I still don't understand how the limitations you propose would be helpful since they do not prevent intruder from closing your positions and requesting a withdrawal.
Not so -- There have been well-publicized cases with other brokers recently where unauthorized trades were entered in a compromised system for the the purpose of pump-and-dump. Even though no withdrawal was made, the customer was left with large losses on the trades.
I WANT TO PROPOSE THIS SECURITY MEASURE: It will be based on the existing IP restriction feature & the existing SMS alert feature. - expand the IP restriction feature to allow logins only from pre-defined IP ranges, (and Domains, like xxxx.att.net) - when a login from a different Domain / IP range occurs, send a SMS alert ! - changes to the allowed IP ranges via account management will be valid after e.g. 24 hours. When a change is requested, a SMS is sent as well to the acct holder. Feel free to modify this scheme. I think it would be good !
So if the perp hacks into your wireless router, you're fuc*ed. Or if he just happens to be on an AT&T ip address.
The limitations I proposed were: Security device for withdrawals, wires, etc. Security device for action outside of the tradables you normally trade (or some way of limiting this). I would add the one that I think IB intended anyway. Security device for changing account settings. That obviously includes changing trading permissions. IB / Sal .... could you perhaps look at making trading permissions more granular ... this would allow people to select from a smaller range of tradables so that they were less subject to potential manipulation ... I obviously favour being able to set it to as few as one to five nominated contracts for futures traders but more granularity to any level would improve security The only thing I don't want is to require a security device for opening TWS and trading the normal range of items I trade. FWIW I only trade HSI futures and I never have a position at the end of the day. Note that even if you fully secure logon then someone who takes control of your PC after you have logged on is able to manipulate your account. No security is perfect - the challenge is to get a reasonable balance between security and convenience.
Locking it down by source IP address range and/or domain is a bad idea. Most customers don't understand how IP addresses work and ISP's don't notify their customers when they start handing out new addresses. Locking down by domain names is an even worse idea that's not even worth discussing. I guarantee that IB would get swamped with calls from people locked out of their accounts if they ever went with either scheme. In all likelihood if someone has your IB account details then they probably have something installed on your machine which gives them full control at which point all of these defenses are worthless since the transactions will be coming from your machine. I also think some of the concerns here are way overblown, although many things are technically possible, most hackers are looking for the path of least resistance. Writing custom code to interact with the TWS api is not going to be high on their list of things to do. If they can't just log into your account and do what they want they probably will move on to the next hacked account. Lastly, contrary to what an earlier poster said about if you have connected your machine to the internet you are pretty much assured of being infected with "unkown/undected as of yet virii, trojans and spyware" I believe if you take reasonable precautions that it is actually fairly easier to keep a machine clean. Unfortunately many unsophisticated users don't know what reasonable precautions are and still engage in risky behavior such as launching attachments that they werent expecting.
overblown maybe.... but the question one needs to ask himself when decide if to buy insurance for something, is if he can afford the loss.... therefore yes, I can afford losing the car if it is totalled, therefore I don't buy collision. no, I cannot afford losing the ability to work, therefore I buy long term disability. NO, I cannot afford having my account wiped out, therefore I need the best security I can get, even if the chance of getting it wiped out is slim.
I think exactly the opposite. I think that brokerage security risks are greatly underestimated. I think that the mindset which tends to minimize the problem is the same mindset which made possible the Hurricane Katrina disaster. The experts warned, for years and years, that such a disaster could happen, and that to prevent it, the levees should be urgently rebuilt to withstand a category five storm. Many reports were written, and many papers were shuffled to and fro by bureaucrats, but the mindset that the concerns are way overblown carried the day, nothing was down to solve the problem, and then, after years of this stupidity, the day of reckoning arrived, and thousands of innocent people died needlessly.
And after all, why non-API traders have the option to download a version of TWS without API capabilities included? Yes. I like this idea as well. Can any one submit this idea to IB? Or asvise me how to do so. Thanks.