macos – I downloaded a shell executable and man pages from a source I trust. Where should I put them?

I downloaded a binary file for a shell executable, and the corresponding man pages, from a source I trust. Unpacking the archive returns a binary file and some man pages. There’s no installer. Which is the “canonical” location to put this kind of stuff? I guess it should be somewhere on my PATH. echo $PATH returns:

$ echo $PATH

Of these, I seem to recall that tampering with /usr/local/ is considered bad practice. Logically, Users/.../google-cloud-sdk/bin:/anaconda3/bin:/anaconda3/condabin also don’t seem appropriate. This leaves me with /usr/bin:/bin:/usr/sbin:/sbin:/opt/X11/bin. Which one should I use? Or am I going about this the wrong way?

Also, do the binary file and the man pages go into the same folder? Or do they go to different folder?

PS I really wonder how much effort would have been to add a damn installer….

digital signature – How to list all of the known root keys in docker (Docker Content Trust)

How can I list all of the Docker Content Trust root keys on my system?

I am setting up a CI process that will use the debian:stable-latest docker image to build my application’s releases in ephemeral cloud instances. I want to make sure that every time my fresh build system does a docker pull debian:stable-latest, it doesn’t just blindly TOFU the root public key used to sign debian’s docker images–thus defeating the entire security model of DCT.

Before downloading a given docker image, how can I check to see if the system already has the image’s root public key or not?

Skyrocket Trust Flow TF 25+ Majestic Metric for $55

Skyrocket Trust Flow TF 25+ Majestic Metric

Skyrocket Your TF 25+ Majestic. com Trust FlowIncrease your website Trust Flow Fast

TF is a metric of the Which is well known for its great results in 2020 and outranked all other tools. So, TF will increase if your site has high-quality TF backlinks.

I will increase your TF 25+ without harming your website i just need your main URL for this to redirect some ‘juice’ from high quality TF links. It doesn’t effect your site traffic or any other things.

Increase website Trust Flow now!

What you will get:

✔️ 100% Manual Work

✔️ 100% Boost up Majestic TF

✔️ 100% Trusted Sites – Google Index Sites

✔️ Do-follow/Nofollow backlinks – Ranking Increase

✔️ Increase Trust Flow

✔️ Sites have 0-10 Spam Score & Huge Organic Traffic

Client Sample 1

Client Sample 2


  • The links are permanent.
  • Foreign keywords and websites accepted.
  • I CAN show you samples of domains already boosted.
  • TAT is 14 days. (sometimes 7 days/depend on domain)
  • Refund policy 100% if the domain is not boosted.
  • We DO accept Pharma/Gambling/Adult.

What you will get from this service?

Lots of links that will make your trust flow TF increase to 25+. You will be amazed by the quality of this service and how fast it’s done!

For bulk orders message me!

100% Guarantee: If domain is not boosted, will refund 100%


Moran Trust Limited –

I’m not admin here!


Our program is intended for people willing to achieve their financial freedom but unable to do so because they’re not financial experts. is a long term high yield private loan program, backed up by Forex market trading and investing in various funds and activities. Profits from these investments are used to enhance our program and increase its stability for the long term.

Reduced Size Image

1% daily for 10 days + principal return
Plan Spent Amount ($) Daily Profit (%)
Plan 1 $10.00 – $500.00 1.00


SSL Encryption
DDos Protection
Licensed Script
Updated Date: 0001-01-01
Creation Date: 2020-09-07
Expiration Date: 2022-09-07

Accept: PM,…

Join here:

vpn – How to trust EasyConnect on OSX Catalina?

I installed EasyConnect on OSX Catalina and logged in to the VPN successfully, however I cannot connect to the resource as I used it in Windows.

The error it gives is as follows, it asked me to allow it from Security and Privacy, however it was not listed there!
enter image description here

I did some search and tried sudo spctl --master-disable, it doesn’t help.

I tried trust the cert from, it doesn’t help, either.

Please someone help!

after unlock oem I cant to go to recovery mode i see orange state your mobile has been unlockd and cant be trust your mobile boot in 5 second

after unlock oem I cant to go to recovery mode when i try to go to recovery mode by tapping power off and volume up/volume down or by adb reboot recovery/adb reboot bootloader l
i see orange state your mobile has been unlockd and cant be trust
your mobile boot in 5 second

How to implement zero trust concept on a pod running in Kubernetes?

Was thinking to use Ambassador design pattern and filter each request through Nginx with Waf (mod_security or Naxsi) in reverse proxy and ACL, authentication and authorization to pod.

What are the best practices?

How to prevent "soft belly" of each microservice being open in the network (vlan, vpc or similar)


networking – Is it a bad security to trust (localhost) in ssh connections?

I have a script that permits me to forward ssh connections from a port on my machine to a remote host so that I can access a database that is only accessible from that host, the script is as follows:

ssh -o "StrictHostKeyChecking no" -o ExitOnForwardFailure=yes -f -N -L <port>:<database_url>:<database_port> <user>@<remote_host_id> -i  <private_key>;
mysql <db_name>  -u <username>  -h ;

I use this same script with multiple remote hosts/ databases, and I want to use the same port always,so I put the -o "StrictHostKeyChecking no" option cause without it a message “IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!” appears.

Is this thing secure? I think this basically means trusting which most likely won’t be spoofed.


Limited Offer   HYIP IN ONLY $35  

HYIPCO represents you SCRIPTS.  FOLLOWING ..
1-HYIP investment SCRIPT …         2-ZARFUND & CLONE SCRIPTS…                             3-PTC MAKER  SCRIPT…      4-HYIP MONITOR….
Open your own Zarfund and Hyip investment website with HUGE discount.  All in one Zarfund Script, Hyip Script, Free Domain , Free Hosting and standard TEMPLATE  included also your choice in TEMPLATES. you can Start your own Hyip investment website  within one day by Now you get information from youtube on our CHANNEL…..HYIPCO   CHANNEL’S NAME.  Without any charges  we will give you free training and life time free support. Professional Hyip Templates and very easy hyip script Our contacts informations
Email :
Skype ID:

Signatures: Trust, Non-Revocable, and "sig-n"

Three questions on signatures.

  1. I have read the distinction between Owner Trust and Signature Trust. I am trying to understand the various types of "trust signature". The man page says, "For more information please read the sections “Trust Signature” and “Regular Expression” in RFC-4880." Rather than go to the RFC, maybe someone could help with these basics.

    We have these choices when running --edit-key ... tsign:

    1. Trust Marginally
    2. Trust Fully

    If 2. is selected, then we choose:

    Please enter the depth of this trust signature
    A depth greater than 1 allows the key you are signing to make trust signatures on your behalf.

    And then:

    Please enter a domain to restrict this signature, or enter for none.

    The first choice is described in this post on the OpenPGP trust model. I am unclear of the significance of "depth" beyond 2, or how high this might go. I am also unclear about the notion of a "domain" to restrict signatures.

  2. As a second question, when I --list-sigs I see trust "depth", but I also see "sig" and "sig 3". I gather there are in addition "sig 1" and "sig 2". What are these referring to? (Both of those questions have been left unanswered.)

  3. When might we use a non-revokable signature?

When cross-signing two keys as I’ve described here, one a master certifying key to be kept offline and the other a master certifying key to be kept on the laptop, I believe I would certify ("sign") each other as fully trusted. I am not clear what depth I should use. I am also wondering if one or both of these certifications should be non-revocable to show permanent ownership.