You should consult your coder friend for the coding issues...
Protecting Multicharts Code, best ways?
- Thread starter Alex27
- Start date
Am I supposed to know what TT is?
You have zero experience yet in anything of all the many things you plan to do and post here about.
I would suggest to start with a much smaller plan first, step by step.
I still don't understand what you want to protect, because that MC script is IMO running on your own computer, so why all the fuzz about security on that?
You have to install MC on your PC. And MC needs a constant open communication between them and your PC. They don't have a standalone version that will work once installed and that let's you close gates. This is the ideal situation for MC to look around in the PC and to read, copy or steal whatever they want.
If you would be able to cut off all communications with MC once the program is installed (like in the old days) you would have a much better situation (not for MC but for yourself).
If you don't believe this to be true I propose you to install a wonderfull program that I can deliver to you, but you should let me in your PC constanly to make this program work "correctly". I will copy your complete HD without you knowing it.
The same remark applies to many programs, not just MC.
It is like buying a high security lock for your door, but the vendor should always have a copie of your key. But he promises never to abuse this key, on his word of honor. And NO, there are no dishonest people, especially if they confirm it themselves.
And the best question is: but what is there to steal?
The answer is: maybe nothing. But it is not about that it is about the fake protection. You have the right to protect what is yours, even if it is only garbage.
And it is not about paranoia, just ask Snowdon.
Or read the news:
- OPM Hackers Stole Data on Every Federal Employee
- Hackers Stole Nearly 20-Million T-Mobile and Scottrade Customers’ Personal Information
- Germany turns over stolen Swiss bank data to Greece
- Hackers advertising stolen data on YouTube to buy
You usually use multiple computers (best is to have at least 2 cheap refurbished multicore laptops). And use at least 250 GB SSD's, that's the best thing to make your system fast.
Sensitive things you don't store on the same computer where such a "backdoor" like your trading platform
is running.Let the programs run on different computers and/or different user accounts,
and restrict the access rights among the different user accounts and computers.
Never run such programs as Administrator or root. It has to run under normal user account,
ie. just create a fake user und let the program run under that user.
Net effect is that that user has no access to the home folders of the other user accounts.
It is up to you (or your admin) to set up such restrictive access restrictions for the different user accounts on your system(s).
If you can't trust the Multicharts company, then simply don't use their program.
I would suggest to use AmiBroker (www.amibroker.com) as a replacement, it is a classic program for technical analysis, backtesting, system development, and also for autotrading.
It has a C/C++ like scripting language and a C++ API for writing your own DLLs, ie. it's very powerful and very fast.
It does not need a permanent connection, be it to their own server(s) or to your broker.
It uses a local database that needs to be filled from external data sources (ie. thru your broker or 3rd party datafeeds or from free data sources like Yahoo, Google and some more).
And I can even guarantee you that the author of AmiBroker never would spy or steal files from your computer. Such shameful thing is not his business, he is a honourable programmer.
Oh boy, paranoia everywhere without any concept or ideas for simple & basic security solutions...
See also these recent tips of mine for privacy and security:
http://www.elitetrader.com/et/index.php?threads/hacking-and-security.297711/#post-4242299
.
Last edited:
This is the confirmation that there are severe security problems and that it is not paranoia.
Second remark is that most people who use computers don't have the knowledge to protect themselves.
That's why I never used them. The answers on my questions clearly told me what to do and surely what NOT to do.
As I told before:most people who use computers don't have the knowledge to protect themselves.
But I appreciate your efforts to help them ( and me).
I think 99% of ET members don't know how to do this. And MC, Tradestation or anybody else will not help them to organize this.Sensitive things you don't store on the same computer where such a "backdoor" like your trading platform
The trading software that I know saves the tradeplans and scripts by default in the same map as the program... so accessible by MC, TS and others?
Last edited:
Everybody is reponsible for educating him/herself. Who else should do that very privat thing if not the user him/herself?
It's not rocket science, one just needs to do some research on the net or read a book.
Thx.
It's not the job of such trading companies. Someone who trades at the stock exchange should be educated and responsible for his/her own actions and decisions,
and his/her own safety and online security.
Nowadays there is enough information and help available to protect the privacy and property on the computers.
In Linux/Unix we use the "su" commandline program to switch to other user (it ask for login password). Then one can easily check whether
that other user can access and/or modify the directory (folder, map) of another user or of the system. An easier method is just to look up the directory (and file) permissions:
Code:
$ ls -l /home
drwxr-x--- 6 user1 user1 4096 Feb 18 09:25 user1
drwxr-x--- 21 user2 user2 4096 Feb 17 00:16 user2
drwxr-x--- 14 user3 user3 4096 Feb 19 01:45 user3The permissions are (r=read, w=write, x=execute), and there are 3 groups of them ("user", "group", and "others", in that order).
The above user home directories and permissions tell us: there are 3 users (user1, user2, user3),
and only the user himself and his own group has access to his home directory, others are not permitted any access. Ie. user1 cannot access the directory of user2 or user3, and vice-versa.
It is similar under Windows using the NTFS filesystem; one just needs to read it up in the manual.
My advice: get rid of the graphical administration tools and use the commandline.
Microsoft wants to make people stupid with that constantly changing useless graphical cr*p.
Every program runs under a user account, so it now should be clear for everybody what is meant...
Last edited:
