# Big numbers, random numbers and who's got your number ?

Sunday, 20 July, Year 6 d.Tr. | Author: Mircea Popescu

.cri no : syad eseht trats sgniht doog lla sa detrats lla tIi

asciilifeform yarchive.net/dev_random.html << Linus on rng, for anyone who hasn't already read.
mircea_popescu "As an example, the following string of numbers is anything but random: 1 2 3 4 5 6 7 8 9 10 However, if this is run through a MD5 or SHA whitener, the result would *look* random, even though the source material is anything but random." In which we find Theodore Y. Ts'o doesn't comprehend what random means.ii

asciilifeform 'Random' is simply a non-scientific qualifier. Like 'big'.
mircea_popescu Looking forward to reading medicine treatises in similar terms. Something tells me teh colonies will soon deliver.

That's exactly right, that bigness example. A number can not be big. A number can be bigger than another number, but only if they're both giveniii. Outside of that context, there is no such thing as "a big number". People may and do talk of large numbers, but this is strictly shorthand - they always have in mind some sets of numbers and some metrics that allow the comparison. For instance, three is a large number of tits for a girl to haveiv, but only because all the girls anyone's ever met had two.v

Randomness is no different. Just like 1 can be a big number in the context of a lot of epsilons, just so the succession 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 can be a random sequence. Randomness, like bigness, is not a property of numbers themselves. Which means that yes you can test the past output of a RNG in order to evaluate, ceteris paribus, the likelihood of good entropy being delivered in the future. What you can't do is take a dump of numbers and through looking at them evaluate if they're random or not. There's no such thing as random-looking numbers anymore than there's an unpoisonous-looking bowl of chili. The controlling factor as to whether the bowl of chili is poisonous is whether someone fucking poisoned it, not whether it looks just about right to you. Same deal with random numbers.

Think of it the other way : if you're playing dice, the fact that the previous nine shots came out snake eyes has exactly zero bearing on the likelihood of rolling snake eyes. Belief to the contrary is known as the gambler fallacy, and is one of the main revenue generators for casinos worldwide. This implicitly means that if a casino were to naively hire one of these idiots (Theodore Y. Ts'o, H. Peter Anvin et all) to make it a digital replacement for the old-and-therefore-bad vi dice and then ended up with output ensured against the scandalous result of 1-2-3-4-5-6-7-8-9-10, I could make a pretty penny just sitting around, waiting for 1-2-3 sequences and then betting against 4. And if 4 shows up, no big deal, double down against 5, and then double against 6. Eventually the "randomness" enforcing technology's going to kick in and make me a bundle, right ?

In closing : there's a very good reason to have a franchisevii in all important fields. That reason has a lot to do with the relentlessness of un-self-aware idiocy.

———
1. Gotta add some entropy somehow, amirite? []
2. A lot of shocking derpage going on in there, read the part about how keypresses make for "a very good way of generating entropy" and how to solve the "MAKEMAKEMAKE" problem. (O, you never heard of that particular problem before ? Maybe that's because you don't talk to Internet monkeys.) []
3. And if there's also a metric available, but let's not get too fancy and start pondering what's bigger, 2 or -3, the hundred bucks in your pocket or the five hundred you owe, stuff like that. Metrics get iffy fast, it's a rule. []
4. Even though Napoleon has an infinite number of arms. []
5. Which leads us to a joke. Consummate punter goes to his usual brothel, looking kinda out of sorts. Matron is very welcoming, guy is kinda meh, she eventually asks what's the matter ?

"Well", the guy answers sunkenly, "I've done everything with everyone, seen it all, done it all, fucked it all, rolled up and smoked it all. I think I'ma go kill myself."
"Before you do that", she solicitudinously retorted, "I have something for you. We just got a new girl fresh from the US, she's a former 4th placed state beauty queen pageant something or the other, has a degree in communication and also used to be a Congressional staffer."
"Meh".
"And she also has three tits."
"What ?"
"One, two... three."
"Bring her to me!"

So the guy gets the harlot, fucks her all night long - and of course the festivities mostly revolve around the central, supernumerary teat. Morning comes, bright and clear, and the guy sees the girl come out of the bathroom. Two tits. One, two. What the foo ?

"What happened to your third tit ?!"
"O, that zit ? I squeezed it."

So now you know. []

6. There are two kinds of idiots in this world, the kind that says "this is old and therefore bad" and the kind that says "this is new and therefore better". []
7. A system whereby the right and the ability to speak have to be acquired, and are not obtained automatically. []
Category: Zsilnic

17 Responses

1. For instance, three is a large number of tits for a girl to have, but only because all the girls anyone’s ever met had two.

Cue Total Recall joke.

I'm curious, what filesystem(s) are you using on your Linux machines?

2. 2
Mircea Popescu
Sunday, 20 July 2014

Amusingly, you're not the only one. Actually, you're two out of two. Compare and contrast with

> And as far as I can find, no one's tried to make a good model or
> estimate of actual keyboard or mouse entropy.

Since a human is involved, and we're measuring to a fairly high level
of accuracy, I'm not particularly worried.

Maybe the correct model to estimate actual keyboard entropy is basically f(x) = 0. In any case humans are horrible at being random.

I'd rather not say.

3. So... this article is here only because poor tytso used the wrong word? Interesting discussion though, and it still not solved out of the box - I've been bitten a few times by the nature of /dev/random (it can block for a long time, slow down your whole system like crazy, or return less than you asked for, depending on what you do, especially in VMs).
From what I'm reading on LibreSSL development, using a device for getting random data isn't the best of ideas anyway.

BTW tits are like cores http://bash.bitcoin-assets.com/?quote=35

4. More interesting stuff: https://blog.flameeyes.eu/2014/07/libressl-is-taking-a-beating-and-that-s-good

5. 5
Mircea Popescu
Sunday, 20 July 2014

No, it's not here because poor tytso used the worng word, it's here to have the discussion, and underscore how important it is and how it works exactly for the reason that look! even tytso can be bitten by it, and how!

Education, you know ? It's an art. (And yes the people being all butthurt because they read on Trilema that they're stupid are going out of their way to prove the point.)

6. pankkake:

> /dev/random... can block for a long time, ...return less than you asked for

Tertium non datur! what would you want it to do if there isn't entropy to be had?

7. 7
Mircea Popescu
Sunday, 20 July 2014

Shuddup and make me an entropywich.

(It actually does exactly this, incidentally, it's discussed in the linked material : if it has 100 bits and you ask for 1k it just gives you 100 and credits you for 1k. Much like the US Fed - which is what inspired it - and actually for the same exact reasons.)

8. I don't "want it to"...

9. https://pthree.org/2014/07/21/the-linux-random-number-generator/

10. 10
mihai b
Saturday, 26 July 2014

https://ro.stiri.yahoo.com/primul-bancomat-bitcoin-din-rom%C3%A2nia-moneda-va-fi-125020112.html

why rotariu and not popescu? :)

11. 11
Mircea Popescu
Saturday, 26 July 2014

De lene.

12. 12
mihai b
Saturday, 26 July 2014

:)) (i'm a human being, let me post this comment, pls)

13. 13
Mircea Popescu
Saturday, 26 July 2014

Da' pula, iti dai seama cam de ce consumatoru' tu va fi bombardat cu mesaje despre cum "Bitcoin va fi controlat" ?

Nu va fi, da' ie ok : oricum nu-i pentru puletele de massa.

14. 14
subSTRATA
Monday, 4 August 2014

Anyway, what happened with the game you have been working on? I was not following it much but now I have come up with an idea - killer one, no less, of course - for a game, any chance you might be interested in participating somehow? If yes, send an email for more info, thanks!

15. @subSTRATA: tunnel vision less.

16. 16
Mircea Popescu
Tuesday, 5 August 2014

@subSTRATA Well ideas are not in much demand, but hard working people with art or code skills definitely.

1. [...] -- always and forever the cause of widespread stupidity (aka socialism). [↩]Remember the many bits of this lengthy discussion ? [↩]Noticed how the pantsuit luminaries ditched the [...]

»
If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.