惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

C
Cybersecurity and Infrastructure Security Agency CISA
D
Darknet – Hacking Tools, Hacker News & Cyber Security
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
S
Schneier on Security
L
Lohrmann on Cybersecurity
S
Securelist
P
Palo Alto Networks Blog
SecWiki News
SecWiki News
T
Troy Hunt's Blog
H
Hacker News: Front Page
AWS News Blog
AWS News Blog
Latest news
Latest news
Hacker News - Newest:
Hacker News - Newest: "LLM"
NISL@THU
NISL@THU
The Hacker News
The Hacker News
F
Full Disclosure
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
大猫的无限游戏
大猫的无限游戏
O
OpenAI News
P
Proofpoint News Feed
Know Your Adversary
Know Your Adversary
G
GRAHAM CLULEY
博客园_首页
Attack and Defense Labs
Attack and Defense Labs
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Security Latest
Security Latest
云风的 BLOG
云风的 BLOG
K
Kaspersky official blog
WordPress大学
WordPress大学
www.infosecurity-magazine.com
www.infosecurity-magazine.com
宝玉的分享
宝玉的分享
L
LINUX DO - 热门话题
博客园 - 叶小钗
L
LINUX DO - 最新话题
Martin Fowler
Martin Fowler
N
News | PayPal Newsroom
Project Zero
Project Zero
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
PCI Perspectives
PCI Perspectives
月光博客
月光博客
IT之家
IT之家
Recent Announcements
Recent Announcements
T
The Exploit Database - CXSecurity.com
D
DataBreaches.Net
J
Java Code Geeks
酷 壳 – CoolShell
酷 壳 – CoolShell
Last Week in AI
Last Week in AI
Google Online Security Blog
Google Online Security Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知

Hacker News: Front Page

SPICE simulation → oscilloscope → verification with Claude Code — Lucas Gerads GitHub - GainSec/AutoProber: Hardware hacker’s flying probe automation stack for agent-driven target discovery, microscope mapping, safety-monitored CNC motion, probe review, and controlled pin probing. Introducing Claude Opus 4.7 Qwen Studio The Future of Everything is Lies, I Guess: Where Do We Go From Here? GitHub - SeanFDZ/macmind: Single-layer transformer in HyperTalk for the classic Macintosh Virginia Bans Sale of Geolocation Data Show HN: Agent-cache – Multi-tier LLM/tool/session caching for Valkey and Redis Ancient DNA reveals pervasive directional selection across West Eurasia [pdf] AI cybersecurity is not proof of work Moving a large-scale metrics pipeline from StatsD to OpenTelemetry / Prometheus GitHub - Nightmare-Eclipse/RedSun: The Red Sun vulnerability repository GitHub - SethPyle376/hiraeth: Local AWS emulator focused on fast integration testing, with SQS support, SQLite-backed state, and a debug-friendly web UI. A Better Ludum Dare; Or, How to Ruin a Legacy GitHub - macOS26/Agent: Any AI, replaces Claude Code, Cursor, OpenClaw. Over 18 LLM providers (Claude, OpenAI, Gemini, Ollama, Zai, HF, Qwen) wired into a native Mac app that writes code, builds Xcode projects, bumps versions, manages git, automates Safari, use AppleScript, JS or Accessibility, extend Agent! w/ MCP Servers, run tasks from your iPhone via Messages. YouTube now lets you turn off Shorts I Made a Terminal Pager Burgers | マクドナルド公式 Commands — HackerNews CLI documentation ChatGPT for Excel PiCore - Raspberry Pi Port of Tiny Core Linux Live Nation illegally monopolized ticketing market, jury finds Google Broke Its Promise to Me. Now ICE Has My Data. Founding Engineer at Adaptional | Y Combinator CRISPR takes important step toward silencing Down syndrome’s extra chromosome GitHub - saffron-health/libretto: The AI toolkit for building reliable browser automations US v. Heppner (S.D.N.Y. 2026) no attorney-client privilege for AI chats [pdf] Unexpected €54k billing spike in 13 hours: Firebase browser key without API restrictions used for Gemini requests Fragments: April 14 Cal.com Goes Closed Source: Why AI Security Is Forcing Our Decision | Cal.com - Scheduling Software for Online Bookings Laravel raised money and now injects ads directly into your agent Codex Hacked a Samsung TV Tech Valuations Back to Pre-AI Boom Levels A perfectable programming language — Soter GitHub - halfwhey/claudraband: Claude Code for the Power User Partnership through Play: Investigating How Long-Distance Couples Use Digital Games to Facilitate Intimacy Textbooks and Methods of Note-Taking in Early Modern Europe (2008) Eternity in six hours: Intergalactic spreading of intelligent life (2013) Seven countries now generate 100% of their electricity from renewable energy Tell HN: OpenAI silently removed Study Mode from ChatGPT Pro Max 5x Quota Exhausted in 1.5 Hours Despite Moderate Usage Show HN: Oberon System 3 runs natively on Raspberry Pi 3 (with ready SD card) Tell HN: docker pull fails in spain due to football cloudflare block Bring Back Idiomatic Design No one owes you supply-chain security GitHub - xsawyerx/curl-doom: DOOM, played over cURL Apple update turns Czech mate for locked-out iPhone user The Grand Line Cache TTL silently regressed from 1h to 5m around early March 2026, causing quota and cost inflation Building a Z-Machine in the worst possible language The peril of laziness lost Iran war: We spoke to the man making Lego-style AI videos that experts say are powerful propaganda AI Will Be Met With Violence, and Nothing Good Will Come of It GitHub - duguyue100/midnight-captain: Inspired by Midnight Commander, tailored to my taste. How to build a `git diff` driver · Jamie Tanna | Software Engineer Center for Responsible, Decentralized Intelligence at Berkeley The Local Universe’s Expansion Rate Is Clearer Than Ever, but Still Doesn’t Add Up - A new synthesis of astronomical measurements confirms a persistent mismatch that could point to physics beyond current models The disturbing white paper Red Hat is trying to erase from the internet – OSnews NetBlocks (@netblocks@mastodon.social) The Future of Everything is Lies, I Guess: Annoyances ‘Abhorrent’: the inside story of the Polymarket gamblers betting millions on war Productive procrastination — Max van IJsselmuiden maps, territory and LMs 447 Terabytes per Square Centimetre at Zero Retention Energy: Non-Volatile Memory at the Atomic Scale on Fluorographane Show HN: Pardonned.com – A searchable database of US Pardons 20 Years on AWS and Never Not My Job The Seasons are Wrong The FAA wants gamers to apply for air traffic control jobs Artemis II crew splashes down near San Diego after historic moon mission Why weekends are under threat We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs How a dancer with ALS used brainwaves to perform live On filing the corners off my MacBooks Installing every* Firefox extension OpenClaw’s memory is unreliable, and you don’t know when it will break Steve Blank Nowhere Is Safe Chimpanzees in Uganda locked in vicious 'civil war', say researchers watgo - a WebAssembly Toolkit for Go linux/Documentation/process/coding-assistants.rst at master · torvalds/linux GitHub - callumlocke/json-formatter: Makes JSON easy to read. Founding Product Engineer at Bild AI | Y Combinator A compelling title that is cryptic enough to get you to take action on it GitHub - Keychron/Keychron-Keyboards-Hardware-Design: Industrial design files for Keychron keyboards and mice. 100+ models with CAD assets in STEP, DXF, DWG, and PDF. Source-available, with commercial use allowed for original compatible accessories within the license terms. [ANNOUNCE] WireGuardNT v0.11 and WireGuard for Windows v0.6 Released 1D-Chess Helium Is Hard to Replace Keeping a Postgres queue healthy — PlanetScale Serenity Forge (@serenityforge.com) Our response to the Axios developer tool compromise Do Americans read print books, e-books or audiobooks more? Uncharted island soon to appear on nautical charts The Problem That Built an Industry Fragments: April 2 Python Release Python install manager 26.1 Bitcoin miners are losing $19,000 on every BTC produced as difficulty drops 7.8% God sleeps in the minerals Harness engineering: leveraging Codex in an agent-first world Apple Silicon and Virtual Machines: Beating the 2 VM Limit What have been the greatest intellectual achievements? The APL Programming Language Source Code
When is your birthday? - The Math Behind Hash Collisions
denismenace · 2026-05-09 · via Hacker News: Front Page

Note: This post turned out a little different from the previous ones. It's more of an essay than a dialogue. I tried restructuring it multiple times, but it kept wanting to be linear. And you know, sometimes the topic just has its own shape, so I left it like this. Enjoy!


What is the probability that you are sharing the same birthday with people around you? Well, if you’re alone in the room, then it’s most certainly zero. Also the more people there are around, the higher the chances should get. But what if I told you that in a room with only 23 people there’s already a 50% chance for two of them to have matching birthdays? And I can quite easily prove it with just school math.

What does it mean to calculate a probability for at least two people to have a matching birthday? It’s the same as calculating the inverse probability for no one in the group to be born on the same day:

\[P(\text{at least one match}) = 1 - P(\text{no matches})\]

No matches means every birthday is unique. That means the first person can be born on any of the 365 days, person 2 must be born on a different day, so he has only 364 days to choose from, person 3 has only 363 days to choose from… and so on. So let’s take n for the number of people in the room and derive this formula:

\[P(\text{no matches}) = \frac{365}{365} \cdot \frac{364}{365} \cdot \frac{363}{365} \dots \frac{365-n+1}{365} = \frac{365!}{365^n(365-n)!}\]

for n=23:

\[P(\text{no matches}) = \frac{365!}{365^{23}(365-23)!}= 0.4927\]

…or about 50%.

Another formula that you can often find on the internet after searching for the Birthday Paradox is an approximation based on calculating the probability for all the connections existing between 23 people:

\[1 - \frac{1}{365} = \frac{364}{365}\] \[P = \left( \frac{364}{365} \right)^{\binom{23}{2}} \approx 0.4995\]

But let’s take a look at something much cooler.

You see, the problem with those formulas is that they can only be used to find a pair that has the same birthday. But how rare is it for three out of 60 people to have matching birthdays?

In the 1930s, the employees of the math bureau of one of the insurance companies tried to find that out, since among their 60 coworkers, three shared the same birthday. Their calculations most probably looked something like this:

In the room with 60 people, Alice, Bob, and Ray have birthdays on the same day. The probability for their birthdays to match is

\[\frac{1}{365} \cdot \frac{1}{365} \cdot \frac{1}{365} = \left( \frac{1}{365} \right)^3\]

For the remaining 57 coworkers, the probability will be:

\[\left(\frac{364}{365}\right)^{57}\]

Also instead of Alice, Bob, and Ray, it could have been Mikel, Ida, and Ana or any other triple:

\[\binom{60}{3}\]

Now all there’s to do left is to multiply all of those probabilities:

\[\binom{60}{3} \cdot \left(\frac{364}{365}\right)^{57} \cdot \left(\frac{1}{365}\right)^3 \approx 0.0006\]

So the result that math bureau employees got is only a few thousandth. And their calculations were right. But also… wrong.

And in 1939 an Austrian mathematician Richard von Mises explained why. His article “Über Aufteilungs- und Besetzungswahrscheinlichkeiten” was printed in the academic Journal of the University of Istanbul, where after being classified as Jewish and escaping the Nazi government, he became the professor of mathematics.

Von Mises didn’t just change the calculations. He completely changed the perspective on the problem. The thing is, the human brain is quite self-centered and often misses the whole picture. The math bureau employees were trying to find the probability of the specific event: three people having birthday on one pre-chosen day. But what if instead we ask: “How often should we expect this type of event to occur in general?”

Imagine there are 365 boxes in front of you. 60 balls are being thrown in these boxes randomly. Math bureau employees choose the third box. For them success is having three or more balls in that exact box. Von Mises suggests watching all the boxes and count how many of them will have three or more balls in the end. It’s clear that his definition of success is much broader, and therefore, the probability is also much higher.

Mises calls such probability an occupancy probability, as it shows how many of the boxes or, in our case, days are occupied one, two, three, etc. times.


Let’s take a look at his calculations. For this example we’ll have n days and k people in the room.

The probability for each n to be occupied is 1/n, so for all k people it turns into:

\[\underbrace{\frac{1}{n} \times \frac{1}{n} \times \dots \times \frac{1}{n}}_{k \text{ times}} = \frac{1}{n^k} = n^{-k}\]

which is how we calculate the chance of one exact sequence happening.

Then we’ll build the probability p1 for all the birthday distributions that have s people on the first calendar day. There are \(\binom{k}{s}\) ways to choose s out of k people, and for the remaining n-1 days we have (k-s) remaining employees that can be distributed like this:

\[(n-1)^{k-s}\]

The complete formula for p1 is:

\[p_1 = \binom{k}{s} \cdot n^{-k} \cdot (n-1)^{k-s}\]

We can also translate 'p1' into Bernoulli trials: $$\begin{aligned} p_1 &= \binom{k}{s} \cdot (n-1)^{k-s} \cdot n^{-k} \\ &= \binom{k}{s} \cdot \frac{(n-1)^{k-s}}{n^k} \\ &= \binom{k}{s} \cdot \frac{(n-1)^{k-s}}{n^s \cdot n^{k-s}} \\ &= \binom{k}{s} \cdot \left(\frac{1}{n}\right)^s \cdot \left(\frac{n-1}{n}\right)^{k-s} \\ &= \binom{k}{s} \cdot \left(\frac{1}{n}\right)^s \cdot \left(1 - \frac{1}{n}\right)^{k-s} \end{aligned}$$ $$p = \frac{1}{n} \quad \text{(probability of success)}$$ $$q = 1 - \frac{1}{n} \quad \text{(probability of failure)}$$ This leaves us with the formula of the Bernoulli sequence we learned at high school.

The same formula works for p2, p3,.. pn and gives us:

\[p_1 + p_2 + p_3 + \dots + p_n = n \cdot p_1\]

This sum covers all the distributions that have at least one day with s birthdays. All of them that have more than one such day will be counted multiple times. For example, if there are two days with s birthdays, the distribution will be counted twice, for three days - three times, and so on.

It's like having a lot of arrays that represent the number of birthdays on each day (in this example we'll have only four days):
For s = 7:
Distributions (Birthdays per day): $$\begin{aligned} \text{Distribution}_1 &: [8, \mathbf{7}, 4, 6] \\ \text{Distribution}_2 &: [4, 5, 3, 2] \\ \text{Distribution}_3 &: [\mathbf{7}, 4, 5, \mathbf{7}] \end{aligned}$$ Arrays (The days being checked for exactly $s$): $$\begin{aligned} \text{Array}_1 &: [8, 4, \mathbf{7}] \quad \text{(Day 1)} \\ \text{Array}_2 &: [\mathbf{7}, 5, 4] \quad \text{(Day 2)} \\ \text{Array}_3 &: [4, 3, 5] \quad \text{(Day 3)} \\ \text{Array}_4 &: [6, 2, \mathbf{7}] \quad \text{(Day 4)} \end{aligned}$$ Distribution1 appears only in Array2, therefore will be counted only once, while Distribution3 is a part of both Array1 and Array4, therefore will be counted twice.

This means that \(n \cdot p1\) provides us with a weighted sum and can be interpreted as an expected value ‘E(x_s)’. All we have to do is paste the formula for p1 that we’ve already derived before:

\[E(x_s) = n \cdot \binom{k}{s} \cdot (n-1)^{k-s} \cdot n^{-k}\]

or

\[E(x_s) = n \cdot \binom{k}{s} \cdot \left(\frac{1}{n}\right)^s \cdot \left(1 - \frac{1}{n}\right)^{k-s}\]

To prove that it’s much more common for a group of 60 people to have a triple match of birthdays, let’s try this formula with our numbers:

\[\begin{aligned} n &= 365 \\ k &= 60 \\ s &= 3 \\ E(x_3) &= 365 \times \frac{60!}{3! \times (60-3)!} \times \left(\frac{1}{365}\right)^3 \times \left(1 - \frac{1}{365}\right)^{60-3} \approx 0.2196 \end{aligned}\]

or about 0.22, which aligns with the value von Mises gives in his paper.

It might seem that ‘0.22’ is too little, but it actually means that, on average, in every 4-5 groups of 60 people, there will be about one triply-shared birthday.

\[\frac{1}{0.22} \approx 4.5454\]

Doesn’t seem that rare anymore, does it? Especially if we compare it to the possibility of a few thousandths, that, on the other hand, will happen only about once in every 1500-2000 groups of 60 people. Now that’s actually rare.

Of course, these calculations don't consider seasonal variation in birth density, twins, selection bias, leap years etc. which von Mises himself explicitly mentions at the end of his article. If you look at statistics, in the Northern Hemisphere, children are more often born in summer; in the U.S., they're more likely to be conceived on Christmas and New Year's Eve; and due to C-sections and induced labor, Mondays and Tuesdays also have higher birth rates.


In his paper, von Mises goes on to calculate the exact probability distribution, but the expected value is all we need to prove that the math bureau was looking at the problem through the wrong lens.

The expected value also allows us to get the approximate representation of the number of collisions that will occur in the hash table depending on the values we choose.

Moreover, there is a special brute-force attack in cybersecurity called the Birthday Attack that uses the math behind the Birthday Problem to create collisions that will break the system. The attacker generates random inputs until two of them produce the same hash output. That will happen after about √n attempts. For example, SHA-256 has \(2^{256}\) outputs. That would requier \(2^{128}\) attempts to crack. Notice that the attacker is not waiting for a specific hash value to occur double, any collision would be enough to stop the system from working.

We have already talked a bit about collisions in the hash tables last time. Now we know that the math behind hash tables’ collisions is the math behind the Birthday Problem: days become table fields, people turn into hashes, but the calculations remain unchanged.

My sources and further readings:

Richard Von Mises, “Über Aufteilungs- und Besetzungswahrscheinlichkeiten” (p. 313) Richard von Mises Biography University of Connecticut lecture