Confusion about “false sharing”

This is a homework problem that I have

  In a multicore system, you are running the code on the right on each core, and it suffers from false    sharing. You can assume t_id is set to a unique thread identifier (e.g. 0-15). How could you change    the code to reduce false sharing?    for (int i=0; i<N; i++)   totals[t_id] += a[i]; 

What I’m having trouble with is seeing where the false sharing is occurring. It says state t_id is set to a unique thread identifier, so doesn’t that mean there’s only 1 thread that’s accessing the data here?

We only briefly went over false sharing, but from what I’ve learned false sharing occurs when a cache miss occurs because the data was invalidated previously due to an “irrelevant” data being written/read from a different cache. But if the thread is the same, then doesn’t that mean it’s the same cache being used to write/read? How would false sharing occur here?

Blocking task report is showing false positive

Here is the code I am using to send email alerts. It seems to send more false +ves, can anyone guide me how to resolve this ?

DECLARE @Waiting INT; DECLARE @Message NVARCHAR(MAX);  SELECT  @Waiting = COUNT( s.session_id ) FROM    sys.dm_exec_sessions s LEFT OUTER JOIN sys.dm_exec_connections c ON ( s.session_id = c.session_id ) LEFT OUTER JOIN sys.dm_exec_requests r ON ( s.session_id = r.session_id ) LEFT OUTER JOIN sys.dm_os_tasks t ON ( r.session_id = t.session_id AND  r.request_id = t.request_id ) LEFT OUTER JOIN (                     -- In some cases (e.g. parallel queries, also waiting for a worker), one thread can be flagged as                     -- waiting for several different threads.  This will cause that thread to show up in multiple rows                     -- in our grid, which we don't want.  Use ROW_NUMBER to select the longest wait for each thread,                     -- and use it as representative of the other wait relationships this thread is involved in.                     SELECT  *                             ,ROW_NUMBER() OVER ( PARTITION BY waiting_task_address ORDER BY wait_duration_ms DESC ) AS row_num                     FROM    sys.dm_os_waiting_tasks ) w ON ( t.task_address = w.waiting_task_address )                                                             AND w.row_num = 1 LEFT OUTER JOIN sys.dm_exec_requests r2 ON ( r.session_id = r2.blocking_session_id ) WHERE   ISNULL( t.task_state, N'' ) <> ''         AND ISNULL( DB_NAME( r.database_id ), N'' ) = 'MyDB'         AND ISNULL( w.wait_duration_ms, 0 ) > CASE                                                     WHEN FORMAT( GETDATE(), 'HH:mm' ) >= FORMAT( CAST('07:00AM' AS TIME), N'hh\.mm' )                                                         AND  FORMAT( GETDATE(), 'HH:mm' ) < FORMAT( CAST('05:30PM' AS TIME), N'hh\.mm' ) THEN 10000                                                     ELSE 20000                                                 END ---  this will change the wait time to 20s during offpeak hours.         AND s.session_id <> ISNULL( w.blocking_session_id, 0 )         AND is_user_process = 1;    ---- added on 2019-04-02 @8.40AM to neglect the parallel queries.threads blocking themselves   IF ( @Waiting > 30 )     --send email  

Why does THC Hydra and Medusa give false positives when used on TP-Link Netcam?

I am a university student who is doing a final year project on IoT device security within an isolated network.

One of the tests I carried out was brute forcing, I already knew what the username and password was for a factory resetted IP Netcam but wanted to see how it would work in practice and if it even worked on IoT devices.

The commands I used for both tools is as follows:

Medusa -h “IP address” -u “default login” -P Desktop/rockyou.txt -n 80 -M http

Hydra -l “default login” -P Desktop/rockyou.txt -e ns -f -V “Ip address” http-get

Hydra did seem to work fine on other devices and would attempt to go through the entire list. But for this TP-Link Netcam it seemed that both tools would just go partially through the lists and sometimes give multiple false positives within the few attempts made.

While I do not have access to these devices anymore to continue testing, I would atleast like to know if it was something I entered wrong? Or if the device has something that could potentially stop this?

Any insight would be greatly appreciated, thank you for your time.

Make a page return false to is_single() and true for is_post_type_archive() before wp_enqueue_scripts

I am using a page to replace custom post type archive. I used page template in that page to query CPTs like a CPT archive

The problem is, since I conditionally load different css files based on the page, I want this page to return false to is_single() and true to is_archive() so that it won’t break my conditional. How can I achieve this? What is the earliest hook I can use?

False positive security alert from Google?

I just had this security alert about one of my Google accounts:

  • Device : Unknown device
  • Time : 25 minutes ago
  • Place : United States
  • IP Address : 2a00:1450:4864:20::51b

Someone just used your password to try to connect to your account from an application not belonging to Google, we have blocked this person.

This alert arrived 30 minutes after I had made some security modifications and checks on my account. Moreover, I verified this IPV6 address, and it belongs to Google (I am using a VPN). Is it a false positive? 🤔

is_admin() returns false for theme customizer, how to check for it?

As I strive to get rid of jQuery, I force it off otherwise, some plugins will always add it back if enqueued.

I still want it for the admin as it’s required and performance is less of an issue. Nevertheless, id_admin() function returns false when using the theme customizer.

function my_theme_remove_jquery(&$  scripts) {     // here if have to check for server url to add jQuery when customizing the site,     // otherwise it's not loaded and customizer won't work properly     if (is_admin() || strpos($  _SERVER['REQUEST_URI'], 'customize_theme')) return;      $  scripts->remove('jquery'); } add_filter('wp_default_scripts', 'my_theme_remove_jquery'); 

Is there some other way I could detect the customizer or is this good enough?

How to report false positive to Google Safe Browsing without signing up with Google?

I was wondering how to report a false positive to Google Safe Browsing without having to create a Google account and feeding their insatiable hunger for more data?

I have not found such a way as of yet. Google pretty much seems intent on preventing any contact in this matter or others.

Background

My domain – yep whole one, including subdomains – was reported as (two examples):

Firefox blocked this page because it might try to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit).

… and:

This site is unsafe

The site https://***********.net/ contains harmful content, including pages that:

Install unwanted or malicious software on visitors’ computers

I won’t disclose my domain here, but given I have a list of digests for all the files located on my (private) website and the list is signed with my PGP key and I verified the hashes and the signature and all checked out, I am sufficiently certain that this is a false positive. None of these files have changed in the last four years, because my current software development activities are going on elsewhere.

Unfortunately there is no useful information to be had from the “details” provided by Google Safe Browsing. A full URL to the alleged malicious content would have been helpful; heck even a file name or something like MIME-type plus cryptographic hash …

I have two pieces of content on my website where one could debate whether they are PUA/PUP (as it’s called these days). Both are executables inside a ZIP file and alongside the respective source code which was used to create those executables. So in no way would any of that attempt to install anything on a visitors computer, unless we imagine a fictitious browser hellbent on putting its user at risk by requesting to run at highest privileges upon start and then unpacking every download and running found executables without user interaction. And even then one of the two pieces of software would fail and the other would be visible.

  1. One is a Proof of Concept for an exploit of Windows debug ports which has been patched for well over a decade and so will hardly be a danger to anyone.
  2. The other is a tutorial which includes a keylogger which – when run – is clearly visible to the user. So no shady dealings here either.

But since these two items came up in the past, I thought I should mention them.

Anyway, a cursory check on VirusTotal showed one out of seventy engines giving a “malicious” for my domain. Given Google bought VT some time ago, it stands to reason they use it for Google Safe Browsing.

The mysterious engine with the detection is listed as “CRDF” and I still have been unable to find out who or what that refers to. So obviously there is no way to appeal, request a review or whatever … seems Google is judge, jury and executioner in this one.

So how do I “appeal”?

Is this malware Gen:Variant.Fugrafa.15976 (B) [krnl.xmd] detected on NJStar Chinese word processor a false alarm?

I found this malware Gen:Variant.Fugrafa.15976 (B) [krnl.xmd] on NJStar Chinese word processor using Emisoft Emergency Kit to scan for malware. I have been using NJStar Chinese word processor for a long time and today is the first time I see this malware appearing during scan. I did a recent update of the virus definition.

I tried to google for more information on this malware but could not find anything. Could it be a false alarm?

Extracted from report;

C:\Program Files (x86)\NJStar Chinese WP6\update.dll    detected: Gen:Variant.Fugrafa.15976 (B) [krnl.xmd] 

enter image description here