Cruftbox: My Box of Cruft

Making a Security Zine for friends and family

Last week I printed a small booklet, folded it, stapled it, and mailed copies to friends and family. I used my sweet Dungeons & Dragons stamps!

Eight pages, in color. It’s the second volume of our Cruft Manor zine, and this time the subject is personal security.

A hand holds multiple copies of the "Cruft Manor" zine, Volume 2 - June 2026, titled "Personal Security," featuring text about digital threats and the quote "Hack the planet," fanned out against a blue tie-dye fabric background.

Last Christmas, Michele and I made a zine to send out to family and friends. We loved doing it.

I wanted to make another zine to scratch that itch. As a topic, I decided on personal security because I kept having the same conversations with family, friends, and neighbors who don’t live in the technology world.

Someone calls because a text said their package could not be delivered and they are not sure if it is real. Someone forwards an email asking whether Facebook really locked their account. Someone wants to know if they should click the link.

These are not foolish people. They are living in a world that has quietly become hostile to anyone who is not paying close attention to how their devices work.

Most security advice is written for people who already care about security. It lives in long articles, on Reddit, and in videos that assume you know what a DNS record is. That is fine for the tech-savvy. It does nothing for the people I worry about, who are never going to spend an afternoon reading about end-to-end encryption or quantum-resistant cryptography.

A zine solves a problem that a blog post does not. It exists in the real world. You can hand it to someone. You can read the whole thing in the time it takes to drink a coffee. And because it is a physical object, it sits on the kitchen counter instead of disappearing into a browser tab you meant to come back to.

Vol. 2 covers what comes up most:

Spotting scams, and the one rule that catches most of them: urgency plus a link
Code words a family can agree on to signal trouble quietly
Signal, and why to use it for anything you want kept private
How a VPN works, and what it does and does not protect
Locking your phone so a face or a fingerprint cannot open it for you
Keeping your software updated, including the actual commands for Windows, Mac, and Linux

I tried to make it fun and easy to read. I didn’t want it to feel like homework. Security is important, but nobody wants to spend their Saturday studying it.

The goal is not to turn anyone into a security expert. It is to move a few people from “I have no idea” to “I know the basics,” which is most of the protection most people will ever need.

If you want a copy, the PDF is here.

You can print it yourself (print on both sides, flip on the short edge), and share it with your friends and family.

If it helps one person avoid one scam, one phishing link, or one bad decision made in a moment of panic, it was worth the postage.

AI vs. logic puzzles, part two

A little over a year ago, I experimented with seeing is the current AI models could do logic puzzles. I used to do these kind of puzzles often when I was a kid, in the pre-interweb era.

At the time I tested them, they all failed to solve the puzzles correctly.

Fast forward to today, and the release of Anthropic’s Claude Fable model.

I gave Fable the same logic puzzle that the earlier Claude model failed.

A logic puzzle worksheet showing a grid table in the upper right corner and explanatory text below describing how to solve the puzzle by matching people's birthdays, names, careers, and nationalities through systematic deduction and constraint elimination.

Here is my initial prompt. Took less than a minute for Fable to respond.

A table showing five people's birthdays, names, careers, and passport nationalities, followed by explanatory text confirming the solution meets all given clues about chronological order and nationality constraints.

The answer was correct and even presented in a nice table. It even brags a little about it’s speed.

This kind of reasoning is difficult and this is a marked improvement from the last test.

LLMs still have a lot of issues with guessing, going down rabbit holes, and not sticking to Occam’s Razor, but improvements in this kind of reasoning is impressive.

Tips for new beekeepers – lighting a smoker

Using a propane torch to light a smoker.

Tip for new beekeepers – Lighting a smoker #beekeeping #beekeeper
No Description

Costly Computer Upgrade

While trying to replace my CPU cooler, I bent the pins on the CPU itself.

Costly computer upgrade
Uploaded by Michael Pusateri on 2026-06-05.

3D printing an external hard drive enclosure

3D printing an external hard drive enclosure
No Description

Tips for new beekeepers

Using a magnet for your hive tool and using frame holders during inspection.

Tips for new beekeepers
No Description

How I make smoke rub for BBQ

Making smoke rub for BBQ
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

Mow to make babyback ribs – May 2026

Done simply with ribs that were on sale.

How to make babyback ribs – May 2026
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

Replacing the CMOS battery and doing the “100Ω fix” on a QNAP TS-451+

Trying to resolve a BIOS boot issue.

This didn’t fix the core storage corruption issue, but I did get the ability to boot into BIOS again.

Replacing the CMOS battery and doing the “100Ω fix” on a QNAP TS-451+
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

firstlight – you can’t doomscroll a piece of paper

I’d reached the point where reaching for my phone first thing in the morning felt obviously bad and I just couldn’t stop. The scroll wasn’t even rewarding anymore, it was a reflex. I wanted a different default.

You can’t doomscroll a piece of paper.

A sports calendar page showing various team schedules and events, with sections for different sports including Dodgers, Cardinals, Lakers, and other professional teams, along with venue information and game times.

We still read a physical newspaper in the morning, because I’m old and old habits die hard. Newspapers are great for reading deeply and discovering things outside your algorithmic bubble, but they’re terrible at surfacing the specific information you actually care about day-to-day.

I built a small app called Firstlight. Every morning, before I wake up, it prints a single page of the stuff I actually want to know: the weather, what’s on my calendar, last night’s scores, a few news headlines, and my to-do list.

With a piece of paper I can make notes or check things off my todo later in the day.

A printed page is a nice default.

It doesn’t notify me. There are no pop-ups. It’s the information I chose.

It also turns out to be the right amount of information. No one needs the entire internet hitting them at 6AM.

The page reflects what I want to see each morning, and the code is simple enough to adapt to your own preferences.

Here’s what’s on mine:

Weather – today’s forecast, hourly breakdown, air quality, and a heads-up about rain in the next few days
Calendar – today’s events from Google Calendar
Sports – last night’s scores and today’s game times from teams I follow across MLB, NFL, NHL, WNBA, NBA, NWSL, MLS, and the Premier League
News – headlines from a handful of RSS feeds I picked
To-dos – a short list you can manage in the web UI or point to a text file somewhere
Daily – A quote and an “on this day in history” entry, for fun

A web form for configuring news RSS feeds showing six pre-filled entries including Al Jazeera, BBC News, The Guardian, The Verge, LA Times, and ESPN, each with their corresponding RSS URLs and remove buttons.

Everything sources from free APIs that don’t require an account: Open-Meteo for weather, ESPN for sports, ZenQuotes, Wikipedia, plain RSS. Google Calendar is the one optional integration that needs OAuth, and you can skip it entirely.

Firstlight runs in Docker on whatever always-on machine you have lying around — a NAS, a home server, a Raspberry Pi. In my case it’s a QNAP NAS. Once a day, a scheduler inside the container fetches everything, renders a single-page PDF, and sends it directly to my network printer over IPP. No drivers, no cron, no external services.

There’s a web UI for previewing the digest, managing to-dos, browsing past digests, and reprinting on demand.

Setup is a 10-step wizard in the browser. The only one with any real friction is adding Google Calendar, because Google’s OAuth process can be confusing.

Worth mentioning: I wrote essentially none of this code by hand. The whole project was built using Claude Code with the Superpowers plugin, which adds structured workflows for brainstorming, planning, TDD, and debugging. The original design spec and implementation plan are checked into docs/superpowers/ if you want to see how the sausage was made.

I mention this not as a flex but because I think it matters. This is the kind of project: small, personal, self-hosted, with no users to impress, that scratches a personal itch, that’s now genuinely easy to build. A few years ago I could have never built this myself.

It’s built for people comfortable running self-hosted things. You need to be okay with Docker, a terminal, and a config file. The wizard handles the actual setup, but if something breaks, a modern LLM coding assistant is surprisingly good at helping diagnose any issue.

Source is at github.com/cruftbox/firstlight.

The README walks through deployment for both generic Docker hosts and QNAP specifically.

If your phone has stopped feeling rewarding in the morning and you’ve got an always-on machine somewhere, give firstlight a try.