / TURN-Server betreiben. Alternativ könnt ihr natürlich auch einfach bestehende STUN-Server wählen, die öffentlich zur Verfügung gestellt werden.

A Docker build for Solr, to manage the official Docker hub solr image

Solr is the popular, blazing-fast, open source enterprise search platform built on Apache Lucene™.

A research project I spent time working on during my master’s required me to scrape, index and rerank a largish number of websites. While Google would certainly offer better search results for most of the queries that we were interested in, they no longer offer a cheap and convenient way of creating custom search engines.

This need, along with the desire to own and manage my own data spurred me to set about finding a workflow for retrieving decent results for search queries made against a predefined list of websites. That workflow is described here, providing what I hope shall serve as a useful reference for how to go about setting up a small search engine using free and open-source tools.

Note:
• The instructions here assume that you use some UNIX-like operating system (Linux, MacOS, *BSD).
• Any Python code has only been tested using Python 3.7 (The clock is ticking).
• Any code provided is free to use under the MIT license.

WireGuard, created by security researcher Jason A. Donenfeld, is smaller and simpler than most other VPN software. The first version of WireGuard contained fewer than 4,000 lines of code—compared with tens of thousands of lines in other VPN software. That doesn't make WireGuard more secure, but it makes it easier to find and fix problems.

WireGuard clients are already available for Android, iOS, MacOS, Linux, and Windows. Cloudflare's VPN service Warp is based on the WireGuard protocol, and several commercial VPN providers also enable users to use the WireGuard protocol, including TorGuard, IVPN, and Mullvad.

fail2ban is an intrusion prevention framework that reads server (Apache, SSH, etc.) and uses iptables profiles to block brute-force attempts:

As we can see the default Linux disk encryption implementation has a significant impact on our cache latency in worst case scenarios, whereas the patched implementation is indistinguishable from not using encryption at all. In other words the improved encryption implementation does not have any impact at all on our cache response speed, so we basically get it for free! That’s a win!

Ever considered setting up and running your very own git server? It’s actually quite easy! In this post, I’ll outline the steps I took to set up my own so that you can give it a try yourself. But first, why might you even want to go through the trouble of setting up your own server?

After all, there are a wide array of excellent and free to use choices out there, such as GitHub, GitLab, and the up-and-coming sourcehut.

One reason is ownership: in today’s world of corporate surveillance, rampant privacy violations, and data breaches, there is something to be said of truly owning your own data. Both git and the web itself were designed and built on principles of decentralization and distribution. Standing up your own server is one way to tap into that heritage.

It’s also just plain fun, at least if you’re into that sort of thing. You get to build something useful and put your name on it. It’s something you control. You get to decide how it works, how it looks, who can access it, and what exists on it.

Setting up a git server is actually relatively straight-forward. Almost all of the heavy lifting is done by git itself, but I will also introduce a few supplementary tools to handle things like access control and HTTP access.

This project contains build scripts for Docker images (Dockerfiles) and Docker related utilities for IBM Domino. There are separate folders within this repository that contain build scripts for IBM. This repository provides an IBM Domino Server with the latest fixes.

Main idea is to download and apply all required fixes/patches/updates from a software repository server instead of adding the source installation files to the image directly. For this reason this repo will start a temporary local nginx server at build time to act as a software repository server.

Here’s something you can do before work, with your morning coffee, or whilst waiting for dinner to cook of an evening. And there’s never been a better time to install Kubernetes to a Raspberry Pi, with the price-drop on the 2GB model — perfect for containers.

This module uses a rule-based rewriting engine (based on a regular-expression parser) to rewrite requested URLs on the fly. It supports an unlimited number of rules and an unlimited number of attached rule conditions for each rule, to provide a really flexible and powerful URL manipulation mechanism. The URL manipulations can depend on various tests, of server variables, environment variables, HTTP headers, or time stamps. Even external database lookups in various formats can be used to achieve highly granular URL matching. This module operates on the full URLs (including the path-info part) both in per-server context (httpd.conf) and per-directory context (.htaccess) and can generate query-string parts on result. The rewritten result can lead to internal sub-processing, external request redirection or even to an internal proxy throughput.

#Debian/#Ubuntu extend the dominance in the #Linux #web #server market http://t.co/qhxXFXQS2k http://t.co/J4FWoPYol7

#IBM stellt neue #Power #Linux #Server zum Preis vergleichbarer #x86 Lösungen vor: http://t.co/yNUYHgRG

Hardening the #Linux #Server: An intro to GNU/Linux server security from @DeveloperWorks at #IBM http://t.co/oEhlzoCl