Hacker Newsnew | comments | show | ask | jobs | submit | jgrahamc's comments login

Also Google: https://blog.cloudflare.com/why-google-went-offline-today-an... Hardly, a "CloudFlare" problem.


Old, old news: http://www.theguardian.com/world/2014/jan/27/nsa-gchq-smartp...

Yes, but it certainly bears repeating, until it is also widely known.

Personally, I did not remember this capability until I saw this article, and I've followed the whole deal a lot closer than my circle of friends. People either don't know or don't care and don't know that they should care.

In the presidential debates and primary campaigns, how many times did you see someone say that this is a major issue? I can definitely point to presidential hopefuls making the opposite point, however.

Have only skimmed your link, don't have time to read right now, but at a glance it seems to be entirely about passively spying on data being communicated, whereas this new claim is that they can actively take control of your phone remotely, which is pretty different.

Forgive me if more time reading would have made this comment irrelevant. Will be coming back to this thread later and reading more.

Why bother composing a response like that without reading the article I posted?

I read your article in full. It is mostly about the broad collection of data passively (e.g. from smartphone apps, or other leaky sources). It has two slides at the bottom hinting at phone plants, but that isn't really what the article is about and it doesn't spend a lot of time talking about them.

I'd agree with the above poster, your article is mostly irrelevant if otherwise interesting. I will say a lot has been said about phone plants previously, but your article isn't about that really.

He already told you the reason, he doesn't have time to read it right now.

Did you read the link you posted? Because I read it, and his skimming is 100% accurate. The article talks about Angry Birds, Facebook, google maps, and other social apps leaking personal data by transmitting it over the internet and being intercepted. Completely different from the new BBC article.

I believe the salient claim here is the exploitability of smartphones via SMS, a la Stagefright. The Guardian article makes no such claim.

Have you spoken with CloudFlare support about issues you are seeing?

We wrote about this in the past when Google went down: https://blog.cloudflare.com/why-google-went-offline-today-an...

That was an interesting read. Perhaps I'm misunderstanding, but doesn't this mean a rogue ISP could take down a large chunk of the internet if they wanted to? If Moratel hadn't fixed the issue at their end, would Google have stayed down indefinitely?

No, because if the offender didn't stop misbehaving they'd find themselves disconnected from the Internet completely.

Aaah, OK. Thanks.

"disconnected from the Internet completely".

Perhaps a blog post on exactly how that is done. And after what particular time would that happen and is that something that needs to be coordinated or??

If there is a rogue actor on the internet, even at a large scale, the rest of the Internet blackholes their traffic, and treats them as a failure point. Various routing tables are updated across the internet to not consider them a viable destination or source, and traffic normalizes without them connected.

It isn't the action of one central authority, more a natural response to failure by separate parts of the internet.Its akin to shoppers and suppliers refusing to go to a particular store anymore. No one shuts the store down, but it no longer has products or customers.

Yes, a rogue BGP talker could take down large chunk of the internet, except that it would only be for an hour or so at most, before all the other BGP admins blacklisted the rogue BGP talker and simply completely disconnected the rogue BGP talker.

Who are these BGP admins? Is it an admin for each AS that would blacklist their traffic from the abusing AS?

Just learning about this for the first time.

Senior network/routing/noc staff at the top 5-10 backbones mostly. They move most/all bits at some points. For 2014 that was Level 3, Telia Sonera, Cogent, GTT, Tata, Verizon, Sprint and a few others.

Source: http://research.dyn.com/2015/02/bakers-dozen-2014-edition/

One or more of these networks likely provides transit to the errand AS or the errand AS' upstream and they can lean on them pretty hard. Doing so will be in full compliance to whatever transit agreement exists between them as well. No need to be big brother about it, it's plain self-interest. They have SLAs to meet.

It is an admin for each AS. Each AS that has a direct connection to the abusing AS would need to put a stop to it, otherwise risk being seen as complicit themselves. Hops further down could blacklist an AS as well.

Large ISP's may have multiple people that can affect these policies.

"Who are these BGP admins?"

Similar to my question. Who are they, how many are there, how do they communicate, is the fact that they have this power in itself some kind of risk?

The BGP admins are those that are assigned that task by whatever company or organisation owns the AS they are responsible for.

There is no central authority, most people that are interested in that sort of stuff are on various mailing lists, the main one being NANOG.

Generally for larger ISP's they will have direct contacts with their counterpart on their BGP neighbour where the handoff from network to network exists, for smaller entities (for example a small business with two uplinks that announces their own /24) they may have a support contact that they can call about issues.

Is it a risk? Maybe. The Internet and BGP is built on mutual respect. You can and sometimes will filter certain routes from certain uplinks/providers to change how routing happens from your network onto the next hop, but overall there is no authentication, and no authorization.

Anyone that has an AS, and has a peer that is willing to accept their routes, can advertise whatever they want.

As for how many there are? How many CCNA/CCNP/CCIE's are there out there? How about comparable certs for Juniper/Alcatel Lucent and whatnot. Each of them could potentially be a BGP admin. It's not a difficult job. When I worked at a large ISP I remember announcing some new IP's out from our AS to the world from a new location and watching it propagate across the world. Had me and my colleague made one little typo we could have accidentally announced the wrong thing.

The only controls are policies that are set up by each AS for what routes they will or will not accept from a neighbouring AS. In general this is an accept all. Then the AS can choose to re-advertise it's received routes from it's neighbours to it's other neighbours, this is how route propagation works. You can also choose for example to receive routes from a neighbour but not re-advertise them (i.e. you don't become transit).

BGP changes happen every minute of every day. Routes get added, get removed, and those things propagate. This is not the first time nor the last time that a mistake happens, or that someone advertises an address space they shouldn't be advertising. Look at what happened when China accidentally leaked routes that took YouTube and Google off-line for a bit, or the BGP issues with Syria advertising everything in an attempt to take the internet offline in their country...

They are the sysadmins of the individual networks that compose the internet.

They arrange with each other to connect their networks, sometimes payed, sometimes with no money exchanged.

These admins are not self-appointed admins over the 'internet', but they just maintain their own networks.

This is over. The organization that was leaking CloudFlare routes had been contacted and they have stopped.

If you are interested in knowing about route leaks affecting different companies I recommend: https://twitter.com/bgpmon

The hand-wavy way I've always thought about the Monty Hall problem is as follows:

When the contestant picked a box he was making a random choice between three boxes and had a probability of 1/3 of picking the car. The probability that one of the other two boxes was the car is thus 2/3. When Monty Hall opens a box it's still the case that the probability of the car being in the other two is 2/3 but the contestant can now eliminate the open box and knows that the probability that the car is in the other box is 2/3. Thus it's worth switching.

This is by far the most simple, concise explanation of the Monty Hall problem I've ever read: https://www.reddit.com/r/videos/comments/1bcuo8/this_has_bee...

> Basically, you probably got a goat the first time, so switch.

It's so concise that I use more words to re-post it every time Monty Hall comes up than are in the explanation itself.

The other phrasing of the problem that I've seen help people is this (I think was also originally from Marilyn Vos Savant): Suppose there are a thousand doors, and only one is a car. Monty opens 998 of them to reveal goats, leaving door #628 still hidden. Do you switch?

That helps people understand that their original probability of picking the car the first time was very small, and didn't change because of what Monty did.

Most paradoxes vanish, become obvious this way (when you increase the numbers). The brothers paradox mentioned: 'I have two children. At least one is a boy.'/'I have two children. At least one is a boy born on Tuesday.'; 'What is the probability I have two boys?' drastically changes when you change to 'I have two children. At least one is a boy born at 7h:35m:42s.' -- it becomes clear that the succeeding information exactly specifies the boy as it becomes specific, in the limit turning into 'I have two children. The first is a boy.' (so the probability goes from 1/3 to 1/2).

I prefer this one:

You pick a door. Monty opens another door, revealing a goat. You now get the option to switch from your door to the other two doors, keeping the car if it's behind either one.

Whether Monty opens the door or not doesn't mean much.

An even simpler version, which is equivalent: Monty Hall says that you can either choose 1 door, or 2 doors. It can't get more obvious than that.

That is only equivalent if Monty (as intended but usually not stated clearly) always picks a door without a car using knowledge of where the car is. If, instead, Monty picks randomly from the other two doors and just happens not to have revealed the car this time, odds are the same whether you stick with your door or switch.

Even in the case where your restatement is mathematically equivalent, it's obviously not at all equivalent as a puzzle because what is being requested by the puzzle is seeing that the original situation is mathematically equivalent to that one.

I like to explain it with a wager: pick a star from the night's sky. If you pick the star I'm thinking of, I'll give you a dollar. After you've made your selection, I'll give you the opportunity to switch to one other star, guaranteeing that either your star or this one alternative will be the star I had in mind. Do you want to switch?

Monty chooses a door?

I thought he selected it at random.

That was always the confusing unstated assumption for me, that makes me think the problem is only confusing because of how the wording usually de-emphasizes that distinction.

If he chooses a door, you can benefit from the secret information he reveals sometimes by doing so.

If the door was chosen at random, he is not adding any information, so you can't act on it?

This was the confusing unstated assumption for me, which is why I got so angry when Marilyn Vos Savant introduced the problem to me and many others here: https://en.wikipedia.org/wiki/Monty_Hall_problem#Vos_Savant_...

At the point when I read it, I didn't realize Monty was always choosing the door with pre-knowledge of which one the car wasn't behind.

It wasn't until somebody wrote in with a computer program example that showed the benefits of switching, in which I inspected the source code, that I understand what Monty was doing.

personally, I think this has to do with ambiguous way word problems are stated, and how people model the word problem mentally.

Agreed, but the Monty Hall problem wouldn't make sense (at least from the game show perspective) if Monty's selection were random. If his selection were random, and he picked the car, it would just be "OK, I randomly decided to pick a door, and look, it's the car. Congratulations, game over."

Yeah, there really isn't any way to implement that version of the Monty Hall problem in the real world. You could say that Monty Hall randomly picks a door, and if he picks the winning door, that round of the game is aborted and you (the contestant) are given a drug that makes you forget that round ever happened. The rounds continue until Monty Hall happens to reveal a losing door, and that's the only one you will ever remember.

This is so detached from normal events in life that the paradoxical nature is much less impactful, so it's nowhere near as enticing of a thought experiment. It is, however, similar (equivalent, methinks) to the "God's Coin Toss" problem, which is also popular and which also has gotten some attention on Hacker News: http://www.scottaaronson.com/democritus/lec17.html

Eh, the math works out the same whatever is done in the case of him revealing a car. Reasonable options seem to include:

1) contestant wins (notion being the contestant retains the option to switch to any door, and now knows where the car is)

2) contestant loses (notion being Monty picked right and "won" in place of the contestant)

3) Round is aborted, things are repositioned, and the round is replayed (doesn't require any drugging, aborted rounds may or may not be aired but player learned nothing relevant to future rounds).

In retrospect, I understand this. I suspect part of the point of the puzzle is to force people to intuit this aspect.

That's the whole reason why the problem is tough. It's carefully worded to be ambiguous about that point so that most people assume it was random (most of the erroneous math people pull out is valid were it random) but the problem actually makes little sense if Monty picked randomly since it completely ignores the potential possibility that he picked the car door.

The problem isn't probabilistically difficult and most people's intuitions would be on point if it weren't set up to deceive.

The wording in the "Ask Marilyn" column appears to have been:

'Suppose you're on a game show, and you're given the choice of three doors: Behind one door is a car; behind the others, goats. You pick a door, say No. 1, and the host, who knows what's behind the doors, opens another door, say No. 3, which has a goat. He then says to you, "Do you want to pick door No. 2?" Is it to your advantage to switch your choice?'

Given "the host, who knows what's behind the doors", I think the original phrasing was less ambiguous than many rephrasings I encounter. It certainly could have been still clearer.

Also, her answer - which was presumably read by those writing in to asset her answer was wrong - plainly states that the host always picks a losing door.

Ah. In my generation, who actually watched the program, there is no ambiguity. No intent to deceive was detected by me. Its not supposed to be a trick question. Its supposed to illustrate how far off our intuition is about statistical behavior.

Monty himself mentions that he would occasionally try hard to argue contestants into swapping. They would always refuse. He would even explain that 'his door' had the better chance - nobody would listen. But I suppose that's confounded by the suspicion that he was trying to trick them.

This may be very true and I think that if you're more familiar with the program and recognize that the host must know the answer then it becomes more a question of statistical intuition.

I'm confident that there are lots of people who still fail to make the connection (though we're getting to the point where I think people are failing less due to a lack of statistical intuition and more due to a symbolic/physical model mismatch issue), but I think this problem wouldn't be as renowned as it is if it weren't for all of the even expert statisticians who are getting fooled.

In their case it's definitely a matter of them misinterpreting the situation and the way that it's worded, for someone unfamiliar with the show, is at least a little "tricky".

I agree it would help to see the problem in action.

Again, the part I missed was "it would be silly for him to reveal a car".

I get that now, but that was not something that I intuited, and so the omission of that information I will continue to argue is at least a little bit deceptive.

Even if only to those like myself who have not seen the program.

It's a trick question.

That's all I want anyone to admit when they explain the answer.

Thank you.

I know what you mean! I sort-of understand why people don't make this clear when they're stating the problem, but I really don't understand the vast majority of people who don't explain it clearly when they're stating the answer to the problem. They'll go on for paragraphs, when they could have just said, "Monty only chooses doors without cars, so by choosing a door he gave you more information."

In the original statement of the problem, Monty knows what is behind each door. If he selected the door at random, the point of the problem is moot.

It's not just that he knows, but that he uses that knowledge to pick a door instead of choosing a door at random.

But yeah, that the problem is moot if it were random is exactly my point.

I was deceived by the wording and it's frustrating to hear "answers" to this problem that ignore that deception because I got the wrong answer and so I feel "dumb" for being decieved so I am trying to defend how i'm not "dumb" for not seeing the probability, just dumb for not thinking through the fact that it would be unlikely for Monty to reveal a car at that point.

I guess a lot of people go "oh, he won't reveal a car".

I'm missing that intuition.

He never reveals a car when he opens the door.

That actually doesn't matter. What does matter is if he knows he is going to reveal a door that is empty. If he does know you should switch. If he reveals a door arbitrarily, and it just so happens to be empty, it doesn't matter if you switch.

Edit: Since I have been downvoted, here is a citation: http://probability.ca/jeff/writing/montyfall.pdf (see Monty Fall problem)

To be fully pedantic, what matters is not "if he knows he is going to reveal a door that is empty". Maybe he has no idea and he just reads his lines off a teleprompter. What matters is if you know that he is going to reveal a door that is empty, because then you can reason according to that information.

The notion that he always randomly opens a door without knowing what's behind it but the door is always a losing door is fairly bizarre and doesn't make much sense when you try to analyze probability in the context of repeated experiments. Something must make him always choose a losing door. Either he knows what's behind the doors, or there's some external force ("fate," "God," or whatever) that causes the door to always be a losing door.

Regardless, the problem as stated has Monty Hall open a losing door. Thus it's clear that you should switch after Monty Hall does so, and a very simple computer program can show that you tend to win by switching.

Another way to phrase the problem is that you choose one door, then Monty Hall (without revealing anything) gives you the option of taking the door you chose, or taking both the other doors. That's an equivalent problem (assuming the goat has zero utility), and it makes it very obvious that you should switch.

"Something must make him always choose a losing door."

The problem is not always presented in a way that makes it clear that the game always progresses this way, and it's not just a description of the particular circumstance you find yourself in one particular play.


"You have $X, your opponents have $Y and $Z. You select Potent Potables for $400 and it's a daily double. How much should you wager?"

I think you'll agree that is going to be read near-universally as a statement of a particular situation that could arise in Jeopardy, not a statement of how Jeopardy games always go.

> The problem is not always presented in a way that makes it clear that the game always progresses this way, and it's not just a description of the particular circumstance you find yourself in one particular play.

I'm not sure how that matters. The question is whether, in this scenario, you choose to switch after Monty Hall reveals the door. The terms of the thought experiment dictate that Monty Hall will reveal a losing door. Regardless of what force is actually causing the revealed door to be a losing door, you should switch, because you're essentially being given the option to take your original one door, or to take both of the other doors (at least one of which is a losing door).

The terms of the thought experiment are intended to dictate that Monty will always reveal a losing door. However, they are often worded such that a reading that Monty merely has this time revealed a losing door is a valid interpretation. In that case, the problem is under-specified, as we don't know how Monty picks (randomly or always a losing door) and that changes the answer.

That does sound underspecified, although I would think that it still makes sense to switch. If Monty reveals a winning door, it obviously doesn't matter whether you switch (both other doors are losers), but if he reveals a losing door you're better off switching because you're still essentially getting 2 doors instead of the 1 door you originally selected.

If he might have opened a losing door, your odds are no longer 2:1 switching. This surprised me as well (in fact, I wrote a simulation for myself intending to reassure me that it was not the case, and learned better).

To waffle on this point: He has a higher (double) chance of picking a goat if you've picked the car. So by unplannedly revealing a goat, he gives you more information about whether you're in a world where you've picked the car, or one where you've picked a goat.

If you pick randomly between a fair coin and a double-headed coin, there's a 50/50 chance of picking either. If Monty then flips the coin and it comes up heads, that suggests you're more likely to be in a world where you've picked the biased coin. If, on the other hand, Monty deliberately takes your coin and places it so that it's heads (and he was gonna do that whatever coin you picked) then you have no new information.

I agree that my phrasing is not superiorally precise, but the meaning is clear enough, the choice of the door isn't arbitrary.

Your argument isn't really wrong as far as it goes, but it doesn't explain why it matters whether Monty deliberately opens a door without a car or picks randomly and just happened to open a car-less door this time.

You can be sedated for the colonscopy if you don't like the idea of being awake for it under a local. You normally get a dose of Propofol injected into you (like Michael Jackson) and you wake up feeling refreshed and slightly pissed off that the nurse dared to wake you up from your beautiful embracing slumber. The procedure really isn't as bad as you think it is going to be. The preparation for it is much worse (not painful, just unpleasant).

That's spot on. I've had a colonoscopy as a precaution after seeing blood in my poo (can't bring myself to use the word stool here). The preparation involves taking a very powerful laxative which cleans you out completely. You end up going to the toilet a lot passing what quickly becomes a clear liquid after a couple of trips. This goes on for hours and is unpleasant. But, hey, just unpleasant, nothing more.

The actual procedure does not take long (tens of minutes) and they gave you something to make you feel drowsy. I was fairly awake and enjoyed watching the inside of my body on the screen; others can just layback and do nothing.

On the upside the doctor wrote "Excellent bowel preparation" on my report afterwards so... Achievement Unlocked!

You must be British. Only a Brit could talk about poo like this.

Yes, I am.

It takes one to know one. :-)

Been there, literally. Can confirm the experience, although I didn't get any sedatives at all as some of them cause my blood pressure to drop rapidly. Actually I was just uncomfortable for the 10 minutes it took but it wasn't bad at all.

The worst part of it is getting home afterwards with the laxative side effects in recent memory. Also staring right at me was the sign in the taxi: "£20 soiling charge".

If you ever put this off a health check for fear of endoscopy, don't. It's really not that bad.

What a bunch of bullshit.

We didn't 'decide to look at months old data and publish a story'. This is one of N articles we are writing about DDoS attacks we've seen.

Also, whenever people say "X makes China look bad" where X is some sort of botnet I like to remind them that China is huge and has a quarter of Internet users and so a ton of machines. No surprise that there are a ton of machines that get used in botnets.

This is interesting but would be more interesting if they linked to the software that they are using and gave information about the settings used.

Applications are open for YC Winter 2016

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact