Thoughts on Keybase
2014-667rhzu3dc-lists-groups at riseup.net
Thu Jan 8 10:43:29 CET 2015
-----BEGIN PGP SIGNED MESSAGE-----
On Wednesday 7 January 2015 at 4:14:53 PM, in
<mid:F4A4690A-84E9-4A09-B32D-7AFC98339BC1 at sixdemonbag.org>, Robert J.
> One more thing — remember that probabilities are
> tricksy things. They vary wildly depending on how one
> looks at the problem.
A lot of statistical analysis throws up pretty non-intuitive answers.
Like how few random people you need in a room before there are
probably two who share a birthday.
> Let’s say there are 10,000 threats of murder that are
> made, and only 10 murders. If we assume that only ten
> of those 10,000 threats was connected to a murder, the
> probability of any given threat being connected to a
> murder is vanishingly small — one in a thousand, or
> 0.1%. Starting from the fact there was a threat, it
> would be foolish to conclude the speaker intended on
> murdering someone.
That is how I was looking at it.
> However, if we look at the murders, we discover that
> 100% of them are connected to threats.
100% seems unlikely, but it is probably pretty high.
> If you start
> from a murder, it would be pretty wise to start looking
> into who threatened the person.
> If the only fact you have is “Alice threatened Bob’s
> life,” then yes, that’s pretty poor evidence on which
> to investigate Alice for Bob’s death. But if the facts
> you have are “Alice threatened Bob’s life and Bob was
> killed under suspicious circumstances,” then yes,
> that’s actually pretty good evidence on which to
> investigate her.
Obviously, without Bob's suspicious death there would be no reason to
investigate Alice. And there could be hundreds of people who recently
uttered a throwaway threat at Bob.
> ObComputerSecurityStuff: this turns out to be a recurring
> mathematical pattern that pops up all over in computer security. If
> you have 10,000 IDS red-flags warning of catastrophe and catastrophe
> never happens, that’s a pretty bad system… but if in post-incident
> analysis you discover, “hey, IDS correctly reported this when it was
> happening,” Management will ask you some really harsh questions
> about why you didn’t pay attention to the warnings.
A warning system with many false positives is no warning system at
MFPA mailto:2014-667rhzu3dc-lists-groups at riseup.net
Colourless green ideas sleep furiously (Noam Chomsky)
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users