Someone used my IB account to trade!!!

Quote from makloda:

What I do:

1. I have a server (cheap old computer, in a seperate room that I lock) that is exclusively used for ordering via my IB TWS. All my charting and analysis software is running on my MAIN COMPUTER, which I use for email, surfing, etc. etc. If this main machine is compromised an attacker gains NOTHING.

2. All I run on that box is TWS, nothing else. I run Windows XP on that machine and I automatically update all Windows updates. Since TWS is Java you might even run Linux on it, probably not a bad idea.

3. I run two piece of software to secure the box

a) NOD32 from http://www.eset.com. This is an industrial strength anti virus/trojan protection.
b) AGNITUM FIREWALL from http://www.agnitum.com. Russian firewall. Think about it, these guys are born as hackers. Now they wrote the world's best firewall. 30 day free trial.

4. Look at this

http://img291.echo.cx/img291/1924/screenkeyboard1kh.jpg

This is the screenshot of the virtual on-screen keyboard found on my Windows XP. This keyboard can be accessed from Start>All Programs>Accessories> Accessibility>On-Screen Keyboard in windows XP.

The main purpose of this keyboard is for mobility impaired users (who cannot type on the keyboard due to disability, but can use the mouse)

I enter the usernames and passwords using this keyboard and even if there are any spyware logging keystrokes, they will not get hold of my IB TWS login information.
More...


Your advice must be targeted at the smuck trading a $10,000 account in his pyjamas...
And who would care much about his 10K anyway?

For most sophisticated trading operations...
Each trader will be running at least 3 networked PCs and 5-10 monitors...
And at least 5-10 complex real-time quote, quant, chart programs that support his trading...
Of which at least 2-3 of which MUST access the web...
And ALL this must interact and run smoothly over a network in REAL-TIME.

That's how a professional trader can do 200-300 trades/day easy.

Basically... your advice to disable computers and run only TWS is crazy.
 
If this guy's story is accurate...
The way IB handled this is comptempuous, scary... and "not in compliance".

But it's not surprising.

IB owe's me a dividend...
And I will have to make 3-4 phone calls to the Institutional Desk where they will assume I'm retarded...
Then more calls to other offices...
Then any number of "trouble tickets"...
The last one was ignored... and then "expired due to inactivity" (on IB's part).

80-90% of the time I have a Re-Org problem or a Buy-In...
(Probably about 10 instances/year)...
It becomes a long, drawn-out nightmare that costs IB a fortune in Customer Service time.

IB is the very embodiment of the saying: "Penny wise and pound foolish"...
Which is why they will always be 1% the size of Merrill Lynch.
 
You can setup your computer to run though network with the same security settings, at the sametime you can prevent access to your computer from outside sources. If you need more info I would suggest to do more research from some IT web pages. Here is the example, go to Start -> All Programs -> Accessories -> Command Prompt -> type "netstat", check and see what is runing in and out from the net. You'll be amazed to see who is retreiving information from your computer.
 
Quote from sprstpd:

I think you are incorrect in terms of wireless hacking:

http://www.theinquirer.net/default.aspx?article=33458

Furthermore, you cannot claim that mac "wireless" data cannot be snooped.
More...

in that case hackers were able to show they could penetrate the wirless windows cards windows not os x. os x has never been infiltrated with success. if u use your mac with osx as your oprative system u can so far be safe. there is, as i said not one single precedent, where someone has been able to dismantle os x securities layers and take full control of a mac...this was a demo run not an actual event affectin' a private user and preventive steps surely have been taken by aapl to strenghten security.
 
No need to go through all that software jargon. Headache...

Maybe a hardware key is the solution...i.e. you need a personalized/unique small usb device that confirms you are really the trading acct holder (like the good old days for AUTOCAD)
 
You must log in or register to reply here.
Back
Top