Categories

## Nifty box cutter

I was playing around building a hexagonal box with sloping sides. I didn’t remember the rules for how to figure out the angles for the miter guage and for the saw.
Fortunately, this is just what the internet was invented for. this page has a calculator for figuring out what angles to use to make a polygonal pyramid shape of any particular size.
Fun.

Categories

## My favorite kind of math

I have a credit card that gives cash back on every purchase. I don’t remember the percentage off hand — so let’s call it X. I was wondering, if I always use my credit card to buy things, even the things i buy with the money I get back from them — what is the effective real cash back percentage?
For example, suppose that my credit card gives me 50% cash back on everything I purchase. I’m using an absurdly high number because it is easier to do the math — I know no such deal really exists!
Let’s start with ten dollars. I buy \$10 with my credit card and get \$5 back. If I spend that \$5, I get \$2.50 back. So far my \$10 has bought \$15 worth of merchandise, and I still have \$2.50 left to spend! You can keep doing this forever, and if you do you’ll end up with exactly \$20 worth of merchandise.
But how do we solve this problem for any cash back percentage? Well, to begin with, it is an infinite series, so we can never write the whole equation down. But we can start… Here I’ll use Y to represent the effective percentage rate, and also we’ll assume we have just one dollar.

Y = 1 + X + X2 + X3 + . . .

In other words, the effective buying power of one dollar is one dollar plus one times the cash back amount, plus that amount times the cash back amount again and so forth. Each new term is how much cash back you got on the previous purchase.
To help get to the next step I’ll rearrange the terms just slightly:
Y = X0 + X1 + X2 + X3 + . . .  EQ. 1

Recall that X0 is equal to 1. Anything to the zero power is one.
One more rearrangement:
Y = X0 + X ( X0 + X1 + X2 + . . . )

Notice that the term inside the parenthesis is equal to the right hand side of EQ. 1. Thus we can replace that infinite series with Y.
Y = X0 + X Y

And now it is easy to solve for Y:
Y = 1 + X Y

Y – X Y = 1

Y ( 1 – X ) = 1

Y = 1 / ( 1 – X )

Ta dah! We can verify with our one known : When X is 50%, Y is 2. Remember that 50% is actually 0.5 in the above equation (% means divide by 100). Sure enough Y is 2 when you work that out. Go ahead and plug your cash back bonus amount to see what it is really worth.

X =
Y = ???

Categories

## Safecracking

The other day I got into a conversation of movie “pet peeves”. There are a lot of common cliches that Hollywood drags out, some of which just drive me up the wall.
One of these is the computer assisted “hacking” of a numeric access code. Typically the actor will place an electronic safecracking device with a ten digit LCD display on it near the keypad. They turn it on and numbers start whizzing by on the LCD screen. At even increments of time, digits on the LCD screen will stop scrolling — and eventually all ten digits will be “locked” and the security of the system has been compromised.
This special effect gets dragged out any time a “break in” scene that is “high tech” is needed. So you see it in about every other episode of Alias, or in a movie like “War Games”, or what have you. And of course, this would never really work like that.
How does the safecracking device know that it has some of the digits but not all of them right? A well designed security system must never tell you if you have some of the digits right — because this reduces the chances of guessing the combination from ten to the tenth power ( one in ten billion ) to ten TIMES ten ( one in hundred ). So if this security flaw existed, why does the safecracking device bother scrolling so many numbers by??? Surely one hundred is more than enough (and in fact you should be able to guess it in no more than ten tries — just like the game Mastermind).
(as an aside, this type of attack where you are able to tackle each digit independently is how cracking a safe with a dial works. The attacker listens to the tumblers which make a noise when they’re in correct alignment.)
So the security does not exhibit the digit-by-digit flaw, which it most assuredly would not unless they really want ten year old Mastermind players breaking in. In that case, how does the safecracking device know that it has one of the digits? There is no way to know. Furthermore, there is no way to know “how much longer” it will take. Although this is a popular Hollywood suspense builder…

The thug approaches the back of the van, gun raised. Cut to inside the van. Our hero franticly types into the computer..

Hero: (Whispers into phone) Just a few more seconds….

The thug reaches for the door latch on the back of the van and starts to turn it… Cut to inside, a progress bar marked “Time until access code is deciphered: 2 seconds” is on the computer screen…

etc….

The best you can hope to know in a “brute force” attack like this is the worst case scenario — if you’ve tried 10% of all the possible combinations and that took you 6 minutes, then at worst you’ll be done within one hour. But you never know if the next combination that you guess will be the right one. I remember once when I forgot the combination to my bike lock that had a three digit combination. It takes a person about twenty minutes to brute force that lock by trying every combination. But if you’re lucky and the combination is 012, you’ll be done much sooner than that.
Oh, and also there is of course no way to know when you have one digit right, so you can’t stop spinning the first dial.
Oh, and don’t you think that the security personelle (or software) would be alarmed by the fact that billions of guesses at the super secret password were being fed into the system?
The real irony in this type of foolishness is that it doesn’t alert people to the *real* security holes in the systems they deal with. And these can be a lot more interesting. For example, it is quite common that a security system is touted to be very secure because it has a 128 digit password. But then later it is realized that a lot of those digits are always the same – thus making it not very secure it all. Or the front door to a system is locked, but the back door is unlocked. Or, security is not applied consistently — have you ever asked someone to email you the password, or told them the password over a cell phone? I’d like to see Hollywood heros exploiting this type of security breach — it could be more interesting and more realistic

Our hero, dressed as a garbage collector, digs through a pile of rubbish.

Hero: (Whispers into phone) I bet it’s in here somewhere

The neighborhood cat looks on with disinterest… Cut to inside the garbage pail, a yellow post-it note is stuck to the side of a plastic cup…

Hero: Ah, here it is — the password is “fKi81A”

Categories

## How Derivative

Once in a while you come across a concept that is so sound and fundamental that it changes your entire outlook on the world. One such concept for me is something I learned in Calculus class fifteen years ago — the Derivative.
The derivative can be explained several ways. One way is to say that it is a measure of the rate of change. For example, interest rates are derivatives. So is inflation. Both of those are the rate of change of money with respect to time.
Another way to think of a derivative is to use a graph. The derivative is the slope of a curve at a particular point. If the curve is like a hillside, then the steepness of the hill at the point you are standing is the derivative. This is also consistent with our first definition, because it is the rate of change of the elevation of the ground with respect to position across.
Once you start looking for derivatives you see them all over the place. Gas milage — rate of miles you travel per gallon of gas. Gas prices — rate of dollars you pay per gallon of gas. Some disciplines are so used to derivatives that they don’t even come out and admit it. Financial people are notorious for this — the term “year over year growth” actually reflects the how much the rate of change of money the company makes per year is increasing. This is a rate of change of a rate of change. “Growth” is normally the rate at which something tangible increases (as in your height), but in financial circles, “growth” means the rate of the rate, or is actually a second order derivative.
(Second order derivatives can be described in several ways. One way that I like– No, this won’t be on the test I’m sharing it just because I like it. One way that I like is to think of a positive second order derivitave as a valley floor. As you hike down it gets less and less steep and eventually you’re heading upwards. A negative second derivative is like a mountain top, as you hike towards it it gets less and less steep and eventually you’re heading down. Some people also say a second derivative is like a smile when it’s positive (start out going down and then go up on the other side) or like a frown when it’s negative.)
I suppose I should come up with a use for a derivative now that I’ve explained it to you. Suppose you wanted to calculate the gas milage of your car. One way would be to create a table and record your odometer reading and how much gas you put in. Then you subtract adjacent odometer readings to see how far the previous tank of gas went. You can then divide the number of miles by how much gas you put in. Finally, average all the values. Or you could use the Derivative. To do this, simply plot the odometer reading on the Y axis, and the total number of gallons you’ve put in the car on the X axis. Take a ruler and draw a line connecting all the points as best you can. The slope of that line (how many miles the line goes “up” divided how many gallons of gas the line goes “over”) is your gas milage.

Categories

## Rolling a D&D Character

Well, my Dungeons and Dragon’s character, Ollie Oxenfree, was killed over the weekend. A blood golumn got him. We were all very sad.
Anyhow, I got to roll a new character. D&D characters are based on 6 numerical values that are randomly generated by adding together the numbers on three dice. Thus the mimimum score is 3 and the maximum score is 18. There are other ways of getting random numbers between 3 and 18 — for example you could roll a four sided die five times and subtract two. Or you could roll a sixteen sided die and add two. Here is a graph of how likely different rolls are depending on which die/dice you used: Notice how the more dice you use, the tighter the bell curve appears. You have less than a 1% chance of rolling an 18 (or a 3) and a 12.5% chance of rolling a 10 or 11. For the kind of profession I wanted for my new character (two professions: “Ranger” and “Druid”), I needed at a minimum to roll these scores or higher: 3, 13, 13, 14, 14, 15.
But before I got my hopes up that my character would be able to take on these two professions, I wondered just how likely I was to be able to roll such high scores. I tackled this problem two ways: with a random “monte carlo” simulation, and using statistical analysis.
For the monte carlo simulation, I wrote a perl script that randomly generated scores using a simulated die. It then determined if the rolls met my minimum criteria. After 1000 rolls, it reported the fraction of rolls that were adequate. I had it calculate scores for Ranger+Druid, Ranger only, Druid only, all 3s and all 18s. I know that all 3s or better should be probability of 1 (you always roll a 3 or better). Also, the all 18s should be pretty unlikely (it might not even roll a single one). For those of you following along at home, here is the perl script for this:

`@scores = (        [ 3, 13, 13, 14, 14, 15 ],        [ 3, 3, 13, 13, 14, 14 ],        [ 3, 3, 3, 12, 13, 15 ],        [ 3, 3, 3, 3, 3, 3 ],        [ 18, 18, 18, 18, 18, 18 ],        [ 3, 3, 3, 3, 3, 18 ],);foreach \$scoresRef (@scores) {        \$right = 0;        foreach \$i (1..10000) {                my @guess = ();                foreach \$b (0..5) {                        \$guess[\$b] = 0;                        foreach \$a (1..3) {                                \$guess[\$b] += int(1+rand(5.9999999));                        }                }                @guess = sort(@guess);                my \$itsright = 1;                foreach \$b (0..5) {                        \$z = \$guess[\$b];                        if (\$z < \$\$scoresRef[ \$b ]) {                                \$itsright = 0;                        }                }                \$right++ if \$itsright;        }        \$total = 1 - ( 1 - \$right / 10000 ) ** 6;        print join(", ", @\$scoresRef) . " = \$total \n";}`

On Mac OS X, launch Terminal.app, type “perl” and press return. Then copy and paste the code above and press control-D. After a little while it will print out something like this:

```3, 13, 13, 14, 14, 15 = 0.0107515164826495
3, 3, 13, 13, 14, 14 = 0.0596604624564983
3, 3, 3, 12, 13, 15 = 0.16341479899658
3, 3, 3, 3, 3, 3 = 1
18, 18, 18, 18, 18, 18 = 0
3, 3, 3, 3, 3, 18 = 0.0214065306042021
```

Notice the use of the sort function to remove any order issues, also the bit about **6 is because we get 6 tries to roll it right. If we had to roll the scores in the correct order it would be a lot lower probability. What I see is that rolling scores high enough for my ideal character happens about 1% of the time. While this seems pretty unlikely, there are a few things going in my favor. First of all, I get 6 tries to roll (increasing my chances by 6 fold). Furthermore, my montycarlo simulation can easily have some error. Finally, its only 1/2 as likely as rolling an 18 — and I know several of my fellow D&D players have characters with 18s, so shooting for my goal seems perfectly reasonable.
I mentioned that there is a second way to calculate how likely I am to roll my needed scores. The first step will be calculating how likely each sum is. Here is some more perl code for doing that:

```foreach \$a (1..18) {
\$p1[\$a] = 0;
\$p2[\$a] = 0;
\$p3[\$a] = 0;
}
foreach \$a (1..6) {
\$p1[\$a] = 1/6;
}
foreach \$a (2..12) {
\$p2[\$a] = 0;
\$start = \$a-6;
if (\$start < 1) {
\$start  = 1;
}
foreach \$b (\$start..(\$a-1)) {
\$p2[\$a] += \$p1[\$b]/6;
}
}
foreach \$a (1..18) {
print "\$a : \$p2[\$a]\n";
}
foreach \$a (3..18) {
\$p3[\$a] = 0;
\$start = \$a-6;
if (\$start < 2) {
\$start  = 2;
}
foreach \$b (\$start..(\$a-1)) {
\$p3[\$a] += \$p2[\$b]/6;
}
}
\$sum = 0;
foreach \$a (3..18) {
print "\$a : \$p3[\$a]\n";
\$sum += \$p3[\$a];
}
print "-" x 32;
print "\n\$sum\n\n";
```

This will print out something like this:

```1 : 0
2 : 0.0277777777777778
3 : 0.0555555555555556
4 : 0.0833333333333333
5 : 0.111111111111111
6 : 0.138888888888889
7 : 0.166666666666667
8 : 0.138888888888889
9 : 0.111111111111111
10 : 0.0833333333333333
11 : 0.0555555555555556
12 : 0.0277777777777778
13 : 0
14 : 0
15 : 0
16 : 0
17 : 0
18 : 0
3 : 0.00462962962962963
4 : 0.0138888888888889
5 : 0.0277777777777778
6 : 0.0462962962962963
7 : 0.0694444444444444
8 : 0.0972222222222222
9 : 0.115740740740741
10 : 0.125
11 : 0.125
12 : 0.115740740740741
13 : 0.0972222222222222
14 : 0.0694444444444444
15 : 0.0462962962962963
16 : 0.0277777777777778
17 : 0.0138888888888889
18 : 0.00462962962962963
--------------------------------
1
```

The first 18 values show the probability that a sum of two dice would be the given value. The second 18 show the values for three dice. Thus rolling three dice and getting a sum of 18 has a P=0.0046. Getting a 10 has P=0.125.
The real complication with calculating the scores for my Ranger/Druid using statistics has to do with figuring out the combinations. Essentially, you need to figure out how likely that *one* of the rolls is 15 or better, but it doesn't matter which. After getting bogged down for quite a while puzzling this out, I decided I would simply trust my monte carlo simulation results 🙂
So I had my dog blow on the dice, and my wife roll them, and sure enough.... I got my scores!