Big numbers, random numbers and who's got your number ?

Sunday, 20 July, Year 6 d.Tr. | Author: Mircea Popescu

.cri no : syad eseht trats sgniht doog lla sa detrats lla tIi

asciilifeform yarchive.net/dev_random.html << Linus on rng, for anyone who hasn't already read.
mircea_popescu "As an example, the following string of numbers is anything but random: 1 2 3 4 5 6 7 8 9 10 However, if this is run through a MD5 or SHA whitener, the result would *look* random, even though the source material is anything but random." In which we find Theodore Y. Ts'o doesn't comprehend what random means.ii

asciilifeform 'Random' is simply a non-scientific qualifier. Like 'big'.
mircea_popescu Looking forward to reading medicine treatises in similar terms. Something tells me teh colonies will soon deliver.

That's exactly right, that bigness example. A number can not be big. A number can be bigger than another number, but only if they're both giveniii. Outside of that context, there is no such thing as "a big number". People may and do talk of large numbers, but this is strictly shorthand - they always have in mind some sets of numbers and some metrics that allow the comparison. For instance, three is a large number of tits for a girl to haveiv, but only because all the girls anyone's ever met had two.v

Randomness is no different. Just like 1 can be a big number in the context of a lot of epsilons, just so the succession 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 can be a random sequence. Randomness, like bigness, is not a property of numbers themselves. Which means that yes you can test the past output of a RNG in order to evaluate, ceteris paribus, the likelihood of good entropy being delivered in the future. What you can't do is take a dump of numbers and through looking at them evaluate if they're random or not. There's no such thing as random-looking numbers anymore than there's an unpoisonous-looking bowl of chili. The controlling factor as to whether the bowl of chili is poisonous is whether someone fucking poisoned it, not whether it looks just about right to you. Same deal with random numbers.

Think of it the other way : if you're playing dice, the fact that the previous nine shots came out snake eyes has exactly zero bearing on the likelihood of rolling snake eyes. Belief to the contrary is known as the gambler fallacy, and is one of the main revenue generators for casinos worldwide. This implicitly means that if a casino were to naively hire one of these idiots (Theodore Y. Ts'o, H. Peter Anvin et all) to make it a digital replacement for the old-and-therefore-bad vi dice and then ended up with output ensured against the scandalous result of 1-2-3-4-5-6-7-8-9-10, I could make a pretty penny just sitting around, waiting for 1-2-3 sequences and then betting against 4. And if 4 shows up, no big deal, double down against 5, and then double against 6. Eventually the "randomness" enforcing technology's going to kick in and make me a bundle, right ?

In closing : there's a very good reason to have a franchisevii in all important fields. That reason has a lot to do with the relentlessness of un-self-aware idiocy.

———
  1. Gotta add some entropy somehow, amirite? []
  2. A lot of shocking derpage going on in there, read the part about how keypresses make for "a very good way of generating entropy" and how to solve the "MAKEMAKEMAKE" problem. (O, you never heard of that particular problem before ? Maybe that's because you don't talk to Internet monkeys.) []
  3. And if there's also a metric available, but let's not get too fancy and start pondering what's bigger, 2 or -3, the hundred bucks in your pocket or the five hundred you owe, stuff like that. Metrics get iffy fast, it's a rule. []
  4. Even though Napoleon has an infinite number of arms. []
  5. Which leads us to a joke. Consummate punter goes to his usual brothel, looking kinda out of sorts. Matron is very welcoming, guy is kinda meh, she eventually asks what's the matter ?

    "Well", the guy answers sunkenly, "I've done everything with everyone, seen it all, done it all, fucked it all, rolled up and smoked it all. I think I'ma go kill myself."
    "Before you do that", she solicitudinously retorted, "I have something for you. We just got a new girl fresh from the US, she's a former 4th placed state beauty queen pageant something or the other, has a degree in communication and also used to be a Congressional staffer."
    "Meh".
    "And she also has three tits."
    "What ?"
    "One, two... three."
    "Bring her to me!"

    So the guy gets the harlot, fucks her all night long - and of course the festivities mostly revolve around the central, supernumerary teat. Morning comes, bright and clear, and the guy sees the girl come out of the bathroom. Two tits. One, two. What the foo ?

    "What happened to your third tit ?!"
    "O, that zit ? I squeezed it."

    So now you know. []

  6. There are two kinds of idiots in this world, the kind that says "this is old and therefore bad" and the kind that says "this is new and therefore better". []
  7. A system whereby the right and the ability to speak have to be acquired, and are not obtained automatically. []
Category: Zsilnic
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.

16 Responses

  1. For instance, three is a large number of tits for a girl to have, but only because all the girls anyone’s ever met had two.

    Cue Total Recall joke.

    I'm curious, what filesystem(s) are you using on your Linux machines?

  2. Mircea Popescu`s avatar
    2
    Mircea Popescu 
    Sunday, 20 July 2014

    Amusingly, you're not the only one. Actually, you're two out of two. Compare and contrast with

    > And as far as I can find, no one's tried to make a good model or
    > estimate of actual keyboard or mouse entropy.

    Since a human is involved, and we're measuring to a fairly high level
    of accuracy, I'm not particularly worried.

    Maybe the correct model to estimate actual keyboard entropy is basically f(x) = 0. In any case humans are horrible at being random.

    I'd rather not say.

  3. So... this article is here only because poor tytso used the wrong word? Interesting discussion though, and it still not solved out of the box - I've been bitten a few times by the nature of /dev/random (it can block for a long time, slow down your whole system like crazy, or return less than you asked for, depending on what you do, especially in VMs).
    From what I'm reading on LibreSSL development, using a device for getting random data isn't the best of ideas anyway.

    BTW tits are like cores http://bash.bitcoin-assets.com/?quote=35

  4. More interesting stuff: https://blog.flameeyes.eu/2014/07/libressl-is-taking-a-beating-and-that-s-good

  5. Mircea Popescu`s avatar
    5
    Mircea Popescu 
    Sunday, 20 July 2014

    No, it's not here because poor tytso used the worng word, it's here to have the discussion, and underscore how important it is and how it works exactly for the reason that look! even tytso can be bitten by it, and how!

    Education, you know ? It's an art. (And yes the people being all butthurt because they read on Trilema that they're stupid are going out of their way to prove the point.)

  6. pankkake:

    > /dev/random... can block for a long time, ...return less than you asked for

    Tertium non datur! what would you want it to do if there isn't entropy to be had?

  7. Mircea Popescu`s avatar
    7
    Mircea Popescu 
    Sunday, 20 July 2014

    Shuddup and make me an entropywich.

    (It actually does exactly this, incidentally, it's discussed in the linked material : if it has 100 bits and you ask for 1k it just gives you 100 and credits you for 1k. Much like the US Fed - which is what inspired it - and actually for the same exact reasons.)

  8. I don't "want it to"...

  9. https://pthree.org/2014/07/21/the-linux-random-number-generator/

  10. mihai b`s avatar
    10
    mihai binsigna de prim sositinsigna de trolinsigna pentru 1000 de comentarii 
    Saturday, 26 July 2014

    https://ro.stiri.yahoo.com/primul-bancomat-bitcoin-din-rom%C3%A2nia-moneda-va-fi-125020112.html

    why rotariu and not popescu? :)

  11. Mircea Popescu`s avatar
    11
    Mircea Popescu 
    Saturday, 26 July 2014

    De lene.

  12. mihai b`s avatar
    12
    mihai binsigna de prim sositinsigna de trolinsigna pentru 1000 de comentarii 
    Saturday, 26 July 2014

    :)) (i'm a human being, let me post this comment, pls)

  13. Mircea Popescu`s avatar
    13
    Mircea Popescu 
    Saturday, 26 July 2014

    Da' pula, iti dai seama cam de ce consumatoru' tu va fi bombardat cu mesaje despre cum "Bitcoin va fi controlat" ?

    Nu va fi, da' ie ok : oricum nu-i pentru puletele de massa.

  14. subSTRATA`s avatar
    14
    subSTRATA 
    Monday, 4 August 2014

    Anyway, what happened with the game you have been working on? I was not following it much but now I have come up with an idea - killer one, no less, of course - for a game, any chance you might be interested in participating somehow? If yes, send an email for more info, thanks!

  15. @subSTRATA: tunnel vision less.

  16. Mircea Popescu`s avatar
    16
    Mircea Popescu 
    Tuesday, 5 August 2014

    @subSTRATA Well ideas are not in much demand, but hard working people with art or code skills definitely.

Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.