Probability, was Firewall security: Problems with simple Samba file share

But not a successful one. I really wish people would understand stats.

Amen.

Uh uh. It's simply true.

I'm sure you can. Friend of mine eked out his postdoc at Princeton Insbreastute for Advanced Study by winning card games at casinos for two years.

I'm sorry, but this is clbuttic game theory, well known and well-studied. It's a clbuttic probabilistic domain - the optimal strategies are stochastic.

Sure - whatever.

Sure. But you can estimate it. That's easy ... you have the historical stats.

Sure .. that's the point. You have to calculate the risk, which is the product of the loss and the probability of that loss. And there are people who will pay to reduce variability in the risk too!

Sure - but your effort is misplaced. You need to put effort into probable paths, not improbable ones.

Whatever.

Good - I keep three copies in different places. The risk is that they all get the same wrong copy!

And it doesn't do anything - I gave you the argument. Kindly address it!

Then you are out of pocket. It doesn't contribute materially to reducing your risk, under normal circumstances.

It may well be misplaced, but long odds are meaningless - you should always bet on them turning up. So your 100 dollars a year will win you $50K within 50 years is what you should reckon on, because you don't care if not - you're dead before you get a chance to rerun the experiment. It's a good bet. Try and find some long odds horses and bet on them. Only occasionally, mind! You musten't make a habit of it or stats averages will apply.

Bet on your being hacked if you feel like! It's similarly long odds.

Then take steps to secure them. The firewall won't be doing it unless you have a very odd setup!

No, it's likely - but you would prefer to buy new. And it's low odds, is the critical factor, so you have nothing to gain by betting on it.

No it's not. Provided you do it only once then statistical averages do not apply, and you are in more complicated waters. The central limit theorem of stats only says that in the long run stats approach probabilities. Do it once and the law does not apply. So anything can happen.

Sure (I won't, but you might, and would be right to).

Sure - that's precisely what I said.

Unfortunately for your arguments, the "restrict the incoming IPs" idea on a firewall is NOT based on this once-in-a-lifetime idea of yours (which you have correctly grasped). Quite the opposite, the attempted justification is that there is a continuous sea of attempts pounding on your door all the time, and by closing the door a little more, you keep down the total tries, hence the probability that somebody will get lucky soon.

Uh uh - no such scenario. Hence justification out the window. And anyway, it's absolutely not an example of the "once in a lifetime" theory!

Peter