Algo Eco Exam

Front 1

Perez argues that each great technology surge occurs in two phases, punctuated by a
significant turning point. Describe these two phases and the nature of the turning point.

Back 1

The two phases are the initial installation period (1 point) followed by the subsequent
deployment period (1 point). The turning point between the two periods is a recession,
crash, or “bubble collapse” (1 point). This marks a transition from development driven
by injection of financial capital (1 point) to consolidation driven by the generation of
production capital (1 point).

Front 2

Explain the PSIDR model of malware propagation: what do the states S, I, D, & R
represent? What do the model’s parameters π, μ, δ and β represent? Draw the schematic
state transition diagrams for the model at t<π and t>π.

Back 2

S=Susceptible; I=Infected; D=Detected; R=Removed; pi= signature delay time; mu=
signature distribution rate; beta=infection rate; delta= clean-up rate.

Front 3

With reference to the PSIDR model, explain how the HP Virus Throttle can be an
effective countermeasure against malware, and describe any vulnerabilities or
weaknesses in relying solely on a virus throttle as a malware countermeasure.

Back 3

HP Virus Throttle works by greatly reducing the infection rate (but not actually reducing
it to zero), thereby altering the spread such that mu and delta dominate the dynamics of
the infection. This means that the signature can be spread faster than new machines are
becoming infected, and also previously infected machines can be restored/removed from
the set of vulnerable machines faster than new machines are infected. (2 points). One
weakness of the virus throttle is that it does allow some infections to continue (albeit at a
reduced rate) so damage can continue to be done (1 point), and also if malware is written
to spread infections “stealthily” (i.e. spreading to new machines at a sufficiently slow rate
to not trigger the throttle) then the method is ineffective (1 point).

Front 4

What does it mean for π to be negative in the PSIDR model?

Back 4

If pi<0 then the patch is produced before the exploit (1 point) – e.g. when a vulnerability
is identified by “white hat” security researchers, and/or by employees within the
corporation that the vulnerability affects. (1 point)

Front 5

What is the “vulnerabilities market”, why does it exist, and who are the participants
in it?

Back 5

The “vulnerabilities market” exists because it costs time and money to identify software
security vulnerabilities, so the process of identifying them is similar to producing a
product or offering a services (1 point). Similarly, software/system
producers/manufacturers are keen to know about the vulnerabilities so they can make
their produces more secure (1 point)– as indeed are criminals and “black hat” hackers so
they can exploit the vulnerabilities. (1 point) Thus, there is both a supply of identified
vulnerabilities, and demand for information describing those vulnerabilities, and market
mechanisms are a well-known way of reconciling supply and demand. (1 point)

Front 6

What is a Freemium Game?

Back 6

Freemium games are offered to consumers as free to install and play the basic game, but advanced features and or faster progress are made by in-game purchases, thereby providing revenue to the game developer/publisher (1 point

Front 7

What is Gold Farming?

Back 7

.Gold-farming is when people are employed and paid to play MMO games on behalf of a

third party.

.in poor countries possible to earn more money in virtual world.

.reported that at least 500,000 people work as
gold-farmers, primarily in China.

.Gold farmers are often paid to generate ingame currency (for later sale to end-users)

. or to create/capture in-game items
for later sale

. or to increase the experience/level of a player ("power leveling")

. countermeasures: ignoring/permitting it. Actively hosting it to make money

.counter Measures: nerfing, banning, disruption, patches, attacks, forced develuation

Front 8

Briefly give a real world example of a digital product with positive network
externalities which uses a similar pricing strategy, and explain how the positive network
externalities operate in the case of your example.

Back 8

This is a ‘freemium’ model. Adobe acrobat uses this: the reader is given away free, to
build a network of users with the ‘basic’ version, and therefore the premium version is of
more value to customers, resulting in more sales. [1 ​point for example, 1 point for
explanation of use of freemium to build network.]

Front 9

Describe the topology of the Spotify P2P network and give two reasons why this
design was chosen over alternative popular topologies.

Back 9

The network is based on (two) central servers that act as trackers for clients. Random
access to songs are delivered by the central server. Prefetching is based on peers that are
discovered through the tracker. (1 point) [if central server and supplementary peers are
mentioned]
The central tracker asserts that the entire music data base is accessible at all times. The
peers provide effective load balancing for most popular content. (1 point) for an
argument similar to this.

Front 10

Essay questions: points to mention?

Back 10

Environmental Impact

Front 11

Give 2 different ways a provider of a free service can make money from it.

Back 11

Sell complementary goods, eg Red Hat Linux selling support contracts.
- Sell advertising. eg Much of the web.

Front 12

What is the 'freemium' business model? Why is it economically important for
'experience goods'?

Back 12

A company provides a basic free version of a digital product, and a premium version
requiring payment. It is important for 'experience goods' because a user cannot have an
accurate valuation of the good without trying it out. The Freemium approach gives them
the opportunity to gain a sense of the goods value to them.

Front 13

Define a Peer-to-Peer distributed system. How does a hybrid P2P system differ from
a pure one?

Back 13

A computer network which uses diverse connectivity between participants in a network
and the cumulative bandwidth of network participants rather than conventional
centralized resources where a relatively low number of servers provide the core value to
a service or application. P2P networks are typically used for connecting nodes via
largely ad hoc connections.

Gnutella: Peers act as equals, merging the roles of the client and the server.

Front 14

Explain how the HP Virus Throttle algorithm works

Back 14

Virus comes in, tries to spread itself throughout the network.

.doesn't stop virus from entering, just limits it leaving

.notices if lots of connections are opened, reduces the amount of connections.

.notifices an authority

.doesn't need signature of virus (polymorphic and space filler viruses).

Front 15

Describe the BitTorrent P2P architecture. How does BitTorrent handle the problem of
users locating the desired files? How does BitTorrent handle the problem of potential
freeloaders downloading material without uploading?

Back 15

BitTorrent client software communicates with a tracker to find other computers running
BitTorrent that have the complete file (seed computers) and those with a portion of the
file (peers that are usually in the process of downloading the file).
• The tracker identifies the swarm, which is the connected computers that have all of
or a portion of the file and are in the process of sending or receiving it.
• The tracker helps the client software trade pieces of the file you want with other
computers in the swarm. Your computer receives multiple pieces of the file
simultaneously.
• Downloading pieces of the file at the same time helps solve a common problem
with other peer-to-peer download methods: Peers upload at a much slower rate than they
download. By downloading multiple pieces at the same time, the overall speed is greatly
improved. The more computers involved in the swarm, the faster the file transfer occurs
because there are more sources of each piece of the file. For this reason, BitTorrent is
especially useful for large, popular files.
[3 marks for description of architecture]
• You search for the file simply by using Google, or a torrent-specific search
site/engine. You open a Web page and click on a link for the file you want.
[1 mark for how to locate files]
• If you continue to run the BitTorrent client software after your download is
complete, others can receive .torrent files from your computer; your future download
rates improve because you are ranked higher in the "tit-for-tat" system – e.g.:“I’ll share
with you if you share with me”. However, be optimistic: occasionally let freeloaders
download otherwise no one would ever start!
• Also allows you to discover better peers to download from when they reciprocate
• However, the tit-for-tat system is no longer as important in BitTorrent as it used to
be – though many tracker sites use registration and track upload/download ratios to
achieve the same goal.
[2 marks for how to handle freeloaders]

Front 16

What is a Vickrey auction.

Back 16

A Vickrey, or sealed-price second bid, auction requires all bidders to specify a single bid
secretly to the auctioneer. The auctioneer then awards the sale to the highest bidder, but
they pay the price of the second highest bid. (1 point).

Front 17

Carlotta Perez argues that there have been five major technology surges since
industrialization started. Give the name of each technology surge, and its start and end
dates (to within 20 years of the dates given by Perez, as cited in the lecture slides).

Back 17

• Industrial Revolution 1770-1829
• Steam & Railways 1829-1873
• Steel & Electricity 1875-1918
• Oil, Car, Mass Production 1908-1974