[crpatino]

The spirit of what you mean are right, but the details are all tangled up.

Example 1: "chbs". 94^4 is way too optimistic. Your upper bound is 26^4, though if you get a smart attacker, he will figure out that 'c', 'h', 'b' and 's' are all more likely than 'x' or 'q' (though less likely than 'e' or 't'), and prune the search tree accordingly. Honestly, it does not really matter because with just 4 chars long, he can afford to just brute-force it anyways.

Example 2: "correcthorsebatterystaple". While much, much better than "chbs", 94^25 is completely off-base. That would imply that you are using all printable ASCI characters in your passphrase. The other figure you mention, 250000^4 is closer to the mark, though it implies you are picking your samples from a 25,000 word dictionary.

XKCD does not make that assumption, it explicitly uses a small dictionary (2048 words) to let it clear that you do not depend on picking "epic words" for the scheme to stand. You can use simple, every day (e.g. easy to remember) words and still come ahead of the other approach.