Quan Zhou

Exercise notes and other boring stuff

I was having fun with Jupyter and wanted to move it to my Docker host so it can benefit from the GPU. With effective configs:


~ > systemctl --user status
Failed to connect to bus: No such file or directory

~> systemctl --user status
    State: running
     Jobs: 0 queued
   Failed: 0 units
    Since: Wed 2021-01-27 21:27:40 CST; 14h ago
   CGroup: /user.slice/user-1003.slice/[email protected]
           │ ├─6672 /lib/systemd/systemd --user
           │ └─6686 (sd-pam)
             └─20452 /usr/bin/gpg-agent --supervised

Sometimes non-server distros come with a lot of languages, takes a long time to update. So:

Acquire::Languages "none";

While trying to install Maltego on a development machine, I've added the kali-rolling distribution to my sources.list.d. After an apt update I found myself sat in front of a machine suddenly received thousands of updates.

The surprise wore off quickly, it's called 'rolling' for a reason, but I don't want a “foreign distro” to pollute my system either. I know the “preference” was the word to look for, but not really sure if it's available through man pages.


I was playing around in a contained network where only some of the connections should go through a proxy.

From man apt-transport-http:

The various APT configuration options support the special value DIRECT meaning that no proxy should be used. The environment variable no_proxy is also supported for the same purpose.

It's quite usual that people push their credentials to a public git repo on the internet. What published is published, a push -f does not unpublish, and recovery isn't that obscure.


My WriteFreely configuration has changed quite many times, which is more frequent than posting. 😉


I was trying to pass the [Encrypted SNI test], but it wasn't smooth as silk.

My resolver NextDNS support the feature, but the test page finds otherwise. So skimmed over the [document], found following requirements:


I was using customized systemd unit files and timers to keep this blog up, this is against the spirit of standardization! So I moved to a much simpler configuration.


An unsigned long long time ago, a mass amount of TPMs and smartcards were hit by a flaw in the Infineon codebase. They have released an update, but still, we can see unpatched modules in the wild.