Saturday, June 27, 2009

Need a random number?

If you hate rolling dice, here's a handy alternative: A Million Random Digits with 100,000 Normal Deviates by, appropriately enough, the RAND Corporation. While I think the concept of a book of random numbers is a bit dated, the reviews of the book at Amazon are a good read. And if you click "Surprise Me!" on Amazon's "Look Inside" menu, it says "This is a random page from a small sample." Well, duh. Of course it's a random page.

It turns out that generating good random numbers is hard, unless you really want to roll lots of dice. People do a terrible job of faking randomness. Even if you have reasonably good random numbers, using them properly is also hard. Most computer games depend on computer-generated random numbers, but I would never play one that involved real money online. Read this if you can't imagine why not.

If you need to make a decision, check out the coin flipper on random.org.

Thursday, June 25, 2009

Why the Supreme Court matters


In case you were wondering if it really matters who the next Supreme Court justice is, the answer is yes. Today, the Court ruled that even 13 year olds are protected from unreasonable search and seizure.

It was an 8-1 decision with Clarence Thomas dissenting, again choosing that individual rights should defer to government rights. In his dissent, he rails against "deep intrusion into the administration of public schools" and argues that Judges and Courts are not "qualified" or "authorized" to "second-guess" school administrators.

That's exactly wrong. There will always (unfortunately) be over-zealous school administrators and other government officials. The Fourth Amendment protects us from them. Is this really that hard to understand?
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

No, you can't have my SSN either

In yesterday's post, I talked about why you shouldn't share passwords. Today, coincidentally, I had a related frustrating experience with T-Mobile. They insisted they couldn't access my account unless I told them the last 4 digits of my social security number (SSN) to "verify" my account. This being despite the fact that they don't actually know my SSN and therefore telling them the 4 digits would not serve to "verify" anything.

They claim to ask for this in order to protect me. But they don't know what they're doing. The poor understanding of security extends to their web site too. If I forget my t-mobile.com password, I can reset it online by answering a few secret questions. But there are lots of people who aren't me who know where I was born, my mother's maiden name, my dog's name and Paris Hilton's dog's name. And, unfortunately, lots of people have access to my SSN too. So using "secrets" like these to secure my account either online or off makes no sense.

Even better, T-Mobile will send my password to me via text message! Um, they shouldn't store passwords in clear text, and they certainly should never tell anyone (not even me) what my password is.

So their account reps won't talk to me, but their web site will happily send my password to anyone I loan my phone to. Gee, thanks.

Wednesday, June 24, 2009

No, you can't have my password

A friend of mine recently left their job and was asked to hand over the password that they had used to access company email, etc. As a sometimes security consultant, I advised against it.

I'll also be advising against applying for a job in Bozeman, Montana, where the city requires job applicants to divulge the passwords they use to log in to Facebook, Google, Yahoo, YouTube, MySpace, etc.

Sharing your password is a bad idea for a number of reasons.
  • Many people use the same password for multiple sites (don't do that!), so revealing the password to one site might also reveal a password to a bank web site.
  • A password to an email account will allow someone to use the password reset feature of other sites. Sure, banks typically require other information to reset a password. What are the odds that the Bozeman employment application doesn't also ask for some or all of that information?
  • Picking good passwords is hard. Many people use a strategy to pick passwords and the more passwords you have for that person, the easier it is to guess the strategy and possibly guess other passwords.
But what about the legitimate business needs here? In the first case, the system administrator can provide access to email to anyone that legitimately needs it or even do a password reset, in accordance with company policies that cover access to that information. In the second case, the city of Bozeman doesn't need passwords to access public information on those sites, and has no business accessing private information.

Sunday, June 21, 2009

Return the Parthenon Marbles


Today is the opening day of the new Acropolis Museum. Congratulations!

The Parthenon Marbles (sometimes called the Elgin Marbles) have been in British hands for over 200 years. These valuable cultural artifacts were and remain the property of the people of Greece. As many in the UK agree, it's past time to return them to Greece.

In the early 1800s, in the words of the British Museum, Lord Elgin "acquired" these sculptures from the Parthenon, purportedly having permission of the Ottoman Empire that controlled Greece at the time. Even if he had permission, this is like Germany giving away the Eiffel Tower while they occupied France during World War II.

No private museum could get away with keeping stolen property. Neither should the British Museum. Let them know.

Friday, June 19, 2009

Recording industry lowers prices to $80,000/song


  
The standard price for downloading music has been $150,000 per song since 1988. Today, the Recording Industry Association of America (RIAA) was forced to lower the price by almost 50%. In what promises to be a landmark court case, a jury verdict awarded the RIAA a mere $80,000 per song. Yet another victory for common sense!

Thursday, June 18, 2009

A math problem

"The principal at Venn Elementary took a survey of 110 fifth and sixth graders to see what they did over the summer. She found 20 who went to sports camp, 30 who went to summer school and 45 who went to science camp. Twelve students went only to sports camp, and 4 went to sports camp and science camp. How many of the students surveyed didn't do any of the three activities?"

to see the answer.

This is a real 6th grade math problem. Here's the real answer:

Given:
A + B + C + D + E + F = 110
A + B = 30
B + C + D = 20
D + E = 45
C = 12
D = 4

We can figure out the rest as follows:
E = 45 - 4 = 41
B = 20 - 12 - 4 = 4
A = 30 - 4 = 26
F = 110 - 26 - 4 - 12 - 4 - 41 = 23

Conclusion: 23 kids did not attend any camp.

Just one problem with this: while this is the real answer provided in the textbook, it's wrong.

for discussion.

Here's the correct Venn diagram:

The problem is that the "answer" makes an unwarranted assumption in "solving" the problem. As can be seen by the correct diagram, there are eight possible combinations of the three camps, and therefore eight variables. The assumption that A and E don't intersect is implicit in the wrong diagram and not supported by the problem statement. In fact, there are a total of 125 different solutions with 27 different possible values for F. Students shouldn't be asked to guess additional assumptions to solve a problem. And this problem could have easily been fixed with one sentence: "No students attended both summer school and science camp." (I'll come back to the problem with guessing in elementary school math in a future post.)

Here's the sad part: when I raised this issue with the teachers responsible for assigning that problem, they said that it was just a question of making different assumptions in solving the problem and that both answers were correct. Uh-huh.

In math, there are right and wrong answers. And when we make assumptions in math it's a big deal: mathematical axioms or postulates are the foundation of mathematics.

Mathematics should not be taught like history and literature, where the interpretation is a matter of opinion. And it shouldn't be taught like science where theories are confirmed by evidence, but are always subject to revision as new evidence is found. Mathematics is about theorems, not theories.

[Originally published in three parts.]

Sunday, June 14, 2009

Another sad day for rabbit ears

Yesterday, Six Flags (NYSE:SIX) announced that it was declaring chapter 11 bankruptcy. Six Flags parks will continue to operate during the bankruptcy, although there is no news yet whether Bugs Bunny, the official mascot of Six Flags, will still have a job.

Friday, June 12, 2009

A sad day for rabbit ears

Today's digital TV transition is another case where corporate interests trumped consumer interests. When the US transitioned to color TV, FM stereo, and margarine, the transition was done in a way that didn't force anyone to switch. But the money that could be made by auctioning off public airways was too hard to resist. For consumers, the choices boil down to spending money one way or another if they want to keep watching.

Thursday, June 11, 2009

Say hi to Boomer

A new puppy, Boomer, just joined our family. He's a rescue dog that we adopted through Pacific Northwest Border Collie Rescue. His mom was a border collie but we don't know anything about the father. We think dalmatian, dachshund and doberman are somewhat unlikely. Any better guesses?

Wednesday, June 10, 2009

English to get new letters soon

There have been a flurry of media reports about the "news" that English is getting it's one millionth word! The most disturbing issue with all these new words is that the average length of a word has increased from 5.1 around 1900 to 7.3 at the present time. To counter this, the Unicode consortium has announced plans to add 20 new letters to the English alphabet. It's predicted that these new letters will stabilize the average length of a word well into the 21st century.

Tuesday, June 09, 2009

Judicial activism?

Ilya Shapiro has Five questions for Sotomayor in a column in today's Christian Science Monitor. He starts off saying "The minority on the Senate Judiciary Committee has the opportunity – and the responsibility – to educate the public about the distinctions between judicial philosophies that limit judges to a judicial role, and those that demand they be super-legislators." OK, fair enough.

But four of his five questions are past Supreme Court cases that he disagrees with. In the guise of rejecting "judicial activism," he demands that Sotomayer should answer these "tough questions," by which he means agree that these cases were wrongly decided.

Sorry, Ilya, supporting a nominee for the Supreme Court based on whether or not they will overturn particular precedents you disagree with is judicial activism of the worst kind.

Search This Blog