Well this has been an incredible time for monitors. Basically after a long multi year period, it is getting interesting again. There are two pieces of news and some new recommendations from 4k.com and tomshardware.com

4K monitors

These are now affordable and wow, if you are doing spreadsheets, writing software or the next great American novel, they are a dream. A 27″ really doesn’t do it, but 40″ really changes your life. The Philips BDM4065UC is a 40″ monitor that is like a massive television, it is so big, you can fit four HD screens and it is very usable. It is about $780 on Amazon now Now that 4K TVs are just $1K, this might seem like alot, but monitors hold their color and so forth really, really well. the big tradeoff is that it only goes 60 Hertz and only the most massive GPX (the nVidia GTX 980 Ti) can even hope to drive it, but oooh, wait for the hardware to catch up.

The main problem with the monitor is the stand is just terrible. It isn’t adjustable and the thing is really huge. The solution is to use the VESA 200 mount on the back (200mm x 200mm) and get the 8kg or 18 pound monitor up and off the desk with a swiveling arm. You first need a VESA 200 to VESA 100 adapter which is just a steel plate that fastens to the back. Most monitor arms are VESA 100 and designed for 27″ monitors, but you just need to make sure you have something that adapts it and can handle 20 pounds or so. For $99, you can get an Amazon arm which sounds expensive, but the arm will last a life time. 

As an aside the premium is so low for a 4K monitor that you might as well get one, so an LG27MU67 is a 27″ monitor with 4K, you can’t really see it, but it sure is nice to not have an artificates. It is $470 or so at Amazon.

Gaming Monitors

The current state of the art is a 32″ monitor (they really are cooler and bigger) than 27″ that is a 2550p display running at 144 hertz to get smooth gaming. If you can get something that isn’t a TN display that is awesome. There are two IPS panels at 2550×1440 that run neck and neck. The Acer XB270HU $700 at Amazon although the reviews there are not so hot. We have one and it is phenomenal. Very hard to go back to just 1080p again after using it. 

Color Accurate display

This is for those cases where you are doing photography. First you have to color calibrate then you can get really nice WYSIWYG. The LG31MU97C-B seems perfect for that. It is $920 at Amazon but wow is it accurate. 




Well, I thought we were set for computes, but turns out that we do need to get two more. Just missed the Black Friday sales, but I don’t think these components are going on sale. Still, this is an incredible machine mainly because of the new SSD that is going in. Really fast and it works well thanks to the new Z170 motherboard. So here is the build at PCPartpicker.com with all the fixings.

This of it as the Christmas list for anyone wanting an incredibly fast air cooled system and thanks to the new copy system there which let’s you hoist HTML and Markdown directly. This is a build that is going to be whisper quiet and very fast. The big splurges are the two SSDs. Most folks will only need one, but having an ultrafast PCI Express NVMe to boost and the very capable SATA Sandisk Extreme is a dream. This is also a 4K monitor build which is fine for development use, but if you are a gamer, then you’d want one of the hot new 144Hz 2550 monitors.

The final real splurge is on a gaming mouse and a mechanical keyboard so that is another area you can dial back on.

PCPartPicker part list / Price breakdown by merchant

Type Item Price
CPU Intel Core i5-6600K 3.5GHz Quad-Core Processor $219.99 @ Micro Center
CPU Cooler Noctua NH-L12 37.8 CFM CPU Cooler $60.89 @ OutletPC
Motherboard Gigabyte GA-Z170MX-Gaming 5 Micro ATX LGA1151 Motherboard $144.99 @ SuperBiiz
Memory G.Skill Ripjaws V Series 16GB (2 x 8GB) DDR4-3200 Memory $109.99 @ Newegg
Storage Samsung 950 PRO 256GB M.2-2280 Solid State Drive $182.99 @ NCIX US
Storage Sandisk Extreme Pro 480GB 2.5″ Solid State Drive $184.00 @ Adorama
Video Card Asus GeForce GTX 970 4GB STRIX Video Card $318.49 @ SuperBiiz
Case Silverstone SG10B MicroATX Mini Tower Case $107.98 @ Newegg
Power Supply Thermaltake 750W 80+ Gold Certified Semi-Modular ATX Power Supply $59.99 @ Newegg
Wireless Network Adapter D-Link DWA-182 802.11a/b/g/n/ac USB 2.0 Wi-Fi Adapter $34.99 @ Micro Center
Monitor LG 27MU67 60Hz 27.0″ Monitor
Keyboard Logitech G710 Plus Wired Gaming Keyboard $88.98 @ OutletPC
Mouse Logitech G502 Wired Optical Mouse $62.90 @ Amazon
  Prices include shipping, taxes, rebates, and discounts  
  Total (before mail-in rebates) $1621.18
  Mail-in rebates -$45.00
  Total $1576.18
  Generated by PCPartPicker 2015-12-09 00:05 EST-0500  

I’ve spend the last six months getting deeply into programming again and over and over I find that I learn differently than the way most tutorials take you. So here’s a quick list of new things I’ve learned and the fundamental idea that (at least of me cracked the nut) where there are usual one or two important ideas

Docker: Separation and the Daemon

This is the big one, the tutorial is at once simple and confusing because it is so unclear how it all works. Yes there are containers, but the biggest thing that they do not explain is the docker daemon. if you understand this one idea, then figuring out docker is pretty easy (at least for me).

Like all virtual system, docker has that strange idea that when you type “docker run” things look ike your machine, but actually you have a different file system. It isn’t hard, but basically you live in a parallel universe and you can connect to your base system with a simple “docker run -v /usr/share:/home/rich/share which means in the contain what looks like an incredibly privileged space is actually use your local directory.

The second is the concept of a Dockerfile and docker push/pull. A Dockerfile is like a shell script which configure your container. You check it into to git and when you feed the file to docker build, you create one which you can push. Docker always starts as root, so the main thing to get over is that you have to recreate the all the users in your system

The concept is buried in a docker-in-docker article but the simple point is that on every machine there is a single docker daemon that controls all docker containers. Previously they had a concurrency model, but this is more maintainable. So this explains what is happening with a Dockerfile, when the daemon (a super user kind of thing) gets control, it get a zipped image of the entire directory where the Dockerfile lives and it processes from there as it’s world. It also explains how docker machine works. You can access the daemon by taking to it on a well know named socket if you have the right credentials. When you do a docker pull, it is this one daemon across all the users on the machine that does the caching. And you can connect to that daemon so that a docker container can create containers across the internet, or side-by-side. This is also what allows docker-machine to work, when you type “docker” it adjusts the docker daemon you are talking to go to a different machine


This is one of those programming languages that no one likes but you have to use. It is natural because it is the simplest way to glue together commands.

The main thing to realize about Bash is that anytime you are writing a loop (for i in . ./lib ../lib; do source $i/foo.sh; done), you have probably done something wrong. Bash is all about finding commands that iterate for you and return a stream of bits, so it is about searching and turning procedurals into a stream. The above is rewritten as find . ./lib ../lib -name foo.sh | head -n1 | xargs | source {} which does the same thing

For subtlety, there is one key idea in bash. That is the idea that every command has a return code and this is always what’s driving what happens next. If you have set -e on it will even stop a script is you have even one bad exit codes. Even things like ((i++)) has a value and also a return code. When does this bite you, well in the middle of a long pipe, you can have a bad exit code and the thing crashes, so watch your error codes!

  • Objective C. The main thing is that everything is an interface, so you have to be careful about declaring and them and making sure you use the right one. Not complicated in theory, but man complicated in practice.

  • Python. You can think of it as a simple procedural programming language which is how most uses of it go. Sort of like bash but longer, but the real power is in its string and array functions.

Wow, it took me a long time to find these bugs, but I’ve been working on various bash scripts and I finally figure something out that is hard to know:

There are a bunch of of bash safety checks that you can turn on. Most see great, but there are real gotchas. Here are two difficult ones. I hope you never encounter them:

set -e and the && construct

  1. We use a restrictive set of checks here set -ueo pipefail which means the scripts that the scripts stop is any command returns a non-zero exit code, or if anything in a pipeline fails or if you use an unset variable.
  2. I have been using a common construct to print out errors, $VERBOSE && echo start edits

But this has a series of consequences.

  1. What is the return value of the $VERBOSE && echo foo if VERBOSE if set to false. Well, it is not the same as if $VERBOSE; then echo foo; fi as I thought. The former returns 1 while the later returns 0.
  • So you can’t use the pipe on success as a synonym for the if-then. In particular if you use set -e, the script will mysteriously fail in normal mode but run find in debug or verbose mode!

  • In fact any multiple pipe like ls -l && ls -l ../lib will fail 

    1. There is another common thing test || echo false && echo true but be careful this is not equivalent to an if-then-else becaue if the second statement fails, then you will never get to the final thing.
  • The effect is more subtle actually, as long as you use just the || operator you won’t have a problem since it only tests for false, so ssh git@github.com || true is a simple way to run something if something fails. This is ok, but the other version ssh git@github.com && echo works" does not because you get an error code as the return value, you can tryssh git@github.com && echo works || false` but only if you can guarantee that the “echo works” will never fail which is of course pretty impossible :-0


    set -o pipefail causes ssh to hang up and behavies differently in single step

    The next one is even more insidious, one good suggestion is to turn on -o pipefail. This makes sure that in a long pipeline, you don’t mask errors, so for instance false | true will be ok with pipefail, but will fail with it. this helps you check long pipelines. There are two things that make it unusable at least for me on Ubuntu 14.04:

    1. If you grep for something and don’t find it, there is no way to have the thing not fail. You can’t grep home /etc/bar | cut -f 1 for instance, you have to cut it into pieces because of the grep fails if it doesn’t find things, so you have to have temporary variables everywhere x=$(grep home /etc/bar) if echo $x | cut -f 1…which is really a mess.
  • Things get very strange with ssh and interactive traps. But if you have pipefail on and are in an interactive ssh session, it will close the ssh session if you encounter an intermediate pipeline failure. There isn’t any recoverly. Also if you use trap DEBUG to catch errors, then it will work fine because the pipefail is cause by the trap. So it is very hard to debug. 

  • Net, net -o pipefail is optional and I’m glad it is. I’m taking it out of my stuff now.


    Net, net the lesson is ignore the various google queries that are clever about && and || for pipes, use if-then-else. Sigh, I have a lot of code to fix!

    OK, here are some quick notes about things you should do to get a basic level of privacy:

    • Signal. This is a smart phone application that let’s you encrypt your calls and text messages. Its on IOS and Android and super easy. If you are a geek, then you can also try ChatSecure, the same idea, but uses an open source library called OTR and routes through the TOR network. Whew. Of course I don’t have anyone who I can actually chat with.
    • Hard disk encryption. Turn on FileVault on your Mac, BitKeeper (I think on Windows) or Ubuntu disk protection (you need to reinstall though for that).

    • Password Manager. KeePassX is free open source, but I like 1Password even though it is closed source because it works well with browsers.

    • Two Factor authentication. This is a pain to setup, but it makes it very hard to crack since the attacker needs your cell phone. Google, Amazon and Dropbox all have it.

    • Tor Browser. A complete pain to use and slow, but it is safer. 

    • Ad Blockers. Mainly so folks can’t track you.

    • VPNs. PrivateInternetAccess works well for me. 


    Then there are some experimental ideas:

    • Qubes. It uses Xen to be a security oriented hypervisor

    Well if you missed the notification, there is something called COPPA where Amazon has to certify it doesn’t advertise to sites that market to kids under 13. If you didn’t fill out the form by October 31, they close your affiliate account and invalidate all your tags. How nice legal things are.


    Oh well, so now you have to create your affiliates account and then there is the handy Better Search and Replace plugin for WordPress that let’s you change all your tags. Good luck!

    Well these last three days feels like a hard slog. Here are some of the tips for Linux geek, so hopefully you can avoid problems when you are just trying to get a regular job that will pull from a git repo and run an automated build.

    There are many systems available to do this, so this more educational than anything else, but it helped me learn quite a few things about ubuntu 14.04:

    1. Crontab is a really nice utility for running user jobs at regular intervals. Like editing of system files where you want some protection it is a little strange. You run crontab -l to see your system jobs. If you don’t have anything listed, it returns none found and it isn’t clear how to do the equivalent of a touch. The answer is echo "" | crontab -` which says put a newline into the crontab

    2. Crontab is also strange in that it needs a blank line at the end otherwise it will not process things!

    3. Crontab has an interesting syntax. Basically an asterisk means run it all the time. If you put a number in a column, it means run it when that column is equal to the number. So if the minute = 0 for instance, it means run  the line everytime you are at 0 minutes (that is on the hour). The syntax “*/30” means that you should run it every 30 units (for instance 30 minutes if it is the first).

    4. Finally if you are trying to run ssh in a cron job all kinds of strange things happen. You can’t put in a password for your ssh key because it is in the background, but you can use keychain to add it and have it remember your password (so you only have to type your password in every time the machine reboots. But in order for this to work, you have to rememeber to source a magic file in .keychain which is named $hostname-sh. This just sets the SSH_AUTH_SOCK variable correctly for you.

    5. You can actually manually figure out where the ssh-agent is by looking through /tmp and seeing if the a magic file has your ssh key in it using a find command and then grepping the name of the pipe.

    Well, a Honda Fit is an incredibly practical car. You can buy expensive accessories, but the after market is terrific:

    1. Floor mats. Rather than the factory ones, from Auto Anything, you can get custom fit nearly impervious ones for $99 less 6% off in a cilck through rebate and Retailmenot has a 15% off coupon. Not bad. Hexomat works well, but we are trying Lloyd this time.

    2. Pleather seat covers. Ok, this sounds terrible, but they actually work well. Easy to wipe off and they don’t wear like cloth seats. And if you have them getting wet all the time, there is nothing like it. Coverking used to make Honda Fit covers, but no more, now we are trying. Now we are trying the 2015 covers (the 2016 Honda Fit is the same except it is made in Japan and not Mexico so hopefully more reliable). CalTrend “I Can’t Believe it is not Leather”

    3. Yakima whispbar roof racks. You truly can’t even hear them. For the 2012 Honda Fit, you need the S24 and K446 fit kit. The newer 2015-16 need the Whispbar Flush  S33 and and K853W. You can also get a long rack with the HD Bar T15 or the through bar S15 all using the same foot. The different is that the flush is very finished and the rack doesn’t extend past the foot. The through bar goes past it while the HD is designed for work applications. The flush sees the right choice. You can get from REI (remember there is a 20% off with a Discover card payment through Apple Pay plus 10% off as an REI member) if you buy at the store before DEcember 31st with a new Discoer car.

    4. Hitch. You can actually tow up to 2500 pounds and have a tongue weight of 150 pounds!

    Uh, why did they do this, you cannot run Unifi.app in /Applications, it needs a writeable directory. So it needs to live in a writeable place like /Applications/Unifi/Unifi.app and make /Applications/Unifi writeable, but this didn’t seem to help.

    What did was to delete and reinstall and then it seemed to work after a reboot. I don’t know why.

    The Unifi Discover application seems to take a long time. 

    This thing remembers old installations and removing the application doesn’t help, so if you have ever installed 3.x or 4.x, you will need to recover your password

    If you have lost your password, you have to download Mongo, then run the bin/mongo, use ace and run db.admin.find() and you can see the password in clear text. Yikes, this is not the most secure system.