Python, from the metal up · the algorithms you use every day
You use these every day. You've never seen them run.
Forty algorithms are quietly working every time you get directions, unlock a website, shuffle a playlist, or search a word. For each: the real problem, the idea that makes it brilliant — the part that makes you say “no way, that's clever” — and a small, honest program you can step through line by line.
40algorithms
236real systems they run
8themes of everyday life
100%verified against Python 3
40 algorithms · every one verified against Python 3
01Getting around
Maps, motion, and the pixels on your screen.
01Getting around
Dijkstra's Shortest Path — how your maps app finds the fastest route
You type a destination, and before your thumb leaves the screen a blue line snakes across the city — "fastest route, 14 min." That instant is Dijkstra's algorithm sweeping outward from where you stand, pricing every intersection by how many minutes it truly costs to reach.
The problem
A city is a graph: intersections are nodes, roads are edges weighted by travel time. The naive fix — try every possible path and keep the cheapest — explodes combinatorially; a grid of a few hundred blocks has more routes than there are atoms in the room, so brute force never returns. You need the true shortest distance to every node without ever enumerating a single full path.
Why it's brilliant
Here's the trick that makes it fast: always expand outward from the nearest unfinished node first. Keep a running best-guess distance to every node and a priority queue ordered by that guess. Pop the cheapest one — and here's the magic — because every edge cost is non-negative, nothing you discover later can ever undercut it. No detour through a farther node can loop back and beat a node you've already reached most cheaply. So the moment a node comes off the queue, its distance is permanently settled — proven optimal, never revisited. Each settled node then "relaxes" its neighbors: if going through me is cheaper than their current guess, lower it. You settle nodes in a widening ring of certainty, touching each edge just once. That's why a whole city resolves in milliseconds.
Runs insideGoogle Maps & Apple Maps routingCar GPS navigation (Garmin, TomTom)OSPF & IS-IS internet packet routingFlight and transit itinerary plannersNetwork latency / least-cost path optimizationRobot and game-AI pathfinding (as A*'s backbone)
The blue line isn't searched for — it's the fallout of pricing every corner of the city outward from your feet, cheapest-first, and never second-guessing.
02Getting around
A* Search — Dijkstra holding a compass
You type a street address into Google or Apple Maps and, before your thumb has even left the screen, a blue line snakes across a continent of roads to exactly where you're going. That one-second miracle — across millions of intersections — is A* deciding which roads are even worth looking at.
The problem
The honest way to guarantee the shortest route is Dijkstra's algorithm: expand outward from the start, cheapest-first, until you hit the goal. But Dijkstra is blind — it spreads in all directions equally, like ripples in a pond. On a country-scale map that means exploring roads in the opposite direction of your destination before it ever reaches it. Correct, but far too slow and memory-hungry when the graph has millions of nodes.
Why it's brilliant
A* adds one number to each node: h, a cheap straight-line "as-the-crow-flies" guess of how far the goal still is. Instead of ranking nodes by cost-so-far g, it ranks them by f = g + h — money already spent plus optimism about what's left. That single addition tilts the whole search toward the goal, like a hiker who always steps toward the mountain they can see. The magic is why it stays correct: as long as h never overestimates the real remaining distance (straight-line distance can't — the road is never shorter than the crow's flight), A* is mathematically guaranteed to return the true shortest path. It's not a heuristic shortcut that "usually works" — it's Dijkstra with a compass bolted on, provably optimal and dramatically faster.
Runs insideGoogle Maps & Apple Maps turn-by-turn routingVideo-game enemy & unit pathfinding (StarCraft, most RTS/RPG engines)Amazon warehouse robots planning aisle routesDrone and self-driving-car motion planningNetwork packet routing and traffic simulatorsRobotics navigation stacks (ROS global planners)
Your GPS isn't checking every road — it's Dijkstra holding a compass, and the compass is nothing more fancy than straight-line distance.
03Getting around
The Haversine Formula — distance across a curved planet
You open the app, tap "find me a ride," and in half a second it shows the three closest drivers with ETAs. Or you type "coffee near me" and a list snaps into order — nearest first. Something just measured the distance between your dot and thousands of other dots on a spinning ball, and it did it before your thumb left the screen.
The problem
Latitude and longitude are angles on a sphere, not x/y on a flat sheet. The naive move — treat them as flat coordinates and use the Pythagorean theorem — is quietly wrong: one degree of longitude is ~111 km at the equator but shrinks to zero at the poles, so flat distance can be off by hundreds of kilometers. And you can't just carve a straight tunnel through the Earth either — you want the distance *along the surface*, the arc a plane would actually fly.
Why it's brilliant
The trick is to stop measuring kilometers and start measuring an angle — the angle between the two points as seen from the Earth's center. Once you have that central angle, the surface distance is just angle times radius, the same rule as an arc on any circle. Haversine's clever move is a numerically-stable way to get that angle from raw lat/long: it builds a quantity a from the half-differences of latitude and longitude (the "haversine" of each gap), squaring sines so everything stays positive and well-behaved even for tiny nearby points. Then atan2 turns a back into the central angle c, and multiplying by Earth's radius (6371 km) gives the great-circle distance. The whole planet's geometry collapses into six lines of arithmetic — no trig tables, no map projection, no square-rooting your way through 3D space.
Runs insideUber & Lyft nearest-driver matchingWeather apps mapping you to the closest stationGoogle/Apple Maps 'places near me' rankingFitness trackers (Strava, Garmin) computing route distance from GPSAirline and flight-tracker great-circle route linesGeofencing and delivery-radius checks (DoorDash, Uber Eats)
Every "nearest driver" and "stores near me" is secretly solving spherical trigonometry — the same math sailors used with sextants — a few thousand times a second.
04Getting around
Bresenham's Line — drawing a straight line with only whole numbers
You pinch-zoom your maps app and a thin route line snaps diagonally across the city, crisp against the street grid. Your screen has no diagonal pixels — only a square grid of dots — yet that line looks dead straight. Something just decided, for every column of pixels, exactly which row to light up.
The problem
The obvious way is y = round(slope*x) at every column — a float multiply plus a round per pixel — which early plotters and GPUs either couldn't do or did far too slowly.
Why it's brilliant
Bresenham never computes the true y. Instead it carries one integer, D, that measures how far the real line has drifted above the current pixel's center — but scaled up by 2·dx so the fraction vanishes and everything stays a whole number. Each step right adds the rise 2·dy to D (the line climbed a little). The instant D crosses zero, the true line has drifted past the halfway line to the next row, so we step y up and subtract 2·dx to re-center the accountant on the new pixel. That's the whole trick: the sign of one running integer answers "is the line now closer to the row above?" using only adds, subtracts, and a compare-to-zero — no multiply, no divide, no float, ever, in the inner loop.
Runs insideGPU / graphics-card line rasterizersPen plotters, CNC routers, and laser engraversRetro & indie games (wireframes, line-of-sight, lasers)Oscilloscopes and vector displaysDrawing tools' line tool (MS Paint, image editors)Map and CAD route/edge rendering
Your GPU draws a million perfect lines a second and never once does division — it just keeps a tally and watches for it to tip.
05Getting around
Flood Fill — the paint bucket that draws its own boundary
You open MS Paint, grab the paint-bucket, and click one pixel inside a cartoon speech-balloon. In a blink the whole balloon floods red — and the color stops dead at the black outline, never leaking into the sky behind it. You just ran a flood fill on a grid of pixels.
The problem
Your click hands the program exactly one cell. What you actually want is every cell of the same color that is connected to it — but not same-colored cells sitting across a wall. Recolor every matching pixel globally and you wrongly flood disconnected regions; re-scan the whole image over and over and you crawl. And the tidy recursive version quietly dies: a one-million-pixel region means a million nested calls, and the call stack overflows.
Why it's brilliant
The trick is that connectivity is transitive, and you can chase it with a to-do list. Keep a stack of cells to inspect. Pop one; if it is still the target color, repaint it and drop its four neighbors onto the stack — you do not check whether they belong yet, you just promise to look later. Two things make this bulletproof. First, the repaint is the visited-mark: a filled cell fails the "still open?" test the next time it is popped, so the flood can never loop and every reachable cell is touched exactly once. Second, wall cells are never the target color, so when they surface they are popped and thrown away — which is precisely why the fill halts at the outline with zero boundary-detection code. Swapping recursion for an explicit stack moves the frontier from the fragile call stack into ordinary heap memory, so a giant region costs RAM, not a crash.
Runs insidePhotoshop / GIMP paint-bucket and magic-wand selectionMS Paint & mobile coloring-book appsMinesweeper's flood-open of blank tilesconnected-component labeling in computer vision (OpenCV)Go / Reversi board capture and territory logicregion selection and territory coloring in map editors
The paint bucket has no idea where the shape ends — it just refuses to color anything that isn't already the right color, and the shape quietly draws its own boundary.
02Finding & fixing what you type
Autocomplete, spell-check, and “did you mean?”.
06Finding and fixing what you type
The Trie (Prefix Tree)
You start typing ca into your phone and before you finish, three words fan out above the keyboard: car, card, cat. That instant suggestion — from a dictionary of hundreds of thousands of words, refreshed on every single keystroke — is a trie being walked in real time.
The problem
The naive autocomplete scans the whole word list and keeps every word that starts with your prefix. With 300,000 words that is 300,000 string comparisons per keystroke — and it repeats all that work from scratch each time you press a key. It scales with the size of the dictionary, exactly the thing that should be irrelevant once you have already typed most of the prefix.
Why it's brilliant
A trie flips the cost from "how big is the dictionary" to "how long is your prefix." Instead of storing words as separate strings, it stores them letter by letter as a tree of nested maps: every word that shares a prefix shares the same physical path down the tree, so cat, car and card all walk through the one c → a branch before splitting. To autocomplete ca you don't search at all — you take exactly two hops, c then a, landing on the single node that is the shared prefix. Now every completion lives in the subtree hanging off that node, and nothing else in the dictionary can possibly match. A tiny end-of-word marker ('#') tags which paths are real finished words, so collecting the suggestions is just gathering the marked leaves below where you stand. The dictionary could hold a billion words and reaching the ca node still costs two hops.
Runs insideSmartphone keyboard autocomplete (iOS, Gboard, SwiftKey)Search-bar suggestions (Google, browser address bar)IP routing tables (longest-prefix match in routers)IDE code completion (VS Code, IntelliJ symbol lookup)Spell checkers and predictive text enginesContact / emoji search-as-you-type
Your keyboard never searches for matches — it just walks two letters down a tree and reads off whatever branches are already growing there.
07Finding and fixing what you type
Levenshtein Edit Distance — how far apart are two words?
You mistype definately in a text and your phone silently swaps in definitely. You search levenshtien and Google answers "Showing results for Levenshtein." That quiet, correct guess is edit distance deciding which real word your typo sits closest to.
The problem
The task sounds innocent: what is the fewest single-character edits — insert, delete, substitute — to turn one word into another? Try to search those edit sequences directly and you drown: the ways to interleave insertions, deletions and substitutions grow exponentially with length, so brute force chokes past a handful of characters. And you can't cheat by counting mismatched positions either — one inserted letter shifts every character after it, so a naive position-by-position compare reports a huge, fake distance.
Why it's brilliant
The trick is to stop thinking about whole words and think about prefixes. Define one number, dp[i][j]: the cheapest way to turn the first i letters of A into the first j letters of B. Now stare only at the last move of the best alignment — it can be exactly one of three things: match or substitute the final letters (step diagonally), delete A's last letter (step down), or insert B's last letter (step left). Whatever that last move is, everything before it must itself be an optimal alignment of the smaller prefixes — so each cell is just min(delete, insert, substitute) of its three already-solved neighbours, plus 0 if the two letters happen to match. Because millions of long alignments share the same little prefix subproblems, you solve each of the n×m cells once, and the exponential search collapses into a grid you fill left-to-right, top-to-bottom.
Autocorrect isn't magic — it's a 6×7 grid of little numbers, each one just the smallest of its three neighbours.
08Finding and fixing what you type
Soundex — spelling-proof name search
You type your grandmother's maiden name into Ancestry — "Katherine" — and it quietly surfaces records for "Catharine," "Kathryn," and "Catherine" you'd never have found. Or a call-center agent hears "Shaughnessy" over a bad line, types "Shawnessy," and your account still pops right up.
The problem
One sound gets spelled a dozen ways, so exact matching ("Robert" == "Rupert"? no) misses every variant — and you can't pre-list all spellings. Fuzzy edit-distance search means scanning millions of rows one by one, and it still confuses "Robert"/"Roberta" while missing "Rupert" entirely. What you actually want is for same-sounding names to collapse to the same key, so a lookup becomes one indexed hit instead of a full-table crawl.
Why it's brilliant
The trick is to throw away the vowels and the spelling entirely and keep only the skeleton of consonant sounds — because vowels are precisely what drift between spellings, while the sequence of consonant articulations stays stable. Soundex buckets consonants your mouth forms almost identically into one digit: lip sounds b, p, f, v → 1; hisses and clicks c, s, z, k, q, x → 2; and so on. It keeps the first letter as an anchor, then squashes any run of the same code down to a single digit, so a doubled or silent letter can't change the answer. What's left — one letter plus three digits — is a phonetic fingerprint, and now "sounds the same" has become "equal string," which any database index answers in one hop.
Runs insideAncestry.com & FamilySearch genealogy matchingU.S. National Archives 1880–1940 census indexes (Soundex was invented for exactly this in the 1930s)Airline and call-center passenger/customer name lookupHospital & EHR patient master-index de-duplicationPostgreSQL, Oracle, and MySQL built-in SOUNDEX() functionBank KYC / watchlist name screening
Two names that share not a single vowel and look nothing alike on the page collapse to the exact same four-character code — because Soundex fingerprints how a name sounds, not how it's spelled.
09Finding and fixing what you type
KMP — the search that never looks back
You hit Ctrl+F, type a name into a 40-page document, and the highlight lands on the first match before your finger leaves the key. That instant jump — in your browser, your editor, `grep`, your chat app's search box — is a substring search racing through millions of characters faster than you can blink.
The problem
The obvious way: line the pattern up at position 0, compare letter by letter, and on any mismatch slide it one step right and start the comparison over from scratch. On text like AAAAAAAA...B hunting for AAAAB, you re-compare almost the whole pattern at every starting spot — that's pattern-length times text-length work, quadratic, and it crawls on large inputs. Worse, it keeps re-reading text characters it has already seen, throwing away everything it just learned about them.
Why it's brilliant
Here's the trick: when the pattern mismatches after matching a run of characters, those already-matched characters ARE text you've read — so you already know them for free. If the matched prefix has a piece at its end that also appears at its start (a "border"), then that border is already aligned with the text; you can slide the pattern forward to reuse it instead of rescanning. KMP precomputes, for every position in the pattern, the length of the longest such border — the LPS table — in one linear pass over the pattern alone. Then during the scan the text pointer never moves backward: on a mismatch it doesn't rewind the text, it just drops the pattern pointer j to lps[j-1] and keeps going. Because i only ever advances, and j rises at most once per step and can only fall back total-times-it-rose, the whole search is linear — you read each text character essentially once, forever.
Runs insideBrowser & editor find-in-page (Ctrl+F)GNU grep and ripgrep text searchSnort / Suricata intrusion-detection signature matchingBioinformatics DNA/protein motif searchLog-scanning and SIEM pattern rulesNetwork deep-packet inspection engines
The magic isn't that it compares fast — it's that it refuses to ever re-read a character, by learning the pattern's own self-overlap before it starts.
10Finding and fixing what you type
Rabin-Karp — the rolling hash that reads a haystack once
You paste an essay into Turnitin and seconds later it says "14% matches this 2011 blog post" — highlighting the exact sentence. It didn't compare your paper to the whole internet character by character; it couldn't. It fingerprinted every window of text into a number and looked for collisions. Same trick runs every time rsync syncs a folder or a "find duplicate files" tool scans your drive.
The problem
Searching for a pattern of length m inside text of length n the obvious way — line up the pattern at each position and compare characters — costs up to m comparisons at every one of the n positions, so O(n·m). For a 3-letter needle that feels fine, but plagiarism and dedup engines match thousands of long fingerprints against millions of characters; that product explodes. You want to reject a bad position in one step, not m steps.
Why it's brilliant
Turn every window of text into a single number — a polynomial hash, like reading the characters as digits in base 256. If two windows have different numbers, the strings are definitely different, so one integer comparison rejects a mismatch instead of m character checks. The magic is the word rolling: when the window slides one step right, you don't recompute the number from scratch. The outgoing character contributed c · base^(m-1) to the total, so you subtract exactly that, multiply the rest by base to shift every remaining digit up a place, and add the incoming character — all arithmetic kept small with mod M. That's O(1) per slide regardless of how long the pattern is. Because mod can make two different strings collide, a hash match only means "maybe" — so you verify the actual characters just once, on the rare hit. Billions of positions, each dismissed by one subtraction and one addition.
Runs insideTurnitin and other plagiarism detectorsrsync's block-matching delta transferDuplicate-file and duplicate-image findersgit's delta compression / packfilesLow-level substring search in text editors and grep-like toolsContent-defined chunking in backup systems (Borg, restic)
The plagiarism checker never really compares your words — it compares numbers, and slides across the whole document adding one character and dropping one at a time.
03Ranking, recommending, matching
Why you see this result, this show, this match.
11Ranking, recommending, matching
PageRank — how the web votes on itself
You type three words into Google and, out of billions of pages, the one you actually wanted sits at the top — before you finish reading the second result. You never wonder why that page and not the ten thousand others that also contain those words. That ordering is PageRank, still humming underneath every search you run.
The problem
"Which page is most important?" sounds easy until you try to define important. Count inbound links? Then anyone can fake importance with a thousand junk pages linking to themselves. The honest definition is circular: a page is important if important pages link to it — but you can't compute A's score until you know C's, and C's depends on A's. With billions of pages you can't solve that tangle by hand, and the naive "just count links" answer is trivially gameable and simply wrong.
Why it's brilliant
Here's the trick that dissolves the circularity. Picture a random surfer clicking links forever; PageRank is just the fraction of time they spend on each page. A page splits its own importance evenly among its out-links and passes it along — so a link from a heavyweight is worth more than a link from a nobody, automatically. You don't solve the circular equations directly; you guess (everyone starts at 0.25), then let importance flow through the links once, and again, and again. Each round the numbers lurch, then wobble less, then stop moving — they've found the one distribution that reproduces itself, the network's fixed point (mathematically, the dominant eigenvector of the link matrix). The magic: you land on the same ranking no matter where you started. The damping factor (0.85) models the surfer occasionally teleporting to a random page — that one tweak rescues dead-ends like page D and guarantees the whole thing converges.
Runs insideGoogle Search (the original 1998 algorithm)Google Scholar & academic citation rankingTwitter/X "Who to Follow" influence graphWikipedia's internal link-importance toolsBiology — GeneRank for prioritizing genesRoad networks — predicting traffic flow
Google's founding trick was to let the entire web vote on itself — and the votes settle into one ranking that's the same no matter where you start counting.
12Ranking, recommending, matching
TF-IDF — why search ignores "the"
You type cat sat mat into a search box and the engine somehow knows you care about cat and mat, not the, a, or sat — even though your query never said so. Every time a spam filter flags an email or a "related articles" strip picks the right story, this same weighting is doing the quiet work.
The problem
Rank documents by "how much is this word about this document?" The naive answer — count how often the word appears — is actively wrong: the shows up in almost every document, so raw counts would make the the most important word everywhere and drown out cat. You need a signal that rewards words that are frequent here but rare across the corpus, and does it cheaply over millions of documents.
Why it's brilliant
Split "importance" into two forces that multiply. Term frequency (TF) asks: how much does this word fill this document? Inverse document frequency (IDF) asks: how surprising is the word across the whole corpus, computed as log(N / df) where df is how many documents contain it. The magic is the log ratio: a word in all N documents gets log(N/N) = log(1) = 0 — multiply by zero and it vanishes, automatically, with no hand-built stopword list. A word in just 1 of 3 documents gets log(3/1) ≈ 1.099, a big weight. So the silences itself and cat shines — purely from arithmetic. The corpus itself decides which words are noise.
Runs insideElasticsearch / Lucene (its BM25 ranker is TF-IDF's direct descendant)Google's early relevance scoringSpamAssassin and Bayesian mail filtersscikit-learn's TfidfVectorizer for text classificationDocument clustering and 'related articles' recommendersPlagiarism and near-duplicate detectors
Nobody told the engine that "the" is boring — log(N/N)=0 did, and that single zero is why search feels like it reads your mind.
13Ranking, recommending, matching
Cosine Similarity — the angle between two people's taste
It's Friday night, you open Netflix, and the top row reads "Because you watched Arcane." You never filled in a survey — yet three of the five titles land. Behind that row your entire viewing history has been turned into an arrow, and the app just found the other arrows pointing almost exactly the same way as yours.
The problem
The obvious move is to measure the straight-line (Euclidean) distance between two people's rating lists — but that quietly punishes enthusiasm. Someone who rates everything 4–5 looks "far" from someone who rates 2–3, even when they love and hate the exact same films. Raw distance confuses how loudly a person rates with what they actually like, so it hands you bad neighbors and worse recommendations.
Why it's brilliant
Picture each person as an arrow in "ratings space": Alice's arrow points to [5,3,0,1], Bob's to [4,0,0,1]. Cosine similarity throws away how long each arrow is and measures only the angle between them. The dot product on top rewards every dimension where both people lean the same way; dividing by the two magnitudes below cancels out the raw loudness of their scores, leaving pure direction. So a harsh critic who rates 5,3 and a generous softie who rates 4,2 collapse onto the same arrow and score a perfect 1.0 — because taste is direction, not volume. That one division turns the fuzzy question "do these two agree?" into clean geometry: the closer the angle to 0°, the closer the taste.
Runs insideNetflix & Spotify recommendation rowsAmazon 'customers who bought this also bought'Face recognition (comparing FaceNet/embedding vectors)Semantic search & RAG (matching query embeddings to documents)Plagiarism and near-duplicate detectionSpotify Discover Weekly taste-neighbor matching
Netflix doesn't really know your taste — it just measures the angle between your arrow and everyone else's, and an angle near 0° means "these two will love the same things."
14Ranking, recommending, matching
Gale–Shapley Stable Matching — the algorithm behind Match Day
It's a Friday morning in March, and forty thousand graduating medical students open the same envelope at the same second. Nobody chose their hospital, and no hospital chose them — a program decided every pairing overnight from ranked wish-lists both sides submitted weeks ago. That program, the NRMP "Match", is Gale–Shapley. The same machine quietly decides which public school your kid gets into.
The problem
You have two sides — say students and hospitals — each with private ranked preferences, and you must pair them once, permanently. Brute force is hopeless: checking all pairings for 3+3 is fine, but the match runs on tens of thousands, and n! matchings is astronomically slow. Worse, the obvious "give everyone their top pick" collides instantly, and any hand-made assignment tends to leave a blocking pair — a student and a hospital who each prefer the other over who they actually got. The moment such a pair exists, both defect and the whole assignment unravels.
Why it's brilliant
The trick is to make every commitment tentative until the music stops. Men propose down their list in order, never asking the same woman twice; each woman simply holds her best offer so far and throws back anything worse — but she can dump a fiancé the instant someone better knocks. The magic is monotonicity: a woman's held partner only ever gets better, and a man's target only ever gets worse. That single fact does two jobs at once. It forces termination — each man can be rejected only finitely often before he exhausts his list — and it kills every blocking pair. Because if some man secretly preferred a woman to his final partner, he'd have proposed to her earlier (he works top-down), and she'd have either kept him or dumped him for someone she liked even more. Either way she already holds a man she prefers to him — so no couple can profitably defect. Stability isn't checked at the end; it's manufactured by the order of proposals.
Runs insideNRMP — the US medical residency Match (~40k doctors/year)NYC & Boston public-school choice assignmentKidney paired-donation exchange chainsNational college-admission clearinghouses (e.g. Hungary, Chile)University dorm and roommate assignment systemsAd and content slot allocation in online marketplaces
A dating dance where nobody says "yes" until the last song mathematically guarantees no two people will ever run off together — and it won a Nobel Prize.
15Ranking, recommending, matching
The Elo Rating System — one number that knows who wins
You finish a ranked match in League, or win a game on Chess.com, and a little number ticks up: +11. Your opponent's drops by the same amount. Nobody polled the world; a formula from 1960s chess just re-priced both of you in a millisecond.
The problem
Skill isn't a fact you can measure directly — you only ever see outcomes: A beat B. The naive fix (win% or total wins) is worthless, because beating a beginner and beating a grandmaster count the same. You need a single number per player that stays honest across thousands of games against wildly different opponents, updates instantly after each match, and never needs to re-scan history.
Why it's brilliant
Elo's trick is to turn the rating gap into a probability. It runs the difference (B − A) through a logistic curve, so expected_A is literally "the chance A should win" — and the scale is tuned so every 400 points means 10× the odds. Then it does the only fair thing: reward the surprise. Your new rating moves by K × (what happened − what was expected). Beat someone you were 64% likely to beat and you barely rise (+11); pull off an upset and you leap. The beauty is it's self-correcting and zero-sum: the points A gains are exactly the points B loses, and once your rating matches your true skill, expected equals actual on average and you stop drifting. The number finds its own level, no database required.
Runs insideChess.com & Lichess laddersFIDE official chess ratingsLeague of Legends / Dota 2 matchmaking (MMR)Tinder's original desirability scoreFiveThirtyEight sports forecastsXbox TrueSkill (Bayesian Elo variant)
Your chess rating, your Dota MMR, and Tinder's old desirability score are the same three lines of arithmetic — a 60-year-old formula quietly grading you after every match.
04Keeping secrets
The math behind the padlock in your address bar.
16Keeping secrets
RSA — the padlock that anyone can lock but only you can open
You type your card number into a checkout page and glance at the little padlock next to https://. In that half-second, your browser and a server you've never met agreed on a secret — over a wire that hundreds of routers, your ISP, and anyone on the café Wi-Fi can read every byte of. Nobody snuck into a back room to swap keys first. RSA is the trick that makes that possible.
The problem
Every classic cipher has the same flaw: to unlock a message you need the same key that locked it, so you must somehow deliver that key secretly — but the only channel you have is the one you're trying to protect. It's a chicken-and-egg deadlock. The naive fix ("encrypt the key too") just needs another key, forever. You need a lock a stranger can snap shut that even they cannot reopen.
Why it's brilliant
RSA splits the key in two using a one-way street in arithmetic. Pick two primes and multiply them: 61 × 53 = 3233. Publishing 3233 and a public exponent e = 17 is safe, because encryption is just c = m^e mod n — easy to run forwards, but to reverse it you'd need the private exponent d. And here's the hinge: d can only be computed from φ = (61−1)(53−1) = 3120, and getting φ requires knowing the two original primes — i.e. factoring n back apart. Multiplying two primes takes a microsecond; splitting a 617-digit product back into its primes would outlast the universe. So the public key locks (65 → 2790) and the private key — riding on the same modular symmetry e·d ≡ 1 (mod φ) — unlocks (2790 → 65), yet neither reveals the other. The lock is public; the key is a secret nobody can back-solve.
Runs insideThe TLS/HTTPS handshake behind the browser padlock on billions of sitesSSH key-based login to servers (id_rsa)Digital signatures on software updates and app-store binariesPGP/GPG encrypted email and signed Git commitsChip-and-PIN smart cards and passport e-chipsCode-signing certificates that prove a download hasn't been tampered with
The padlock icon works because multiplying two primes is a door that slams shut behind you — provably easy to walk through, effectively impossible to walk back.
17Keeping secrets
Diffie-Hellman Key Exchange — agreeing on a secret in public
Every time the little padlock appears in your address bar, this just ran. Before your browser sends a single password, card number, or DM, it and the server perform a public back-and-forth — visible to your café's WiFi, your ISP, and anyone sniffing the wire — and come out the other side both knowing a secret number that was never once transmitted.
The problem
Encryption needs both sides to share one secret key. But you're meeting the server for the very first time, over a wire an eavesdropper is already reading. You can't just send the key — that's the whole thing you're trying to protect. And you can't have pre-agreed one: you've never talked to this server before. How do two strangers agree on a secret while a wiretapper hears every word they say?
Why it's brilliant
The trick is a math operation that's cheap forward and ruinously expensive backward. Both sides publicly agree on a base g=5 and a modulus p=23. Alice keeps a secret a=6 and shouts her mixed color A = 5⁶ mod 23 = 8; Bob keeps secret b=15 and shouts B = 5¹⁵ mod 23 = 19. Now the magic: Alice raises Bob's number to her secret, 19⁶ mod 23; Bob raises Alice's number to his, 8¹⁵ mod 23. Both are really 5^(6·15) mod 23 — the same number, 2 — because exponents commute. The eavesdropper heard 5, 23, 8, and 19, but to find the shared secret they'd have to undo mod exponentiation and recover a or b — the discrete logarithm problem, which has no known fast solution. Forward: one pow(). Backward: brute-force every exponent.
Runs insideTLS/HTTPS — every padlock handshake on the webSignal & WhatsApp end-to-end encrypted messagingWireGuard, OpenVPN, and IPsec VPN tunnelsSSH secure shell sessionsTLS 1.3, which mandates (EC)DHE for forward secrecy
Two strangers shout numbers across a crowded room and walk away sharing a secret the whole room heard them build — but can't reconstruct.
18Keeping secrets
Fast Modular Exponentiation (the math behind every padlock)
Every time the padlock icon appears in your address bar, your browser and the server just raised a number to a secret 600-digit power and took the remainder — gsecret mod p — to agree on a shared key. That single operation runs a few times before the page even paints, on every HTTPS site you've ever opened.
The problem
The obvious recipe — compute 713 first, then take mod 11 — falls apart at real sizes. Crypto exponents are 2048-bit numbers, so 7exp would have more digits than there are atoms in the universe; you could never store it, never mind performing that many multiplications one at a time. Naively you'd also do exp separate multiplies — billions of billions of them.
Why it's brilliant
The trick is you never build the giant number, and you never do that many multiplies. Two ideas combine. First, take the remainder after every multiplication — since (a·b) mod m = ((a mod m)·(b mod m)) mod m, the running numbers never grow past the modulus. Second, read the exponent in binary: 13 = 1101₂ = 8 + 4 + 1, so 713 = 78 · 74 · 71. Each of those powers is just the previous one squared — 71→72→74→78 is four squarings, not thirteen multiplies. So you walk the exponent's bits: square the running base every step, and fold it into the answer only where a bit is 1. A 2048-bit exponent collapses from ~22048 multiplications to about 2048 squarings.
Runs insideRSA key exchange and digital signaturesDiffie-Hellman in every TLS/HTTPS handshakeSignal and WhatsApp end-to-end encryptionSSH authenticationMiller-Rabin primality testingBitcoin / ECDSA (same repeated-squaring idea on curves)
Raising a number to a power bigger than the universe could ever hold takes only a few thousand multiplications — and your browser finishes them before the page does.
19Keeping secrets
The Luhn Checksum — the typo-catcher inside every card field
You're at a checkout, thumbing your 16-digit card number into the box. You fat-finger one digit — and before you've even reached the expiry field, the input flashes red. No round-trip to your bank, no waiting: the page already knew the number was impossible. That instant rejection is the Luhn checksum, running in a few lines of JavaScript on the digits you just typed.
The problem
You want to catch the two mistakes humans actually make — mistyping a single digit, or swapping two neighbouring ones — locally and instantly, with no database and no network. The obvious fix, "just add up all the digits and check the total," catches a wrong digit but is blind to swaps: 1+2 equals 2+1, so transposing two neighbours leaves a plain sum completely unchanged. And phoning the bank to validate every keystroke is absurdly slow. You need arithmetic that notices where a digit sits, not just what it is.
Why it's brilliant
The trick is to give alternating positions different weights: walking from the right, every second digit gets doubled before it joins the sum. Now position matters — a digit in a "doubled" slot contributes differently than the same digit in a "plain" slot, so swapping two neighbours shifts the total and breaks the check. The doubling can overflow past 9, and the fix — "subtract 9 if it's over" — is secretly just summing the digits of the doubled value (18→1+8=9, 12→1+2=3), which keeps every contribution a clean single digit. Finally, a valid number is engineered so the whole weighted sum lands on a multiple of 10; change any one digit and you knock the total off that multiple, so total % 10 == 0 instantly fails. One elegant alternating double turns a dumb sum into a position-aware error detector.
Runs insideCredit/debit card entry (Visa, Mastercard, Amex) — the front-end sanity check before any payment callIMEI numbers that uniquely identify every mobile phoneCanadian Social Insurance Numbers (SIN)US National Provider Identifier (NPI) for healthcare providersSIM card ICCID serial numbersLoyalty and gift-card number validation
Every time a card field turns red before you finish typing, a 1954 patent is doubling every other digit in your browser to prove your number can't possibly be real.
20Keeping secrets
Salted Password Hashing (the login your password never enters)
You type hunter2 into a login box, hit Enter, and a half-second later you're in. It feels like the site looked up your password and matched it. It didn't — the site has never once seen or stored the characters you just typed, not even encrypted.
The problem
A database is a leaky bucket: employees read it, backups get copied, and breaches dump millions of rows onto the internet. Store passwords as plain text and one leak hands an attacker every account. The instinct — "just hash them" — helps, but attackers precompute a giant table mapping sha256('hunter2') → the plaintext once, then reverse every matching hash in the whole dump instantly. Worse, two users who both pick hunter2 get the identical hash, so cracking one cracks them all, and the leak visibly reveals who shares a password.
Why it's brilliant
The fix is one extra scrap of text — a salt — glued to the password before hashing. A hash is a one-way blender: easy to run forwards, effectively impossible to reverse. The database stores only hash(salt + password) plus the salt in the clear. To check a login, it re-blends the salt with whatever you just typed and compares the two digests — it never needs the original password back, so it never keeps it. The magic is the salt being different per user: hunter2 salted with a1b2 and the same hunter2 salted with z9y8 blend into two totally unrelated digests. That single change detonates the attacker's economics — their one precomputed rainbow table is now worthless, because they'd need a fresh multi-terabyte table for every salt, i.e. for every single user. They're forced back to guessing one account at a time.
Runs insideLinux /etc/shadow (yescrypt/SHA-crypt account hashes)Django & Rails auth (PBKDF2 / bcrypt with per-user salts)1Password and Bitwarden vault key derivationSignal and WhatsApp account registrationAny site's 'Sign in' backed by bcrypt, scrypt, or Argon2AWS Cognito & Auth0 credential stores
The site that just logged you in has never known your password — it only knows how to re-blend a scrambled version of it and check the blend matches.
05Shrinking & armoring data
Smaller files — and data that heals its own scratches.
21Shrinking and armoring data
Huffman Coding — spend fewer bits on the letters you use most
Every time you drag a folder into a .zip, save a screenshot as PNG, or stream a song, something is quietly deciding that the letter e deserves a shorter code than the letter q. That decision — spend fewer bits on frequent symbols, more on rare ones — is Huffman coding, running billions of times a second inside the files you touch all day.
The problem
Normally every character costs the same 8 bits, even though some appear constantly and others almost never — that's a lot of wasted space. The fix seems obvious: give common letters short codes. But variable-length codes are a trap. If a is 0 and b is 01, then the stream 001 is unreadable — is it a a-then-nothing, or a b? You need every code to be short and impossible to confuse with the start of another, and you need the total to be provably minimal. Hand-tuning that is hopeless.
Why it's brilliant
Build the tree from the bottom up by a shockingly simple rule: repeatedly grab the two rarest symbols and fuse them into one node whose frequency is their sum. Do it again and again until one tree remains. Two things fall out for free. First, because the rarest pair is merged earliest, they end up deepest in the tree — longest codes — while frequent symbols float near the root and get the shortest codes. Second, every real symbol is a leaf, never on the path to another symbol, so no code can ever be a prefix of another — decoding is never ambiguous. Label every left branch 0 and every right branch 1, walk root-to-leaf, and read the code straight off. The twist: you construct it from the rarest symbols upward, but you read it from the top down — and a greedy exchange argument proves this "merge the two smallest" gives the mathematically optimal number of bits, every time.
The letter you type most gets the code no one else can imitate — and that greedy little tree is provably the best compression possible for single symbols.
22Shrinking and armoring data
Base64 Encoding — how binary sneaks through text-only pipes
You drag a photo into an email and hit send. Or you open a web page's source and hit a wall of text like data:image/png;base64,iVBORw0KGgo... where an image should be. Or you paste a login token into jwt.io and watch it split into readable JSON. All three are the same trick: raw bytes wearing a costume made of plain letters.
The problem
Email (SMTP) was born in 1982 speaking only 7-bit ASCII — plain text. Hand it raw file bytes and things break: a byte that happens to equal a newline splits your data, a NUL byte gets swallowed, and old relays strip the 8th bit off every byte, silently corrupting half your photo. "Just send the bytes" fails because the pipe only guarantees safe passage for a small set of printable characters — not for arbitrary 0–255 byte values.
Why it's brilliant
Here's the click: 3 bytes are 24 bits, and 24 divides evenly by 6. So instead of reading the bits in the usual 8-at-a-time grid, you re-slice the exact same bits into four groups of 6. Why 6? Because 6 bits count from 0 to 63 — exactly 64 values — and 64 is precisely how many safe, printable characters you can agree on (A–Z, a–z, 0–9, plus + and /). Each 6-bit chunk becomes an index into that alphabet, and out pops one harmless letter. You're not compressing and not encrypting — you're re-tiling the same bits onto a coarser grid where every tile has a printable name. The number 24 is the magic: it's the least common multiple of 8 (bits per byte) and 6 (bits per character), so the two grids line up perfectly every 3 bytes.
Runs insideEmail attachments (MIME encoding in every message with a file)data: URLs embedding images/fonts directly in HTML and CSSJWT authentication tokens (each dot-separated part is base64url)HTTP Basic Auth headers (Authorization: Basic ...)PEM-format TLS certificates and SSH keysStoring binary blobs inside JSON and XML APIs
Base64 makes your data 33% BIGGER, not smaller — and that expansion is the entire reason your email attachments arrive uncorrupted.
23Shrinking and armoring data
Hamming(7,4) — the code that heals its own errors
Right now, a stray cosmic ray or a flicker of electrical noise is flipping single bits inside your computer's memory — and in a server with ECC RAM, the machine never notices. The bad bit is caught and repaired between one clock tick and the next, with no crash, no glitch, no resend. The same trick is why a scratched CD still plays and why a smudged QR code on a coffee cup still scans clean.
The problem
A single parity bit can detect that something flipped, but it can't tell you which bit — so all you can do is ask for the data again. That's fine on a cable, but hopeless for RAM being rewritten millions of times a second, a CD you can't re-read cleanly, or a probe 20 light-minutes from Earth where "please resend" costs 40 minutes round-trip. The naive fix — store three copies and take a vote — triples your memory. Too slow, too expensive, or simply impossible.
Why it's brilliant
Hamming's move is to use several parity bits, each guarding a different overlapping subset of positions — chosen so every position gets a unique fingerprint. Place the parity bits at the power-of-two positions 1, 2, 4; the parity at position 2ᵏ checks exactly those positions whose index has bit k set. So position 6 (binary 110) is watched by parity-4 and parity-2, but not parity-1. When one bit flips, precisely the checks that cover it fail — and if you read the failed checks back as a binary number, they spell out the position of the guilty bit. The parities don't merely shout "wrong!", they vote in binary, and the votes literally are the address of the broken bit. Flip that one bit back and the data is whole again — no resend.
Runs insideECC / SECDED server and workstation RAMDeep-space probes (Voyager, Mariner)QR codes (via Reed–Solomon, Hamming's descendant)CDs, DVDs & Blu-ray discsNAND flash memory controllersSatellite & spacecraft onboard memory
Three yes/no questions, asked the right way, make the error confess its own street address.
24Shrinking and armoring data
CRC Checksum — long division that catches corruption
Every file that reaches your laptop over Wi-Fi arrives as thousands of tiny frames, and each one carries a short tag stapled to its end. Your network card recomputes that tag the instant the frame lands — if it doesn't match, the frame is silently thrown away and re-sent before you ever notice a hiccup. And when an unzip finally errors out with "CRC failed", you're watching that exact same check finally give up.
The problem
Bits get flipped in transit — a noisy cable, a weak radio, a bad sector. The obvious guard is to add up all the bytes and send the sum, but a plain sum is embarrassingly blind: swap two bytes and the sum is unchanged, flip a bit up here and down there and they cancel. Real-world noise doesn't come as single random flips either — it comes in bursts, a run of adjacent bits all mangled at once, exactly the pattern a naive checksum is worst at catching. And whatever you use has to run in hardware, on every packet, at wire speed.
Why it's brilliant
Here's the trick: treat the entire message as one gigantic binary number and divide it by a fixed divisor — the remainder is your fingerprint. But it's a special arithmetic with no carries, where subtraction is just XOR. So "long division" collapses into something a child could do: wherever the leading bit is 1, XOR the divisor in and slide along; wherever it's 0, skip. The remainder is only a few bits, yet it depends on every bit of the message, because each XOR ripples its effect forward down the whole number. Now the beautiful part — append that remainder to the message and the combined codeword becomes exactly divisible by the divisor. So the receiver doesn't need to know the answer in advance; it just divides again and expects a remainder of zero. Any burst of errors shorter than the divisor mathematically cannot divide evenly, so it can never fake a zero by accident.
Runs insideEthernet frames (CRC-32)Wi-Fi 802.11 radio framesZIP, gzip, and PNG filesUSB data packetsSATA/NVMe drives and SSD sectorsLTE/5G cellular data blocks
Your Wi-Fi card is doing long division on every single packet, billions of times a second — and "CRC failed" is just the remainder stubbornly refusing to be zero.
25Shrinking and armoring data
Burrows-Wheeler Transform (the reversible shuffle behind bzip2)
Every time you unpack a .tar.bz2 — a Linux kernel tarball, a database dump, a genome file — or when a lab aligns your DNA reads against the human reference with Bowtie or BWA, this transform quietly ran first, reshaping the bytes before anything was ever compressed or searched.
The problem
Compressors win when identical bytes sit in long runs, but real text scatters its repeats all over the place. You can't just sort the characters to clump them — that throws away the order and you can never rebuild the original. And the obvious framing, listing and sorting all n rotations of an n-character string, looks like it needs O(n²) memory just to hold the table before you sort it.
Why it's brilliant
Here's the trick: sorting the rotations sorts each character by the text that follows it. In English every 't' that precedes "he" ends up next to every other such 't' — so in the last column of the sorted table, all those t's stack into one long run. Scattered letters become the repetition a compressor devours. And the shuffle is perfectly reversible: the last column holds, for each sorted rotation, the character that precedes its first character, so a single stable sort of that column reconstructs the whole chain of "what came before" and walks the original string back out — not one bit lost. You rearranged the text into something near-repetitive without destroying it.
It sorts your text into near-repetition, then un-sorts it back to the exact original — compression's magic trick is a shuffle you can undo.
06Big data, tiny memory
Answers about billions of items, in kilobytes.
26Big data, tiny memory
The Bloom Filter — remembering everything in almost no space
You type a username into a signup form — coolcat_92 — and before you've even lifted your finger from the keyboard, a little red "already taken" flickers on. The site did not scan its 400-million-row user table for you. It asked a tiny structure that fits in your browser's memory: "have we maybe seen this?"
The problem
The honest way to answer "is this in my set?" is to store every item and search it. But when the set is billions of URLs (every dangerous site on the web) or every key that might be on disk, keeping the full set in fast memory is impossible — it's gigabytes — and hitting the database or disk for every single check is far too slow. You want a yes/no answer in nanoseconds, from a structure small enough to keep in RAM.
Why it's brilliant
Here's the trick: don't store the items at all — store fingerprints of them in a shared bit array. Each item is run through a few fixed hash functions, and each hash points at one slot; adding an item just flips those slots to 1. To check membership, you look at the same slots. If any of them is still 0, then this item was never added — because adding it would have forced that bit to 1. That's the magic asymmetry: a 0 is a mathematical proof of absence. The filter can never miss something that's really there. It can be fooled the other way — a stranger's bits might collide with slots earlier items already lit up, giving a false "maybe" — but it will never wrongly say "no". So it's the perfect bouncer at the door: it lets you skip the expensive database lookup entirely for the huge majority of things that definitely aren't there, and only the rare "probably yes" gets the slow, careful second check.
Runs insideChrome & Firefox Safe Browsing (is this URL malicious?)Username / signup availability checksCassandra, HBase & RocksDB (skip disk reads for absent keys)Content delivery networks caching "one-hit-wonder" detectionBitcoin SPV wallets filtering relevant transactionsMedium's "already recommended this post" dedup
One 0 bit, and the filter has just proven — with certainty, using barely any memory — that your item was never seen.
27Big data, tiny memory
Reservoir Sampling
A firehose of data — every tweet, every log line, every sensor reading — streams past faster than you could ever store it. You want one fair random sample, but you can't hold it all, and you don't even know how much is coming.
The problem
To pick uniformly at random you'd normally need the total count N first, then roll 1..N. But the stream is unbounded or far too big to store — each item flies past exactly once, and N isn't known until it's over. You can't rewind.
Why it's brilliant
Reservoir sampling keeps a single slot. When the i-th item arrives, it replaces whatever's held with probability exactly 1/i. Grind the algebra and every item — the first and the millionth alike — ends up with an identical 1/N chance of being the survivor, in one pass using O(1) memory. It stays fair without ever learning how long the stream was.
Runs insidesampling logs & telemetry at scalerandom post/tweet samplingA/B test assignmentbig-data pipelines (Spark, Flink)load-test traffic capture
One variable, one pass — and every item in an endless stream is equally likely, though you never counted them.
28Big data, tiny memory
Consistent Hashing — the ring that keeps the internet from melting
You tap play on a video and it starts in a heartbeat. Somewhere, a CDN just decided which of thousands of edge servers should hold that exact file near you — and it decided using the same math whether there are 500 servers or 5,000. Every cached thumbnail, every session parked in memcached, every row in Cassandra found its home this way.
The problem
The obvious trick is server = hash(key) % N. It works — until N changes. Add one server (N goes 4→5) or lose one, and the modulus shifts for almost every key at once. Nearly the whole cache is suddenly pointing at the wrong box, so every request misses, every miss hammers the database, and a routine deploy becomes an outage. Scaling out shouldn't reshuffle the entire world.
Why it's brilliant
Stop hashing keys to servers. Instead, hash both onto the same circle — a ring of positions 0..99. Each server lands at a fixed spot; each key lands at its own spot and is owned by the first server you meet walking clockwise. Now the trick: a server only owns the arc between it and its neighbor. So when you add a new node, it drops onto one point of the ring and steals just the keys in that single arc from one neighbor — everybody else's keys never move. You've turned "remap almost everything" into "remap one slice," because ownership is defined by local neighbors on a circle, not by a global count N that every key depends on.
Add a server to a 1,000-node cluster and only about 1/1000th of your keys move — the other 99.9% never notice.
29Big data, tiny memory
Boyer-Moore Majority Vote — the winner nobody counted
A backbone router is watching billions of packets scream past every second, and it needs to answer one question in real time: is a single source sending more than half of all this traffic right now? (That is the signature of a DDoS flood.) It has microseconds per packet and only a few bytes of memory to spare. The same shape shows up in a spacecraft reading three redundant sensors, or a live analytics dashboard asking "which value is dominating the stream this second?"
The problem
The obvious approach is a tally: a hash map from each value to its count, then read off whichever is biggest. But on a firehose of billions of distinct sources, that map grows until it blows past RAM — memory scales with the number of distinct items, exactly the thing you can't bound. Sorting to find the mode is O(n log n) and needs the whole stream stored at once. On a truly unbounded stream you can't store it at all, so both approaches simply fall over.
Why it's brilliant
Picture a duel. You keep one candidate and a count of its un-cancelled copies. Every element that isn't the candidate steps forward and annihilates one copy of it (count minus one); every matching element reinforces it (count plus one). When the count hits zero, everyone so far has paired off and mutually destroyed — so you adopt the very next element as the fresh challenger. Here is why it's guaranteed to work: if one value truly holds a strict majority — more than half of everything — then even in the worst case where every other element pairs off and cancels one of its copies, there are simply more of the majority than there are cancellers. It cannot be fully annihilated. The last one standing must be it. And the punchline: count is not how many times the majority appeared — it's how many of its copies survived all the cancellations. One pass, one candidate, one integer.
Runs insideTriple-redundant flight control and spacecraft sensor voting (TMR)Network router heavy-hitter and DDoS source detectionStreaming-analytics frequent-item engines (Misra-Gries, the multi-slot generalization)Distributed consensus and quorum leader agreementDatabase query engines finding a mode in a single passByzantine-fault-tolerant majority checks
It finds the element appearing more than half the time without ever counting how many times anything appears.
30Big data, tiny memory
The Fisher-Yates Shuffle
Every time you hit shuffle on a playlist, or a game deals a hand of cards, this exact loop runs behind the scenes.
The problem
The shuffle you'd invent by instinct — walk the list and swap each card with any random card — feels fair but is subtly biased: some orderings show up more often than others. With 52 cards the naive version can't even reach most of the 52! possible decks evenly, which is how online-poker sites have been cheated.
Why it's brilliant
Fisher-Yates fixes the bias with one disciplined rule: walk from the last slot down to the first, and swap each card only with a card at or before it — never one already locked in. Each position then draws a truly uniform pick from the shrinking pool of unplaced cards, so all n! orderings come out exactly equally likely — provably, in a single O(n) pass.
Runs insideSpotify & playlist shufflecard and board gamescryptographic shufflesrandomized A/B splitscasino / poker RNGs
The shuffle you'd write by instinct is provably unfair; this one-line discipline is provably perfect.
07Scheduling & logistics
Fitting the most in, in the right order, at least cost.
31Scheduling and logistics
Interval Scheduling — pack the most meetings into one room
You tap "Find a time" in your calendar app and it instantly offers the arrangement that fits the most events into your day without a single clash. Six people want the one conference room from 9 to 5; something has to decide which requests win and which get bumped — and it has to feel obvious, not arbitrary.
The problem
With just six meetings you could eyeball it, but the number of possible non-overlapping subsets explodes exponentially — trying every combination to find the biggest clash-free set is hopeless past a couple dozen requests. And the tempting shortcuts are wrong: grab the meetings that start earliest and one long morning booking devours the whole day; grab the shortest ones and you can still fragment the schedule badly. You need a rule that is both fast and provably optimal.
Why it's brilliant
Sort by finish time, then repeatedly take the next meeting that starts after your last pick ends. The magic is why earliest-finish is unbeatable: whichever meeting ends first leaves the maximum amount of runway free for everything after it. So there is always an optimal schedule that includes it — if some other optimal schedule skipped it, you could swap that schedule's first meeting for the earliest-finishing one without losing a slot, because it frees up at least as much room. That swap argument means the greedy choice never paints you into a corner; each locally-first-to-finish pick provably extends to a globally maximum set. One pass, no backtracking, guaranteed best answer.
Runs insideGoogle Calendar / Outlook 'find a time' and room-bookingOS and cloud CPU job schedulers packing tasks onto a coreAd-server slot allocation for a video breakAirline gate and runway assignmentConference-room and coworking-desk reservation systemsBroadcast / streaming ad-pod insertion
The winning move isn't grabbing meetings that start first or run short — it's always taking whichever one ends soonest, and that greedy hunch is mathematically the best you can do.
32Scheduling and logistics
Topological Sort — Kahn's algorithm
It's registration week and the course catalog won't let you enroll in Algorithms until you've cleared Data Structures, which itself demands Intro to CS. You untangle it by hand into a study plan that never breaks a prerequisite. That exact same detangling runs every time you type npm install, hit Recalculate in a spreadsheet, or a Makefile decides what to compile first.
The problem
You have a pile of tasks with "must-come-before" arrows between them and need one order that never violates a single arrow. You can't sort alphabetically, and you can't sort by "fewest prerequisites" — a task with just one prereq can still sit at the very bottom of a long chain. Trying every possible ordering to find a legal one is factorial time: 20 tasks is already 2.4 quintillion permutations. And if the requirements secretly loop (A needs B needs A), no order exists — you must detect that, not spin forever.
Why it's brilliant
Here's the trick that makes it fall out in one pass. For each task, count its in-degree — how many prerequisites still point at it. A task whose in-degree is 0 has nothing blocking it, so it's safe to schedule right now. The magic is what happens when you finish it: completing a task removes exactly one arrow from each of its dependents, so you just decrement their in-degrees. Any dependent that drops to 0 has, in that instant, become unblocked — add it to the ready pile. It's a chain reaction of "you're cleared to go" rippling outward along the arrows. Each node and each arrow is touched once, so it's linear time, not factorial. And the cycle detector is free: if the ready pile empties while tasks remain, those leftovers all point at each other in a loop — the same machine that orders the schedule proves when no schedule can exist.
Runs insideBuild systems (Make, Bazel, Gradle) deciding compile orderJavaScript package managers (npm, yarn, pnpm) resolving install orderSpreadsheets (Excel, Google Sheets) recalculating dependent cellsLinux package managers (apt, dnf) ordering installs and upgradesData pipeline schedulers (Apache Airflow DAGs)University course-planning and prerequisite checkers
Every time npm install finishes without exploding, Kahn's algorithm just untangled a dependency graph of thousands of packages into a safe install order — in the blink of an eye.
33Scheduling and logistics
The 0/1 Knapsack — packing the most value under a hard limit
It's the night before a flight and your carry-on caps out at 7 kg. On the bed: a charger, a camera, shoes, a book, a jacket — each with a real weight and a private "how much I'll regret leaving this" score. You shuffle things in and out, trying to squeeze the most usefulness under the limit without going over. That exact fidgeting is the 0/1 knapsack — and it's what a phone runs to decide which files to keep offline, and what an ad server runs to pick which ads fit on a page.
The problem
With n items there are 2ⁿ possible bags — 30 items is already a billion combinations, so trying them all dies fast. The tempting shortcut is greedy: grab the highest-value item first. But raw value lies. A single "valuable" heavy item can hog the whole limit and block two lighter items that together beat it. Here item 3 (value 6) looks like the obvious grab, yet taking items 0 and 1 (values 3+4 = 7) wins. Greedy is fast and wrong; brute force is right and hopeless.
Why it's brilliant
Stop enumerating bags. Instead keep one number per capacity: dp[c] = the best value you can pack into c kilos. Now add items one at a time. For a new item of weight w, value v, the best bag of size c is just the better of two choices — skip it (keep the old dp[c]) or take it (dp[c−w] + v, reusing the already-solved best packing of the leftover room). Because dp[c−w] is itself already optimal, the new dp[c] is too: every answer is built from smaller answers you've already nailed, so nothing is ever re-guessed. The one subtle move is to sweep c from high down to low — that keeps dp[c−w] pointing at a bag made without this item, which is exactly what forbids using the same item twice and makes it 0/1. The whole thing costs items × capacity, not 2ⁿ.
Runs insideKubernetes / cloud schedulers bin-packing pods onto nodesAd auction engines choosing which ads fit a page's slots and budgetAirline and container-ship cargo load planningCloud spot-instance and cost optimizers under a spend capCapital budgeting tools picking a portfolio of projectsCDN cache admission deciding which objects to keep resident
Greedy grabs the shiniest thing and loses; the DP quietly asks "what's the best use of the leftover space?" at every size at once — and never guesses the same subproblem twice.
34Scheduling and logistics
Union-Find — the “People You May Know” engine
You open LinkedIn and it whispers “People You May Know” — a stranger who happens to sit two hops from you through a shared ex-colleague. Behind that suggestion, a billion accounts are silently bucketed into connected clusters, and the system had to answer “are these two people in the same web?” in the blink before the page painted.
The problem
The obvious way to ask “is A connected to B?” is to walk the friendship graph — BFS or DFS from A and see if you reach B. That's O(N+E) per question, and on a graph with billions of edges that's hopeless when you're firing off millions of connectivity checks a second. Pre-computing the full “who-reaches-whom” table is worse: O(N²) memory you could never store, and every new friendship would force a rebuild.
Why it's brilliant
Union-Find refuses to remember friendships at all. Instead every element points at a representative, forming little upward-pointing trees, and the only fact that matters is: two elements are connected exactly when they climb to the same root. Merging two groups is then a single pointer flip — hang one root under the other — and a connectivity query is just “walk up, compare roots.” The magic is path compression: while you're climbing to find the root anyway, you re-point every node you pass directly at the root, so the tree collapses flatter each time you touch it. Do that (with union-by-size) and the amortized cost per operation is the inverse Ackermann function α(n) — a number that stays below 5 for any n you could physically store. Effectively O(1), forever.
Runs insideLinkedIn / Facebook “People You May Know” cluster lookupsKruskal's algorithm for Minimum Spanning Trees (road, circuit, and network design)Image segmentation via connected-component labelingNetwork / percolation connectivity monitoringCompilers: type-inference unification and register allocationCycle detection when building undirected graphs
It never stores a single friendship — it just asks “who's your boss's boss's boss?” and flattens the ladder every time you look.
35Scheduling and logistics
Kruskal's Minimum Spanning Tree — the least cable to connect everything
A crew has to run fibre so every building on a new street can reach every other one — but trenching costs a fortune per metre. They don't need a cable between every pair of buildings; they need the cheapest set of links that still leaves nothing stranded. That "wire everything together for the least total cost" call — fibre, water mains, power lines, or the backbone links wiring your office switches — is Kruskal's algorithm.
The problem
There are exponentially many ways to connect N points (a complete graph on N nodes has NN-2 spanning trees), so you can't enumerate them. Greedily grabbing the cheapest cables is the right instinct — but some cheap cable joins two buildings that are already linked through others, forming a wasteful loop. The genuinely hard part is testing, over and over and cheaply, whether an edge joins two still-separate groups or just closes a redundant cycle. Re-walking the whole graph to check connectivity for every candidate edge is far too slow at city scale.
Why it's brilliant
Kruskal fuses two ideas. First, greedy by weight is provably optimal here: by the cut property, the cheapest edge crossing any split of the nodes must belong to some minimum spanning tree — so taking the globally cheapest safe edge never has to be regretted later. Second, and this is the sleight of hand, it tests "are these two ends already connected?" in almost constant time using Union-Find. Every node points to a representative of its group; find() just follows those pointers up to the group's root. Two nodes are connected if and only if they share the same root — so a cycle is exactly the case where both endpoints already report the same boss, and you skip it. Adding an edge is equally cheap: point one root at the other, and two groups instantly become one. You never traverse the graph — you only ever compare and merge roots.
Runs insideTelecom fibre, road, water and power-grid layout planningSingle-linkage hierarchical clustering in data analysisFelzenszwalb–Huttenlocher image segmentationLeast-cost circuit and VLSI routingProcedural maze generation in gamesMST-based lower bounds for approximate TSP
The cheapest way to wire up an entire city collapses to: sort the cables, and for each one just ask "do these two ends already share the same boss?"
08Money, signals & the physical world
Stocks, sensors, currencies, and cycles.
36Money, signals and the physical world
Kadane's Algorithm — the one-pass best-run finder
You open a stock chart, pick a buy day and a sell day, and the app instantly highlights the single stretch of time that would have made you the most money. That "best window" — the fattest contiguous run of gains inside a jagged sea of ups and downs — is exactly the max-subarray problem, and Kadane's is what solves it before your finger leaves the screen.
The problem
Find the contiguous slice of a sequence with the largest total. The obvious approach tries every start and every end and sums each window — that's O(n²) or O(n³) sums, which crawls to a halt on a day of tick data or a genome with millions of bases. You can't afford to re-add the same numbers over and over, and you can't hold every candidate window in memory either. You need the answer in one sweep.
Why it's brilliant
Here's the whole trick, and it's almost unfair how simple it is. Walk left to right carrying one number, cur: the best sum of any run that ends exactly here. At each new value x you face one binary decision — extend the run you were building (cur + x), or throw it away and start fresh at x. You pick whichever is bigger: cur = max(x, cur + x). The genius is why you can forget the past: the instant cur goes negative, any run carrying it forward is strictly better off cutting it loose — a negative prefix can only drag down whatever comes next, so it's provably safe to discard, forever. A separate best just quietly remembers the high-water mark of cur as you pass. One variable decides, one variable remembers, and a single left-to-right pass — O(n) time, O(1) memory — nails the optimal window out of the ~n²/2 possible ones without ever looking back.
Runs insideStock trading apps — best buy/sell window (LeetCode's famous 'Maximum Subarray')Genomics — finding GC-rich or high-scoring regions in DNA/protein sequencesSignal processing — detecting the strongest burst in a noisy streamImage processing — brightest contiguous band in a scanline (2D Kadane for max-sum rectangles)Real-time analytics — peak engagement or revenue window in a time seriesSensor/IoT pipelines — locating the most anomalous contiguous interval
The "best time to buy and sell" answer your trading app shows you is nine additions and eight comparisons — it never actually checks the millions of windows it's beating.
37Money, signals and the physical world
Bellman-Ford & Currency Arbitrage
You're standing at an airport kiosk, or tapping through a forex app: dollars to euros, euros to pounds, pounds back to dollars. Each hop looks fair on its own — but stack the three rates and something eerie happens. You touch nothing but the "convert" button three times and land back in dollars with more money than you started. That free loop is called arbitrage, and finding it fast is a life-or-death problem for trading desks.
The problem
The obvious plan — enumerate every chain of conversions and multiply the rates to see which loops end above 1.0 — explodes combinatorially: with n currencies there are exponentially many cycles to test, and profitable loops can be any length. Worse, profit is multiplicative (rates multiply along a path), which doesn't fit the additive machinery every fast shortest-path algorithm is built on. You need to detect a money-making loop without ever listing the loops.
Why it's brilliant
Two moves turn this inside out. First, take the logarithm of each rate: because log turns products into sums, a loop's profit (a product of rates) becomes a sum of logs. Negate them, and a profitable loop (product > 1) becomes a cycle whose edge-weights sum to a negative number. Suddenly "find free money" is literally "find a negative cycle in a weighted graph." Second, Bellman-Ford finds negative cycles almost for free: relax every edge V−1 times and all true shortest distances settle. Then try one more pass — if any distance still drops, no finite shortest path exists, and the only thing that can keep shrinking a distance forever is a negative cycle circling underneath. That single extra relaxation is the alarm bell for arbitrage.
Runs insideForex and crypto arbitrage desks at banks and DEX trading bots (Uniswap-style)RIP (Routing Information Protocol) in network routersDistance-vector routing protocols across the early internetLogistics and supply-chain cost optimization with rebates/penaltiesGame AI pathfinding with negative-cost (reward) edgesCompiler/constraint solvers detecting infeasible difference-constraint systems
Take the logarithm of an exchange rate and free money turns into a negative cycle — caught by the very same routine that kept the early internet's packets finding their way home.
38Money, signals and the physical world
The Moving Average
You open your stocks app and the price line is a jagged mess of spikes — but laid calmly over the top is a second, smoother line labelled "50-day average." That smooth line is a moving average, and you meet it everywhere: the step count on your watch that doesn't jump wildly second to second, the temperature your thermostat trusts, the "avg pace" on your run.
The problem
A moving average slides a window across the data and prints the mean at every position. The obvious way is to re-add all w numbers inside each window — but consecutive windows overlap almost entirely, so you re-sum the same values again and again. That's O(n×w) work, and for a live stream — a sensor sampling every second, hours of audio at 44,100 samples/sec — you also can't afford to keep the whole history in memory just to re-add it.
Why it's brilliant
Look at two neighbouring windows: [10,12,14] then [12,14,13]. They share everything but two numbers — one old value slid out the left, one new value slid in the right. So you never need to re-sum. Keep a single running total; at each step subtract the value that left and add the value that arrived (total += new - old). That's one subtraction and one addition per output — O(1) regardless of window size, whether the window is 3 or 3 million. The whole trick is realising the overlap between adjacent windows is the answer you already computed.
Runs insideTradingView & Robinhood moving-average chart overlaysFitbit / Apple Watch step- and heart-rate smoothingSmart thermostats and IoT temperature sensorsAudio DSP low-pass (box) filtersLinux/server load-average monitoringSpeedometers and GPS pace smoothing in run trackers
The 200-day average on a stock chart costs exactly the same per tick as the 2-day one — because a sliding window never re-adds what it already knows.
39Money, signals and the physical world
Newton's Method — the tangent-line trick that doubles your correct digits every step
You tap the √ key on your phone and 1.41421356 is already there before your finger lifts. No lookup table, no waiting — the same thing happens invisibly a thousand times a second when a game normalizes a direction vector or your CPU divides two numbers.
The problem
√2 is irrational: its digits run forever with no pattern, so there is no single add/multiply that spits it out. The obvious fixes crawl — binary search or guess-and-check pins down about one more bit per step, so reaching a calculator's 15 digits takes ~50 rounds. Long-division-style digit extraction is just as plodding. You need full precision in a handful of multiplications.
Why it's brilliant
Turn "find √2" into "find where the curve f(x) = x² − 2 crosses zero." From any guess, follow the curve's tangent line straight down to the axis — where it lands is your next guess. For square roots that tangent step collapses into something you can do in your head: x → (x + 2/x)/2, the plain average of your guess and 2/guess. Here's why it can't miss: if x is too big, then 2/x is too small (they multiply to exactly 2), so √2 is always trapped between them — and their midpoint is closer than either. The real magic is the rate: each step roughly squares the error, so correct digits go 1 → 3 → 6 → 12 → done. Accuracy doubles per stroke.
Runs insidePocket and phone calculatorsx86/ARM FPU square-root and divide units (Newton-Raphson refinement)Quake III's legendary fast inverse square rootGame physics and graphics engines (vector normalization, distance)SciPy/NumPy root-finders (scipy.optimize.newton)ML optimizers (Newton's method, BFGS)
Every square root your calculator shows was drawn with invisible tangent lines — and it doubled its correct digits with each one.
40Money, signals and the physical world
Floyd's Tortoise & Hare — catch a loop with zero memory
You paste a link and the browser stops dead: "ERR_TOO_MANY_REDIRECTS." Page A sent you to B, B sent you to C, and C quietly sent you back to A — a redirect ring with no exit. Something had to notice you were going in circles instead of following the chain forever. That something is almost always Floyd's trick.
The problem
The obvious fix is to remember every node you've visited and shout the moment you see a repeat. But that means a growing set in memory, and on a chain of millions of links (or a linked list, or a stream you can't rewind) that's a lot of bookkeeping you may not be able to afford. Worse, if you can't store history at all — an endless generator, a hardware pointer with no back-reference — the naive approach simply can't run.
Why it's brilliant
Send two walkers down the same path: a tortoise that steps one node at a time and a hare that steps two. If the path is a straight dead-end line, the hare just runs off the end — no cycle. But if the path bends back into a loop, both get trapped circling inside it forever, and here's the magic: the hare gains exactly one step on the tortoise every tick. Their gap grows 1, 2, 3, … and because they're on a ring of fixed size, that gap is really measured modulo the loop length — so it must eventually hit zero. When the gap is zero, they're standing on the same node. A collision is mathematically guaranteed, and it needs just two integer pointers — no list of visited nodes, no memory that grows with the input.
Runs insideBrowsers & HTTP clients (curl, Chrome) capping redirect loopsLinked-list / pointer cycle checks in databases and garbage collectorsPollard's rho factorization & cryptographic PRNG cycle-length testsGit and other DAG tools guarding against reference cyclesCompilers and state-machine tools detecting infinite loops in graphs
Two runners on a circular track, one twice as fast — they don't just lap each other, they're guaranteed to collide, and that collision is a loop detector that fits in two variables.