Schneier on Security

Your number humor is indeed pretty random.

I feel like such a geek for laughing at that...

Hmm ...
I thought this one was much funnier.
http://xkcd.com/c155.html

Back to topic.

I remember being given instructions to set a password on a service account using a computer password generator program. The instruction also required adding some human random parts in the middle of the computer generated password as well. I asked why and was informed that the author of the instruction did not fully trust machine generated passwords and therefore liked to add a bit of human randomness. I suppose it made sense; unless you've written the code, you don't know how 'random' machine generated data is and even then you could be wrong.

155 was good, too. I wonder how 'tire iron' figured with someone obsessed with raptors.

I think to be a seriously geeky joke, you have to get it without reading the comment.

I confess to needing the comment, and I thought it was pretty funny.

Brian - laughing at any of xkcd makes you a geek. Don't worry.

"I think to be a seriously geeky joke, you have to get it without reading the comment."

I meant to say "I think to be a serious geek, you have to get it without reading the comment."

http://xkcd.com/c217.html

The ultimate geeky joke.

From "Numerical Recipes in C", chapter 7 ("Random Numbers"):

"One infamous such routine, RANDU [...] was widespread on IBM mainframe computers for many years, and widely copied onto other systems. One of us recalls producing a "random" plot with only 11 planes, and being told by his computer center's programming consultant that he had misused the random number generator: "We guarantee that each number is random individually, but we don't guarantee that more than one of them is random." Figure that out."

I think the following http://web.archive.org/web/20011027002011/http://dilbert.com/comics/dilbert/archive/images/dilbert2001182781025.gif also would make a good candidate as well

I got stuck on the title.

Is it: (Random Number) Humor
or: Random (Number Humor)

I couldn't find any authoritative rules for the precedence of noun vs. adjective.

I think we should have a specification. But should it be submitted to ACM or IEEE?

We have prize drawers at our Christmas functions. These traditionally use "ticket drawn from a hat" model. One year the group organising it decided "Hey, we're a technology area, we should have a computerised drawing!" and they dumped the task of writing it on me.

I never win these prize draws, so I was not enthusiastic, but I did my best. I wrote a nifty little random number routine with a cute graphical front end. Input a list of names and it would output the name of the winner. I made an honest effort to ensure randomness within the limitations of the PC.

I tested it extensively and it worked perfectly. Come the day of the Christmas party ...

... and guess whose name popped out?

I've never lived it down.

@Ctrl-Alt-Del
> I've never lived it down.

Then you may as well be living it up.

ctrl-alt-del:

"I never win these prize draws, so I was not enthusiastic, but I did my best."

It looks like you did just fine. Well done.

@Arthur S
I thought of that Dilbert cartoon immediately.

My current email sig contains this quote:
"The generation of random numbers is too important to be left to chance." --Robert R. Coveyou

In high school the first programming assignment of any difficult was to program a number guessing game. a "Guess which number I'm thinking of" -- sort of deal. At least 75% of the class would forget to seed the random number generator in Microsoft pascal. I used to impress people by getting the answer right the first time on their implementations.

Well, I would have found it funny, but the redundant coding style ruined the joke for me. Real geek humor:

grn() {return 4;} // grntd rnd frm dce rl
or
#define grn 4 //grntd rnd frm dce rl

I don't get it.

Reminds me of the A7 Navy plane that reported an alttitude of 3750ft if both altimeters (barometric and rader) were broken. Software Engineer D.L. Parnas couldn't figure out why the flight manual said that if the altimeter held at 3750, "Pull Up!"

@UNTER - Now that is style. You'd probably appreciate this: http://www.elks590.org/main/cooltest.htm

It's both funny and profound, because "random" is one of those words everyone thinks they understand but which is diabolically difficult to define.

One easy way to think about it is that when someone says "random number generator" you should hear it as "random (number generator)" and not "(random number) generator". That's a good informal way to understand the principle that "entropy is a property of the source and not of the output".

There was a real-life case kind of like the xkcd cartoon. I believe it was Netscape that generated SSL keys based on the time of day. Problem was, only a few of the theoretically possible keys could actually be generated that way. It was millions of times better than just returning "4", but still an example of feeding too limited a source of input to a place that needed full randomness.

It seems to me that xkcd's program is perfectly correct, as long as the dice roll was fair. The unspoken (or uncommented) assumption, of course, is that it is for a one-time use program.

It would be interesting to see how the compiler would enforce this restriction. (I'm sure we remember how the Mission Impossible tape recorder used to enforce a similar restriction.)

"Make me a sandwich"

"What!? Make it yourself"

"Sudo make me a sandwich"

"Okay"

That was seriously still cracks me up.

Actually, the most common random number seems to be 17. I didn't see this on this blog, so hopefully it's not a repeat.

http://scienceblogs.com/cognitivedaily/2007/02/is_17_the_most_random_number.php

Beryllium, I love your explanation. Thanks.

Best nerdy xkcd of late:
http://xkcd.com/c215.html

Not funniest, but...

Beryllium, I remember that Netscape story well. I was in the room that weekend when Ian Goldberg declared victory in breaking the SSL. Didn't realize the significance until Monday's NT Times came out. Hehe. If only I knew how to short Netscape stocks.

Hmm, that was NY Times.

What's funny about that? This is almost the same implementation used by Apple in their Javascript.

Tsk. There's a bug in the code. If they had really used a fair die, it would have come up with 17.

I am surprised that no one pointed out this one.

especially here...

http://xkcd.com/c177.html

Let's not forget John von Neumann:
``Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin.''

http://en.wikipedia.org/wiki/Pseudorandom_number_generator

I'm just pleased that one of my favorite comic strips of all time got linked by one of my favorite blogs.

http://xkcd.com/c153.html

all jokes aside. Why don't all computers have some hardware based random number generator. They don't need to be as expensive as the comercial ones, and they don't need super high through-put.

I have wired up a few myself. Based on the waiting times between radation decays (I used a FPGA with a 64 bit LFSR counter, and output the state when a decay was detected-Still need to process this thou). You don't even need a radioactive source as you can use the background. Still need to entropy check the thing though, but it really isn't that hard.

And anyway everyone knows that real random number generators output primes, cus composisite numbers stink by factors.

I actually liked a Dilbert from a few years ago better.

Dilbert comes across the "Random Number Department" where a guy is sitting at his desk repeating "3... 3... 3... 3..."

Dilbert says something along the lines of, "It's not a random number if you always say '3'!"

To which the man replies, "Ah. But how you don't know it will always be '3'." Then he continues, "3... 3... 3... 3..."

(Sorry, Scott, for how I butchered your comic.)

@Ctrl-Alt-Del:

> We have prize drawers at our Christmas functions.

So long as they're kept on....

Greg, on a linux box, "man urandom".

..."The random number generator gathers environmental noise from device
drivers and other sources into an entropy pool. The generator also
keeps an estimate of the number of bits of noise in the entropy pool.
From this entropy pool random numbers are created..."

@ DJ and Beryllium,

I used Goldberg and Wagner's Netscape activities as a hint to look at the Kerberos v4 RNG in the mid '90s. Same shit, different pile.

https://www.cerias.purdue.edu/tools_and_resources/bibtex_archive/archive/97-01.pdf

Steve

@Undecidabl: "I think we should have a specification. But should it be submitted to ACM or IEEE?"

That's why we have the much-maligned and often-discouraged hyphen. Properly used, it easily distinguishes "Random-Number Humor" from "Random Number-Humor".

userdel -r megan would have worked better, even if disk space *is* cheap.

Well, hey, at least it's truly random*!

The constant "code upkeep" required, however, may become tedious. =;o)

* This is assuming the dice are not loaded - but since having those is a felony in Nevada, they should do it here. After all, everyone follows laws, don't they? [sarcasm] =;o)

@Peter

"My current email sig contains this quote:
"The generation of random numbers is too important to be left to chance." --Robert R. Coveyou"

Cute. =:o) :: giggle ::

@Pat Cahalan:

""Make me a sandwich"

"What!? Make it yourself"

"Sudo make me a sandwich"

"Okay"

That was seriously still cracks me up."

That requires the root password. =;o)

Mhm. 17 is a pretty small random number, because it is prime, but really big random numbers, which are prime, are suspect.

Steve,

I enjoyed reading your paper. Excellent. Thanks.

DJ

@greg

I recall reading a paper some years ago showing that seek-time differences in hard disks exhibited randomness due to random air turbulence from the spinning platter. It was not a high rate, but it was measurably random (if that's not oxymoronic).

I imagine all you discussiong (random number) generator and whatnot know about http://xkcd.com/c37.html

The forum thread (search for 'hyphen') contains great humour. :)