The two worlds meet…



Actuaries and programmers think in the same way, sometimes.

risk management Uncategorized

The big guys don’t always know what they’re doing

You’d think that a really big software company, like Adobe, would know what it’s doing But no. You may have noticed that there was a big data breach: millions of usernames and (encrypted) passwords were stolen. But they were encrypted, so no big deal, right?

Ah. Well. That’s the point. As this article explains, it was indeed the encrypted passwords that were stolen, not the hashes (if this is gobbledygook to you, the article has a very clear explanation of what this means). As the password hints were stolen too, it turns out to be really easy to decrypt many of them.

Now, I am by no means a security expert. And for websites I build nowadays, I use a ready-rolled solution (usually WordPress). But when I wrote things from scratch, even I knew better than to store the encrypted passwords. I may not have used the most secure hacking algorithm, or proper salting, but I didn’t encrypt the passwords.

(HT Bruce Shneier)


Blogging hiatus

There’s been a hiatus in my blog recently. It was due to life getting very very busy and a bit out of control, but I think it’s back to normal now. It was all out of control in a very good way, incidentally!

So something approaching normal service will now resume. We apologise for any inconvenience caused.



Following the micromort, a 1-in-a-million chance of sudden death, we now have the microlife, which is 30 minutes off your life expectancy.

Both micromorts and microlives are good units for comparing risks:

Here are some things that would, on average, cost a 30-year-old man 1 microlife:

  • Smoking 2 cigarettes
  • Drinking 7 units of alcohol (eg 2 pints of strong beer)
  • Each day of being 5 Kg overweight

The full article, which is well worth reading, explores the relationship between microlives and micromorts, and points out that different branches of the UK government appear to place similar values on them.

Interesting Uncategorized

Interesting links

Some things I’ve found interesting:

  1. Have you seen those Google ads on the tube? The example they give of a strong password isn’t so strong after all. It’s always worth checking the statistics.
  2. The important field – as usual with xkcd, make sure you read the alt-text
  3. Language is not writing, and some myths that arise from the mis-identification
  4. Sometimes, animations are the best way of showing data. This is a great one on global warming.
  5. Don’t believe everything you read on Wikipedia – and remember the alt-text!