No good way to verify public image sha256 in docker hub – security concern

This is a little crazy but apparently we don’t have a good way to verify sha256 digests of public images in docker hub. Related thread is here: https://github.com/docker/hub-feedback/issues/1925 and also this stackoverflow is useful: https://stackoverflow.com/questions/57316115/get-manifest-of-a-public-docker-image-hosted-on-docker-hub-using-the-docker-regi . Problems in the nutshell: Publicly displayed digests on docker hub UI do not match those seen when pulling images […]

No-frills secret sharing with openssl

Motivation Sometimes we need to share a secret with a colleague, and frequently it’s a hassle to do so securely. Worst options include people simply sending plain-text secrets over email or slack. Better, if this is some sort of encrypted email service like ProtonMail, but still it’s a fairly brittle way if we’re dealing with […]