Web Spoofing 2001

The Web is currently the pre-eminent medium for electronic service delivery to remote users. As a consequence, authentication of servers is more important than ever. Even sophisticated users base their decision whether or not to trust a site on browser cues---such as location bar information, SSL icons, SSL warnings, certificate information, response time, etc. In their seminal work on web spoofing, Felten et al showed how a malicious server could forge some of these cues---but using approaches that are no longer reproducible. However, subsequent evolution of Web tools has not only patched security holes---it has also added new technology to make pages more interactive and vivid. In this paper, we explore the feasibility of web spoofing using this new technology---and we show how, in many cases, every one of the above cues can be forged. In particular, we show how a malicious server can forge all the SSL information a client sees---thus providing a cautionary tale about the security of one of the most common applications of PKI. We stress that these techniques have been implemented, and are available for public demonstration

Incompatibility, Product Attributes and Consumer Welfare: Evidence from ATMs

Incompatibility in markets with network effects can either benefit or harm consumers. Incompatibility reduces consumers' ability to "mix and match" components offered by different sellers, but can also be associated with changes in product attributes that might benefit consumers. In this paper, we estimate the effects of incompatibility in a classic hardware/software market: ATM cards and machines. Our empirical model allows us to measure the indirect network effect relating the value of ATM cards to ATM availability. It also allows us to measure the effects of incompatibility as measured by ATM fees. Our sample contains a relatively discrete move toward incompatibility after 1996, when banks began to impose surcharges on non-customers using their ATM machines. We provide estimates of the partial equilibrium effects of increased incompatibility on consumer welfare, finding that ATM fees ceteris paribus reduce the indirect network effect associated with other banks' ATMs. However, a surge in ATM deployment accompanies the shift to surcharging and in many cases completely offsets the reduction in welfare associated with higher fees. This suggests that welfare analyses should consider the interaction between incompatibility and changes in product attributes

Lock-free Scheduling of Logical Processes in Parallel Simulation

With fixed lookahead information in a simulation model, the overhead of asynchronous conservative parallel simulation lies in the mechanism used for propagating time updates in order for logical processes to safely advance their local simulation clocks. Studies have shown that a good scheduling algorithm should preferentially schedule processes containing events on the critical path. This paper introduces a lock-free algorithm for scheduling logical processes in conservative parallel discrete-event simulation on shared-memory multiprocessor machines. The algorithm uses fetch\&add operations that help avoid inefficiencies associated with using locks. The lock-free algorithm is robust. Experiments show that, compared with the scheduling algorithm using locks, the lock-free algorithm exhibits better performance when the number of logical processes assigned to each processor is small or when the workload becomes significant. In models with large number of logical processes, our algorithm shows only modest increase in execution time due to the overhead in the algorithm for extra bookkeeping

Incompatibility, Product Attributes and Consumer Welfare: Evidence from ATMs

Incompatibility in markets with network effects can either benefit or harm consumers. Incompatibility reduces consumers' ability to "mix and match" components offered by different sellers, but can also be associated with changes in product attributes that might benefit consumers. In this paper, we estimate the effects of incompatibility in a classic hardware/software market: ATM cards and machines. Our empirical model allows us to measure the indirect network effect relating the value of ATM cards to ATM availability. It also allows us to measure the effects of incompatibility as measured by ATM fees. Our sample contains a relatively discrete move toward incompatibility after 1996, when banks began to impose surcharges on non-customers using their ATM machines. We provide estimates of the partial equilibrium effects of increased incompatibility on consumer welfare, finding that ATM fees ceteris paribus reduce the indirect network effect associated with other banks' ATMs. However, a surge in ATM deployment accompanies the shift to surcharging and in many cases completely offsets the reduction in welfare associated with higher fees. This suggests that welfare analyses should consider the interaction between incompatibility and changes in product attributes