Wishes for MQL5 - page 14
You are missing trading opportunities:
- Free trading apps
- Over 8,000 signals for copying
- Economic news for exploring financial markets
Registration
Log in
You agree to website policy and terms of use
If you do not have an account, please register
Two key system.
A wants to sell/transfer an advisor to B. B generates two keys on his machine: a private (secret) key and a public key. The private key is kept by B under 100 locks. B gives the shared key to A who uses this key to create an encrypted EX4 file and gives the file to B and only B uses his secret key to decrypt EX4 file. With a shared key, a secret key cannot be made. An intruder will have B's shared key, but will not be able to do anything with it.
According to Philip R. Zimmermann's theory, the PGP program.Gentlemen, please explain:
1. How will the terminal execute the advisor's instructions without being able to decrypt it?
2. If the terminal on the "attacker's" side can decrypt the file, why can't the "attacker" do it?
... or it's easier for them to hold a contest and ... you can finish the rest. For they have the compilation algorithm
Option 1: Before sending, you should agree with yourself that you "change" the algorithm of the Expert Advisor for the Prize. (The prize and other benefits that can be obtained if your Expert Advisor shows itself worthy)
Option 2. For the Championship, write a "special" Expert Advisor, as I think Luis Guillermo Damiani did this year
If I may offer some advice: Trust the organizers.
Regards Ilya Karakuts
Complete restoration of source code by compiled code is impossible in principle (if only because sources and objectniks are not isomorphic, i.e. from one objectnik one can get infinitely many corresponding sources, and from source one can get as many different objectniks). Therefore we will talk about reconstruction of algorithm. I hasten to please you, this task is rather difficult, and depends mainly on code size (more precisely on quantity of RELATIONSHIPS between different code parts), but, I repeat, at present time it is arranged precisely so and it does not need to change anything. And, again, no additional cryptographic means can REALLY increase this protection. Such tools will give a false sense of security, which is often much worse than no security at all, because it leads to unwarranted carelessness. It's as if a person who bought a gun but doesn't know how to use it would suddenly start walking around at night in unsafe neighborhoods which under other circumstances he would avoid.
2 Parabellum:
In this scheme, only the transmission channel is protected. For protected channel installation there are a lot of solutions already invented, perfectly realized and proved themselves in practice.
Prival, in this case, is not afraid that ex4 will be intercepted on the way, but that it will be used for his dirty purposes by the very one to whom the advisor has been passed (as you have already been told: B is an intruder).
I didn't immediately notice your concerns about the Championship. I have to disappoint you: You see, both the client and the server are closed, but there is some network activity going on. If the methaquotes wanted your EA, they would be able to stealthily transmit it directly from your computer. Let's now look at the pros and cons:
pros:
They acquire a bunch of advisors, some of which are grails
cons:
They lose their reputation and along with their reputation, they lose clients and close their business.
I don't know about you, but I would not trade my real money making business and client base for a phantom opportunity to get a grail someday. I think the methaquotes are aware of that too
Amirul do not worry, stealing from my computer (important information) is possible only physically together with the computer and you have to be very careful, even full access to the computer via MT will not do anything. For a fee I can tell you how to do it :). I am an experienced sysadmin. I posted my suggestions on how to protect my code in MQL4 here. It seems to be more appropriate there.
You still haven't answered my 1 question, maybe you missed it.
You seem to possess a lot of knowledge in this field. Please give your estimation of how much time an MQL developer that knows exactly how an executable ex4 file is generated would need. Having this ex4 file in hand to restore the source code of mq4, the interest is purely theoretical, how much time is needed for that. sec, min, hour, day ?
Amirul don't worry, you can steal from my computer (important information) only physically together with the computer and then you have to be very careful, even full access to the computer via MT will not do anything. For a fee I can tell you how to do it :). I'm a sys admin with experience. I posted my suggestions on how to protect my code in MQL4 here. It seems to be more appropriate there.
You still haven't answered my 1 question, maybe you missed it.
You seem to possess a lot of knowledge in this field. Please give your estimation of how much time an MQL developer that knows exactly how an executable ex4 file is generated would need. Having this ex4 file in hand to restore the source code of mq4, the interest is purely theoretical, how much time is needed for that. sec, min, hour, day ?
1. I was not referring to all the important information on the computer, but only the EAs to which the terminal naturally has access
2. I have answered this question. First, the source code cannot be restored exactly; second, the algorithm is actually very difficult to restore (including the current state of affairs); third, I cannot give an estimate of time, because to know how much time it takes "time for a MQL developer who knows exactly how an executable ex4 file is generated", you have to be that developer, and the time is highly dependent on the program. The only thing you can FULLY count on is that if your Expert Advisor is not interesting, it will never be "cracked", and if it is very interesting, it will be cracked in a relatively short period of time. As Bruce Schneier puts it "Against the average user, anything works; there's no need for complex security software. Against the skilled attacker, on the other hand, nothing works". To give a rough estimation I have to go back to DVD/HD-DVD.
CSS (security system in DVD) appeared in 1996 and was cracked in 1999
AACS for HDDVD/BlueRay protection which has appeared in spring 2006, has been reverse engineered by autumn of the same year (decryption source code was ready - only a key was missing). The key itself has been found in spring 2007.
Both of these protections were developed by large corporations, and huge amounts of money were spent on them. Among other things, the very lack of knowledge (security by obscurity) played into the hands of the security developers. Now calculate by yourself how much time it will take to reverse engineer your code.
Prival, let us create a super-duper protection for the EA. In order for the EA to work, it has to be loaded into RAM as a program. We remove the memory dump and our protection is over.
And my wish in general for MQL4 is to add a constant to MarketInfo to determine the maximum number of allowed orders (like for competition = 3).