attacks – What are examples of threats and vulnerabilities that a company like Twitter faces?

I was wondering what sorts of threats a company like Twitter would be prone to, as well as what vulnerabilities they may have. I already know some such as Social Engineering, Spear-phishing, Human Error, Third-Party Apps and Suppliers, Disgruntled employees, Man in the middle attacks, DDoS, so I was wondering if there are any other types of threats out there. Thanks!

set theory – Reference request: Examples of research on a set with interesting properties which turned out to be the empty set

I’ve seen internet jokes (at least more than 1) between mathematicians like this one here about someone studying a set (or another object such as a group) with interesting properties. And then, after a lot of research (presumably after some years of work), find out such set couldn’t be other than the empty set, making the work of years useless, I guess.

I this something that happens commonly? Do you know any real examples of this?

P.S. Honestly I don’t known which tags to use, or even if this question fits here, so feel free to add/remove tags as needed.

soft question – Historical examples of questionable authorships?

Recently, a cluster of math articles has been retracted due to authorships which could not be verified (it appears that these identities are related to peer review manipulation). e.g.,

Yan, Zhenhai; Ychussie, Beatriz, Retracted: Normal families and asymptotic behaviors for solutions of certain Laplace equations, Adv. Difference Equ. 2015, Paper No. 226, 8 p. (2015); retraction notice ibid. 2020, Paper No. 56, 1p. (2020). ZBL1422.30056.

Yan, Zhenhai; Yan, Guojun; Miyamoto, Ikudol, Retracted: Fixed point theorems and explicit estimates for convergence rates of continuous time Markov chains, Fixed Point Theory Appl. 2015, Paper No. 197, 18 p. (2015); retraction ibid. 2020, Paper No. 5, 1 p. (2020). ZBL1347.60110.

While there have been lots of virtual authors in the past related to pseudonyms and collective authors (Pseudonyms of famous mathematicians gives many examples), the aim of twisting the review procedure seems to be rather new – is someone aware of similar earlier cases in mathematics?

(So far, according to the retraction notes, the cluster of non-identifiable authors seems to include Ikudol Miyamoto, Tanriver Ülker, Mohamed Vetro, Costanza T Viouonu, Alexander Yamada, Nanjundan Yamini, Beatriz Ychoussie; there are some more items linked to this cluster where a retraction might be still pending).

time complexity – Examples of higher order algorithms ($mathcal{O}(n^4)$ or larger)

In most computer science cirriculums, students only get to see algorithms that run in very lower time complexities. For example these generally are

  1. Constant time $mathcal{O}(1)$: Ex sum of first $n$ numbers
  2. Logarithmic time $mathcal{O}(log n)$: Ex binary searching a sorted list
  3. Linear time $mathcal{O}(n)$: Ex Searching an unsorted list
  4. LogLinear time $mathcal{O}(nlog n)$: Ex Merge Sort
  5. Quadratic time $mathcal{O}(n^2)$: Ex Bubble/Insertion/Selection Sort
  6. (Rarely) Cubic time $mathcal{O}(n^3)$: Ex Gaussian Elimination of a Matrix

However it can be shown that
mathcal{O}(1)subset mathcal{O}(log n)subset ldots subset mathcal{O}(n^3)subset mathcal{O}(n^4)subsetmathcal{O}(n^5)subsetldotssubset mathcal{O}(n^k)subsetldots

so it would be expected that there would be more well known problems that are in higher order time complexity classes, such as $mathcal{O}(n^8)$.

What are some examples of algorithms that fall into these classes $mathcal{O}(n^k)$ where $kgeq 4$?

ap.analysis of pdes – Examples of applications of hyperbolic conservation laws

I am giving a talk in front of my applied PDE research group on hyperbolic conservation laws, the most basic form of which is the PDE $$ u_t + f(u)_x = 0 $$ where $u$ is the conserved quantity and $f$ is the flux. I was asked to present “nice applications” of these, and I thought to ask here. Does anyone here know of “nice” or “useful” applications of these in pure or applied mathematics? Maybe something you use in your own research. I thank all contributors.

security – What is an uninitialized read? Can you point out some examples found in Bitcoin Core? How do you detect them?

An uninitialized read is when a variable is created without an initial value and then the value of this variable is read. This should be avoided as the resulting behavior is unpredictable and could be different each time the program is run. According to

Normally uninitialized variables are a bad idea, and the only place where they are useful is when you are about to read the variable in from some input stream.

There are various tools for detecting uninitialized reads, some of which were covered in this Bitcoin Core PR review club session in December 2019.

These include dynamic analysis tools such as MemorySanitizer (MSan), Valgrind (specifically Memcheck) and static analysis tools that examine the code without running it.

Uninitialized reads can also be found through unit, functional or fuzz tests, by compiling with the -Werror=uninitialized flag or compiling with Clang with the -ftrivial-auto-var-init=pattern flag which will pre-initialize variables with dummy values.

The most recently detected uninitialized read at the time of writing (October 2020) was found by Marco Falke in the recently merged Signet code. He found it through visual review and it was caught before it made it into a major Bitcoin Core release.

As practicalswift highlights there have been a number of examples of uninitialized reads found in recent years but with more widespread usage of sophisticated tools these are likely to be found with decreasing frequency.

2020: Use of uninitialized memory in Erlay networking code – found pre-merge

2020: Use of uninitialized memory in BIP324 encrypted p2p transport de-/serializer code (truth in advertising: I haven’t verified this one by writing a PoC) – found pre-merge

2020: util: Avoid potential uninitialized read in FormatISO8601DateTime(int64_t) by checking gmtime_s/gmtime_r return

2019: Use of uninitialized memory in networking code when receiving a transaction we already have – found post-merge

2019: wallet: Uninitialized read in bumpfee(…)

2018: wallet: Fix non-determinism in ParseHDKeypath(…). Avoid using an uninitialized variable in path calculation.

2018: wallet: Fix use of uninitialized value bnb_used in CWallet::CreateTransaction(…)

2017: (net) Fix use of uninitialized value in getnetworkinfo(const JSONRPCRequest&)

2017: (test) Avoid reading a potentially uninitialized variable in tx_invalid-test (transaction_tests.cpp)

ag.algebraic geometry – Open problems and examples of special linear systems

Context: Consider a set of points $p_1,cdots,p_r$ in $mathbb{P}^2$ and let $X$ be its blowup at these points. Denote the hyperplane class in $mathbb{P}^2$ by $H$ and the exceptional divisors by $E_i$ for $i=1,dots,r$.

Given positive integers $d$ and $m_1,dots,m_r$ define $L(d,m)$ to be the linear system of all degree $d$ forms vanishing at the point $p_i$ with multiplicity at least $m_i$. In other words, $L(d,m) = (H^0(X,dH-sum m_iE_i)-{0})/mathbb{C}^times$.

The virtual dimension of $L(d,m)$ is defined as
vdim L(d,m) = {d+2choose 2} – sum {m_i+1choose 2} -1.

Essentially, the first term is the degrees of freedom and the latter the constraints imposed by the vanishings.

Then, the expected dimension of $L(d,m)$ is $$edim L(d,m)= max{vdim L(d,m),-1}.$$

It’s known that $dim L(d,m)geq edim L(d,m)$ and we say the linear system is special if this inequality is strict.

Question 1: Are there known examples of linear systems where $vdim L(d,m)<-1$ but $dim L(d,m)>0$? How about the case $m_i=1$?

A similar problem would be the following:

Question 2: Are there known examples where $dim L(d,m) – edim L(d,m) > k$ for some $k>1$?

In general I’m interested in knowing what is the current state of this kind of problem. How active is it as a line of research and if there are any open conjectures along these lines. I’d also appreciate if someone could share some known examples and references.

bitcoincore development – What are some examples of previous first contributions improving Bitcoin Core tests?

PR 8836 was one of John Newbery’s earlier contributions to Bitcoin Core. He introduced this code so that would fail when the output_cmp file is empty.

if not outputData:
            print("Output data missing for " + outputFn)

PR #16445 was Fabian Jahr’s first contribution to Bitcoin Core. One particular test (checking that an unknown message type would result in a disconnect) had been highlighted as flaky on MacOS and so Fabian wrote some code to wrap the test in an if, else statement so that it would be skipped when on MacOS.

if sys.platform != 'darwin':
else:"Skipping test p2p_invalid_messages/1 (oversized message) under macOS")

PR #20023 wasn’t a first contribution but was a neat contribution nonetheless. theStack used vulture via the following script to find constants in the functional tests that aren’t used anymore.

for F in $(git ls-files -- "*.py"); do vulture "$F" | grep "unused variable"; done