My personal best (and not so best) games of 2020(ish)

Might as well do a listicle... My best (or other than best) games of the year, by category...

AAA single player: "Cyberpunk 2077"... I really don't have any gamebreaking bugs or performance problems making it unplayable, and it's otherwise the best single player game I have played, at least since New Vegas, maybe even better than that.

Close runner up: "Final Fantasy 7 Remake"... Its honestly much better than the original, both game play and story and (it follows the same basic storyline but has 100 times the depth and detail...  and given the original is one of the greatest games of its genre, that's saying something. And its jaw droppingly gorgeous at certain moments.

And for additional... Flavor, as it were... "Game I wanted to love, and it was good enough that I still really liked it, but it has too many issues to actually make a "best of" list": that goes to "Control". Yeah it's not a 2020 release, but the "ultimate edition" went on super sale in 2020... and while its worth buying on sale, and worth playing... it was just a little more work, a little more polish on both crunch and fluff... away from actually being a great game. 

Indie single player: "Hades", no doubt. Love the aesthetics, love the game play, love the humor, absolutely brilliant game. No other indy game even came close this year... Though there were definitely a bunch of great indies this year ("Kentucky Route Zero" FINALLY finished releasing its last episodes this year, and it's a very interesting experience... not much like any other game you would think of off hand, but certainly worth experiencing... and I've heard very good things about "Cloudpunk" for example). 

AAA multi-player: Also easy, "Call of Duty Black Ops: Cold War". Without question the best  Call of Duty... or for that matter CODlike game... Oh... at least a decade or so. Though it is absolutely KILLER on your system resources. Getting playable framers on a 1070 in 1080p was difficult, never mind anything better. That said, its a VERY good looking game when you turn the settings up. 

Indie(ish) multi-player: For the... third year in a row now I think? It's "Warframe". They've completely overhauled the game over the last three years, even to the point of writing a new engine and new textures and shades, and of course major new content, for free, 4 times a year, with minor new content every 40 to 60 days.

Best mobile game: Well... that's kinda complicated and difficult at the moment... Hmm... Do you count Hades, which is on mobile platforms too (just the Switch for now, but likely it will be ports to iDevices soon, an android eventually), but is better on PC or heavier weight console? Do you count three of the best PC or Console games from decades ago...KOTOR and KOTOR-2, and "Castlevania Symphony of the Night"... which also released native mobile versions recently? 

...Maybe... "Sky" Children of the Light"? Its gorgeous, it's fun, its got a unique aesthetic and viewpoint... Well worth getting. I haven't played "AnimA" yet but I've heard its really great. Same for "Battle Chasers: Night War".... Both are installed and waiting to play. 

Worst mobile game AND worst game  that I actually paid money for: "Elder Scrolls Blades"... its a switch and mobile game... and its been in Beta and early access for like 3 years, and yet there's very little content, and whats there is shallow and repetitive. Also MICROTRANSACTIONS!!!!!... I bought enough of the in game resources to try to make the game more enjoyable... But there's just not enough content or game play no matter what. 

Biggest AAA (ish) disappointment: "Star Wars Squadrons"... It was... Just OK. Good even... But it had iffy controls, and just... not enough game. Both too short, and too shallow, with only OK game play. That said, you can often pick it up for $20 on sale, and it's worth the $20... Just not the original $40 release price. 

Biggest indie(ish) disappointment: that Vampire the masquerade Bloodlines 2 was delayed repeatedly... and now may not even come out in 2021 even. We'll see.

SolarWinds, FireEye, and Russian Intelligence Compromise the entire damn world...

Ok folks, this one is the real deal... I believe that the SolarWinds global supply chain compromise incident disclosed yesterday, is now the most severe, and most widespread information security comprise incident ever publicly disclosed. 

I can only think of one other that is even close... the RSA compromise... and from what was actually publicly disclosed (vs. what many of us in the field know to have been compromised but cannot officially confirm or disclose)... honestly... this may be worse. From all appearances, and the implications thereof, it may be MUCH worse in fact. 

SolarWinds is a major component of the infrastructure that runs... everything really. 300,000 organizations may have been compromised by this... note, compromised not necessarily exploited... SolarWinds is used by a lot of major service providers, ISPs, ASPs, SaaS providers, Managed Service Providers in the networking, security, and every other space... It's everywhere, and when you look at the details of the compromise... yeah, this could be EXTREMELY bad. 

For information and review... The various official notices and responses to the SolarWinds global supply chain compromise incident:

The emergency CERT alert issued appx. 2200est last night:

https://us-cert.cisa.gov/ncas/current-activity/2020/12/13/active-exploitation-solarwinds-software

The DHS-CISA (Homeland Security Cybersecurity and Infrastructure Security Agency) Emergency Directive for the compromise.

https://cyber.dhs.gov/ed/21-01/

This is the solarwinds official advisory and recommendations:

https://www.solarwinds.com/securityadvisory

Here's the FireEye advisory and recommendations:

https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

Here's the Microsoft Advisory and recommendations:

https://msrc-blog.microsoft.com/2020/12/13/customer-guidance-on-recent-nation-state-cyber-attacks/

Here's the recommended detection and mitigation countermeasures, rulesets, and criteria... as published by FireEye and recommended by the CISA:

https://github.com/fireeye/sunburst_countermeasures

And the recommendations to detect persistence in a compromise event from MITRE-ATTACK

https://attack.mitre.org/tactics/TA0003/

A bit of Pi

 This is a 1.5ghz quad core, 4 gig of ram, full on 2x USB3 and 2x 4k HDMI capable workstation or server. It cost $69 for the computer, or $99 including the case, power supply, connection cables, extra fan and heat sinks, and a preloaded OS on a memory card.

...And about ten minutes later, theres two of them, assembled and ready to configure.

A hell of a world we live in.

Friction

It seems the older I get, the less tolerance I have for what user experience (UX) professionals call "Friction".

Friction, is simply anything that reduces the efficiency, effectiveness, or pleasantness of the user experience, as compared to the optimal possible, or intended experience.

When I was in my teens and twenties, I had seemingly infinite tolerance for things that were inconvenient, or difficult, or fiddly, or unpleasant; if doing so got me some kind of performance gain, or even an extra "cool factor"... Or just because I wanted something interesting or different.

I would put up with machines and systems that broke down frequently, only worked if you played with them just right, or took MANY hours of work to set up properly... In fact not just put up with them, but enthusiastically extolled their virtues and recommended them to others... Sometimes even passionately defending them when others complained about the inconvenience and irritation. 

...Frankly, I just don't have the time, energy, and patience for that anymore, unless theres some HUGE advantage to doing so, that makes the pain in the ass worth it...

...Some examples...

I haven't bought a pre-built desktop for use as my personal primary machine in... Literally decades. The last time was while I was in college, and my computer broke, and I had a project I absolutely needed to finish that weekend, and it was my only option.... I could fail that critical project and have to repeat the class, or I could buy a system from Sears (a packaged hell no less... but I was smart and bought the extended warranty, so they fixed it for free for 3 years... in fact they actually replaced it completely... twice... upgrading it to a higher model each time). 

I always build my own PCs, because even if someone else can build something for me to the standard I want, they charge a lot more for it than if I built it myself... Because of course they do. Skilled labor costs money. Integration costs money. Support costs money. Testing costs money. Warranties cost money. 

...But right now... I'm looking at some of the very high end prebuilt systems from specialty vendors, and thinking "Damn... that's really good. It's exactly what I would do"... and some of them have specialized cooling systems and cases that I literally could not buy and build with myself. In terms of system integration and industrial design, they're actually just plain better than what I can build myself. They're a few hundred dollars more than what I could build myself with the same basic specs... and they may be worth it... For the first time ever. I'm seriously considering just buying off the shelf, and thinking it may actually be better, not just more convenient or easier (though I'd still put more RAM and a bigger SSD in the machine after the fact... Because NO-ONE ever includes as much ram or storage as I want). 

Using Macs for work is another example... They're just very well integrated, well tested, polished solutions that significantly reduce friction. They give me the power of a real UNIX, while giving me great UI/UX, and physically excellent hardware and industrial design.

I'm still not at the point where a Bose or Bang and Olufsen stereo appeals to me... Or any kind of "home theater in a box" for that matter.  The performance you can get assembling your own properly matched components, for MUCH less money, is so much higher, and the inconvenience and friction of doing so is so relatively low, that the minimalist hyperintegrated hyperdesigned systems hold little appeal to me... But I can understand why someone might feelthe other way.... they just don't want to bother with it, and they want good sound, and don't care shout getting great sound. 

...And... dirty little secret? Just for watching TV, I am actually a fan of the better soundbars, which have satelite speakers and subwoofers (some even have wireless connections tot he tv, subwoofer, and surround speakers). They're simple, they're cheaper than a full stereo, and they actually sound pretty good, for most movies and tv shows. I still prefer to have a full home theater for my main TV, and for the best music experience... but I recommend soundbars to other people all the time, and for a secondary tv, I TOTALLY go for the soundbar.

Even with guns... and I'm an experienced gunsmith who builds long range precision rifles for fun... Some of the out of the box solutions available today for long range precision rifles from Ruger, Sako/Tikka, Savage, AI, and others, have real appeal to me. Well integrated, well tested, well designed systems that give better than 90% of the performance of a full custom solution, often for a lot less money.

That doesn't mean I don't still want to build the full custom rifles, to get the most possible performance and have the features and configuration EXACTLY as I want... But I also want to buy one of the standard offerings, to get back into things faster, and for practice, and to help get others into the pursuit of long range precision shooting etc...

This applies to almost every area of my life... I love building and modifying cars, and motorcycles... but buying a well designed, well tested, well integrated car, now has as much appeal to me as building my own hyper customized optimized car. 

I really wish I could find good commercial desks and workbenches that would actually work for me. I still build my own desks and workbenches and beds, and toolstands, because I just can't find what I want commercially... I want specific sizes and specific strength, and rigidity and features... But I wish I COULD just buy them off the shelf. 

...I still want to do the custom builds... but I find great appeal in buying the well integrated commercial solutions  first, just to have something that is 80% or 90% as good, so I can take my time and so the rest absolutely perfectly the way I want.

A digital bubble floating on an analog ocean

If you ever want to know about the best cabling for analog data transmission... remember it may be digital data to your router, your computer, and your monitor, but once it's on copper it's an analog signal... ask an amateur radio operator.

Believe me... there is no-one more particular about the characteristics of their analog cabling, than a ham. We use it ... generally multishielded coax these days... for antenna feed lines. The strength of some of the signals we use it to receive, are measured in femotwatts, at frequencies in the multighz ranges. The higher the frequency, the higher the attenuation of the signal per foot of feedline, and the more subject to spurious interference... so low attenuation and spurious signal rejection are kinda important to us.

Whether you're transmitting radio frequency analog transmissions, or internet data, or high resolution high framerate high def video... it's all analog once it's on copper, because the real physical world is analog. It's all high and low voltage values in a sine wave (or at least you hope it's a sine wave), and is subject to all the vagaries of the analog world.

For example, HDMI... 1080p at 60hz SDR color (HDMI-1.1) is a two channel analog signal at about 165mhz, transmitted over 4 shielded twisted pair... 8 signal wires wide effectively, plus clock sync, control channel, power, and ground pins (including one ground pin for each shielded twisted pair), for a total of 19 pins. For 1080p@ 120hz it's about 340mhz, as is 4k@30hz. 4k@120hz HDR color is about 1.2ghz, however as transmitted over HDMI including audio, and various overheads, the actual maximum data rate ends up being appx. 1.485ghz... and 1.485gigabits per second per channel. Again, that's all over HDMI, which is a bonded multi channel serial digital interface (not actually a parallel interface, though the difference between the two is somewhat esoteric at this point)... the total aggregate data rate is between appx. 4gps for HDMI-1.0 (3.96gbps technically the same as DVI by the way), and appx. 48gbps for HDMI-2.1 (actually its 47.52gbps, effectively the same as 12x DVI channels, or 32x 1.485gbit serial data channels bonded together)

The higher the frequency of an analog signal, the higher the signal loss over distance, and the more subject to electromagnetic and radio frequency interference it is... which is why when we make digital interfaces out of analog wires, we tend to limit them to about 1.2-1.5ghz, and when we need more bandwidth, we aggregate or bond more 1.2-1.5ghz channels together.

...Which is why high bandwidth stuff like 4k video, is always transmitted as digital signals if it has to go long distances. It has extremely high signal attenuation, and sensitivity to interference, in analog form (about 6db per 100feet at 1000mhz, over conventional rg6 coax for example... the stuff your cable company uses to get signal to your cable box and cable modem. 30db signal attenuation is generally considered the maximum, so 500 feet would be the maximum at 1ghz. The actual data rate for a 1080p60hz signal as actually transmitted over coax as SDI [serial digital interface] is 1.485ghz x2 channels, for a maximum run of about 140 feet at 30db attenuation, though SDI interface boxes generally extend that out to between 200 and 300 feet through higher power, and some tricks with frequency modulation and error correction. As a purely analog signal, including audio and overhead, it's almost 3ghz if it's a single channel, which would attenuate out at about 90 feet on RG6, which is why we never do that). Breaking it up into high bandwidth IP data is much easier, with much lower losses and greater error tolerance and error correction.

In analog data transmission, using a waveform structure... as most electrical and optical data transmission and cabling standards, and most radio standards do... there's basically two factors which can be used to transmit information. Frequency, and amplitude. We can modulate the frequency at which we transmit... the number of times per second the wave hits a peak... and the amplitude... how strong the signal is, which translates into how high the peak gets.

...(note: theres actually a third, called "phase", and it IS used in many data transmission systems... most of them actually... but it's a much more difficult and complicated thing to decode with precision, or to explain without further background, so I'm MOSTLY ignoring it for most of this explanation)...

The most basic way of doing that is with binary amplitude modulation... off and on, dot and dash. That's the easiest thing to detect.... and consequently those were our earliest forms of optical and electrical communications... the heliograph and the telegraph... and our earliest form of radio communications as well, using spark gap transmitters and cat whisker coherer receivers. We then converted those "off" and "on" states into useful information with thing like Morse code or Baudot code (where we get the word "baud" from).

You'll find that for... ease of explanation let's call it... most examples and illustrations of most communication methods simplify it to this binary representation.

A binary amplitude modulation system, is limited by how fast you can turn the signal off and on... or really, how fast you can precisely and reliably detect it being turned off an on. It can only encode 1 bit of data per time division, because it is always on or off referenced to off.

However, even without frequency modulation, amplitude modulation can be more complicated... and cary more data... than just off and on. In fact, it's actually a lot easier to create more precise signals by NOT using a binary "off" and a binary "on", but instead to use a "high" value, where every signal above a certain "high" amplitude threshold is a 1 and everything below a "low" value is a 0... Every computer logic circuit on the planet does this, but we pretend that "high" and "low" are really "on" and "off" to simplify it for logical explanation purposes.

Further, because we are talking about waveform transitions between high and low states, we can actually have FOUR states represented with basic amplitude modulation... "high", "low", "rising", and "falling" (this is called Quad Amplitude Modulation or QAM, which itself can be detected either by precise time reference, or by phase shifting an amplitude modulated signal wave in reference to a baseline carrier wave... I said I would MOSTLY ignore phase, not entirely).

So, before we even get into frequency modulation, we have the ability to represent 4 states of data. In reference to itself, that can mean 2 or 3 bits (depending on how you encode and how you detect the state), or in reference to a precise clock or a known baseline state such as an unmodulated carrier wave, it can mean 4 bits of data.. a useful increment.

...An important note... 2 different states of data, only in reference to that state change itself... a binary 0 or 1...is only ONE bit of data. 2 different states in reference to something else, like a high or low state in reference to a neutral carrier, or a precise time clock, can be just one bit, OR it can be used to represent TWO bits of data with proper encoding. Four states in reference only to themselves can be 3 bits, but in reference to an outside value can be 4 bits etc... This is because some state must always be null or neutral, representing no data, while all other states can encode data in reference to null or neutral. One can even do this with purely binary data with bitwise time encoding or bytewise sequence encoding, across multiple bits or bytes... Each bit is in reference to a time, or sequence of previous bits, or sequence within a byte, and therefore 0 or 1 are both information states. Without bitwise or bytewise encoding, 0 is the null reference and 1 is the only state with data, with it both states contain or transmit data.... This logical structure is generally ignored when this subject is explained, because it hurts peoples heads.

Now... we have figured out that over most transmission media... be it copper wire, optical fiber, or radio frequency transmissions through a vacuum... we can transmit additional data through two other means.

The first, is by modulating the frequency of a signal wave slightly, compared to either a very precise time clock, or to a reference carrier wave. This again can give us four discernable states of information in any given time division for a wave... any given discrete small frequency band... a peak state, a trough state, a rising state, and a falling state.

The second, is by combining multiple signals in different frequency bands, over the same medium.... Of which there could potentially be infinite divisions in theory... though in practice its difficult to generate and detect a lot of different bands simultaneously with any precision.

However, even before we reach that point, you should be able to see that for any given time division, using a combination of both amplitude modulation, and frequency modulation, we can actually represent.. and transmit and receive... 4 discrete states per frequency, and as many frequency states per time division as we can detect, with 4 states for each as well... 16 total states per discrete division... 16 bits... using purely analog signaling.

In fact, for any given division of time and any given frequency banding, we can use frequency modulation (4 states), amplitude modulation (4 states), and in theory both frequency phase modulation (2, 3, or 4 states, but the 3rd and 4th state are hard to deal with, so really 2 states), and amplitude phase modulation (again theoretically 4 states but really 2) within each discrete frequency band, to represent 64 bits of data.... though using both amplitude phase modulation and frequency phase modulation, is extraordinarily difficult to do with precision, so up until recently generally only one or the other has been used. And of course, it is technically possible to detect and use all four phase states for both amplitude and modulation, meaning you could theoretically represent 256 discrete states, or bits, within one discrete frequency band, in one discrete time division (or you can do it on the rising and falling of a clock cycle.. but it's not practical to do both clock and phase at the same time, because one is detected in reference to the other).

Then, by modulating within a small discrete frequency band, we can multiply those states by the smallest divisions we can discern within that band, times the total number of divisions, or width of that band.

That's where the term bandwidth comes from by the way. It's a measure of the number of discrete bits of data we can discern within a single time division, in a single frequency band, or an aggregate of channelized bands.... and it applies whether were talking about copper hardline, fiber optics, or radio waves.

Right now our highest frequency, and highest bandwidth, commonly used wireless systems are using the 5ghz RF band, and modulating across 80mhz channels within the band. Our highest bandwidth commonly used hardline video systems (HDMI 2.1 or CoaXpress CXP-X standards) use 1.485ghz frequency (anything higher causes severe attenuation of signal over distance... the higher the frequency the higher the attenuation), with HDMI 2.1 using 4 different states per conductor, and 8 conductors, to get 32bits times 1.485ghz, or just under 48 gigabits per second.... a similar standard is also used for our fastest common data networking over copper wire (currently 40gig ethernet), achieving a similar data rate.

The fastest data transmission over copper wire commercially available for mainstream computing applications, is currently 100gigabit ethernet. It uses four pairs of conductors moving 25gigbit each pair, but the frequency is so high that the signal attenuated to un-usability within just a couple meters, so almost all 100gbe is over fiber optics.

When you combine that with heterodyning, or multiplexing of different frequency banded signals over the same media (or as noted near the top, in phase or out of phase signals... the last time I'll mention it in this piece), for channelization within the same larger band, it should be clear that analog data signaling can do a hell of a lot more than just off and on, one and zero.

The most basic means we have used these properties for... for well over a century now... are audio transmissions over the telephone, and audio transmission over the radio.

Audio inherently transmits both frequency and amplitude modulated signals, in 1hz and 1db increments, across about 20khz of frequency spectrum, and 120db of dynamic range... Or at least human audible audio does (ultrasound goes much higher of course). Though to simplify transmission, and to multiply the maximum number of transmissions over a single medium, we have often "narrowbanded" audio to as little as 3khz and as little as 30db dynamic range.

Taditional telephone signals for example, drop everything below 300-400hz or above 3300-3400hz (depending on the region and standards of the particular telephone system) and compand -compress and expand- dynamic range down to 42db or less (+- 18db). We can then take those limited bandwidth "narrowband" signals, and combine them over a single wire, by shifting their frequency up and down in discrete bands, and then shifting them back to their original frequency at the other end... even with basic analog equipment (this is called frequency shifting or tone shifting).

That's how some long distance phone calls and trunk line calls worked for decades, before we switched to digital telephony systems... a process which took decades (and if you still have a land line, your home phone may still be connected directly to the neighborhood switching node over a single analog channel, or even to a local central switching office, depending how overdue your local infrastructure upgrades are... But in the U.S. most landline service is now digital to the neighborhood node, or even digital to the home, and is only analog from that switching box to the analog handset)

It's also how radio stations work. FM stands for "frequency modulation" and AM stands for "amplitude modulation" but in reality both types of radio do both things, its just a question of how each creates and recreates the signal at either end of the transmission. An FM radio station can modulate frequency and amplitude across a small defined band, to transmit appx 15khz and 48db dynamic range worth of audio signal. An AM radio station can do the same but with only a 10khz and 30db range. Thus we can theoretically fit about 200 local FM and about 120 local AM radio stations into a given area, in the FM and AM broadcast bands... But to avoid interference and crosstalk, it's actually more like about 100 fm and 60 am stations.

When we first started sending digital transmissions over analog phone lines, we did it in the simplest way possible... Essentially back to the days of the telegraph, only a little bit faster... We eventually got to about 300 bits per second, before we had to switch from purely binary amplitude modulation, to add the rising and falling signal states, and the frequency banding and heterodyning or multiplexing of signals. Within the limited 3khz and 42db dynamic range allocated to each analog telephone line, we managed to go from pushing just 300 bits per second, up to about 56,000 bits per second.

Now, we're using wideband 5ghz band wireless with QAM, to get bandwidth exceeding a gigabit per second per channel, and bonding multiple channels to get multi gigabit wireless.

...But still... digital data, becomes an analog signal, the second it hits a wire or a radio, and is subject to the capabilities and limitations of its transmission medium. We may live in a digital bubble, but that digital bubble floats on an analog ocean, in an analog universe.

These have some interesting potential

8GB Raspberry Pi 4 released for $75

I have been waiting for the 8gb memory threshold to be crossed, for Pi platforms to become really seriously useful for certain important and/or fun applications. I was hoping they'd be a little closer to $50, but that will happen not too far out I'm sure.

Honestly... I cant afford this right now, but I think I need it, for personal and professional development stuff that I have been wanting to do for a good long while..

If anyone wants to help me get one of these... preferably the full developers kit... It would be much appreciated (paypal via chris@chrisbyrne.com or contact me directly for basically every other possible way of helping out). Or several of them really... at least two, but up to eight ideally (because they're modular building blocks that are most efficient in blocks of 8, which would be 32 cores and 64gb of memory for $600 at current pricing... and likely $400 or less for bulk pricing in six months).. because what I want to do involves some clustering, and scaling... It would potentially go a long way to helping me rebuild my professional life, and get some significant income again.

The early 2016 gaming sweetspot?

So, theoretically AMD is "getting serious about desktop gaming CPUs again"... which is hilarious to me, since they haven't BEEN serious about any kind of desktop or consumer performance for 10 years now.

But it got me thinking about the current state of desktop gaming, and what the current price performance optimums are...

And I was actually kind of surprised...

Because it looks right now, that the "sweet spot" is right where it was about 18 months ago... only it's cheaper...

Right now, the sweetspot in gaming GPU price/performance is still the GTX970... which has been out since the middle of 2014.

You can get a really good gtx970 for $300-350 right now... The lower performing Radeon r9 290x is still over $400, and as high as $500, and the even lower performaing r9-290 is just touching $350.

And GTX980s, are still $500.

On CPU's the price performance equation is certainly more complicated...

First question for CPU is actually not about CPU, it's about RAM... and then motherboards.

Do you want a DDR4 machine or not... 16gb ddr4 runs $85 to $100 right now for 2400mhz or 2700mhz, and more like $115 to $125 for 3000mhz. 16gb of good high performance DDR3 is more like $85 flat for 3000mhz.

More importantly though, the best ddr4 mobos are a bit more expensive, and the best performing DDR3 is actually faster in some ways than DDR4... and more overclocking stable, with more options of overclocking motherboards etc... though that won't be the case for long, and the very best mobos are now DDR4.

I'd probably go for DDR4 to futureproof... but really, the price performance right now isn't definitive. And if you want to overclock, DDR3 may still be a better choice.

For DDR4 gaming boards... basically you've got three price points... $170 $270, and $370.

So... you've got options for socket 1151, and socket 2011... the socket 2011 options obviously being the more expensive, and taking the more expensive CPUs.

Right now, I'd still go with an 1151... Though a lot of people are doing Xeon gaming right now, I still think your best option and best value is with an i7, and the skylake based Xeons are now on the 1151 anyway.

For DDR3, you can still go for LGA1150 boards, and basically pay whatever you want. $50 to $400, with really good boards in the $150 to $200 range.

And the best value for performance in an i7, is actually probably still an older i7 like a 4790 or 4790k from 2014... at $300-310ish and $330-340ish respectively.

If you want the new skylake, the i7-6700 will run about 50-60 more and a 6700k unlocked will run $420ish.

.. but guess what... clocked the same, on the same speed RAM... they benchmark out at about the same... with the 4790 actually slightly edging out the skylake in some things.

... and overclocked to their maximum, the 4790k will out perform the 6700k in a lot of benchmarks... though some of that is simply that the boards and ram are better worked out.

So, to my mind, the gaming sweetspot right now is:

cpu: i7 4790k $330
Board: any decent gaming 1150 board $150
RAM: any decent 3000mhz gaming ram $85
GPU: any decent gtx970 $300

That's $865 for the core components, that would be variable among gaming builds. The rest... case, psu, ssd... is all the same, and based on personal preference more than anything else.

Oh and before you ask, no, there is no AMD option worth bothering with at this point, unless you're trying to build a much cheaper system.

If you want to be more current and future proof

cpu: i7-6700k $420
Board: decent gaming 1151 board $170
RAM: decent 3000mhz gaming ram $125
GPU: any decent gtx970 $300

$1015... about $150 more than the DDR3 system.

Is it worth the difference... ehhhh.... Performance wise, probably not... But getting into a DDR4 platform with an 1151 socket... Especially if you're thinking about going higher end on the board, with an NVME-SSD... yeah, probably.

Shellshocked, Vectors, and Vulnerabilities.

So, the Shellshock vulnerability...

Yes, this one really is the biggest vulnerability to hit UNIX-like systems in decades.

Yes, it is in the wild now, and yes, it IS a major problem.

So yeah... you really do have to pay attention to this one. 

Briefly, many UNIX-like systems, including most Linux systems, Mac OSX, and many others, use, or at least have installed on them, a variant of a program called "bash' (the "Bourne Again SHell").

To say that it's one of the most widely used pieces of software in the world would be a dramatic understatement.

Recently, it has been discovered that most bash variants (and by the way, there are hundreds of them, if not thousands, extending back to 1989), when invoked with certain variables, can be forced to execute malicious code.

There are already patches available for many systems which will either fix or mitigate the problem, but there are literally millions of systems out there, and it will take a lot of time and effort to fix them.

There are also many systems which either can't be fixed for some reason or another, or whose owners don't even know that there is a problem.

These days, just about every piece of computing hardware out there that isn't an actual Windows server or PC,  runs a UNIX-like OS; and many of those have some variant of the software in question installed on them by default.  Even if it's not actively used on the system, many systems have it installed by default, and few bother to remove it.

Even if you don't run any UNIX-like boxes, your vendors, your partners, your bank, your power company, your... everything... runs them.

...Hell, your TV or stereo might be running linux these days, and your router probably is.

Do YOU know what operating system is running on every single piece of computing hardware in YOUR company? In every embedded system? In your printers, your photocopiers?

Also, because this vulnerability extends back so far, it's entirely possible... actually it's a damn near certainty... that the code containing the vulnerability in question has been reused in other software (including other shells not considered bash variants, and other entirely unrelated software); which may now also be vulnerable.

So, the gory details...

https://www.us-cert.gov/ncas/alerts/TA14-268A

Read the CERT link, then read this:

http://arstechnica.com/security/2014/09/bug-in-bash-shell-creates-big-security-hole-on-anything-with-nix-in-it/

And this;

http://arstechnica.com/security/2014/09/concern-over-bash-vulnerability-grows-as-exploit-reported-in-the-wild/

And if you want some technical depth, this:

http://www.troyhunt.com/2014/09/everything-you-need-to-know-about.html

I don't have much else to add about the vulnerability itself... but I do want to talk about a common problem with how people think of and respond to issues like this.

Confusing Vectors with Vulnerabilities.

I'm noticing a lot of folks out there seem to think that because they're not running a web server, or that they're not providing services to the internet, that they're not impacted by this vulnerability.

That is absolutely not the case.

It's very important to understand, the attack vector for this vulnerability is not JUST web services; that's just the most common and simplest way to exploit it remotely, and the first exploit seen.

This should be obvious, but any service that may pass unvalidated (or poorly validated) remote input to any external shell or command parser, is a potential point of compromise.

There are any number of common services that may do this, including DHCP and autoproxy config, various SSH configurations, various VPN services, some remote management or configuration services, GIT and other code and content management systems, various file sharing and syncing services, various media services, various backup and archive services...

Also remember the vulnerability applies to local command execution and local services as well, not just remote. This is a vulnerability in a core component of the operating environment, not just in any particular service.

Unlike most other operating systems, where an application or service might perform an external function for itself, or through a system API; because of UNIX-like systems fundamental architecture and long standing convention, almost any process might invoke and pass input to an external command parser or shell for almost any reason. When they do, it's usually the default shell for the system, or for the UID the process runs under, and often that default is bash.

Even if bash is not the default for a system or user, some processes may invoke bash explicitly, to avoid potential environment, syntax, or parsing errors (or simply because that's what the programmer was comfortable with).

Also, even if a process explicitly invokes a command parser or shell other than bash, it is common to find that bash has been aliased or linked to the command for the other shell. In many environments, running the command "sh" will in fact invoke a bash shell.

Finally, as I noted above, bash is so ubiquitous, and the code for it has been around so long; it's entirely likely that other shells and command parsers (and possibly other types of software as well) share this same vulnerability.

Again, these should be obvious, but it's surprising how easily we allow ourselves to overlook or forget the basics.

Don't assume you're safe just because you're not running a web server on the machine, or because the machine isn't providing services to the internet, or because you're " not using bash".

Address the vulnerability, not JUST the vector.

A little computer advice

Being an IT professional, I get asked for computer advice a lot. The most frequent questions I'm asked by the "average user" are "why is windows 8 so horrible", "how do I fix this virus I've got on my computer" and "what computer should I buy".

I have lots of answers to why Windows 8 is awful, but none of them will help most folks, except my one suggestion: Download a program called Classic Shell. It's free, it's a 30 second download, and it makes Windows 8 suck FAR less.

The virus thing... 

Well... I'll illustrate the issue with an anecdote...

I took a family friend on as an emergency client. They home school, and the system they use for homeschooling was well hosed up, to the point where it was completely unusable. It would boot, but applications and web pages wouldn't load, it would reboot randomly etc...

I looked at it... No exaggeration, there were over 6,000 individual pieces of malware, spyware, adware... and that's with 4 different AV/adware/spyware/anti-malware packages running, including the commercial and updated norton 360. They also had 4 different "system optimizer" or "system cleaner" packages running, and god knows how much other "helpful" garbage.

He asked what I charged and I said "I'm doing this as a family friend, because to clean this up... Labor alone would be more than you make in two weeks. It's going to take me at least two full days. It'd be faster to wipe it and start over but you don't have backups or install disks for a bunch of this stuff. Even then, I really recommend wiping it when you get the chance, because I might have missed something.

And yes, it did take two full days... actually more than. I actually put over 20 hours into cleaning the system up, then rebuilding it to a consistent and usable state, then locking it down and putting tools in place to... I wish I could say prevent, but it's a windows machine so I can only say reduce the likelihood... of that sort of thing ever happening again.

Just so he would understand and appreciate the amount of work involved, and what that kind of work costs, I printed him up an invoice, with a 100% discount. Yes, it was more than he made in two weeks. He just about crapped his pants.

So, my advice on the virus thing is this... Wipe the machine completely, and install from scratch. If you can't do that yourself, donate the machine or give it to a smart kid who can, and buy a new one. It'll be cheaper and easier for you.

Oh and NEVER EVER EVER EVER buy or install norton, or mcaffee, or frankly any of the major vendors anti-virus, "security suite" or software "firewall" packages, and never buy or install a "system cleaner" (except piriforms ccleaner aka crap cleaner, which I install on every windows machine automatically). If they come on your computer from the factory, clean them off completely before you try to run anything. They are actively harmful.

For anti-malware, use windows security essentials, and comodo, AVG, Avast, or malwarebytes as a secondary scanner, and run Winpatrol to keep control of your computers settings and startup programs etc...

In general, don't be an idiot. Don't download anything, or open attachments or web pages, you don't know, or are not well known and trusted sources etc... etc... Virus scan everything before you open it, and turn on live virus scanning in your security software.

Oh and NEVER load or use a browser toolbar of any kind, unless you are absolutely sure you want to use it, exactly what it does and who it came from.

Most importantly, always live behind a physical firewall. Never expose a windows machine to the bare internet, no matter what kind of software "firewall" you have running (software firewalls don't protect you worth a damn. Also they shouldn't be called firewalls, because they aren't). You WILL be compromised, within minutes, without question.

That just leaves buying a computer...

This is where things get more interesting.

Now, if you're looking for a desktop, the answer is pretty simple: if you plan on keeping it more than a year, buy the second best CPU, most ram, and best monitor you can afford.

If you can change out your own hardware when it breaks, brand doesn't matter. If you can't, buy an HP (seriously, don't even think about buying other brands of desktop unless you can support them yourself).

For a laptop... it's a hell of a lot more complicated and involved. Of course, most people only buy laptops these days, leaving a lot of folks having no idea what to buy or how to decide, and no resources available to them to help.

So mostly, they end up buying on price, and buzzwords, and mostly they end up unhappy. There are some very good reasons why laptop shipments have been trending way down the last couple years, and the much simpler and more user friendly tablet has been taking over as peoples casual computing device.

As it happens, in the last few weeks, I've had about a dozen people ask for my advice on buying a laptop. Also, I've ended up buying (as presents, as replacements, for projects etc...) six laptops in the last four months.

Since it IS one of my most frequently asked questions, I've given all of this advice many times before... in fact so many times I went through writing it all down to send to folks or post on forums, but I'd never bothered to post it here. Someone asked again tonight, so I decided to post my little guide on the blog.

Ok, here's my basic question list:

1. How portable/light/small do you need/want it to be? Will you be travelling with it more than a couple times a year?
2.  How long do you plan on keeping/using the machine
3.  How big a screen do you want?
4.  Do you want an optical drive? If so, DVD or BluRay drive? Is an external drive acceptable?
5.  Since you can run MacOs, Windows, and Linux on one, is a Mac acceptable?
6.  Are you going to be doing any non-casual gaming on the system
7.  Are you going to run any engineering graphics or calculation packages
8.  Will you be running any large spreadsheets, desktop publishing, design etc...
9.  Will this be your primary computer
10.  Will this be your primary digital device for consuming rich media (music, video etc...)

Prioritize the following for me:

- Performance
- Cost
- Ruggedness and durability
- Portability and light weight

The answers to these questions, along with some general guidelines (below) pretty much determine what machine to buy.

A word on Mac's

If you don't mind the cost, MacBook Pros are simply physically better machines than all but the highest end windows machines (which actually cost as much or more), and they can run MacOS, Linux, and Windows natively. I HIGHLY recommend them for anyone who intends to keep a laptop for more than a year or two.

I live in the world of high end IT consultants, and high end security professionals, and unless our employers ban us from using them, almost all of us use MacbookPro's (whether we run OSX on them or not). I personally run OSX, several versions of windows, and several linux distros on mine, in both multiboot mode, and as virtual machines.

Really, they are just PHYSICALLY, so much better than all but the highest end windows machines, as to be in a class almost by themselves.

Let me illustrate what I mean...

A typical windows laptop might last me a year... I've had them die in just a few months. I've NEVER had one last more than two years of hard use. They just get loose and creaky, get unreliable, lose performance no matter how clean you keep them software wise... or they just plain die, with hard use.

My macbook pros?

Well, I've been running my current 15" MBP for almost exactly 3 years, it's still in 100% shape, it's still faster than most machines out there (quad i7, 1gb discrete graphics, 500gb SSD and 16gb ram). I really have no need, and no desire to upgrade.

So please, take my advice here... if you use your laptop seriously, and do any kind of travel with it more than a couple times a year, consider an MBP, even if you aren't a mac user.

These are my general recommendations:

As of right now, I wouldn't buy anything less than a core i5 in a general purpose laptop, unless I was looking to minimize power consumption to the extreme, or looking to spend under $400 (which means a machine only good for facebook and email). The miniscule price difference isn't worth the major performance hit.

I will not use a current AMD CPU/APU for anything other than the cheapest possible facebook and web browsing machine. Multi-GHZ Quad core machines shouldn't be at 100% cpu just watching youtube. They're garbage now, as general purpose systems and graphics processors (their high end GPUs are still great, and they do some interesting things in distributed computing, low power computing, and other specialized tasks).

If you don't want an optical drive, or don't care if your optical drive is external, and don't need a 17" display, get an ultrabook (preferably an aluminum or composite one, unless your budget won't cover it).

I always recommend SSD's highly, for everyone, even if they don't care about performance. If you need more than 400-600gb in your machine and SSD prices for this size range are prohibitive for you, I strongly recommend a hybrid SSD ($95 for a 1tb hybrid drive).

Let me be clear: Once you have more than the absolute minimum amount of RAM necessary to perform well, the single biggest thing you can do to improve your machines performance is to use an SSD. The difference is night and day, such that I will never willingly use anything other than an SSD or at the very least a hybrid drive, ever again.

I STRONGLY recommend a minimum of 8gb of RAM for windows 8, for any heavy work, or for lots of multitasking. 4gb is barely livable for Windows 8 and what I consider the real minimum for windows 7. 16gb is preferable for any kind of heavy use, multitasking, or running virtual machines. 32gb is WAY overpriced and most machines don't physically support anyway.

If you plan on keeping it more than 2 years, if a metal or composite chassis model is available within reasonable reach of your budget, make that reach. Even if you have to go down in spec a bit to do it. You would not BELIEVE the difference in toughness, and just quality feel, you get from a stronger chassis based machine rather than a plastic clamshell.

As of right now, my primary vendor recommendations are as follows, in three tiers:

Tier 1

HP(high end, particularly high end business models)
Apple
Dell (high end, particularly high end business models)

Tier 2

HP (mid/low end models)
Dell (mid/low end models)
Lenovo (used to be tier 1, now I consider them tier 2)
Samsung
Panasonic
Toshiba

Tier 3

ASUS
MSI

The tiers I've grouped the vendors into correspond roughly to what I consider their "utility vector". A combination of design, features, quality, durability, CONSISTENCY, warranty, technical support, and customer service.

I wouldn't ever even consider laptops from other brands at this point.

If you're comfortable with handling your own support, and doing your own minor repairs, then feel free to buy from any of the brands I listed.

If you are going to need to use the vendor to make minor repairs though, I STRONGLY suggest you go with a Tier 1 vendor, and consider buying the 2 year full hardware replacement warranty (at least if you plan on keeping the machine that long; and presuming it costs no more than 25% the replacement cost of the machine of course).

HP, Apple, and Dell just handle this stuff better, IN GENERAL (there are always breakdowns and horror stories), than the other vendors.

The reason I rate MSI and ASUS as tier 3 (and why I downgraded Lenovo from Tier 1 to Tier 2), is because their overall experience is inconsistent. I've had great stuff from them, I've had garbage. I've had great experiences with their support, and I've had awful ones. Overall, I'd prefer to avoid them, unless they have a spectacular machine at a spectacular price.

If you plan on keeping it more than a year or two, I STRONGLY recommend buying a "business" line laptop, rather than a consumer laptop. They're generally better designed, and better put together, with slightly higher quality components. Also, they're almost always a lot easier to service when things DO go wrong.

At this point I only buy computers from Amazon, Costco, WalMart (for the really cheap low end semi-disposable machines), Frys Electronics (sometimes they have spectacular deals on discontinued models or refurbs), Newegg, or direct from the manufacturers website.

No matter how great you think a deal is, always check the manufacturers web site, because they often run pretty spectacular specials.

... And that's about it really. The market changes so quickly that I can't make any more specific recommendations than that.

Hmm... yeah... there's your problem right there...

So, my MacBook Pro has been acting a bit wonky lately... and I'm pretty sure I know why.

A few weeks ago, I started getting disk corruption, that couldn't be handled with the normal disk utilities; and required me to get a clean backup on an external drive, wipe and reformat the internal drive, and restore...

Well, I kept getting the corruption problems after a few hours or a few days... and they kept getting worse.

Finally, I ended up rebuilding the thing 5 times in two day; and 3 times in one night (this was the night before my big compliance webinar. I didn't sleep at all the day before or that night, and ended up working all night and all morning before the webinar to try to get sorted).

This was basically two weeks of escalating pain, but until the last night the issues were intermittent with variable recurrence, so I couldn't get enough diagnostic info to nail it down.

With the 3 in on night episode, I was finally able to see the problem occuring...

And it's something I have NEVER seen... never even heard of...

What was happening on the HDD was lots of tiny single bit/single block/single write i/o errors. Ok, that happens... but why? It was a less than 90 day old relatively high end SSD (my last SSD went bad this past summer).

So I looked deeper at the errors, and noted that not all of them were from the hard drive...

Some of them were from the DVD drive...

Which had a scratched up DVD-R in it...

I pulled out the bad DVD-R and... holy crap, no more I/O errors.

What was happening, was that the particular damage on the DVD drive, was causing the I/O controller to constantly attempt to re-read the drive, and fail... hundreds of times a second. Instead of just limiting out though, it was causing enough latency in the SSD, that it was getting I/O errors as well...

Thing is... I didn't notice, because the DVD drive wasn't constantly spinning up... just a couple times an hour maybe? Which could have been explained by finder doing crap.

I've never seen that before... never even heard of that before, in a desktop or laptop (it's something that can happen with large high volume high transaction count servers, if they don't have sufficient spindles or cache, and their i/o controllers don't handle the exceptions properly).

Anyway... I got that resolved, and got my MBP functional...

But, ever since the last rebuild (after I figured out the problems), it's been a bit wonky. The finder doing some weird things etc...

I've run all the normal diagnostics, and at this point I'm pretty sure that to get sorted, I'm going to need to do another clean beackup, but instead of just restoring, I need to do a clean install, then migrate my apps and data.

It's a PITA, so I'm putting it off until I can't put it off anymore...

Meantime, I'm living with assorted wonkiness.

One of the items of said assortment; I hadn't really noticed it until a couple days ago, but I couldn't empty my trash.

This happens on OSX sometimes, it's not really a big deal. Usually it's a file that is locked somewhere and it can't be forced to let go because of a zombie process, or a bad pointer somewhere etc...

It's generally easy to fix. You just go into the trash directory from the command line, and force delete everything.

So, I went in, as root, and did a listing of my .Trash.

And it took a while... a LOOONG while... many many many screens of data flashing by my screen...

24 MILLION ITEMS... for a total of 243.8 gigabytes.

Well... there's yer problem right there...

It seems that the detritus of the multiple rebuilds... including several complete copies of my hard drive... ended up getting stuck in the trash for some reason; and couldn't empty out.

So, I started the force delete and went on to other things in other windows... after about 20 minutes I came back... and my command prompt hadn't come back...

I figured it had frozen up, or otherwise wasn't working; so I cancelled the job. Ran the listing again...

Nope... it had been working... It had deleted 9 million of the items, there were still 15 million left.

So I started the job back up again and went away for 20 more minutes... went back... still working...

As I was about to switch windows away it finally finished.

It took 40 minutes to delete the crap from the command line, no wonder I couldn't empty or open my trash in finder...

Cleaning up my crypto

Given the current state of things, I'm cleaning up and updating my crypto regime.

I don't know how many times I've said it, but anything sent in plain text over a wireless network, or across the internet; no matter what your endpoint, last mile, or client to server security might be; is effectively publicly readable information.

Never mind the NSA, half the time script kiddies can read this stuff without too much effort.

It's not so much the data in flight you need to worry about (though that's not exactly invulnerable either), it's what happens to that data once it actually hits a server. It's the data at rest, wherever and however it may be at rest, for however long it may be.

How secure is that server? Is that data stored in plain text? Is it in databases and spools and caches in the clear? Is the data sent from server to server in the clear? Are the backups of all those systems secure?

And for that matter, how secure is your OWN internal network? Your machine may be clean and virus free, and uncompromised... but is your wireless router? Is every computer inside your network just as clean? Are they listening to your communications, or browsing your fileshares?

If you want to protect confidential or higher information, or communicate with any degree of confidentiality; you MUST use strong encryption, preferably both in flight and at rest.

Now, security geeks, cypherpunks, and other professional and enthusiastic amateur paranoids, have known and internalized these things for years; but the general public STILL doesn't really understand them even today.

Maybe the NSA thing will wake some folks up...

Part of the problem though, is that encryption is inconvenient and irritating. Even for a professional like me, there's still a number of things I'd like to use strong encryption for or with; where there either aren't any usable options, or those that are available are a major pain.

It's better today than it used to be however; and at this point I'm going to take advantage of that fact to clean up and simplify.

A few years ago, I was stuck using several different solutions, even just in my personal life, because there weren't well supported cross platform open source implementations and solutions, for the various things I need crypto for. As of now, that's no longer true with some minor exceptions (secure encrypted instant messaging, and encrypted voice communications for example).

I'm now standardizing on GnuPG (or any open source OpenPGP implementation, as they should all be interoperable) and TrueCrypt; because they work well, are well supported, and do what I need them to do, on the platforms I need them.

I've mostly used those two solutions for a while, but had a few others lying around. As of now, I'm 100% on GnuPG and TrueCrypt unless they are unsupported in the application I need encryption for.

Yes, I know, open source purists don't like TrueCrypt because of its licensing terms (it's source available, but not fully redistributable), but as of right now, it's the best cross platform solution I've found for what it does.

I'm also moving my defaults to 4096 bit keys, AES256 and SHA512 (well... they have been for a while now, but I still had some other stuff lying around).

There are more secure algorithms, particularly more secure hashing algorithms out there, but these are the most secure that are widely supported by multiple platforms and devices.

At this point, 1024 bit keys are factorable, within a few hours to a few days, using COTS equipment and software. Simply speaking, 1024 bit keys are no longer secure; and have been deprecated or outright revoked and banned, by most reputable authorities.

In theory 2048 bit keys are not factorable within a "reasonable computational horizon", but we thought the same thing about 1024 bit keys up until the early 2000s. The current "official" government estimate, is that, if computing power increases at approximately the same rate it has averaged over the past ten years, 2048 bit keys will be viable til 2030.

... but until 2003, we thought 1024 bit keys would be viable til at least 2050; and until 2010, we thought they'd be good 'til 2020.

The disadvantage to going to a longer key of course is computational. Longer keys mean more resource use in encipher/decipher... but these days, our devices have CPU to spare.

Most software and devices support 4096 bit keys now, so I decided just to skip 2048 and go to 4096. If I find I have to work with a device/platform/software that only supports 2048, I'll generate a subkey.

Some would ask "why are you exposing your solutions publicly, doesn't that make compromising you easier?"

Well, it could... but I don't believe in security through obscurity.

Any encryption solution is going to have weaknesses, and it is relatively trivial to figure out what tools you are using to encrypt. If you're going to be using crypto with the outside world, you HAVE to expose this (generally speaking)... So really there's little point in trying to hide it. Conversely, listing my solutions, will make it easier for others to use crypto with me.

Now, to the irritating details...

Revocation of all previous keys

As of July 1st, I've issued revocations for the keychains I still have the keypairs for. There are a number of keypairs out there that I don't have the private key of anymore for various reasons.

All keys, signatures, keychains etc... issued or reported for the following identities, addresses, or KeyIDs before July 1st 2013 are invalid:

----- UID/email/KeyID -----

Christopher Jason Byrne IV
Christopher J. Byrne IV
Christopher Byrne
Chris Byrne
Christopher Jason Dinsmore
Christopher J. Dinsmore
Christopher Dinsmore
Chris Dinsmore

chris@chrisbyrne.com
cbyrneiv@gmail.com
cbyrneiv@hotmail.com
cbyrneiv@yahoo.com
cbyrneiv@aol.com
chris@byrne.net
jobs@chrisbyrne.com
cbyrneiv@securedefense.net
christopher.byrne@wellsfargo.com
christopher.byrne@hp.com
christ.byrne@avistacorp.com
cbyrne@insl.ie
cbyrne@dataedge.ie
christopher.byrne@lmco.com
byrnec@lmco.com
dinsmoc@mediaone.net
dinsmoc@yahoo.com
dinsmoc@aol.com
dinsmoc@pr.erau.edu
dinsmoc@erau.edu

0E818683
DDA5B467

9CCD73A0
F1467FEE
3EC03718
CB0C43FB
67A82CF2
04ADC0C6
89A7A21D
24B839DD

----- UID/email/KeyID -----

My current valid key is available via public keyservers

keyID: 85BF0B25
Issue date: July 2nd 2013
NAME/UID: Christopher Byrne < cbyrneiv@gmail.com >
NAME/UID: Christopher Byrne < cbyrneiv@hotmail.com >
NAME/UID: Christopher Byrne < chris@chrisbyrne.com >

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG/MacGPG2 v2.0.20 (Darwin)

mQINBFHScT0BEAD3KOfgiz8rquiqSFR+muTOBThixWaawMcNVKOJ8LclbINUUGb4
5d3EEX4u8vlVRZLFOwc3B6mJGlDfCSd0JnX7kk/K67EQ2uh9dQCx+Odb+Brhxb6V
YYBZMbCB0BFlk5jpPhO/Me06FV8L2u0s0Q6O37ELQm8Z+bEBNBFK6rIX6MaWmKpl
vUMcNJB+rjeFzV4XkjJo9+T/g5qsgifR6YieHgO2Dzpf3RrWw/LZZzOy+TuLYhi9
df8OwT5KVyLVQAYXIa+jhzAcc4wQt+gmDE5j08Iv94iGZZkXrRMTTLAbJSbzVAOl
fiSRDHINkNIGD7adUltEel5pYLB/V+yckjLMzA5+5i53XeFYrmDEVpmB8/2UfVyc
hONBRsMWmANjIsVnymO6BSpGnfMDXRyorfeaFTgFw79EBH2dq+zcVGKagTLHb2IY
DvvxaXORmLYb3ndiGtoQLKFPlhTGHxdDJAuRWHsRWLpqyjLswp16kl9OllR/95bl
vKyTjZoxB3+F4Ko99Y000Cr6D8WYWXTGiHcNQQbj8WYryT5jNzZTfJU3+UpxjC2K
jqOmNB3l6rNzKWo0NCkB+bcCEnMaO+/TtbKGkC0hkMuvpH9+ZTTraweunSnBV6Va
cVOcIM7o34DZmk8uQIT7Z+3dkFEjCMiFWFM6blr1HBDS5xIPSgsuLxt3dwARAQAB
tCZDaHJpc3RvcGhlciBCeXJuZSA8Y2J5cm5laXZAZ21haWwuY29tPokCOgQTAQoA
JAIbLwIeAQIXgAULCQgHAwUVCgkICwUWAgMBAAUCUd5kvQIZAQAKCRDNj7W9hb8L
JUTnEADTl6N6bXauid9GPWBBPolaKFclB3cx6tN7GNZj4o/WGxJA6agm0V2scTYT
Ty5TWmDJjEkK1peri7Ellhy2vKRxlEyd6uWnPPF0IDI/f+kJyhl7itcTN0+UUtVG
rknBYKGXFySbJV6iYEQaHgSCYeVVFvri+sMR7ApKiKEX87CTsIvuZolrl4n8JCmc
p3GgpCl0gpNlOgWlw+knajsLKRTuG+sHUdh7mxHftb35VII6SmcAcYBBpbkriZEO
ENrKV6kEHuFqGFNpvV1F3PJVXud5yh0xZ0/hRNbUjaV0v15LapotKLc80xeO3U5b
JU0siVsrl6e25OD3WtXWkdITiNAIMyjq2wwoQB76hZabfowE/WND8xCsXkj4b/rg
eitnVEsbwa33s1ev7vyi/GD+LFWunUfC0iYXuxwa9w23p0DVNp1JZeeRXDQXMmFB
8kw/KVlQDk++/newTMwH1ZN2mTythmGhgtll6MIrvlojGtZbFQWPuNFbqL3TkT32
2ZDjesl8euYxdbAEaYWHWZIDz+8jdVkfzOxipSA8ZTD/76tEY+es1/NLgo+8BeUa
ujmc1tqWf985MvWQ8QacWhqj4HTKIAngO0JshJlCr2FkHn6Y/Itdb9VBxX7k7INh
Cy36i11VL+takV5ikJdGruIGA6KSWkzlRbirpS1POrUv3XR4zrQoQ2hyaXN0b3Bo
ZXIgQnlybmUgPGNocmlzQGNocmlzYnlybmUuY29tPokCNwQTAQoAIQUCUd5ktwIb
LwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRDNj7W9hb8LJRx8D/9sJyJUcNWZ
AKXq4o01hBHvdW3ACctq16Q+kMk1BoRtvzwfZZFJu0eryBf8zeUki0mKdFJmlS4J
VIwA/Wl/smgE2Or9YNmzzPBJNI9gmPOr5CxDFwJEjpsgvnfLxbLx8QjVfHb36pKR
vdK+eoS4TT89G+3DmavgWCEpRgH5aiajZ8hMIFEf2HCiLXlvIwxswyz7JyhmszRe
UiVhgQVWD9VQCg9HV2C+EEVQ8b5783bfelV/LP0KW+X8rj6JrRcmA6hm48zTPBMj
9cUs+WgfodXwewVop4DRq52SgT0EfdwbalpsHoFdozcd2W3RrJjhFD/mJOL7rOUm
3It2Nzg3UFBxdjbpTvtrylYIStnUC5j3+3sI1krMFUgelG+yxX0LqTczK9f7IiI9
ikvDt6Ss7I1w2IwMckbK3+7E2z8tvwEQfw0aYVEJerwLdDHqFmFDVBiPxvd7Maag
20lqCF4E8McsRLFPvQHPJiRB+g6cOzZX9t1zt/5eXzDMcTCG0RXchvJ9tQqU8B4I
lWcO2aDocDVp65ppXSRz6wXCKJJs50dC3ZAcDp1i8cjl7s4XtGBieui8hlxdVgJy
IHFm0nDjWu56Sj62rvfvsUQ8FJuyk3z6X5wB6ZBs+oQ4lzIFiL4+ut7pnyUf5z3h
wrxk/n/BKAHpTKimw/tVp2EV/mPGPdYeE7QoQ2hyaXN0b3BoZXIgQnlybmUgPGNi
eXJuZWl2QGhvdG1haWwuY29tPokCNwQTAQoAIQUCUd5krQIbLwULCQgHAwUVCgkI
CwUWAgMBAAIeAQIXgAAKCRDNj7W9hb8LJR6LEADyC3KB9cxnTfn1jBirYGLFvdmP
uhYPz4++bkGOhWNTfOaZSuAFgvJDXWMWcc8K9oHFZe+XYw7h2hTdSUlUmMV9h+7P
KasoebfhxHoVi6Oy5eU94OnAioanies0RZZmVny7LJTeyah3oGQ1SNesNXirVwEp
amvdZLvlGkCmaYsDtgzJkaqxoU4pVXGIY2Nz62iw70Qy4Eo9Z0JZdQaXlpw1X94P
sVlWV10dKq6yT3QWDP5pTnA3XKkHWem/paSWea3hhHhgx/6PDaF8jABuP7Ew/ADp
RwLV3+oMosZMp8Qh6fNk9GuPeH6rNEUPXyZnlLFOyJGCHp5YU9vsVj3yHdz6dfmO
s6M41NKjjIKg+EiW2sM4FhlDRMFtnyKaS78WSy8oFWyzecCB2VNbevj3m/q34Xp/
PlC+Qv/lIfZRZyv1nAoImQs+nwn23NFjmxX5joUsfuV7M8F+xRnf1OnWv19LmNCF
EjutJ5MEU/MMcx/nJiYq2X4Mxmt/UkExwO3wn+JwKUDZyxpGR7dn8mqUEmY1HcPf
bzacOy7r1hWbhwwvlQd0qf/sRyqSV76qObafM5mjY2DPvfhxYVAz2LyQuhAHg9ST
EafEPFtW2EPlN3hkmsIEhTOaXff+rmcivaa0UwhZpIMhejaMSAmm5nTE14l50dYh
MjrXnjyk8qqoQfvFEtHUxtTEARAAAQEAAAAAAAAAAAAAAAD/2P/gABBKRklGAAEB
AQBgAGAAAP/bAEMACAYGBwYFCAcHBwkJCAoMFA0MCwsMGRITDxQdGh8eHRocHCAk
LicgIiwjHBwoNyksMDE0NDQfJzk9ODI8LjM0Mv/bAEMBCQkJDAsMGA0NGDIhHCEy
MjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy
Mv/AABEIAO8A8wMBIgACEQEDEQH/xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUG
BwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMABBEFEiExQQYTUWEHInEUMoGR
oQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVGR0hJSlNUVVZX
WFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0
tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAf
AQADAQEBAQEBAQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAAB
AncAAQIDEQQFITEGEkFRB2FxEyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZ
GiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqCg4SF
hoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY
2dri4+Tl5ufo6ery8/T19vf4+fr/2gAMAwEAAhEDEQA/ALtFFFYmwlBpaQ0DEooo
pDEpKU0hpAIabTqaaBiGm55pxppFIBrdaCcU6mkUikHWmmnGmmkMaaQ0ppDQA000
040ygANNNKaQ0AJSUE0maAClApKUUkDFpKWkqiQxS4xSUhagBc0UzNFFhG9SU6kN
aECUlLSUhhSGlpKBiUhp1JSAbSGnGmmgY00lONQXFxFaQPPPIEiQZZj2pDHnjJPA
Fc3qfjOwsmaK2Bu5RwdpwgP17/hXN654kutZka3tt0NnnG0HBf8A3j/Ssu3sizDg
HPeiwJNmtP4v1e5OIikAPQRpk/mar/2xrLMW+3T7h1G6p4dNYpnHP5YqVrA5xwB0
6UmzVU11C28XapbMBcItwg67hg/mK6LTfEtjqJEZbyJz/BIev0NctJAFONpwf4cd
aozWYcAovP8AKldDdPsenGmmuM0HxHJaSJZag+YScJKx5T2PtXZE5HFMzENIaU0l
IBpoopKAFpw6U2lzxSBhRmkzSE1RIE0maKSmIKKSimI6A0UUhqiQpKM0lAwopCaM
0gCiiikMQ0006kNIYwkAEk4A6muB8Sao+qziCEkWqHgf3j6mum8R3jQWQt4zh5+D
jso6/wCFYGn2KzENKCecCgqKuzBjtSOFx07dq0ILdVUDcGx1Y9hW+NHiaTjj6VUm
0O4EgRCdpbkj0zQa8rQ9FVYRt+h7nNP+zsQxXJY9zjg/0pwglR0Eq4I6du3WpopU
DY8w7ycH0xRYEVXsg4YZU7ecnpWVdW7pnqR6L2roJRiMoBsY5PB4J/CqLWcsuR5L
H9RUM0WxzVxbLJu+Xr6jBrpvDWpNLALC4P72Ifuyf4l9PqKZHpMjMTLCVXuSMf8A
66oSQPY3SyR8PG2RSUugpwurnYGkJqOKZZ4UlT7rgEU6qMBc0maTNITQApNLnimU
oNCExc0hooqiQpKKSgBaKSimI6DNITRSGqJDrRSE0gOaBi0lBNJmgBaKaTRmkxjj
TScUE00mkM5TxA5l1ry88JGoH481Nax7FXjBNM1ZMeIsno8Sn+Y/pV9ABsx27Umz
akupPCpJBPBq/EhxyOTVaNRkfSr0RAAz2qLnUtiza2cFxMPNQEgcVLfeHrGTMwTb
kdjxmltXAYMeo6VdlnV4x2H1rRNWMZJ8xmw2EEQwI1A+lDqqcKoH0FWTKoU8VVkc
+nBrKTRtFMoXRytc5qFtulZgOK6WcZWsrUBtQkDtWd9SpK6KWknZavDz8jnGfQ81
fzWdpj7pLjn+7/WtDNbLY4ZaMCaSikNBIE0oNMNLnimhMfmkJpuaTNUSOzSZpozn
rxS5oAWikooA3+1JmlptWQKeaQmkpKQxSaM0maM0DDvRRSUgFzSUZpCaQzmdRuBP
rKts2iNdmT35NXIGDsOay9QJGqTHOQXJwe3+cU63u1MZKklhzgUmjeDSOjiAY/pV
2KLoM1zEerGHmRGH4Vo22v28jAbsGp5UbqodAikAfyp24k8jiqcOpxsM5zUh1KLp
tAFHKVcsEEg+lQSDA681DJq0A/iUDoMmqkmqQE4MgzUuI1MmmOAeay9RbdasB1Aq
Z9QiJZSevftVC5nBt32kE5wMd6ztqW2mjP0Jsi5Zm5LgVsVkWsbRA28WTvkDSv8A
59/0rXJrWOxxVY2aYZppNITSE1RkKTS5pmaXNNCY7NNzSZozTELnik3gUh5FMIzQ
A8SD1oqPaKKYHSbqQk00mkDHvxVEDs0m6kLUzOCaBkmaKbkUZpAONITSE0x5FRGd
2CqoyWJwAPegY8msnWfEVhoiYncvORlYU+8fr6D61zuveOFTdb6SQzdGuCOB/ujv
9a4OWSSeVnkdnkc5ZmOST7mrjTvqyJT7Hcm4uNWaO7jURO8gkZFJIx6e9Xns5TM0
QheEqNwYE7Tn29apaWfK2ID91QPyrqAxkxIASxHzVizshG6OVk0y9lgmxfSiX/ln
tOAPYipdP0WSOydrieU3bNldj5VR75PNdIbRH+baQe/FI8aQRM2GJx0xTU9LDdHW
5jaZLcNdraIHdjk7pTsx+HNXtVe4s2SNlT96cKUfJ/IgUmmRxjU2uVX524OKu6xa
x3s8TOMmNtw96iUrM2jTlynPNp9xLG7NNIjFCY8g8t788VVsYNUAk8+1QFB8u5my
5/A8V2MVut0mGIUjtmnHTCvDSHHfpT9orbGbpSve5yomlIAktbhHJ2hF+cE/4VZt
LO7hkIlTZAq5w3JL/X0xXSRwRRKNnUck1X1KYNGxPWsnK5vGnZmda48sMDyXbI9u
KslqxF1CKzUPMwRHfbuPY4z/AErTjmjmXdFIkg9VYGtILQ5K79+xMTTSaYWpC1UY
j804moGlVPmdgo9ScVn3fiLTrXIM/mMOyDNNCZrZozXHXXjNuRa2wHozmse58Q6l
dZDXDKp7JxV8rI5kehT3dvbgmaeNB/tNWZL4o0uNwgmZyTjKrkV588jyHLuzH1Jz
SJzIoHXIp8gnM9aBJAI6GimoSEXI5wKKks6AkUhNNPtSHPrTJHUhNNFOwTQAgajd
VW71OwsQTc3cUeOxbn8q4/X/ABuWBttIJUY+a4Yc/RR/Wmk2DaR1Ora7Y6PFuuZc
yEfLCvLt+HYe5rznW/Et7rTFJG8q2B+WFDx+J7msaSSSV2kkdndjksxyT+NMyc1r
GCRk5Nik0AUmc0A1RJ1ulXGVhbOcqO9dbaTZA5rz7R58qI88o3H0NdnYzcCuWS1P
RpT0TOnhkyvNVtVfFlIeh6D61HBNnHTFM1QGW0xGy+YGBGTgH2qDodtyvpETCYgj
uOa1NRUo+MciudtNQvLa5yscUgXqEbn9etWb3XLybaVtgoyBumO39OtKUboqFRI1
NPkKs4ODg8VoOdyg4APtWNpAlkSWa4ePc5+UJ/OrrS7QRU9LFO17iTSbQeeKwtUn
JTaDyeK0Lqb5TWDeyjczMcKozmpCUtDmfEF2xljs1xsUCRj79BWTHNJCweKRo27F
Tg0t1Obq6lnP8bZHsO1RZruhG0Ujx6s+abZ0Fj4rurfCXYFwn97ow/HvReeLLpyV
gjWIdj1Nc/SfeGD17UOCEpsmuL+6umJmmdvqar9SAMkmrmnWa3TSB1csuMKO9QlP
J1PZ90LKB9OalSV7Ibi7czIpY5ItokQqSMjNXJNNaPTfte5iMAjA45q54ntltrqA
KSQUPJrTuD5vgeM+kY/Q1N20mVZJtFLwxp8V8LhpMZjIxxk1gyjZcyj+65/nXSeC
3/e3ieqqf51zl3xe3A/6aN/OqS95k3vE9SibdDG3qoP6UVDYN5mnWzesS/yoqC1s
dKWIqMuR1OKUmoZOVI9qpEtnHal4/eKR4bSzwykqWlOeR7CuavfFOsX2RJduqH+G
P5RTvFFmbbWZmCkJIfMU49ev61mxR+WAzD5j0Hp71fKrmfM2g2vu3SMWkP8AeOcU
HIoJ565NGfyrRIQlNJpxppoEJR60UelAEttOba5R8/L0au6064DBSO9efsK39Cvs
AQyHkdD6isakep0UZW0O4luPs8BkPpxWTPd3Vwx2kkHsp5NX7e5DhASCuc81Lc+R
OuHVTj2rGx13ZkW2n3CsrBCWznirVzYzsCXzuI4BardvZWajL7ceo6irD2ti64RU
b1Zsk/rSaXc0ijIt7m4syquflHfPatmO7WYDa2TTbeC1ifKxrj6daJ5Yo87MDNQk
inzbkF5ccYrkfEF/tjNujfPJ19l71q6rqSWsLyMckDgZ6muIkle4laaU5dv0HpWt
OF3c5q9XlVluxPWij/CkrqOAM0o60hpRQBPDdSwMGikZG9VOKimZ5pjOTmQnLe9I
DSg0rIdzb8VsJBZSg5BXqKs2jeb4Ldeu1WH61zrsWjCMSUByBnoa6DRxnw5dxEgk
FvyIrNxsi07yK/g58ajOv96L+tYl7xqNyP8Apo3860/Cj7daA/vRsKzdQ41S5H/T
Vv50/tC+yeh6LJv0WzP/AEyAoqloM3/EjtRnopH6mioaKTOyLUxjSE0wtk1QjlPG
YhW1hDn955m5F9Rjn+lcSzZ5Na3iPUDf6xMwbMcZ8tPoO/55rIFaoyFxSEUuKMUw
G0EUppKYDaSnGkI70gEPNWrLLyeUrbZM5jb/AGvT8aq5wfrSglGDA4IOQaTV0NOz
OlstWy4jmGyVThga6CC5jlAy3J6ZrmXjTVLBbhBtu0HUfxY7GoLPU2iZVkJBXg5r
ncTsjU7nbx2xZBsfgmpY7PkGVyARwPSsqz1aEqpEgwB3NTzavEIzlwv41m0dEXHc
u3EqQttDdAKxr/VY4IyGPzA9B3rKvdZyGCNknoap21nJcOJZyWZui/40Rh3JnVvo
ipqM8tyVkkyFY8CqXatHWcLeC3X/AJZKAfqef8Kzq6oKyOCpK8hR0pO9HajvVkBS
jpSHpS9qQBSikpTQAA8+1TQTSQvvjcqSMH3HpUFOBoAu6ADDr8APRtwH5VT1PjVb
r/roasWNwLa9gnZSwjbOBVbUnWTUriRDlWbcD7GotqVfQ6HR7rZpUC56bv8A0I0V
j2c+y1Rc9M/zNFKwrnrBNUdTu/smm3M4PKRkj69BVpmzXN+Mbkw6SkK9ZpAD9Bz/
AIUJalN6HCk888mkzRj1pfrWpmGaAaMUUwDrRSfSjPqKACkIpTRQAzFAOeKWkIwc
jrSA0dIvFtpjHK21H6N2U1rXmlJdHeDskPcdDXMA+tXbXU7qyICSCRMfcY5H/wBa
olG+qNIztoyWTS7uE8LuA7qaYtpdyHAjf8a6DT9RtdRIjz5cx/5Zsev0PetZNPAP
IrN3W5sknscxaaO24NKcn0FbNy8OjWBuJMGZhiFP7zev0FaqwQWsL3EzBY4wWYno
BXA6tqT6pfvOchB8saH+FaIq7Cb5UU3kaSRpHYs7HLE9zQWA9c0gFBIIAHUVscwA
k0vc0gpe9AAeopTSd6DTAUdaCeaOgpM0gFFLmm0oNADs0kkfmLx94dPejNKDQBCj
lVAoqUxoxJIOT6UVNgPXCa5rxkobS4X7rN/MGuhY1g+LBv0Vv9mRT/Sktxy2OEpa
SjNaEi0UZopgGKSlooAQUEUHmjNIBp5/GjqKU0goATFAz7UHrRQMATkf0ro9J8US
W5SC+zJF0En8S/X1H61zmaU9OlJpMcZOLujp/FerrO0djbyBogA8jKeGPYf1rl84
oHoKMUkrIcpOTuxetFFFMkKX0pKUdKAE7ml70h70gPSmA40gopaACiiikAtFJS0A
OzRTaKAPVWasnX036JdeoUMPwIrRJqpqSiTTbpOuYm/lUoGedUUlL1qxBRRRmgAz
S0lGKAFpCM0Z9aM+9ADSaTvTmFN6mgBetJThQRQMbSntRijvSAUCkNKeDSGgAoNA
ooAKBRQKAEJoPWhqbmgB1LTQc04UALRRRTAKKQ0daQC5PpRRxRQB6Yz1G37xGU9G
BFITUU9xHbRGWVwqL1JoEcA6FWZT1UkUzpUtxIJbmWRRgOxYD0yaj6GmAdaKTHPF
L1oAKWiimAYpCKWikAlMIwRTzTH4waQxc4p1MbpSqcigBaKDRQAUlLmkoAKKKKAC
gUUUAI3SmGnt0qM0gHA04Hiox1p2aaAdkUuabn0FKKACj8c0fWjPtQAufaiiigD0
VnVFLOwVQMkk4Arh9T1KW/uWZm/dKSI1HQD1rqNYtpbzTZIYc7yQcD+LnpXFSIY3
ZG6qcGgSFByBS0xT1FOzihDFFBoopiD60tJS0wCiiikAU0jinUhFAxnahe9DDHeh
aQDqTvSjnpSEEdQRQAZyaKKKACiiigBKWkooAD0plPNNCFjSY0myaMqiZ9RUB4PS
pVQjtQ0TN0HNQnZmrjdEYNOqxFp9zL92M49TxV6HQ5WALsF9hTdSK3ZMaU5bIycU
7FdJb6FAMbwWPua0YNJtVxiFc+4rN14rY2WEm9zisUV6CNMgx/q0/wC+aKn6wuxX
1N9zndX1s4MNs/ykYLjv9PaudJyTUkyHcW6j+VQmug4xyn5qfUVSA5ANNAHPalz6
8UUcUxC9elGKTb6UZx1oAWik4NLjFABQc0ta+g6WmozSGTlI8cepNJuyuVGLk7Ip
WWkXWoEGJdqf32/p610Fn4Wt4WU3JaVuu08CujhWG1UQQxhnA57BacsRMhYnLt1N
c0qjZ2woxW+pFFYwxxiOKJIx6KoFPfTlYYdAw91BrSgtowoOWL9zmpWXjFYnUkrH
Mz+HbGfO63UH1Xj+VZs/g6FuYZnX6812e3scGmGPJ4pqUlsxOnTlujgZfCN4mdks
bD3BFVZPDeox9Y1P0avSPLB47mlNurcAc5qvbTMnhqbPMl8P6gTgxAf8Cqwnhq66
vsA+pNehfZF7UhgU9hQ60wWFpnBjw1J0Z/yWpl8OIpHzMc9e1do0AP50wwDv9BUu
pJ9TVUILocqNEiQgFM+uTVqPTUQjCADGeBW2IBtOfpQYl6iobbLUIroZiWgH8PHc
VJ5IB4A61oeWMEg0nlkcVJWhV8nOPSniPI9KsBODnmmBArd+aBiqjbRzRTwpIyCc
UUCuf//ZiQI6BBMBCgAkAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheABQJR3mUf
AhkBAAoJEM2Ptb2FvwslIX8P/0pfyApnWafZsMWwyQArnr+f+WOSF/PjidchK7rV
PJSLk+ZLraaKLGzUy0dPPnOzR8vhPfeam7Dg7R5heD9SwOzzjEzrESwps7ntkp6K
zCrAEZt8ycVKNtzd+aZJKGBmFv/JMtpQG5ph84VqQt5WUjIK8+KzJkDEX/idOkmG
E8KfslCut8aFKQ5fWz0u29+TxShlvS0lkKAAq8jeM0XHH1kruymTq4iE4lUUzt6u
OJXi0dv4vC6+yuPhXjKmE6Xt0gSSA9WctUjWB3g2i6g996jo7qUQABKPH2MFQS0T
G8fC2EhvS2Z4r7pOOp91UBbRYVyDCg7AyFbOKs6aKbJ+pTGVKdXqmGOt5LkROxmx
ChdvGA9pYWCeX6Enw7eXYDFLxhnzrhJpuMcW8U4LwVrD2hI7LLcxOjT7zXyzMt6B
yCQRECMjcRoKApw3xX32WzW/HmsBvSRVMAQueDtGus3RLJWeutABHsAoa3+TaG7C
DyBWRkLi/O1lLClf40EhfgQEiyBNvVyUs65juVtQzdeyFNGYFLEOIBBAgeg+6g/c
UnVx94Xo+LQ8VThbdymrExOqjxw5gnd0FLx/sHu2oNUC9c7a/NWzo+LHZKx88G6D
Ns1LGb7nYtNPhChfhbkdrwQwQQKCmGKuA3EyuAXaoS8mNNNbfpMD643lSOR+WsgL
CGaEuQINBFHScT0BEADCveJ6u4zw7d+GwAu0V/utB7aifnFNg9iCUN/8cO1qYafB
gj53kWWWAIwjcvhY9BZPCTCtekE7/PCToUUdOdNSJw15/Kie7vKrHMG02womWb61
/xjqAQC50sciCuwvIzqBYM8w5yPDXU532iWNr7Ao4J2GRWb5ebE6NxOUcvZSbAWw
NnyxgVMvZCNTI6ZCvYx8/hTbkwlpUIbZuEAwJgsBoJq8RheHw5puAkHHsx4Sl0/l
oTnKIFWxeZ8UioikeUhkVqeC5OFznWuSnNDHgkVw+l/iPjG0rsF/N9k7bZz9oM1y
y32BiHaW4RFALAuEeRQdj2ULCs1sTc1hd8mKRVhQw3iXDixZJMjKeWPT4B40GvKw
rnUMHOcgpLb+TWBTqLeEI/1VLHt2VijDRj/I/YaSi64HAIk7887ISQRFn+QyoOHW
ph973awD/cOwUJ7NY2/EjO2rJpRxqJm5BGpl41e1Lq6b0zF49+IyPRzomBhuBxq7
dzT8GEeuYFOCvvjsv2xEYKolcEjE+0GpVRAu4Q7mayEFwgEeQt8zs3xRcKT7sfK5
urGiHKq9pJbQCA8NKMVECyWHxBLcXv8oPyVLOoaKsZu5V8Lu/Mb7fPEOHPBPavIF
h7zVjtzv2I+7NoGPJR78YYlxtxCwDAbOBs/O3kuDC5Eo6x1u+CBMyFHRdIplQQAR
AQABiQQ+BBgBCgAJBQJR0nE9AhsuAikJEM2Ptb2FvwslwV0gBBkBCgAGBQJR0nE9
AAoJED2appCQubIj5ScP/iPzND0wcn7Iu5QpzRFwYE9ge9T2WAYRFJG3qjTXbITm
GZ2Oyneb1hPE7m2c6IqOmlTFjhl9PMO80TZsOZpE5lJ21nPqFyEAjPf8oxCcBzFH
EbJGxsUDFjbiT33C1cXUnopB7WLdgCC4JfHWuU2uffIYI5NfSiFYwLLrKbBwxSdw
6RKLocvmtJ+/NwfiJR8Q7ZIL5UZH+C2vWhwOxE5fK+eXGBJQWg7MfzB41DDNTYNQ
JejmR/sACIrz3QEOsZgLNN/2sbjhB7boxWeWf15I2Ervrt2RS9bXbc99zf1kXmNR
+qC+VQIK0acUZnyefCzeMOueThX0iJ7UmttgKP4VJQ1Up3h2KSIqP+KCIyuqvqDA
Ksy5Q4B41eV0+/7xzEY6S7LawmBRs1lqtpXiG91Hgw5VQjIBtfBVfKtU3LCZBHfr
TifhDi4pUtLoLgqPBo8oe80GDQvOV34356ov0DYWDg9rEYx+dI8lgXY7NnC471pQ
wGPzdIfgMMOeExhyVFqR2/yJR+PGwIcLN3WskI9xQbAld7pn1Yyq7LyoJRI6eva8
HwyRmm7h0odDVB0GRrFFgYeDh8XjUy1YvIMpIpZgpGFTZWOOEhjDjgZ2XdpZmfSA
fWiRPnaQnR+jkeCzffnXvzt0u4a3bRLlizjQ4DI31/arF/mxYxLDcdynyHeZzgiL
H64QAJ7rY/RZG1gB3nCfRIY8Rxr8+h5RuuP13ToLmztM7I0a9vMkAjn1qzljBP9I
Jati9Fm3vHNjb2NbR3YpECAz/hg8WRwK+N/hTTcuCg6/cnRP/8YRvIx+nKS9x88I
fpAuogQQyHHV6hjUsObh6TvdagOIrVgPPavvOctW9LoHsJu2MpbcEcmqP+gCJcqT
qBAZIcmL/JXz0q2aY0rSwUJiZ2Q+RGH/mcdRP9QrA6dmG7r6LtJHnC6tI9ppRpoN
m0+BpKhKDJyCzFfcq+/ZF+BkkcOFGk7rJIhU9QahIkerDqI9iUrkC7shnhs5384a
8zpmwTebCmwfKjqgx1iS0ZP00DRXOHa4iW0tW41cAr447XkEXdKd4yGLbtmmry9Q
N3z0eoKknG7Ezywj6RkqU0BGbpTCVER88PaLLvLCxX0aRQWQkw+4/ND0pLD06xCV
wuuH526aAC48zZVv5NioiDmsNu7nrikCPGiiZYKv2ikYxXmqomN6Q+0F49O6xyLE
1cIq7sdPZmk+P34Y/beukbi6HgxQ1koN/sIUPNPfxO6gDXJZbtburJu/PChvwGlE
EisX2+2NEHrE5NMyT0ZRoo+GH1xyxdL6qbB1RzhuPsqM9Kg9gOAlOZc1AZe39Y30
IVQpcyYx2OAqp2rdVRmj9JmQIlYzuC/BFIPiV796COI33Yd/
=2VJ/
-----END PGP PUBLIC KEY BLOCK-----

Internet has been spotty here since Monday

Which is why I have not posted what I wanted to the last few days.

As I've mentioned before, I'm on microwave internet service. A small microwave antenna sits high on the side of my house, pointing to the top of a 7,000 foot mountain about 10 miles slant range from me.

It's March. It's windy, and it's still snowing on the mountains, and unfortunately, there was a power outage on the top of the mountain for a day or so; and some intermittent network issues since then.

Unfortunately, I've been having some major internet problems generally for a few months; ever since they "upgraded" to new radio equipment late last year (including a radio "upgrade" for me).

Finally, after a few months of refunding me for service (I have a QOS guarantee) they decided to use the opportunity of the power cut to replace the node on the mountain, which they did yesterday, and this morning; and also my radio.

Analog RF engineering geekitude ahead....

They've upgraded me from a single band radio with a horizontally oriented plate radio, to a dual band, MIMO unity capable radio, with cross oriented poles and a dish instead of a plate.

That has upgraded me from a single 28Mbit wide channel to two 56Mbit wide channels. I also went from 18db above the noise floor to 28db above the noise floor.

My contract says I should get a minimum 1.5Mbit synchronus sustained with burst up to 8Mbit.

On the old radio gear I was MAXING out at 1.4Mbit, and only averaging a couple hundred Kbit.

That's why I've been getting refunded on my service since December.

On the new gear I'm maxing out at 8Mbit with an average of around 2Mbit.

I'm a hell of a lot happier about that. Of course, now I have to start paying them again.

Oh and my latency is spectacular by the way. I'm getting under 20ms to a commercial server in Seattle, under 30ms to Dallas, and under 100ms to London.

That's rather important since my "landline" is VOIP over this internet connection. Anyone who has called me in the last few months knows that my landline was iffy. Near as I can tell now, it's pretty good.

Hmm... Yeah, all three pretty much

I work with all three, and yes, that's pretty much exactly what I do... Well, 'cept I've got no neckneard, just a VanDyke.... unless I get lazy for a week or two anyway.

Oh and if you get this joke, and don't have "the Brads" in your comic feed, you should.

For everyone expecting me to comment in detail on the SecureID thing...

I can't.

I am a senior technology executive at a large financial institution, who is a customer of RSA (EVERY large financial institution is a customer of RSA. I mean that literally. I don't know of anyone in this business that DOESN'T use SecureID). I also have what might be construed as inside knowledge, because of friends still working with RSA and their direct partners. 

I can't make definitive or specific public statements.

There are a couple things I can say.

First, this is someone not speaking for my company, nor relating anything that has happened at my company,  or to my direct personal knowledge any other company excepting those already admitted and released publicly. 

I am speaking as a security expert who knows the market and the players very well; as well as a certified RSA SecureID Administrator, Systems Engineer, and a certified instructor (though my certs have expired, the technology hasn't changed); who has taught thousands of other SecureID admins and engineers. 

This compromise is bad. It's very very bad. It's worse than you think it is from reading the already quite bad (though spun so hard it created its own gravity) admission and letter to RSA customers.

It's as bad as I thought it might be in the post I wrote about the breech at RSA a few months back. 

If you remember, the title of that post was "Oh SHIT! Really just doesn't cover it".

Also, and this is entirely speculation on my part, thought it is informed speculation based on what I know of some of the large contracts RSA has...

The compromise is bad enough...

...BUT...

Their response to the compromise, combined with indemnification agreements, and contract requirements in place with some very large customers...

Well, if I were a lawyer working for some of these companies (and municipalities, and federal governments for that matter) I would already be filing a lawsuit claiming malfeasance and breach of contract on the part of RSA.

It's very clear to me, simply from publicly available information (and to any other expert on the technology) that RSA could have, and should have, foreseen the reasonable possibility of actual injury, and acted accordingly to protect their customer base. From what information is available today, it appears they did not.

In addition to the actual cost of addressing the breach, which could climb into the 2 billion range; the claims of tortius injury could run into the tens of billions.

This may very well put RSA out of business permanently. I'm not sure of the exact structure of the company, but if RSA does go down, it could even take down their parent company EMC (RSA is not a separate operating company or wholly owned subsidiary of EMC, it is a semi-autonomous organic division of the company. There may be no legal firewall between them).

Computing and supercomputing, 1974 and 2011

This video is Seymour Cray talking to LANL in 1974 (not 1976 like the caption says, and also not his last surviving public speech, but still amazing):

And here's another video, from 15 years later, where he's talking about the Cray-3:

The Cray 3 was technically successful, but had so many production difficulties the company almost went bankrupt in 1989 and decided to shelf the entire Cray-3 project, and release an incremental upgrade to the Cray XM/P (which was itself an incremental upgrade to the Cray-2) with the faster memory Cray had designed for the Cray-3 (using COTS parts).

Cray hated incremental designs, and was very confident in the Cray-3; so he split and formed a new company... again... which also went bankrupt in 1995 after only 1 machine had been delivered.

Now there's a man I wish I could have been friends with. I've known a few of the guys who worked with him, still in the field today, and man they have some stories.

So, just for giggles, heres a quick and dirty history and comparison between the supercomputers of 1974 and the desktop computers of today.

In 1976, when they fixed the parity memory and worked the bugs out of the Cray-1, it achieved a sustained performance of about 250 megaflops (million floating point operations per second), at a clock speed of 80mhz; making it the fastest computer in the world at the time (its direct predecessors the CDC 7600 and CDC star 100 were both capable of about 35mflops on standard workloads . The Star 100 could hit 100mflops, but only on specially optimized workloads).

They sold about 80 of them, at $8 million or so a piece (no two Crays were ever exactly alike, nor did any two ever cost the same) and they remained the fastest computer in the world for about 5 years.

The first machine capable of a sustained performance of 1 gigaflop was also a Cray, a specially modified XM-P/48, in late 1984 or early 1985 (the standard model was capable of either 800mflops, or 940mflops depending on when it was manufactured). The XM-P/48 stayed the fastest for about 12 months (until the Cray-2 had the bugs ironed out and ran 4gflops; though the Russians had a machine that could run 2gflops, it wasn't a general purpose computer, being constructed specially to run some aerodynamic calculations). It ran at 105mhz, and cost about 15 million, depending on the configuration.

In 1985, the fastest PCs were running at about 8mhz (80286 with an 80287 floating point coprocessor), and could in theory run about .1 megaflops (100 kiloflops)

A note: Supercomputer numbers before 1993 are not necessarily consistent or directly comparable. 

It wasn't until 1993 that a variant of linpack benchmark became the international standard for supercomputer comparison; although it was commonly used from the mid 80s forward. 

PC numbers are not linpack here either, as there are too many variables in PC construction and performance (particularly I/O performance); so they are not directly comparable with supercomputers linpack numbers. Also, it wasn't really until the late 90s that linpack benchmarks were commonly run on PCs. 

A huge component of a supercomputers speed, is the truly massive I/O and node interconnect capacity they have; but even todays supercomputers cannot feed their CPUs fast enough to use their entire theoretical capacity.  PC's, even today, only have a very small fraction of that I/O capacity; and can typically only use a small percentage of their CPUs theoretical maximum processing power on general workloads because of it. 

Geekbench is the current standard for PC benchmarks, and it's numbers are anywhere from roughly comparable, to 3-5 times the numbers a machine will get on linpack; but either are much lower than the fastest the CPU can perform on workloads that don't have I/O bottlenecks (like running the same piece of data that fits in main memory through the same instructions that fit in cache, over and over again... a common calculation in scientific computing, graphics etc...). 

Early PC cpus were focused strongly on integer processing, and had very little floating point horsepower. It wasn't until 1989s 80486dx that mainstream CPUs even had dedicated floating point units (the lower end sx models didn't); and not coincidentally, the 486dx/33 was the first mainstream CPU that could push 1mflop.

Apples didn't get a machine with a dedicated FPU until the Quadra 630 of 1994 (68040 cpu at about 3mflop); and mainstream Macs didn't get an FPU until the switch to the PPC601 and 603 powermacs of '94 and '95 (which could push about 5mflops).

The first supercomputer to make a sustained 100gflops was the Quadrics APE100 in 1991 (yes, there was a 100fold increase in speed in 5 years) but it was eclipsed just a few months later; as in the 90s supercomputers leapfrogged each other every year (until the market completely collapsed and most of the supercomputer companies folded around the middle to late 90s).

It wasn't until 1994s Pentium 100 that a desktop CPU would push 10mflops. At the same clock speed as a standard pentium though, Pentium MMXs could do about double on MMX optimized workloads (a 133mmx could push 25mflops on MMX optimized workloads).

In 1996 the Pentium pro 200 could push 50mflops on optimized workloads.

The first teraflop machine was the Intel ASCI/Red built for Sandia labs by Intel in 1996; capable of 1.4 teraflops in its original configuration (using 4510 pentium pro processors at 200mhz). It was later rebuilt in 1999 using 9280 specially modified Pentium IIs at 300mhz, and achieved 2.4 tflops. It cost something like 25 million, and was the fastest supercomputer in the world for over 3 years

Apples G3 power PC (actually an IBM ppc 750) was the first mainstream desktop cpu to break 100mflops on optimized workloads in 1997. 

Apple kept the floating point crown over Intel with the G4 cpu as well, with the 500mhz G4 breaking 200mflops on general workloads, and just under 1 gflop on optimized workloads in 2000; something Intel couldn't do with the Pentium III or even the Pentium 4 until higher clock speed parts in late 2002. 

Also in 2002 Apple offered mainstream configurations of the G4 with dual processors; allowing for a standard production desktop machine (admittedly one that was heavily optimized) to break a gflop for the first time. 

The G4 was also the first PC that could credibly claim to have somewhere near the same calculating capability that a Cray-1 had in 1976 (thus the "desktop supercomputer" ad campaign that Apple ran at the time); though of course, it still only had a small fraction of the I/O. 

Fast forward to today.

Note: these numbers are for highly optimized workloads, using special GPU drivers for high performance computing; and special high speed interconnects also designed for high performance computing etc...

For normal PC's configured with disk drives, normal networking, and a normal operating system; you will only see something like 10% of this performance even under the best conditions, and more like 5% on general workloads. 

Realistically, for all but relatively small datasets which fit in main memory (so 4-24 gigs lets say), running instruction sets that fit in cache; PC I/O bottlenecks prevent them from achieving sustained high performance.  

For example, the fastest core i7 cpus can pump out about 120gflops; but only for a couple of seconds at most... maybe only a few hundred milliseconds... before it has to go out to disk for more data to process. If you ran linpack on that PC with that CPU, 8 gigs of ram, a fast SSD, and a normal OS; you would only see sustained performance in the 2-5gflops range (excluding the GPU performance. Conventional OS's don't let linpack use the GPU).

In order to see the real maximum performance of the CPU and GPU, you need to run the systems diskless, with high speed interconnects as part of a high performance computing cluster; and even then you'll probably only see 20% or so of the max number in linpack because of the way the benchmark is structured, and maybe 60% under highly optimized workloads. 

In 2011, the typical single processor quad core Intel based desktop machine, selling for around $800, can theoretically push about 100gflops from the processor, and another 250 from its relatively weak GPU (because GPUs in high end video cards are highly optimized floating point processors), for about 350gflops aggregate (presuming I/O is taken out of the picture, and the system was running as a node in a high performance computing cluster).

Although the benchmarks are not directly comparable, that's still more than 1000 times the performance of the original Cray-1,  at 1/10,000th the price.

I think we beat Moores law on that one, though not by much (10 million, vs. 8.4 million); at least in pure compute capacity (vs. I/O, which hasn't nearly kept up with Moores law).

A $2,500 high end gaming rig can theoretically push something like 120gflops from is processor and, 2.4 TERA flops (2.4 trillion flops) from 3 dual gpu cards, for an aggregate of over 2.5tflops (as part of an HPC cluster).

That's theoretically about the same performance of the 1999 ASCI red rebuild, for about 1/1000th the price (beat Moores law again, this time by 1000 to 256; mostly accounted for by the huge jump in floating point performance on PC's in the early to mid 2000s, combined with the late 2000s multicore revolution)

A high end dual processor quad core system (8 cores total), with three high end video cards (a high end graphics workstation, running something like $10,000), can push about 240gflops from the cpus, and over 3 tflops from the GPUs; for an aggregate of over 3.25 teraflops (again, if it were part of an HPC cluster).

That's theoretically faster than any supercomputer built before 2000 (IBM ASCI white, at 7.2tflops linpack - 12.3 on optimized workloads - for $110m).

Oh and todays fastest supercomputers?

Well, that depends on who you believe; because the Chinese are claiming a machine that runs at 2.57 petaflops, but from reviewing the architecture, a lot of folks don't believe that number. Otherwise, it's Cray again (though Cray isn't really Cray anymore), with their Jaguar system, at 1.76 petaflops (about 20 million).

Petaflops.... in 1976 it was 250 million flops, now its 2.5 quadrillion flops.

Funny enough though... Now, almost all of the top 500 supercomputers are now built using commodity cpus and memory, and run a variant of Linux.... and it's not particularly hard to get on the top500 list (the difference between the top and the bottom of the list is pretty huge.. about 3 orders of magnitude).

In fact, a fair number of the clusters and high performance systems my company runs today would come close to hitting the list if we bothered running linpack on them (we don't. We put 24,000 servers on the floor in 2010, and the smallest of them was a dual quad core box, with the biggest of them being a cluster with 256x 8 core CPUs); and there have been colleges that built top 500 clusters for well under a million dollars.

Supercomputing entered this world about the same time I did, and in that time we've gone from one guy in the world being able to do this, with hand built boards and custom chips, taking five years to do it, and having to run 100% custom developed code from the assembler up; to now being literally ten million times faster, with commodity hardware, an open source OS that anyone can run, and a standard set of open source tools.

Amazing how the world changes.