623 research outputs found
Ricardian or Monopoly Rents? The Perspective of Potential Entrants
Tests of the efficiency and market power hypotheses have focused on incumbents’ profitability. The current study examines the issue from the perspective of potential entrants. A key premise of the paper, which follows from the efficiency hypothesis, is that incumbents’ Ricardian rents (resulting from efficiency) usually do not induce entry. However, incumbents’ monopoly rents should attract entry, ceteris paribus. The entry response to adjusted and unadjusted profitability measures is compared. The difference between the measures represents Ricardian rents, according to the efficiency hypothesis, and monopoly rents, according to the market power hypothesis. The results, generally, favor the market power hypothesis.
COVID Down Under: where did Australia's pandemic apps go wrong?
Governments and businesses worldwide deployed a variety of technological
measures to help prevent and track the spread of COVID-19. In Australia, these
applications contained usability, accessibility, and security flaws that
hindered their effectiveness and adoption. Australia, like most countries, has
transitioned to treating COVID as endemic. However it is yet to absorb lessons
from the technological issues with its approach to the pandemic. In this short
paper we provide a systematization of the most notable events; identify and
review different failure modes of these applications; and develop
recommendations for developing apps in the face of future crises. Our work
focuses on a single country. However, Australia's issues are particularly
instructive as they highlight surprisingly pitfalls that countries should
address in the face of a future pandemic
Transactional Scripts in Contract Stacks
Deals accomplished through software persistently residing on computer networks—sometimes called smart contracts, but better termed transactional scripts—embody a potentially revolutionary contracting innovation. Ours is the first precise account in the legal literature of how such scripts are created, and when they produce errors of legal significance.Scripts’ most celebrated use case is for transactions operating exclusively on public, permissionless, blockchains: such exchanges eliminate the need for trusted intermediaries and seem to permit parties to commit ex ante to automated performance. But public transactional scripts are costly both to develop and execute, with significant fees imposed for data storage. Worse, bugs practically can’t be eliminated. The result is that many scripts will terminate in misunderstanding, frustrated intent and failure.When code misdelivers, disappointed parties will seek legal recourse. We argue that jurists should situate scripts within other legally operative statements and disclosures, or contract stacks. Precision about the relationship between script and stack sustains a novel framework, rooted in old doctrines of interpretation, parol evidence and equity, that will help jurists compile answers to the private law problems that digitized exchange entails
Coin-Operated Capitalism
This Article presents the legal literature’s first detailed analysis of the inner workings of Initial Coin Offerings. We characterize the ICO as an example of financial innovation, placing it in kinship with venture capital contracting, asset securitization, and (obviously) the IPO. We also take the form seriously as an example of technological innovation, where promoters are beginning to effectuate their promises to investors through computer code, rather than traditional contract. To understand the dynamics of this shift, we first collect contracts, “white papers,” and other contract-like documents for the fifty top-grossing ICOs of 2017. We then analyze how such projects’ software code reflected (or failed to reflect) their contractual promises. Our inquiry reveals that many ICOs failed even to promise that they would protect investors against insider self-dealing. Fewer still manifested such contracts in code. Surprisingly, in a community known for espousing a technolibertarian belief in the power of “trustless trust” built with carefully designed code, a significant fraction of issuers retained centralized control through previously undisclosed code permitting modification of the entities’ governing structures. These findings offer valuable lessons to legal scholars, economists, and policymakers about the roles played by gatekeepers; about the value of regulation; and the possibilities for socially valuable private ordering in a relatively anonymous, decentralized environment
Detecting Excessive Data Exposures in Web Server Responses with Metamorphic Fuzzing
APIs often transmit far more data to client applications than they need, and
in the context of web applications, often do so over public channels. This
issue, termed Excessive Data Exposure (EDE), was OWASP's third most significant
API vulnerability of 2019. However, there are few automated tools -- either in
research or industry -- to effectively find and remediate such issues. This is
unsurprising as the problem lacks an explicit test oracle: the vulnerability
does not manifest through explicit abnormal behaviours (e.g., program crashes
or memory access violations).
In this work, we develop a metamorphic relation to tackle that challenge and
build the first fuzzing tool -- that we call EDEFuzz -- to systematically
detect EDEs. EDEFuzz can significantly reduce false negatives that occur during
manual inspection and ad-hoc text-matching techniques, the current most-used
approaches.
We tested EDEFuzz against the sixty-nine applicable targets from the Alexa
Top-200 and found 33,365 potential leaks -- illustrating our tool's broad
applicability and scalability. In a more-tightly controlled experiment of eight
popular websites in Australia, EDEFuzz achieved a high true positive rate of
98.65% with minimal configuration, illustrating our tool's accuracy and
efficiency
A Gentle Tutorial for Lattice-Based Cryptanalysis
The applicability of lattice reduction to a wide variety of cryptographic situations makes it an important part of the cryptanalyst\u27s toolbox. Despite this, the construction of lattices and use of lattice reduction algorithms for cryptanalysis continue to be somewhat difficult to understand for beginners. This tutorial aims to be a gentle but detailed introduction to lattice-based cryptanalysis targeted towards the novice cryptanalyst with little to no background in lattices. We explain some popular attacks through a conceptual model that simplifies the various components of a lattice attack
Reply to: “Comment on: Orocline-driven transtensional basins: Insights from the Lower Permian Manning Basin (eastern Australia) by White et al. (2016)”
We welcome the discussion and presentation of new data by Offler et al. (2017). In spite of a large number of independent evidence supporting the structure of the Manning Orocline (Cawood et al., 2011; Fielding et al., 2016; Glen & Roberts, 2012; Korsch & Harrington, 1987; Li & Rosenbaum, 2014; Mochales et al., 2014; Rosenbaum, 2012; Rosenbaum et al., 2012; White et al., 2016), Offler et al. (2017) argue that this oroclinal structure does not exist. They have expressed a similar opinion in earlier discussion and comment papers (Lennox et al., 2013; Offler et al., 2015). We studied the Manning Basin because we think that it is situated in the hinge of the Manning Orocline, and as such, its tectonosedimentary evolution may shed light on the oroclinal structure and its possible formation mechanisms. Offler et al. (2017) mainly focus on specific structural complexities within the Manning Basin and fail to acknowledge the overwhelming volume of independent evidence supporting the proposed tectonic model. Here we address specific comments made by Offler et al. (2017) and demonstrate that the new structural mapping data provided by these authors, when examined in a regional context, further support our regional interpretation for the existence and geometry of the Manning Orocline..
- …