Tuesday, December 29, 2020

My personal best (and not so best) games of 2020(ish)

Might as well do a listicle... My best (or other than best) games of the year, by category...

AAA single player: "Cyberpunk 2077"... I really don't have any gamebreaking bugs or performance problems making it unplayable, and it's otherwise the best single player game I have played, at least since New Vegas, maybe even better than that.

Close runner up: "Final Fantasy 7 Remake"... Its honestly much better than the original, both game play and story and (it follows the same basic storyline but has 100 times the depth and detail...  and given the original is one of the greatest games of its genre, that's saying something. And its jaw droppingly gorgeous at certain moments.

And for additional... Flavor, as it were... "Game I wanted to love, and it was good enough that I still really liked it, but it has too many issues to actually make a "best of" list": that goes to "Control". Yeah it's not a 2020 release, but the "ultimate edition" went on super sale in 2020... and while its worth buying on sale, and worth playing... it was just a little more work, a little more polish on both crunch and fluff... away from actually being a great game. 

Indie single player: "Hades", no doubt. Love the aesthetics, love the game play, love the humor, absolutely brilliant game. No other indy game even came close this year... Though there were definitely a bunch of great indies this year ("Kentucky Route Zero" FINALLY finished releasing its last episodes this year, and it's a very interesting experience... not much like any other game you would think of off hand, but certainly worth experiencing... and I've heard very good things about "Cloudpunk" for example). 

AAA multi-player: Also easy, "Call of Duty Black Ops: Cold War". Without question the best  Call of Duty... or for that matter CODlike game... Oh... at least a decade or so. Though it is absolutely KILLER on your system resources. Getting playable framers on a 1070 in 1080p was difficult, never mind anything better. That said, its a VERY good looking game when you turn the settings up. 

Indie(ish) multi-player: For the... third year in a row now I think? It's "Warframe". They've completely overhauled the game over the last three years, even to the point of writing a new engine and new textures and shades, and of course major new content, for free, 4 times a year, with minor new content every 40 to 60 days.

Best mobile game: Well... that's kinda complicated and difficult at the moment... Hmm... Do you count Hades, which is on mobile platforms too (just the Switch for now, but likely it will be ports to iDevices soon, an android eventually), but is better on PC or heavier weight console? Do you count three of the best PC or Console games from decades ago...KOTOR and KOTOR-2, and "Castlevania Symphony of the Night"... which also released native mobile versions recently? 

...Maybe... "Sky" Children of the Light"? Its gorgeous, it's fun, its got a unique aesthetic and viewpoint... Well worth getting. I haven't played "AnimA" yet but I've heard its really great. Same for "Battle Chasers: Night War".... Both are installed and waiting to play. 

Worst mobile game AND worst game  that I actually paid money for: "Elder Scrolls Blades"... its a switch and mobile game... and its been in Beta and early access for like 3 years, and yet there's very little content, and whats there is shallow and repetitive. Also MICROTRANSACTIONS!!!!!... I bought enough of the in game resources to try to make the game more enjoyable... But there's just not enough content or game play no matter what. 

Biggest AAA (ish) disappointment: "Star Wars Squadrons"... It was... Just OK. Good even... But it had iffy controls, and just... not enough game. Both too short, and too shallow, with only OK game play. That said, you can often pick it up for $20 on sale, and it's worth the $20... Just not the original $40 release price. 

Biggest indie(ish) disappointment: that Vampire the masquerade Bloodlines 2 was delayed repeatedly... and now may not even come out in 2021 even. We'll see.

Monday, December 14, 2020

SolarWinds, FireEye, and Russian Intelligence Compromise the entire damn world...

Ok folks, this one is the real deal... I believe that the SolarWinds global supply chain compromise incident disclosed yesterday, is now the most severe, and most widespread information security comprise incident ever publicly disclosed. 

I can only think of one other that is even close... the RSA compromise... and from what was actually publicly disclosed (vs. what many of us in the field know to have been compromised but cannot officially confirm or disclose)... honestly... this may be worse. From all appearances, and the implications thereof, it may be MUCH worse in fact. 

SolarWinds is a major component of the infrastructure that runs... everything really. 300,000 organizations may have been compromised by this... note, compromised not necessarily exploited... SolarWinds is used by a lot of major service providers, ISPs, ASPs, SaaS providers, Managed Service Providers in the networking, security, and every other space... It's everywhere, and when you look at the details of the compromise... yeah, this could be EXTREMELY bad. 

For information and review... The various official notices and responses to the SolarWinds global supply chain compromise incident:

The emergency CERT alert issued appx. 2200est last night:


The DHS-CISA (Homeland Security Cybersecurity and Infrastructure Security Agency) Emergency Directive for the compromise.


This is the solarwinds official advisory and recommendations:


Here's the FireEye advisory and recommendations:


Here's the Microsoft Advisory and recommendations:


Here's the recommended detection and mitigation countermeasures, rulesets, and criteria... as published by FireEye and recommended by the CISA:


And the recommendations to detect persistence in a compromise event from MITRE-ATTACK


Sunday, December 06, 2020

Yes, rights ARE more important than lives

"The numbers don't matter. Every death is horrible. If it saves just one life, we should do it".

Yes actually, the numbers DO matter, and no, we shouldn't do "it" just to save one life.

Whether its COVID-19, or "safety" regulations, or "protection" regulations, or gun control... It doesn't matter. You can ban or strictly control everything, and it will make little difference to disease, or to violence and deaths... or any other bad things happening... but will substantially infringe on the rights of hundreds of millions.

... And yes, the rights of hundreds of millions, are more important than one life, or for that matter thousands, or tens of thousands, or hundreds or thousands, or millions... Because without rights, your life is not your own. Without rights, you are owned and controlled by others, and your life is worthless. 

Rights, ARE more important, than any risk to any life. 

... And for those rights that you value, you probably agree... Unless you are without principle or courage. 

You probably admire those who lay down their lives for free speech, or to resist oppression, or to fight for civil rights? 

Guess what... RIGHTS ARE RIGHTS, none greater or lesser than the other.

So, when there are rights in question, ANY infringement or burden upon them, must meet very stringent criteria. It must be overwhelmingly justified, and to be so it must present a compelling interest, it must be effective in meeting that compelling interest, it must be narrowly tailored to only impact those things contingent upon that compelling interest, and it must present as little burden as possible, to as few as possible. Even with compelling interest, if it presents undue burden, then it cannot be justified at all. 

Even if whatever miracle solution you think is a good idea stopped every murder, every accident, every injury, every whatever it is you want to stop... which is laughable... It would still not be justified, because of the negative impact, and undue burden, on hundreds of millions.

Just because you don't value those things you want to ban or control, doesn't mean that others do not, and you have no right to violate their rights just because you don't care about them.

... If you did, then others would have the same right to violate YOUR rights, on the things YOU care about, that THEY don't value, or THEY hate.

... And if you think the answer is "That's different, because I'm right and good, and what I want is right, and they are wrong and bad, and what they want is bad"... How exactly do you think they feel about YOU, and what YOU care about?

THAT, is why these things are RIGHTS...