@_patrickoden | messages: p at this website

Sandboxing at home

I built my desktop computer enough years ago now that I cannot recall exactly when I built it. I want to say it was maybe around 2010. That seems so long ago. It seems too long ago. Yet, I think that is about right. I have upgraded it a few times over the years, including a new motherboard, new ram, and a nice nvidia 1080. I have added a couple of hard drives, and I have gone through many keyboards and mice just on this machine. I also swapped the single 1080p monitor for dual 1440p monitors. That might have been the best upgrade. However, it still runs on the same i5-2500k. That processor has been magnifique. I have definitely gotten the full value out of that piece of hardware.

Since 2001, I have been using Linux/GNU[1] to some varying degree. As of about ten years ago, it is the only kernel that I have run on a laptop, until I recently bought a MackBook Pro. I had been using Windows on my desktop as a dual boot option (really, tri-boot, but dual in practice). About five or six years ago, I could probably say that I was not really using Windows at all. I was doing all of my productive work on Linux exclusively, and I was only booting into Windows 7 to play a few games that I couldn't play on Linux. I still keep a copy of Windows 7 on my machine to dual boot into occasionally. I did last night, for example. It has been so long since I've been over there. The desktop environment was all but alien to me. Forget Windows 8 or 10. I used Windows 8 once, then never again. I have never even touched a Windows 10 machine. I used to be the one that my family would call about this or that went wrong with their computers. Now, for any of them with anything even remotely new, I have no idea anymore.

I did get my father-in-law to use a Ubuntu box with a VM Windows XP running on it. He did that for a whole year (!!), but finally got too annoyed with the Windows in VM that he swithced over to Windows full time again. Too bad. I think it was all because LibreOffice Writer didn't format the font in some .docx he'd received from a customer, and he couldn't get it to work right so that cranked him, and he went back. Something as simple as MS proprietary font that wasn't auto-replaced by a system font on Ubuntu/LO was all it took.

I've been using Gentoo Linux for about ten-ish years. I have used Slackware and Mandrake (my first ever was Mandrake), Debian, Ubuntu, Void, Arch, one that maybe used Enlightenment as its desktop environment but I can't remember which one that is, Mint, Peppermint, Puppy, Tails, and Kali. I want to like a few of them, but I kept coming back to Gentoo on my desktop. On various laptops I've had, I went with Debian usually or sometimes Ubuntu, but mostly Debian. I've done Gentoo on laptops before, but upgrading packages is not as convenient on a laptop, especially if I don't want it to just sit and compile all night every couple of weeks.

What does this all have to do with sandboxing? Not much. Sandboxing is just the latest thing I've been doing on my desktop. Well, latest; I've been doing it for a few years now.

Here's what I do: I've got the main installation, e.g., Gentoo rootfs on /dev/sda. This has only the base system plus maybe a few programs, like wget, elinks, ranger, qtfm/spacefm, and utilities like xsetwacom (Wacom tablet driver) for my drawing tablet. Et cetera. And then I have chroot systems for things like Firefox, Chromium, Steam, Gimp, and LibreOffice. Usually, each goes in its own chroot. Firefox goes in /mnt/fire. Chromium in /mnt/chromium. Steam, however, goes in /eve currently, as a relic of when I was playing a bit of EVE Online on this machine.

Creating chroots in Gentoo is really easy. It's just a few steps like you are doing a new install of Gentoo from within Gentoo. You make the target folder. Unpack a stage 3 into the folder. Edit a couple of files. Then mount the filesystems.

To take care of upgrading, I mount -Rv the portage directory from the main system to the chroot, and some packages/upgrades also require a mount -Rv of the current /usr/src/linux to the chroot /mnt/CHROOT/usr/src/linux so that the packages are compiled correctly.

Then simply chroot to the new /mnt/CHROOT, update the base system, create a user, and install Firefox or playonlinux or wine or whatever you wish.

There are a couple of nice reasons to do this. One, it provides you some protection for your base system against malicious actors. No, it's not perfect. What is? VMs take a lot of resources. Docker and Flatpacks and Snaps are pretty good, but then I'm not running native, compiled-from-source packages on my compiled-from-source machine. Another thing I like about doing it this way is that I can use my file manager from my base system to interact and directly manipulate all the files on my chroot systems. Probably the second best reason is that this is a super easy way to keep dependencies separate. The only time I ever have a problem is when Gentoo developers have masked a package required by whatever software is installed on the given chroot. Possibly the best reason is how light on resources this method is.

Currently, I have software in three different chroot environments running and the memory footprint and CPU usage is nice and light. Running three VMs would put me way over the 1.42GB of memory that I'm currently using.

To get rid of a chroot, all it takes is making sure that the file systems are unmounted, and then rm -rf /mnt/CHROOT. It's as easy as that. If you don't ensure your file systems are unmounted, then you can wreck your base installation, so be careful. I always reboot into a shell environment to make sure nothing is mounted to /mnt/CHROOT before manually removing the chroot. Otherwise, I wrote a python program to do it for me. Creating a new chroot is also done via a python program I wrote, from the first mkdir to the emerge @world update and adding a user.

Alternatively, it is easy to copy a /mnt/CHROOT to /mnt/CHROOT-2 and edit a couple of files, and voilà, I nearly-instantly have an exact copy of the chroot including all installed programs and other files.

I am not claiming this is the best system, but I really like it, so meh whatev.

[1] This is the only time I am going to use the Linux/GNU terminology, probably on this whole site. I agree in principle with Stallman's criticism, but I just don't think it matters that much. Sry.


16:51 Tuesday, 03 April 2018 permalink

Practice face 1


17:02 Friday, 30 March 2018 permalink



22:46 Thursday, 29 March 2018 permalink

Happy birthday to two sweet little girls

Today was the birthday party for my nieces, Leah (5) and Emily (3). Today was not their actual birthday, of course. It was just a consolidated party to make things easier on their mom.

My brother, their dad, had to miss the party this year. He is going on his eighth week in the hospital, I think. He suffered heart failure from an unknown cause, spent about seven weeks in the cardiac ICU and is now at the rehab hospital. He is going through some struggles, not the least of which is, for example, missing out on his daughters' birthday party, among many other things. Not the least of which ... maybe that's the very most of which. His wife and all four kids got to go to the hospital after the party, so at least they all got to see him today, and he them. I think this was the first time he has seen his littlest one in this entire time.

I remember what it was like to be in Minneapolis for two weeks while my wife and then-eighteen-month-old son were in Pittsburgh. This was one of the hardest times of my life. I missed my little guy so much.

I will never, ever, ever forget his reaction and the look on his face when I showed up to meet them at a house we were considering buying. I treasure that memory and recall it constantly.

The doctors seem to think that my brother will eventually recover, at least to a significant degree if not fully back to normal. He has a mechanical heart pump that he might need for a long time. Maybe he will need a heart transplant some day. This is not uncommon. All I hope for is that he is soon able to go home and be with his kids again. And I hope that they look at him the way my son looked at me. That they look at him that way every single day. And that my brother cherishes those looks. They are already doing it, of course. I was there when the eldest two kids saw him for the first time in the hospital. It was beautiful and magical. I hope, hope-hope-hope-hope-hope, that he has a long time to spend with them still.

In the meantime, the birthday party was great. All of the children had a lot of fun. Even when life is tough, we can still find little jewels of love and joy to keep us going.

Keep going, we shall.


01:04 Sunday, 25 March 2018 permalink


There are days when I can feel the burst of newness, of growth and energy, permeating the air. There is still snow on the ground here, though not much anymore. Today feels like one of those days. Today feels like Spring is arriving soon.

This is one of the best feelings. I suspect this is true for most people who live in the dark, northern latitudes. Spring is when we can crawl out of our caves and hovels and see that the world is bright and light and new again. Anticipating that, that is one of the best experiences we can have. It is freedom and beauty and rebirth.

And today Spring feels like it is finally coming. I sparkle with delight.


17:41 Wednesday, 21 March 2018 permalink



15:31 Tuesday, 20 March 2018 permalink

Automating the workforce

Skepticism of superhuman artificial intelligence[0] can be compatible with a belief that a large part of our workforce (globally) will eventually become automated. Skepticism of superhuman AI is the null hypothesis. Proponents of the belief in possibility of superhuman AI have a heavy lift at this piont.

Meanwhile, it is a mistake to confuse skepticism of superhuman AI with skepticism of advanced AI and of advanced robotics and of a highly-automated global workforce. That there may still work for humans in the future that robotics and machine intelligence cannot do as well does not mean that there will be enough work for every person to do.

For example: Stipulate that robotics will be able to take over even merely 50 percent of the work that currently employs humans.[1] In 2012 numbers, that would mean the workforce drops from 3 billion people to 1.5 billion people, while the number of unemployed soars from 200 million to 1.7 billion people.[2]

Perhaps this alternate scenario is not the end of humanity that the superhuman AI theory proponents fear, but maybe it sets us on the path toward a different disaster of our own making. The consequences of that many unemployed people around the globe would be devastating, if not species-threatening.

Be skeptical of claims based on a future full of superhuman machine intelligence. Be cautious of writing off all warnings based on a future full of advanced machine intelligence.

The robots coming for even just a lot of our jobs could put us in a perilous position.

[0] Link

[1] Assume that this 50 percent includes gains from new opportunities from increases in productivity and innovation that come with the robotics/machine intelligence revolution.

[2] Link


01:57 Monday, 19 March 2018 permalink

The Facebook threat to democracy

Social media companies like Facebook, Twitter, and YouTube have been in the news and in the public consciousness for the past couple of years with regard to things like their influential effect on democratic elections and their role in fomenting populist uprisings and even amplifying hatred leading to terrible crimes like race-based hate crimes and genocide and ethnic murder.

There is now ample evidence that foreign governments[0] tried to and did interfere in democratic elections in Britain, the United States, France, and Germany. The degree of success in each campaign is unknown to any real level of detail, but the broad impact is understood. Money, disinformation, false-flag activities: these are the hallmarks of a covert influence campaign. Governments have been trying to influence the outcomes of elections in other nations for probably as long as there have been governments and elections and nations. Never before has undertaking been so effortless, the cost of doing so been so inexpensive, and the repercussion of having it done to you been so dear.

The threat from social media companies is clear. They provide the platforms for bad actors. They offer little or no oversight on behalf of the public. And indeed, they profit from these bad actors and not from protecting the interests of democratic populations.[1]

A common defense from the social media companies has been that they merely provide the platform. They disclaim responsibility for the way that bad actors might happen to use the platform they provide. It is not their fault, they claim. Nor can they be expected to police their own services.

Is this acceptable? No.

Any other company that was caught taking money from foreign agents to influence domestic elections would rightly be considered to be committing a crime. Facebook, for example, took money from foreign agents (Russian operatives), and showed election-related ads to domestic voters (election influencing). Facebook should no more be allowed to do this than, for example, the National Rifle Association in the United States should be able to take millions from Russian banks to spend on the 2016 presidential election. Both of those acts should be illegal foreign influencing of free and fair elections.

The real threat from Facebook is the opacity of the platform. If the NRA buys political ads on television, or sends mailers to its members, at least there is a chance that failure to follow election laws could be reported to the oversight agency. On the other hand, if Russian agents are buying and placing microtargeted, and as the Washington Post says[2], "weaponized" adverts in an attempt to trigger emotionally-unstable voters with the goal of influencing a democratic election, then how would the world ever really know? How would we know that Russia is behind the effort? How would we know who is targeted? How would we know what Russia's intent is? Basically, at this time, we would only realistically know the answers to these questions if a company like Facebook voluntarily disclosed that information.

That disclosure is not in Facebook's, or any other social media company's, own short-term financial interest. That disclosure would damage the company's good will, image, and brand. On at least a very small scale, that disclosure would probably lead to a minuscule decrease in profits, but not zero. But, most importantly, that disclosure would leave the company exposed to greater scrutiny from the types of democratic governments, and probably other authoritarian governments, that the bad actor nations are targeting. Increased oversight, and the cost of compliance, is never a financial benefit to any company. So, we should not expect that Facebook or any other social media company will of its own accord volunteer information on malign actions by foreign states.

Take the recent revelations about Cambridge Analytica, as an example. By at least one account, Facebook only acted because investigative organizations like The Guardian and The New York Times were on the verge of publishing highly detailed, critical, and potentially damaging information about Facebook and its relationship with CA.[3] We would not have gotten this information voluntarily from Facebook, or any other social media company.

That leaves us with the question of what to do about these platforms that so easily enable corruption and malign election influencing. That is a difficult question, no doubt.

One glib answer has been to shut them down. Clearly, if you favor open markets and free expression of ideas, then banning social media is not the right answer. However, coming up with the right answer is going to take some real effort. If it came down to a question of being able to have social media, or to have democracy, but not both, then I for one would choose democracy.

[0] Talking about Russia here, of course.

[1] There have also been charges that companies like Facebook actively assist oppressive authoritarian regimes against their own people, but this essay will not address that question, as horrific as it is.

[2] See, link

[3] E.g., link


12:27 Sunday, 18 March 2018 permalink

To strive for happiness or contentment

My brother and I have had a recurring conversation over many years about whether a person should strive to be happy or strive to be contented. I take the happiness angle, and he argues for contentment.

If I were to try to characterize his position, I should say that a person can never truly be in a state of permanent happiness, but that contentment is achievable. Therefore, striving for happiness is folly and doomed to failure, while striving for contentment is good. Striving for happiness will only lead to disappointment, and indeed not happiness at all, or even contentment. There is more, but this is the main thrust.

On the other hand, I would argue that striving for happiness is not the same as being happy at all times.

One of my concerns in choosing between these goals is a propensity to undershoot the mark. If a person should strive for contentment, then perhaps she merely reaches a state of eternally mild dissatisfaction. Whereas, if she strives for happiness, and fails, then maybe she has consolation in mere contentment?

This is not my main point, but perhaps it is not insignificant.

Primarily, I would say that striving for happiness pushes a person's character, skill, knowledge, and self-worth further than striving for the lesser degree of contentment does. I am in the camp that holds the Socratic disdain for the unexamined life. I would apply that to unimproved as well, in that examining one's own life is of little benefit if it does not lead to betterment in one's character, skill, knowledge, ethical behavior, et cetera.

Striving merely for contentment is, I think, at risk of settling for mediocrity. Contentment can lead to complacency, which can in turn lead to decline. Striving for happiness possibly does not suffer this same risk, or at least not to the same degree.

So, strive to be happy. Be contented with knowing that you do not settle for being contented.

Clearly, there is much more to say on the subject.


23:45 Saturday, 17 March 2018 permalink

Cultural importance

Just a quick note to say that I think a very real possibility for the Most Important Thing is culture. I will write about culture and its importance in greater depth in the future. For now, I will just say, that of any other idea, person, place, or thing, culture comes the closest to being the most likely Most Important Thing, in my mind.


10:31 Friday, 16 March 2018 permalink

Big issues of the day

What are the big issues of our time?

- The #MeToo movement, and the cases of sexual assault and harassment that started it

- Russian meddling (too light of a word?) in elections, like US 2016, Brexit 2016, France 2017, Germany 2018, and who knows where else in the world

- In the US, gun violence and school murders

- Globally, robotics and machine intelligence coming to take over most jobs, and whether this will mean more, different kinds of jobs for people, or the end of jobs for people

- Violence in places like Syria, Myanmar, and Yemen

- Immigration from worse-off places to better-off places, around the world

Pollution in developing nations, and, let's face it, developed nations

And, of course, the biggest issue of all: climate change, and what to do about it.

There are many more challenges, and opportunities, than what I have listed here. I plan to write on some, eventually all, of these topics, and many more.


16:15 Thursday, 15 March 2018 permalink

The most important thing

For nearly as long as I can remember, I have been asking people what they think the most important thing is. It could be an idea, or a person living or dead, or a literal thing. The replies over the years have been numerous and varied. Not quite as many unique replies as queries made, but a decent selection from which to pick and choose.

Perhaps unsurprisingly, god/God/deities/supreme being has been a common theme. Love has been less common than I might have expected, though I don't think I am naive so maybe I should not expect love to be considered the most important thing by many people. Plenty of people have said money, which does not at all surprise me.

Some other entries have included the scientific method, family/relationships, computers, internal combustion, society, politics, certain politicians (including long dead luminaries and even ancient queens and senators and emperors), the printing press, accounting, language, and Bob Dylan. There have been a thousand more. I have not kept track of them all.

I have yet to be convinced.

Some of these examples could be candidates for the most important thing. I have ideas for other possibilities as well. It has been surprisingly difficult for me to wrestle with this question. The easy answer, of course, would be that there is no one most important thing. That is not the interesting answer, so I keep asking.

I will explain my thoughts about why a deity is not a good candidate to be the most important thing, since this is possibly the single most common answer (if all similar variants are combined). Surely, if you believe in a god, or certain types of gods (all-powerful, jealous, wrathful, hateful, etc) then it would be easy to think that this deity is the most important thing. But what would change if that deity did not exist? It is not obvious that anything would change. Not everyone who says their god is the most important thing believes in the same god. Therefore, clearly some of those deities do not exist.

Would that be different than taking the case where no deity exists? How? The universe would not exist? Okay, then I wouldn't be here to ask that question anyway, and nothing would really change. If my existence is predicated on whether or not a universe-creating deity exists, then I might as well say that my existence is predicated on whether the universe exists. In that case, the universe would be the most important thing rather than the deity. If the deity exists but chose not to create the universe, then the universe would still be the most important thing[0].

Could one then make the case that the universe itself is the most important thing? I am not convinced. The universe is, really, just a placeholder for existence itself. All things that exist, exist in the universe. No things that exist, exist outside the universe[1]. Is existence the most important thing? I don't think so. Does it matter whether a thing exists or not? Is the most important thing to me my own existence? If you can say, "I would rather not exist than for some condition X to be true," then existence itself is not the most important thing. For example, I would say that I would rather not exist than for there to be the case that every other sentient being is tortured in order to continue my own existence. In fact, I would prefer never to have existed at all in that case. So existence cannot be the most important thing, certainly for me, and I strongly suspect so for every rational, empathetic person as well.

Or think of it this way: Is the most important thing to the portrait the fact that the canvas exists? Of this, I am skeptical.

Is it better than a deed be done well than never to have been done at all? It is not the case that the answer is always better to do the deed than to do it well. Though, certainly, it sometimes is: Better to have loved and lost, than to never have loved at all. But that is because love is the most important thing, not the existing itself.

[0] Unless somehow I could exist without the universe? But then I would be the universe itself, if the universe is simply all that which exists. That's a little too strange of a road to go down right now.

[1] Without getting into multiverse theory here, let's say that the multiverse is really just the universe of universes. So what we can say here about the universe also applies to the universe of universes.


11:57 Thursday, 15 March 2018 permalink

Begin, again

Stephen Hawking has died.

I am coming back to public writing.

Are the two related? Yes. Yes, they are.

Hawking had the ability to communicate ideas both simple and complex in a way that was straight-forward and easy to comprehend. This used to be my goal. My choice of topics were different, but the purpose is the same: to increase the amount and accessibility of knowledge available in the world for anyone with the desire to know it.

In the past sixteen years, I have instead busied myself with lawyering—the pursuit of which I have no reason to regret.

However, Stephen Hawking's death has jolted me. It has reminded me of what it was like to be a seeker and conveyer of ideas. That is what I want to do again. That is who I want to be again.

So, I am back to it.


12:16 Wednesday, 14 March 2018 permalink