Can you confirm how this works for advisor accounts? For the master account, if the total assets of all client accounts are over $100K is it available (and is it free)? I'm not worried about the client accounts so much since I need to approve any withdrawls, I'm worried about the master account.
Thank IBj, I've a quick question, The new security feature won't affect dual wan routers trying to reconnect to the IB server on a different ISP. . . correct?
The device is $150 if you're under $100,000 and free if you're over $100,000. I figured since it was free I might as well get it. Same goes for PayPal: it's $5 for the security device or free if you have a business account. I have a business account with PayPal so I got that one too.
How does the $100K apply to advisors? My understanding from the website is that if the sum of all client accounts is over $100K then it's free for the advisor master account. But each client account must be over $100K for it to be free for that client account.
MESSAGE FOR IB / Ids / IBj: If you want to assign the Security Token to all accounts, please, give a possibility to opt-out from the program, I am perfectly fine (BTW, now a customer for 7years), I do not want to change anything. I allege, my computers are more safe than the door to my house.
I want to be generous, here are some general rules for best security in trading Everything presumes a MS Windows based system: - Use a hardware firewall / router. - In addition, use a software good firewall. Agnitum Outpost or Comodo are ok. BE TOTALLY RESTRICTIVE WITH CREATING ANY ACCESS RULES. - Keep the system patched. - Use a safe browser. IE5/6 is totally unsafe, 7 is still unsafe, Firefox as well. I recommend Opera. Best solution: Use VMware for Internet browsing etc. (see below) - Use VMWare or virtualPC: If you do something "risky", like opening a mailed document etc., use this virtual machine. You can "throw away" the used machine later, restore it's original state or use a non-solid harddisk. - Additionally, use a good virus scanner like NOD32, but the points above are far more important. Generally speaking, virus scanners are only little help today and they are "overvalued", since most of the dangerous attacks are 0day (even "0hour"), where none of the AV-companies has a signature. You could also use a safe OS, like OpenBSD. But this is inconvenient, indeed. Advanced users can check their system using IceSword or a similar tool.
Answers to the last dozen posts: When:Security Device implementation for TWS and other trading interfaces (Web Trader, etc) will begin very soon, perhaps even next week. Advisors: only the F account can trade so the SD needs to only protect the master account for trading purposes. For withdrawal purposes, the subaccounts, depending on account attributes, will have a new type of access control (details to be revealed in the near future). This access control will be somewhat less sophisticated than the current system (and less expensive) but advisor sub-accounts have no trading exposure so the risks are also much lower. Dual WAN: we wont disclose details of the various prophylactic security measures. You can assume that if you behave like an unauthorized user (using proxies masks or anonymizers, for example), you will be treated like one. Costs: we don't charge for the first device; we reserve $150 against the safe return of the security device. If you lose it, or crush it (by allowing your 400 pound in-law to dance on it, for example), it will cost you $150. If you return it to IB, then there is no charge. These are state of the art devices, with weather proofing, battery life logic, etc; they aren't cheap. We are charging them at effective cost. Also, the $150 charge gives people who "may have lost or misplaced" the device extra incentive to find it. Minimum Balance: balances over 100K get automatically "invited" to join the STP security program. But if you wish to participate, and your balance is 25-100K, we will be delighted to get you into the security program. Just send an Inquiry Ticket requesting participation in STP, or call TAC as suggested in my previous post Perception of Safety: please read public articles on professional password theft. There are entities out in the world who use data mining techniques to collect this kind of information. Forget keystoke loggers and viruses; these are last year's methods. Newer methods go through and look at frequently accessed files, or even export all document files back to the mother ship, since nearly everybody writes their passwords down somewhere. One study done by a Skandinavian security firm collected something like 54000 login events and 800+ banking type of logins in some ridiculously short time, say 1 day. The data collectors are very smart. They dont use the data. They warehouse it and sell it people who want to run scams and schemes. This is not amateur hacking; this is industrial level data acquisition. People who think they are safe becuase they have a firewall are naive (no offense). Or they operate a 'sterile room' computing system: firewalls with substantial admin control (no plug'n'play models), no wireless, never browsing the internet or getting email on the same network segment as the trading machine, run swamp nets, only use software from certified/trustworthy vendors, never login on a laptop that ever connects to another network, never login from a hotel room or any place where the network is owned by a third party, etc. There are very few people who operate in such an encapsulated, safe, but very inconvenient environment. If you want no security, there will probably be an opt-out option. But people who refuse the new security initiatives will be required to indemnify IB against any possible claims of account intrusion no matter the reason. It is unreasonable to expect IB to protect you if you don't use the tools we provide. In summary (and sorry for the lecture, if it sounds like one), the thieves are very, very good at what they do. It is all they do so you should not be surprised that that they will win any contest over security. The first principle is making sure you aren't the low hanging fruit. The best way we know to ensure authenticated access to a protected service involves a physical device that is not connected to the accessed network, in plain terms a card or token carried by the authorized users. That is what we believe all IB traders should have.
Of course. I would not challenge you to protect me if I chose to go the more insecure (but handy) way.
lol c'mon, it's not that bad. stop making these people paranoid. if you have the basic protections (firewall, router, etc.) then you are pretty safe unless you really pissed off some hacker and he is determined to get you. read this article on protecting your computer from people around you. that's what a lot of people overlook. http://traderanalyst.jamroll.net/modules/news/article.php?storyid=7