# Thoughts on Keybase

MFPA 2014-667rhzu3dc-lists-groups at riseup.net
Thu Jan 8 10:43:29 CET 2015

```-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi

On Wednesday 7 January 2015 at 4:14:53 PM, in
<mid:F4A4690A-84E9-4A09-B32D-7AFC98339BC1 at sixdemonbag.org>, Robert J.
Hansen wrote:

> One more thing — remember that probabilities are
> tricksy things.  They vary wildly depending on how one
> looks at the problem.

A lot of statistical analysis throws up pretty non-intuitive answers.
Like how few random people you need in a room before there are
probably two who share a birthday.

> Let’s say there are 10,000 threats of murder that are
> made, and only 10 murders.  If we assume that only ten
> of those 10,000 threats was connected to a murder, the
> probability of any given threat being connected to a
> murder is vanishingly small — one in a thousand, or
> 0.1%.  Starting from the fact there was a threat, it
> would be foolish to conclude the speaker intended on
> murdering someone.

That is how I was looking at it.

> However, if we look at the murders, we discover that
> 100% of them are connected to threats.

100% seems unlikely, but it is probably pretty high.

> If you start
> from a murder, it would be pretty wise to start looking
> into who threatened the person.

Fair enough.

> If the only fact you have is “Alice threatened Bob’s
> life,” then yes, that’s pretty poor evidence on which
> to investigate Alice for Bob’s death.  But if the facts
> you have are “Alice threatened Bob’s life and Bob was
> killed under suspicious circumstances,” then yes,
> that’s actually pretty good evidence on which to
> investigate her.

Obviously, without Bob's suspicious death there would be no reason to
investigate Alice. And there could be hundreds of people who recently
uttered a throwaway threat at Bob.

> ObComputerSecurityStuff: this turns out to be a recurring
> mathematical pattern that pops up all over in computer security.  If
> you have 10,000 IDS red-flags warning of catastrophe and catastrophe
> never happens, that’s a pretty bad system… but if in post-incident
> analysis you discover, “hey, IDS correctly reported this when it was
> happening,” Management will ask you some really harsh questions
> about why you didn’t pay attention to the warnings.

A warning system with many false positives is no warning system at
all.

- --
Best regards

MFPA                    mailto:2014-667rhzu3dc-lists-groups at riseup.net

Colourless green ideas sleep furiously (Noam Chomsky)
-----BEGIN PGP SIGNATURE-----

iQF8BAEBCgBmBQJUrlFPXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXw4esH/2AjMDHVSPFMih02h6r4IisO
a/cTJG3LPnMMrr88hDlJ902PP/vhciEx4qI3Focvq4Q4jS/jQ4kuJKrM12fRVZOm
WiSL3gsvlOzGIC3zuOOpRa08WiqEPd82nttbi8e60S65eBKBYCNDxRtUifidwK9w
j9ZbpidErk/h7wVAkNDg/0nlhxLGHeBi90Fd8J4oqOtBlGFElkYa2VNCspkXnWP7
FpK/MkvS+GjsJYIa+mBOLYxeanLHqJvibU9/HyzUlMu2hFM2Dix9pg2qL+J4DB2I
vgQBFgoAZgUCVK5RVF8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45HR0AQBpXYQvhfBZYtAaSTueWissr/r0