Get Off My Lawn! (Part 2)

I realize now that my attempt for a humorous title renders continuations of that original article incongruous with the actual content.  But, it’s too late to change now.

My mudpit had finally dried (after the last rain, drained within 7 days, so safe against mosquitoes), and with the weekend’s temperature once again bearable, and with the arrival of Lowe’s gift cards (courtesy of Bank of America), I proceeded to phase 2 of the rain garden: filling the pit with river stone.

The intent was to replicate the drainage trench in the front yard, with small stones as fill and larger stones as a lining.  But upon arrival at said hardware store, I discovered a critical rock shortage in the diameter range upon which I had decided.  There were 3 stories of pallets filled with large stones, but only 3 remaining bags of my desired size–all busted.  Irritated, I paced the isle, occasionally returning my gaze to the shelves of merchandise, thinking that when I looked one more time, they would be there, me having simply been unobservant (it’s happened quite frequently before).

My daughter then approached and asked why I was standing motionless, staring at the rocks.  Upon answering, she then asked what was wrong with the other rocks.  I explained that they weren’t the right size.  She asked why I couldn’t use them anyway.  I responded tersely that I couldn’t use them because they were the wrong size.  The discussion repeated itself as one would expect it to, her being a 5-year old.

At this point, my wife approached.  I explained, dismayed, that they were out of rocks of the size we needed.  After a few moments of reviewing the pallets, she concluded too that they were out of the desired size, validating my assessment of the merchandise, for which I was thankful, because it’s irritating when I look past something multiple times only to have someone else point it out to me.

A moment later she asked could we not just use the larger rocks for the project.  I interjected that we could not, as they were the wrong size.  She then asked why that mattered.  I considered momentarily, then responded that they were the wrong size, and iterated something to the effect that I wanted stone homogeneity across the drainage projects.  She made the point that this was for the back yard, and therefore didn’t need to be consistent with the front yard’s stones.  I then replied that these stones were unworthy, not conforming to the great Aryan stones we had in our land!

She left to go look at trees, abandoning me once again to the great stone dilemma.  She was right though, it really didn’t matter, at least in terms of function and appearance.  Appealing to my gnawing OCD however, it would never do.  But, I said I would do this project that weekend, and an honor-bound promise to myself won out over OCD.  I went to get a utility cart.

Upon returning, I passed my wife at the trees.  She inquired as to how many bags I was getting.  Considering, I concluded that I had no idea how many I would need.  She estimated 6 for the hole, and I figured about 10 for the project.  If nothing else, they’d probably be used for something else later, so 10 it was.

I returned to the rocks and began loading, cognizant of the fact that 2 stories of rock pallets sat above me, 50 pounds per bag (I’m guessing–why do bags of rocks list cubic footage but not weight?), ~100 bags per pallet, that’s…5000 pounds per pallet, with 2 pallets immediately above me as I crawled under the metal shelves to retrieve rocks from the ground-level section.  Yep–that would kill me.

50-pound bag at a time, I loaded 8, then paused.  Our means of conveyance was a 4-cyllinder 160HP Honda Accord.  I had just loaded 400 pounds of rocks onto a cart.  I grunted as I pulled the ancient rusty device, shooing my daughter away as she insisted on helping with the task.  I recalled the car’s manual saying it could pull a trailer, although one of the lesser tonnage classes.  But that didn’t say what the suspension of the vehicle could handle.  So I chickened out at 8 bags.  I loaded the trunk at the garden center entrance, watching as the vehicle sagged a little more with each bag.  But it held, and we completed the journey home without snapping a ball joint.

Once home, I carried the bags one by one to the pit.  I opened the first bag and dumped the contents, which now looked like a paltry sum of rocks.  A half cubic foot of rocks didn’t go far, and after the eighth bag, filled the pit almost full.  But there were none left for the trench, so next week, back I go for another 8 bags.

Rocks
It almost seems ridiculous to spend $35 on rocks

Maybe.  Today, it started raining again.

Relationship Quotient

In the previous article on Quantitative Philosophy, I discussed the nature of humor and how, once defined, we can quantify how funny something is.  Humor is one of the most human concepts that I can think of, so adding to this theme, I will break down what it means to have a good long-term romantic relationship, mathematically.  Because we as humans have a number of emotional and intellectual needs, determining a person’s viability as a mate requires that this person contribute to these needs.  But what are these needs?  To answer that question objectively, I polled the largest sample size of coworkers I could without being called into Human Resources.  Based on the results of that poll, I have narrowed the criteria to 10 such needs:

  1. Degree of sexual attraction to the person
  2. Degree of importance placed on the person’s financial income
  3. Degree of similarity of moral views with the person
  4. Degree of similarity of political views with the person
  5. Degree of equality regarding reciprocation
  6. Degree of similarity of hobby interests
  7. Number of years already spent with the person
  8. Degree of shared importance of pets in the relationship (or perceived future importance, if no pets yet exist)
  9. Degree of shared importance of children in the relationship (or perceived future importance, if no children yet exist)
  10. Degree of ability to consistently maintain conversation without active effort

Naturally, I will explain each of these as some sound a little abstract.  Also, based on their frequency in the poll results, they are not all of equal importance.  Therefore, they have an assigned multiplier which will be explained as well:

Degree of sexual attraction to the person

This primary requirement certainly isn’t unique to humans.  Rather, it is a prerequisite for a more basal need: survival of the species.  A physical reaction to another person is an evolutionary response to their reproductive viability–presumably the primary reason for forming a relationship to begin with.  And, while a relationship can exist without attraction, even anecdotally, I’ve never encountered a single example where it has.  Certainly we could discuss alternate forms of sexuality, but for the sake of the article I’m sticking to common heterosexual relationships.  Is due to this criteria’s biologic roots and ubiquity that it is assigned a 10X multiplier.

Degree of importance placed on the person’s financial income

Ah yes, the elephant in the room, yet still not as important as we are led to believe.  There are studies which conclude that incremental increases beyond a reasonably comfortable standard of living do little to impact the health of a relationship.  Still, money is a chronic point of stress in a relationship, and a certain minimum baseline is needed for general happiness, so it’s no surprise that for general happiness to carry over to a relationship, finances are required.  It is because of this general requirement that it has been assigned an 8X multiplier.

Degree of similarity of moral views with the person

Squirrel
Peter Wiggin’s pal

And now we begin to touch upon the human-specific criteria.  Morality in this context is social conduct.  This is more obvious than it sounds.  Say, for instance, if my wife began torturing animals and throwing rocks at people (well, I might laugh at the latter, depending on the victim), I would translate those senseless acts of aggression to a future prediction of her conduct towards me.  It’s an extreme example, but relevant.  Relationships cannot exist with moral dissonance, so it is therefore rated a 10X multiplier.

Degree of similarity of political views with the person

DT
However, there are extreme examples

Politics serve two purposes: they are the public’s collective perception on the state’s economic direction, and an extension of morality.  Inevitably, the two are at odds.  Specifically, it is the attempt to resolve this conflict as a group that defines politics.  Because of its moral aspect it should be rated high, but due to its volatility and infinite complexities, it’s impossible to ever share an exact political view with another person, so it is ranked a modest 7 multiplier.

Degree of equality regarding reciprocation

Obviously if a person doesn’t get anything out of a relationship, then there’s no need to be in one.  There is no explanation for this category, as it’s based on the perception of feeling.  But anecdotally, many a loveless relationship has been attributed to giving too much and receiving too little, or not sharing chores fairly, so based on this frequency, it is given a 9 multiplier.

Degree of similarity of hobby interests

All things considered, you need something to do with your mate for recreation (besides that implied in the first category).  But, with so little time available in established relationships to spend on shared interests, there doesn’t need to be many, and often the simple and common pastimes suffice.  It is therefore rated a 3X multiplier.

Number of years already spent with the person

This category serves two purposes: First, we have what is called the “emotional investment” factor.  While many argue that this causes loveless marriages to persist, in a broader sense it simply places value on time.  As mortals, time is the enemy.  Second, while you may not agree with the first point, there is a demonstrable correlation between newer couples rating their partners higher than older ones, simply out of infatuation.  This category accounts for bias, and it is assigned a 10X multiplier.

Degree of shared importance of pets in the relationship (or perceived future importance, if no pets yet exist)

This one was surprisingly common.  People as a whole are very concerned with pets.  Draw your own conclusions, but since it’s only on this list due to its frequency in the poll, yet cannot be correlated to the success of a relationship, I ultimately settled on giving it a 3X multiplier.

Degree of shared importance of children in the relationship (or perceived future importance, if no children yet exist)

Children, on the other hand, can and will make or break a relationship.  This should require no explanation.  If the couple doesn’t agree on the status of children, there is a high probability of that relationship failing.  Chalk this one up to evolution and directly related to sexual attraction.  It is given a 10X multiplier.

Degree of ability to consistently maintain conversation without active effort

This one was difficult to define, being more a feeling of emotional contentment.  So to assign it an empirical value, I’ve correlated it to the ease of intra-couple communication.  If talking comes easy, it demonstrates a lack of tension between the individuals, which means they have a bond.  I’ve also found that the age of the relationship has no impact on this category.  A couple either has a connection or they don’t.  And since this state of mind is vital to emotional health, it is a 10X multiplier.

How the formula works

To simplify the equation, I will replace the numerical categories 1-10 with alphabetic variables, respectively A-J.

Assign a value to each of the categories of 0-10, with 10 being the highest.  The only exception is the number of years together, which is the actual number.  Still, this category caps at 10, as the benefits of investment reach a point of diminishing returns (anecdotally, from the poll).

The math is scaled for a simple 0-100 range, with sub-ranges representing various levels of compatability.  The formula is as follows:

[1.25(10A+8B+10C+7D+9E+3F+10G+3H+10I+10J)]/10

As before, here is a link to to download the calculator yourself:

https://moorheadfamily.net/data/Relationship%20Quotient.xlsx

In practice, I have been told that the results of this calculator were uncannily accurate, which makes me nervous.  Perhaps it’s a number, like your IQ, that does you no good to know.

But before you ask, I will say that I will wisely not be providing an analysis of my own marriage as an example, although so as not to be hypocritical, I will say that the calculator is still in favor of me staying with my wife, so whew.  Good luck, and probably don’t show the results to your spouse; or do, if you want to stir things up at home, or have evidence of irreconcilable differences for your divorce lawyer.

–Simon

Password Entropy

Passwords, ugh.  The very word causes pain.  It invokes feelings of aggravation and despair, memories of fighting computers and IT admins.  And still, despite their flaws, we have yet to universally assign any other means of simple authentication, so we’re stuck with them.

And, we constantly argue over what makes a good password.  In the midst of this debate, one man and his famous comic surged through the internet:

https://xkcd.com/936/

XKCDIf you don’t know of XKCD, shame on you.  Go there now and revel in its wonderfully sophisticated humor.

In summary, the argument’s premise is that words, being easier to remember, are better suited for passwords as their method of authentication relies upon human memory.  And indeed they would be, but it would take significantly more words than could feasibly fit into a password field.  Why?  Because of dictionary attacks.

A dictionary attack works by guessing known words.  Even if the words are obscure, they are known.  I will elaborate:

For this example, I will use the word hello.  Hello is 5 letters.  The logic behind using words for passwords is their per character entropy.  5 letters, all lowercase, represents 26^5 possible combinations, or 11,881,376.  With dictionary attacks, however, the word in itself becomes a single “character”.  According to the Oxford English Dictionary, there are 171,476 in-use words in the English language.  This translates a password, consisting of one word, to having one of 171,476 possibilities–significantly less than the 11,881,376 previously mentioned.

So why not stack random words?  Well, in the comic’s given example of correcthorsebatterystaple, there are 4 words.  171476^4=864,596,308,417,753,000,000 (approximately, since Excel is truncating numbers to 15 significant figures).  So we’ll say 8.65E+20 (using Excel notation).  How secure is this?  I honestly have no idea.  This is where the argument turns ugly.  So I will pass on forcing an opinion upon you and instead stick to providing information.

Looking at the ASCII chart, there are 95 usable characters.  Taking 95^X then, the tipping point is 11 characters.  This, compared to the above example, has 5.69E+21 possible combinations, significantly more entropy, yet significantly fewer characters (11 vs. 25).

The argument then would be to add more words to the password.  And I would agree, except all too often we encounter password field limits.  And besides, how many random words for how many websites could you remember anyway?  Once you fail to remember one, you completely lose the benefit of the word method, in which case why not make a higher-entropy password instead?

Searching the Internet for consensus on password size, I find the general rule is to use 12 characters.  This equates to 5.40E+23 combinations for ASCII, which means we need five words to achieve at least that number of combinations with the word method.  That’s a lot of words to remember for every website.

Another point that bears mentioning is that we need to consider the lowest possible entropy denomination, so word length does come into play, although not significantly.  Specifically, a word has to be at least 4 letters long, otherwise its number of combinations falls below 171,476 (26^3=17,576).  Therefore, if you think you can get away with stringing together 5 short words, you’re only getting the combined strength of the letters themselves, meaning you’d need 17 letters to at least meet the entropy of a 12-character ASCII password.  And remember, you don’t get more entropy by using longer words, so correcthorsebatterystaple is 8.65E+20, not 2.37E+35.

Entropy
We’re gonna need a bigger column

And no, mixing lowercase and capitalized letters, or even number substitutions, does not impact a word’s entropy in a meaningful way, as dictionary attacks are aware of this trick.

Finally, the word method is assuming any word in the OED might be used, when in practice there are estimated to be only 100,000 common English words.  I was erring in favor of the word method, but in practice it’s much weaker than this math suggests.

Conclusion: in order to supply enough random words to a password chain to achieve the minimum industry-recommended level of entropy, you would need to supply 5 uncommon words, which will likely defeat its own purpose of being memorable, not to mention it will likely exceed the password length limit of many servers.

Whatever method you choose to use, I think it’s safe to say that we can all agree that passwords just plain suck, and with the exponentially increasing computational power of Moore’s Law, it’s only going to get worse.

–Simon