NOt about programming .. .about VPS - page 4

New comment
 
forexvps:

Why ? What's your point ? I don't agree, having a windows solution is a concern for people knowning about security implication of having an live account with 10'000 USD. Are you in peace when you trade such amount of money knowing any failure can ruin your trades ? Are you concerned about 'man in the middle' attacks ? Windows based VPS only offer poor 128 bits encryption (or not at all by default) with Remote Desktop protocol. We do encrypt every traffic with 2048 bits at least.

Did you read everything I wrote...? U should be defending your company's reputation now and not the reliability of your servers... (I am sure they are reliable, that's not the point at all).

Anyway, since you are here promoting a service, I think you are biased and there is not much point in this conversation.

 
jjc:

Surely protecting intellectual property is a niche concern, specific to worlds such as MT4, because most people don't have any on their computer?

Nope. IMHO, that's people's main concern when it comes to EA hosting security. They do have it on their computer, but it is relatively 'anonymous', as opposed to putting it on a server known to be hosting EA's and physically being outside of their home.

 
gordon:

Nope. IMHO, that's people's main concern when it comes to EA hosting security. They do have it on their computer, but it is relatively 'anonymous', as opposed to putting it on a server known to be hosting EA's and physically being outside of their home.

I think we're largely in agreement; I did refer to it being "specific to worlds such as MT4".

Any computer connected to the internet will be constantly battered by all sorts of generic intrusion attempt which you will want to protect against. I can't think what steps you would/could take to prevent external people specifically grabbing your EAs which you wouldn't take anyway just to prevent your machine being reduced to rubble by normal intrusion attempts. If random person X on the internet can get your EA off your VPS, then your VPS will already be toast because it will be filled with every piece of generic malware under the sun, and crash.

Therefore, your specific concern with MT4 hosting must be the hosting provider, not external hackers.

One route is to fill your hard disk with as many EAs as you can find (or create). How does the hosting provider then work out which is the marvellous one you're terrified of someone stealing? Same principle supporting the notion of hiding yourself amongst lots of other MT4 customers, all with .ex4 files which might or might not be gold-dust - i.e. use a specialist MT4 hosting platform.

 
jjc:

One route is to fill your hard disk with as many EAs as you can find (or create). How does the hosting provider then work out which is the marvellous one you're terrified of someone stealing?

The last EA used (or is currently being used) leaves traces... Since on Terminal restart it's still attached - this must be saved somewhere. This info might be used to find out the true EA...

Edit: even the logs would tell us which one is the true one... I don't think it could be hidden reliably.

 
gordon:

The last EA used (or is currently being used) leaves traces... Since on Terminal restart it's still attached - this must be saved somewhere. This info might be used to find out the true EA...

Edit: even the logs would tell us which one is the true one... I don't think it could be hidden reliably.

So, you create any number of EAs, attach them to charts, but make them dummy EAs which never actually trade. I'm not aware of a way of determining, from the hard disk alone, which of those EAs has been trading.

Another option is to deploy onto your VPS an EA which is deliberately incredibly slow when back-tested. What's the hosting provider going to do? Run long-term forward tests of every customer EA they can find, in order to identify the tiny number which aren't junk? Or do you think that the hosting provider can tap into the broker traffic stream and read the proprietary protocol to get your account info?

 

I think we're in danger of going down a "security through obscurity" rathole that won't help any of us.

I prefer to pick a reputable hosting company that I can:

- meet and talk with face to face

- sign security contracts and SLAs with

- take total control of the platform, in confidence that no one else is going near it

You have to wonder at the motivation of companies who offer EA hosting services. I wonder why they'd want to limit their market in this area :-)

CB

 
jjc:

So, you create any number of EAs, attach them to charts, but make them dummy EAs which never actually trade. I'm not aware of a way of determining, from the hard disk alone, which of those EAs has been trading.

The logs... They contain account number and expert name... The history folder will contain the server (=broker) name. All u have to do is check the range of live account numbers for each broker (Alpari for example has detailed information about this on their website).

Another option is to deploy onto your VPS an EA which is deliberately incredibly slow when back-tested. What's the hosting provider going to do? Run long-term forward tests of every customer EA they can find, in order to identify the tiny number which aren't junk? Or do you think that the hosting provider can tap into the broker traffic stream and read the proprietary protocol to get your account info?

Now we are being silly :) Isn't it much simpler to use a 'regular' hosting service. BTW, they are usually also much cheaper. For some reason EA-specific hosting costs more...

 
cloudbreaker:

You have to wonder at the motivation of companies who offer EA hosting services. I wonder why they'd want to limit their market in this area :-)

Well, picking three out of the 17,000 reasons:

  • It's an easy market to target. You can direct your marketing budget fairly narrowly, and get a long way on quite a small budget. You're not having to go up against the giants of generalised hosting.
  • You can provide all sorts of market-specific value-added services with relatively high take-up: e.g. well-known commercial EAs at a discounted price.
  • You can get away with providing 24x5 connectivity rather than the 24x7 for the general market. For example, there's a well-known MT4-specific provider who used to have substantial downtime most weekends. (And, in the increasingly cloud world, you could make extra money from selling your excess processor and bandwidth capacity at weekends).
 
jjc:

Well, picking three out of the 17,000 reasons: [...]

I've got nothing better to do right at this instant, so I'll throw in another 15 of the reasons (only 16,982 to go). The first three are the usual justification for MT4-specific providers having higher charges than generic ones:

  • You can set up your hosting to minimise latency to major brokers, and thus potentially improve service compared to a generic hoster (if you believe in the value of low latency with MT4).
  • You can specifically monitor the routes to major brokers, watching for problems, and thus again offering an improved service over generic hosting.
  • You can offer support on MT4 configuration and problems, which generic hosters won't have a clue about.
  • Without tapping into the actual traffic, you can detect the relative usage of different brokers, and sell that market intelligence to brokers.
  • You can identify which customers use particular brokers, and offer targeted advertising.
  • You have a general website plus (usually) a customer portal where you can display relatively targeted advertising (i.e. for forex, rather than phones/insurance/clothes/etc), at CPM rates which will therefore beat what generic hosters can charge.
  • You can have a conversation with your connectivity provider which goes like this: "I will need x bandwidth on weekdays, but only 0.1 x at weekends. What discount are you going to give me?"
  • You've got an audience with an unusually powerful need for multi-site DR, and therefore potential purchase of multiple hosting packages (albeit that probably only increases your take-up rate from 0.0001% to 0.0002%)
  • The fact that you have a precise, neat targeted market means that you can provide an affiliate scheme where people will see above-average take-up rates.
  • You're dealing with a platform which tends to eat disk space over time (history files etc), and therefore above-average potential to up-sell to bigger packages.
  • If you run a clean operation you've got the potential to white-label it for a broker, or even an exit route for your business in selling it to a broker.
  • You've got an unusually uniform customer base, with attributes such as unusually uniform longevity, and therefore you can budget more precisely than a generic hoster.
  • Your product range can be comparatively limited: you don't need to offer 17 flavours of Windows, and 19 different Linux distros, with the consequent support costs.
  • You're going to pay out less weekend over- and double-time than a generic hoster because your support calls at weekends will be relatively fewer.
  • It's arguably easier to expand your offering from a specific market to a general one than vice versa (particularly when you can say "already trusted by people to handle live financial transactions")

1234
New comment