Honeypot.net

September 28, 2025

Watching the Bills game at a bar in San Francisco.

People sitting outside in front of large screen TVs showing the Buffalo Bills game. The bar is a small, local place called Northstar, and the sign above it says “drinking consultants since 1882”.

September 27, 2025

The kitties are acutely interested in my project.

Tiny black kitties, one orange and white and the other black and white, are up close to me and watching my every move with wide, bright eyes.

September 23, 2025

I have found my happy place.

(Lake Tahoe, Cali.)

Photo of a beach with impossibly blue water and mountains in the distance. The edge of someone’s leg and foot is in the foreground.

September 22, 2025

New hotel, new cloned keycard.

September 21, 2025

The previous version of NIST SP 800-63B, section 5.1.1.2, said that organizations SHOULD NOT require users to update their passwords on a regular basis, unless they believe that the password was compromised. The 2025-05-30 version moved that to section 3.1.1.2 and updated it to say organizations SHALL NOT do that.

Now whenever a website emails me to say I have to update my password because it’s been a month or two since I last did it, I report a security bug to them:

The website has a security flaw: it makes users rotate their passwords periodically. This is against the security controls in NIST Special Publication 800-63B-4, “Digital Identity Guidelines”, section 3.1.1.2, clause 6, which reads:

“6. Verifiers and CSPs SHALL NOT require subscribers to change passwords periodically. However, verifiers SHALL force a change if there is evidence that the authenticator has been compromised.”

Please fix the website to remove this requirement. Thank you.

If we all do this, maybe it’ll get into their heads that it’s a bad idea to make users change their passwords just for the sake of it.

September 20, 2025

I don’t care how beautiful and well made Hollow Night: Silksong is. I hate this game and as soon as I beat this boss, I’m done for the night.

4 hours later…

September 19, 2025

I cannot stress this enough: if you have more to your name than fits in your pocket, and you have more than one person in your immediate family circle, have a will made.

I have ringside seats to what happens when you don’t, and it’s horrible. Money can make survivors lose their damn minds.

September 13, 2025

I’m using Ansible to manage a small fleet of Raspberry Pis. I’d been using the copy module to set a value in /sys:

- name: Enable compressed swap now (with zsmalloc)
  become: true
  ansible.builtin.copy:
    content: zsmalloc
    dest: /sys/module/zswap/parameters/zpool
    unsafe_writes: true

But that always reports that the file changed, even if it already had that value. Today I got the lineinfile module to update the value. This only says the value changed when it actually did:

- name: Enable compressed swap now (with zsmalloc)
  become: true
  ansible.builtin.lineinfile:
    path: /sys/module/zswap/parameters/zpool
    regexp: "^(?!zsmalloc).*$"
    line: zsmalloc
    unsafe_writes: true

Since these “files” only have one line, this uses regexp to see if that line already matches the expected value. If so, it moves on. If not, it writes the new value.

Note: unsafe_writes: true is there because you can’t write arbitrary filenames into /sys and then mv them into place. You have to write directly to the target “file”.

September 8, 2025

The little desk thermometer my mom’s sales rep gave her way back when.

A small black plastic desk widget with gold trim. It has one of those color-changing thermometer strips at the top, and says:&10;&10;d i g i t a l&10;&10;CUSTOMER SATISFACTION #1&10;&10;Providing Quality Solutions For Your Needs&10;And Service From People Who Care.

September 7, 2025

Smile!