3rd party software, Ninja Trader / Multi charts/SmartQuant

Discussion in 'Automated Trading' started by ChrisMMM, Nov 30, 2007.

  1. Hi,

    I addressed this concern earlier saying that these 3rd party software people might be looking at your code. I'm still concerned that the logic of your code might be being sent back to the developers, so I found out a little more about internet security

    I have downloaded all of these, Open Quant / NinjaTrader/ Multicharts

    Everytime you start NinjaTrader or OpenQuant you connect to their server... to Colorado for ninja trader and to Russia for OpenQuant.

    The .exe file that they use to connect basically says it is just "checking for updates". This may be all fine and dandy, however if they are connected to your computer they really can do anything they so desire... if you have a profitable strategy... wouldn't you think that it might not be so far fetched for them to want to see what it is?

    We know that the 3rd party softwares establish a connection to your computer, however has anyone ever looked into to see what all they are sending back?

    I should probably get wireshark and see for myself.

    Does anyone know more about this area and can help me?

  2. ethos


  3. Well, it really just checks for updates (at least OpenQuant) :) . Actually this feature was requested by our customers since they wanted to be informed about new versions.

    Do you think that adding an option that allows to turn this feature off will remove your concerns?

  4. Anton,

    Yes I would definitely feel much more comfortable if I could turn it off.

    I've been looking at these automated programs for quite some time, and would love to purchase one. As to which one I'd purchase I'd have to say more likely than not, I'd purchase your software, open quant. It's pretty easy to say that your piece of software beats the others by a large margin. In a way it's almost hard to argue with that. The only thing I don't like is the documentation... Seems that the instruction manual is very limited

    ...however just because yours is so much better than the rest, I'll probably purchase Open Quant if I can feel it's safe.
  5. maxpi


    I think that somebody downloading strategies would get bored and frustrated after awhile, so many lose $ over time, but if they could get every subscriber's account balances every day they could narrow the search to just the ones that win over time... my assumption is that a rogue programmer puts code in the software that reads account balances via the API and reports the good ones to him along with strategies from the same machine. however I doubt that is doable without somebody detecting it and giving the software vendor a black eye in the press.

    If you run your trading machine behind a firewall that only allows access to the few things needed for your strategy the programmer is forced to send his stolen info via the software vendors, data vendors, or brokerage URL's and that raises his difficulty level and risk of getting caught.
  6. We are going to release OpenQuant 2.0 supporting multiple strategies in a couple of weeks and we want to update documentation as well. We have also started FAQ section on our forums (how to do this or that in the code or GUI). I hope this should help.

  7. After all... SmartQuant (as well as Ninja and TS Support) have been in the trading software business since 1997. If our customers have a slight feeling that we sniff user information, the business is dead. I don't think it's worth taking such huge risk, so you can sleep well :)
  8. would you be able to add that feature where there is no connection to open quant?

    - also your customers would have no idea. Once you establish the connection it would be so easy to snoop around and send back anything you want encrypted, your customers would have no idea

  9. Sure, we will add this option in the next OpenQuant update.

    Meanwhile I think you can configure your windows firewall to block any network connection attempts from OpenQuant.

  10. Actually this option is already there. Our developers have just told me that you can navigate to Tools -> Options -> Startup in the main OpenQuant menu and turn check for updates off.

    #10     Dec 3, 2007