Two mathematicians are at the pub having a beer and a yarn. One of them says “Hey, I bet you $5 you can’t work out the ages of my three daughters.”

The other one says “Is that so? I’ll take your bet.”

“Okay, so the product of their ages is 72. The sum of their ages is the same as the number of the house across the street.”

The second mathematician thinks about it for a moment, then says “You haven’t given me enough information to solve the riddle.”

“Okay, my eldest daughter loves chocolate.”

The second mathematician says “Too easy”, gives the answer and takes his $5.

How old are the daughters?

]]>Well, it turns out that doing that probably made my passwords easier to crack. How could that be? Well password cracking tools are pretty sophisticated these days, and they automatically try common letter/number substitutions (like replacing an “o” with a zero). A while back I found an xkcd comic that explained exactly how easy such passwords are for computers to crack.

To cut a long story short, it’s better to have a long password made up of just lower-case letters, than a short password made up of any of the printable characters. The maths isn’t that hard, it’s simply the number of characters you have to choose from, to the power of how long the password is. As an example, let’s compare an 8 character password made from any of the 95 ASCII printable characters (essentially, any character you can type using your keyboard):

95^8 = 6.6 x 10^15 potential passwords (that’s a 6 with 15 zeros after it…)

That seems like a lot, but let’s look at doubling the password length to 16, but only using the 26 lower-case letters:

26^16 =4.3 x 10^22 potential passwords

That’s a lot more passwords, and you can make a 16 character password easily from 3 or four words. So, how does that affect someone trying to crack your password? Simply put, the more guesses an attacker has to make, the longer it takes them to crack the password.

How long are we talking? Well, it depends on how the password is dealt with, and that can get quite complicated. In the interests of simplicity, then, I will just use some figures I pulled out of thin air (but based on real world situations) to demonstrate. Let’s assume an attacker wants to crack your password, and you’ve been smart enough not to use a dictionary word. The attacker will only be able to guess a certain number of passwords a second, and assuming they’ve got access to some decent hardware, this could be as many as 1 trillion guesses per second. That means it will only take, in a worst case scenario 6634 a bit under two hours to crack an 8 character password.

So, with a password using 16 lower-case characters, doing a brute force attack will take 1382 years. That’s a much safer password, right? Well, not really. It turns out that if you use dictionary words, then it takes much less time to crack than expected.

When looking for resources to test how much quicker it is to crack a pass-phrase made up of dictionary words, I found the Diceware password generator page. This is a method of generating a password using 5 dictionary words selected by rolling dice (using something like dice removes security issues related to random number generation on a computer). The handy thing is, they have not one, but two dictionaries you can use. This is handy, because it gives us some numbers to work with.

Firstly, it gives us a good size for our potential pool of words (7776, in this case), and secondly, allows us to find an average word length (about 4 characters). This means that our 16 character pass-phrase using dictionary words is about 4 words long. We can use the same formula as before to determine how many tries it will take to crack our password, except it will be the number of words in our dictionary to the power of the number of words we choose:

7776^4 = 3.6 x 10^15

That’s actually less than the number of tries we need for an 8 character password. It also means that the time to crack that password will be just over 1 hour. So, how do we fix that problem?

Well, one solution suggested on the Diceware page is to randomly select 1 letter in one word to be replaced by a randomly selected symbol. Because this is random, a cracking tool won’t be able to use common substitutions to defeat it. You could also insert a random number or symbol between one or more words, or even just capitalise a random letter in the pass-phrase. Either of these tricks will achieve the same result.

Whatever solution you use, the result is a pass-phrase that is hopefully easy to remember, and is not likely to be easily cracked.

]]>There are 4 people who need to cross a river, using a row boat. The boat can hold at most 2 people, but can also be rowed by one person. There is one seat in the boat, so if two people are in the boat they must sit side by side, each using one oar. Each of the four people row at different speeds, so they must row at the speed of the slowest person. The people can row across in 1, 2, 5 and 10 minutes respectively. What is the shortest time that all 4 people can get across the river in?

For the bloody minded people who instantly say “Just get them to swim across”, assume that the river is chock full of ravenous piranha, and that swimming is a one way trip to being eaten alive. For the bloody minded people who try and fit more than two people in the boat: do that and it will sink, giving the piranha a feast. For anyone suggesting that they should look for a bridge, or build a bridge, or anything like that: there are no bridges, nothing to build bridges from, just row across already dammit…

]]>I learned a nifty variation a few years later that only uses 15 cards, and has a nice reveal where the chosen card rises out of the deck. After the third round of dealing into piles, the chosen card will be in the middle pile. Square up one of the other piles face down, then deal the middle pile on top so that the cards protrude alternately above and below the first packet. Square up the last packet and place it on top, level with the first packet. You should have a packet of cards with 3 cards sticking out on one side, and two on the other. Pick all the cards up, and push the 3 cards back into the packet. Keeping some pressure on the other cards, pushing the two remaining cards back into the packet should cause the chosen card to rise up.

These tricks are nifty enough, but a couple of years ago I found a far more impressive version from mathematician Matt Parker, which allows you to place a chosen card anywhere among 27 cards. Rather than go through the explanation of how it works, I’ll simply show this video of the trick and how it is done:

Matt has an even nicer version of this trick, that uses nearly a full deck, needing 49 cards. He demonstrates the trick at the end of this video:

Unfortunately, he doesn’t explain how to do the 49 card trick, but with a bit of thought I was able to work out how to do it. In order to understand the 49 card trick, it really is easiest to watch the first video, get a good understanding of how the 27 card trick works, and practise until you can do it in your sleep.

Done that? Good, let’s get on with the 49 card trick. The whole basis for the 27 cad trick was being able to count in base 3, and having a number of cards that was equal to the number of piles raised to the power of how many times you dealt them out (3 piles, 3 times dealing = 3³ = 27 cards). So, to start with, the 49 card trick uses 7 piles, dealt twice (7²=49 cards). Now, because there are 7 cards per pile, we need to count in base seven to determine which position to place the packet with the chosen card in it.

Don’t worry if you’re not sure about counting in base 7, it’s just like counting in decimal, if you’ve suffered a nasty industrial accident and have lost 3 fingers (sorry, bad joke…). For the purposes of the trick, we’re thinking of the piles as being numbered 0 through 6 (like the piles were 0 to 2 in the 27 card trick). So, when you get the volunteer’s number, you need to workout how many times it can be divided by 7, and what the remainder is.

Here’s an example: the volunteer says their number is 13. Firstly we need to think in terms of how many cards go above the chosen card, so that’s 12 cards. 7 goes into 12 once, and has a remainder of 5. Now, when you deal out the cards, the pile with the chosen card goes into position 5 the first time, and into position 1 the second time.

Another example, let’s say our volunteer picks a big number, and says 42. That’s 41 cards to go above the chosen card. 41 divided by 7 is 5, with a remainder of 6. When we deal out our cards the pile with the chosen card goes into position 6 the first time, and position 5 the second.

So, hopefully those instructions, combined with the videos, are enough to get this trick working for you. One idea I had regarding the set up for this trick, rather than having a special 49 card deck set up, or having to sneak 3 cards out, somehow, was to get the volunteer to remove three cards. I like to explain this as being so that if I’ve memorised the order of the cards, having three cards removed randomly will mess me up.

]]>The way it works is you get a volunteer to cut the deck, then take a card from anywhere in the deck and show it to everyone else (assuming there are others watching, of course). You then tell them that you’re going to ask them 3 questions about their card, and that they can choose to answer truthfully, or lie.

The three questions are the colour, the suit, and the value of the card. For each question, you spell out the answer, dealing off a card for each letter, with one extra as you say the answer again. For the value, to add a bit of variety, you can ask if they would like it counted or spelled (assuming they didn’t name a face card). Each card is flipped in turn, and indicates the actual colour, suit and value of the chosen card.

Have the volunteer cut the deck and complete the cut. Then get them to select a card. However you do it, you need to be able to cut the deck at exactly the point where their cards is. Fanning out is good for this, as is riffling and getting them to say stop. While they are looking at the card, cut the deck where they their card was, and complete the cut. This should put the card underneath theirs on top of the deck.

Now comes time for the questions. The first question is easy: ask if the card is red or black. Spell out the answer, taking off a card for each letter (pro tip: keep the cards in the same order in your hand, rather than dealing them onto the table, it makes resetting the deck much easier later[1]). Set the cards used to spell the word down, then deal the next card separately as you repeat the answer.

The next question depends on the colour the volunteer gave. If they said black, you ask “Is your card a spade, or is it one of the clubs?” If they said red, then you ask “Is your card a diamond, or is it one of the hearts?” This wording is important, as you need to count off the right number of cards, and only using spade, clubs, diamond or hearts* will work for this. As with the colour, spell out the suit while dealing out cards, and place them beside the first packet, then say the suit again as you deal off one more card separately.

***One important note:** *If they say the suit is hearts, then you need to be sneaky as you count the cards off, and count an extra card. If you don’t do this, then the trick won’t work.*

The final question is the value of the card. A nice touch is to ask if they want this counted out or spelled, as it truly doesn’t matter how many cards you deal out. Place the cards beside the second packet. Unlike before you won’t deal off an extra card. Instead, recap the trick so far, reminding them that they had a free choice of card, and could have chosen to tell the truth or lie when they answered your questions. While you do this, casually take the top card of the counted pile and place it separately. You’re now ready to reveal the cards.

Starting with the colour card, remind them of their colour, and flip the card. If they told the truth, then the colour will be the same, if it’s not, then they lied. You can then flip the suit card. If they lied about the colour, then I like to say something along the lines of “Well, you said the card was [suit], but we know it can’t be that, because that’s the wrong colour, it’s actually [correct suit]”. Now that you know the colour and suit, the last card will be the same number as their card, and you should have an audience staring at you in amazement as you correctly name their card.

Of course, if you try and perform this trick without practising, like I did, then you’ll most likely end up with completely wrong cards, and a very red face. So, learn from my mistakes, practise until you can perform the trick in the dark with your hands behind your back before performing it for actual people. Well, okay, maybe that’s a bit over the top, but at least be confident you can get the trick right no matter what colour or suit they answer.

[1] I mentioned keeping the cards in order as you deal them out makes resetting the trick easier. Here’s how to quickly reset the deck for the next time:

- Take the card that revealed the number, and place it on top of the cards counted out for the number. Place that packet on the top of the deck
- Take the card that revealed the suit, and slide it underneath the cards you counted off spelling out the suit. Use it to pick them all up into a packet, and place it on top of the deck.
- Repeat step 2 with the colour cards.
- Finally, place the card the volunteer chose on top of the deck. You’re now ready to perform again.

I browsed a bewildering array of magic tricks, and found myself looking at instructions for various card tricks. I found one called the “Lie Detector”, and decided to fork out the $5 or so it costed. When I went to pay, the shop keeper asked if I wanted a demonstration, so I said yes. Well, my mind was blown, this was such a cool trick!

It turns out this mind blowing trick works through a neat little thing called the “Si Stebbins Stack”. This is a way of arranging the cards in a standard deck of cards such that each card is 3 higher than the one above it in the deck. The suit also changes in a predictable order: from Clubs, to Hearts, to Spades, to Diamonds and back to Clubs again. This order is known as “CHaSeD”, as an easy way to remember the order. There’s a bunch of card tricks that use the Si Stebbins stack, so it’s handy to know how to set it up.

If you’re using a brand new deck of cards, congratulations, you can ignore step 1, and go straight to step 2, otherwise, read on.

- Group the cards by suit.
- Put each suit in order from ace to king (The king should be showing when the packet is face up).
- Put the packets in this order: Clubs, Hearts, Spades, Diamonds.
- Take the ace from the bottom of the clubs packet, and put it on top.
- Take the ace, 2, 3 and 4 from the bottom of the hearts packet and put them on top.
- Take the ace through 7 from the bottom of the spades, and put them on top.
- Take the jack, king and queen from the top of the diamonds packet and put them on the bottom.
- Now, take the top card of each packet in turn (following CHaSeD order), until you have a complete deck.

Congratulations, you have successfully set up a Si Stebbins Stack. For a simple trick, you can easily predict the top card of the deck just by sneaking a glimpse of the bottom card. Add three to the value, and work out the next suit and you know the top card. So, if the bottom card is the 4 of hearts, the top card is the 7 of spades. Bottom card is the jack of diamonds? Top card is the ace of clubs. Now, go forth and amaze people with your amazing prediction skills!

]]>