understanding probability

Christopher Browne cbbrowne-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Fri Aug 9 15:03:24 UTC 2013 

On Fri, Aug 9, 2013 at 5:40 AM, Eric B <gyre-Ja3L+HSX0kI at public.gmane.org> wrote:
> To put it more simply, infinity doesn't exist.

It's a highly convenient abstraction.  Just like having the "C" constant in an
indefinite integral; it's not real, but highly, highly useul.

>> But, even without infinity, we know that the universe came about from
>> nothing. If the universe and everything in it can come from nothing, what
>> can be more surprising?
>
> No one knows that.



>>>My concern about the hashing systems is that, in the absence of
>>>sufficient analysis, the whole "super-hyper-infinitely-improbable"
>>>measures are estimations, and are not certain to be the actuality.
>
> I share your concern that this is the weakness, but I wouldn't say there
> has been insufficient analysis.
>
>>>And note that in practice, it's eminently difficult to perfectly validate
>>>the precise characteristics of the fissile mass, as what you can
>>>know about it tends to come out of statistical analysis of observations.
>>>(If we knew when atoms were going to decay, well, that's supposed
>>>to be the thing we are completely unable to know, isn't it?!?)
>>>
>>>If I saw too many atoms decaying all at once, I would be keen to
>>>head to the hypothesis that we got the model wrong, and imagined
>>>that the material was composed rather differently than was truly
>>>the case.
>
> The last thing you should consider is that the physics model is wrong.

Hmm.  I'd put that pretty high on my list, and there are two
perspectives, one of them entirely easier to agree on.

The harder one is that "physics is wrong."  I note that the place that
we get new bits of physics is by coming to the conclusion that the
model that we have doesn't correctly express reality.  You need to
modify Newtonian physics (which are *mostly* nicely expressive of the
phenomena we tend to see) when at certain edges one needs to take
Relativity into account.  Now, there's a pretty big burden of proof
required to establish that *everyone* has been getting things wrong
and that the deep models need to be changed.

The easier one is more about the local interpretation.  For the
fissile mass, if I see way too many atoms decaying, more than my model
of the object would account for, then it seems quite reasonable to
think that maybe my model of the particular object is wrong.  Perhaps
I didn't account for a nearby chunk of Polonium, or something of the
sort.  I'm not talking about saying "theories of radioactivity are
wrong," rather, I *thought* that the situation involved one thing,
with one rate of radioactive decay, but reality is somewhere else.

>>>Similarly, if I "shuffled" a deck, and then drew 4 aces in a row, I'd
>>>be pretty inclined to the hypothesis that this wasn't just random
>>>chance, but rather:
>>>a) Some exploit in the shuffling system, or
>>>b) Perhaps there's more than 4 aces in the deck?
>>>
>>>And if I saw a bunch of SHA-1 collisions, then either:
>>>a) Lotta duplicate things getting hashed,
>>>b) Buggy implementation of SHA-1, or
>>>c) Something more deeply wrong with SHA-1
>>>are all plausible hypotheses, and it may be quite difficult to
>>>distinguish between b) and c), in particular.
>
> Again, option c) is he least plausible since no one has found a false
> collision.

Right, but (rather like Newtonian versus General Relativity) there's
some point at which b) and c) need to be distinguished.  I said it may
be difficult to distinguish between them; one should not immediately
leap from "Oh, I saw a collision" to "Oh, SHA-1 is utterly broken by
design."

But the pundits originally thought that MD5 was pretty good, and there
has indeed been this sort of shift to thinking that it isn't wise to
use MD5 for cryptographically-important tasks anymore because it has
some flaws.  That sure seems like a precedent of the same sort of
thing.

Based on the history of hashing algorithms thus far, it seems pretty
reasonable to imagine it quite possible that 10 years from now someone
may discover significant flaws in SHA-1.  That doesn't imply that *my*
collision represents a flaw in SHA-1.

But I would be careful not to be *too* self-satisfiedly certain that a
collision indicates identical data; I'd want to at least consider
checking.
-- 
When confronted by a difficult problem, solve it by reducing it to the
question, "How would the Lone Ranger handle this?"
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists

More information about the Legacy mailing list