Ricardian or Monopoly Rents? The Perspective of Potential Entrants

Tests of the efficiency and market power hypotheses have focused on incumbents’ profitability. The current study examines the issue from the perspective of potential entrants. A key premise of the paper, which follows from the efficiency hypothesis, is that incumbents’ Ricardian rents (resulting from efficiency) usually do not induce entry. However, incumbents’ monopoly rents should attract entry, ceteris paribus. The entry response to adjusted and unadjusted profitability measures is compared. The difference between the measures represents Ricardian rents, according to the efficiency hypothesis, and monopoly rents, according to the market power hypothesis. The results, generally, favor the market power hypothesis.

COVID Down Under: where did Australia's pandemic apps go wrong?

Governments and businesses worldwide deployed a variety of technological measures to help prevent and track the spread of COVID-19. In Australia, these applications contained usability, accessibility, and security flaws that hindered their effectiveness and adoption. Australia, like most countries, has transitioned to treating COVID as endemic. However it is yet to absorb lessons from the technological issues with its approach to the pandemic. In this short paper we provide a systematization of the most notable events; identify and review different failure modes of these applications; and develop recommendations for developing apps in the face of future crises. Our work focuses on a single country. However, Australia's issues are particularly instructive as they highlight surprisingly pitfalls that countries should address in the face of a future pandemic

Transactional Scripts in Contract Stacks

Deals accomplished through software persistently residing on computer networks—sometimes called smart contracts, but better termed transactional scripts—embody a potentially revolutionary contracting innovation. Ours is the first precise account in the legal literature of how such scripts are created, and when they produce errors of legal significance.Scripts’ most celebrated use case is for transactions operating exclusively on public, permissionless, blockchains: such exchanges eliminate the need for trusted intermediaries and seem to permit parties to commit ex ante to automated performance. But public transactional scripts are costly both to develop and execute, with significant fees imposed for data storage. Worse, bugs practically can’t be eliminated. The result is that many scripts will terminate in misunderstanding, frustrated intent and failure.When code misdelivers, disappointed parties will seek legal recourse. We argue that jurists should situate scripts within other legally operative statements and disclosures, or contract stacks. Precision about the relationship between script and stack sustains a novel framework, rooted in old doctrines of interpretation, parol evidence and equity, that will help jurists compile answers to the private law problems that digitized exchange entails

Coin-Operated Capitalism

This Article presents the legal literature’s first detailed analysis of the inner workings of Initial Coin Offerings. We characterize the ICO as an example of financial innovation, placing it in kinship with venture capital contracting, asset securitization, and (obviously) the IPO. We also take the form seriously as an example of technological innovation, where promoters are beginning to effectuate their promises to investors through computer code, rather than traditional contract. To understand the dynamics of this shift, we first collect contracts, “white papers,” and other contract-like documents for the fifty top-grossing ICOs of 2017. We then analyze how such projects’ software code reflected (or failed to reflect) their contractual promises. Our inquiry reveals that many ICOs failed even to promise that they would protect investors against insider self-dealing. Fewer still manifested such contracts in code. Surprisingly, in a community known for espousing a technolibertarian belief in the power of “trustless trust” built with carefully designed code, a significant fraction of issuers retained centralized control through previously undisclosed code permitting modification of the entities’ governing structures. These findings offer valuable lessons to legal scholars, economists, and policymakers about the roles played by gatekeepers; about the value of regulation; and the possibilities for socially valuable private ordering in a relatively anonymous, decentralized environment

Detecting Excessive Data Exposures in Web Server Responses with Metamorphic Fuzzing

APIs often transmit far more data to client applications than they need, and in the context of web applications, often do so over public channels. This issue, termed Excessive Data Exposure (EDE), was OWASP's third most significant API vulnerability of 2019. However, there are few automated tools -- either in research or industry -- to effectively find and remediate such issues. This is unsurprising as the problem lacks an explicit test oracle: the vulnerability does not manifest through explicit abnormal behaviours (e.g., program crashes or memory access violations). In this work, we develop a metamorphic relation to tackle that challenge and build the first fuzzing tool -- that we call EDEFuzz -- to systematically detect EDEs. EDEFuzz can significantly reduce false negatives that occur during manual inspection and ad-hoc text-matching techniques, the current most-used approaches. We tested EDEFuzz against the sixty-nine applicable targets from the Alexa Top-200 and found 33,365 potential leaks -- illustrating our tool's broad applicability and scalability. In a more-tightly controlled experiment of eight popular websites in Australia, EDEFuzz achieved a high true positive rate of 98.65% with minimal configuration, illustrating our tool's accuracy and efficiency

A Gentle Tutorial for Lattice-Based Cryptanalysis

The applicability of lattice reduction to a wide variety of cryptographic situations makes it an important part of the cryptanalyst\u27s toolbox. Despite this, the construction of lattices and use of lattice reduction algorithms for cryptanalysis continue to be somewhat difficult to understand for beginners. This tutorial aims to be a gentle but detailed introduction to lattice-based cryptanalysis targeted towards the novice cryptanalyst with little to no background in lattices. We explain some popular attacks through a conceptual model that simplifies the various components of a lattice attack

Reply to: “Comment on: Orocline-driven transtensional basins: Insights from the Lower Permian Manning Basin (eastern Australia) by White et al. (2016)”

We welcome the discussion and presentation of new data by Offler et al. (2017). In spite of a large number of independent evidence supporting the structure of the Manning Orocline (Cawood et al., 2011; Fielding et al., 2016; Glen & Roberts, 2012; Korsch & Harrington, 1987; Li & Rosenbaum, 2014; Mochales et al., 2014; Rosenbaum, 2012; Rosenbaum et al., 2012; White et al., 2016), Offler et al. (2017) argue that this oroclinal structure does not exist. They have expressed a similar opinion in earlier discussion and comment papers (Lennox et al., 2013; Offler et al., 2015). We studied the Manning Basin because we think that it is situated in the hinge of the Manning Orocline, and as such, its tectonosedimentary evolution may shed light on the oroclinal structure and its possible formation mechanisms. Offler et al. (2017) mainly focus on specific structural complexities within the Manning Basin and fail to acknowledge the overwhelming volume of independent evidence supporting the proposed tectonic model. Here we address specific comments made by Offler et al. (2017) and demonstrate that the new structural mapping data provided by these authors, when examined in a regional context, further support our regional interpretation for the existence and geometry of the Manning Orocline..