Measuring Software Diversity, with Applications to Security

In this work, we briefly introduce and discuss some of the diversity measures used in Ecology. After a succinct description and analysis of the most relevant ones, we single out the Shannon-Weiner index. We justify why it is the most informative and relevant one for measuring software diversity. Then, we show how it can be used for effectively assessing the diversity of various real software ecosystems. We discover in the process a frequently overlooked software monopoly, and its key security implications. We finally extract some conclusions from the results obtained, focusing mostly on their security implications.Comment: 10 pages, 5 figure

On the limits of engine analysis for cheating detection in chess

The integrity of online games has important economic consequences for both the gaming industry and players of all levels, from professionals to amateurs. Where there is a high likelihood of cheating, there is a loss of trust and players will be reluctant to participate — particularly if this is likely to cost them money. Chess is a game that has been established online for around 25 years and is played over the Internet commercially. In that environment, where players are not physically present “over the board” (OTB), chess is one of the most easily exploitable games by those who wish to cheat, because of the widespread availability of very strong chess-playing programs. Allegations of cheating even in OTB games have increased significantly in recent years, and even led to recent changes in the laws of the game that potentially impinge upon players’ privacy. In this work, we examine some of the difficulties inherent in identifying the covert use of chess-playing programs purely from an analysis of the moves of a game. Our approach is to deeply examine a large collection of games where there is confidence that cheating has not taken place, and analyse those that could be easily misclassified. We conclude that there is a serious risk of finding numerous “false positives” and that, in general, it is unsafe to use just the moves of a single game as prima facie evidence of cheating. We also demonstrate that it is impossible to compute definitive values of the figures currently employed to measure similarity to a chess-engine for a particular game, as values inevitably vary at different depths and, even under identical conditions, when multi-threading evaluation is used

Tomato Farmer Participation in Supermarket Market Channels in Guatemala: Determinants and Technology and Income Effects

The paper shows that in a comparison between supermarket channels (working via dedicated wholesalers) and traditional channels, farmers selling to supermarkets tend to be in the upper-end of the "small farmer" category (whereas the traditional-channel growers are in the smaller end), have more capital (in particular, irrigation, which allows them to supply all year and attain greater productivity and consistency), and be much more specialized in commercial horticulture in general and in tomatoes in particular, as compared to the traditional farmers. While they have higher yields, they also have higher input use, including use of chemicals, and these greater input expenditures (accompanied by more credit and technical assistance from the chemical companies) means that their profit rate is roughly similar to the farmers in the traditional channel. They tell us that they prefer still the more demanding wholesale-supermarket channel because it offers a lower risk and lower transaction cost outlet for the variety of their qualities and grades, all year. In turn, the supermarkets, who do not buy direct but rather source from a few dedicated wholesalers, rely on this year-round supply, lower transaction costs, and consistency. While the share of supermarkets in the produce market in Guatemala is still minor, these results mean merely that the more capitalized-tier of small farmers enjoy some advantages with the new channel, but also some entry costs that the traditional farmers as of yet do not face. As the supermarket channel grows, it is expected that more and more farmers will need to capitalized in ways that will either make them competitive in the new market, or in the traditional markets that will doubtless evolve to maintain competitiveness themselves. Development programs over the medium-long run will need to take into account the changing nature of farm-level investments thus implied.Industrial Organization, Marketing,

Hybrid particle-element method for a general hexahedral mesh

textThe development of improved numerical methods for computer simulation of high velocity impact dynamics is of importance in a variety of science and engineering fields. The growth of computing capabilities has created a demand for improved parallel algorithms for high velocity impact modeling. In addition, there are selected impact applications where experimentation is very costly, or even impossible (e.g. when certain bioimpact or space debris problems are of interest). This dissertation extends significantly the class of problems where particle-element based impact simulation techniques may be effectively applied in engineering design. This dissertation develops a hybrid particle-finite element method for a general hexahedral mesh. This work included the formulation of a numerical algorithm for the generation of an ellipsoidal particle set for an unstructured hex mesh, and a new interpolation kernel for the density. The discrete model is constructed using thermomechanical Lagrange equations. The formulation is validated via simulation of published impact experiments.Mechanical Engineerin

Cryptanalysis of the RSA-CEGD protocol

Recently, Nenadi\'c et al. (2004) proposed the RSA-CEGD protocol for certified delivery of e-goods. This is a relatively complex scheme based on verifiable and recoverable encrypted signatures (VRES) to guarantee properties such as strong fairness and non-repudiation, among others. In this paper, we demonstrate how this protocol cannot achieve fairness by presenting a severe attack and also pointing out some other weaknesses.Comment: 8 pages, 1 figur