Hi,
I want to encrypt my custom indicators with a third party tool which I trust more that MC (no offense ).
I was thinking to encrpyt specific files/directories either with Windows Encruption or some other (better) tool like truecrypt.
Can the MC team please help by describing all of the directories where indicator source code is stored?
For example:
* Which database files contain source code (*.gdb files?)
* Which directories contain temporary source code during compilation stages (like "PLEditor\SrcEL" & "PLEditor\SrcCPP")
I would like to have a complete list, so that I could encrypt these directories/files.
Naturally my concern is that I only encrypt the CORRECT and MINIMAL set of files, so that general (runtime) MC performance is not downgraded.
For example, if a .gdb file that contains the source code also contains other settings/data which are accessed constantly at runtime, that would hurt MC performance.
encrypting indicator source code
- Alex Kramer
- Posts: 834
- Joined: 23 Feb 2006
Dear damageboy ,
your implementation won't work; I recommend using a binary-only .sef file without source code. They are as a matter of fact compiled .dlls that have no encrypted sources code inside, they can't be cracked - only reverse engineered at a tremendous time cost. All other methods are vulnerable to hooking and not as reliable.
your implementation won't work; I recommend using a binary-only .sef file without source code. They are as a matter of fact compiled .dlls that have no encrypted sources code inside, they can't be cracked - only reverse engineered at a tremendous time cost. All other methods are vulnerable to hooking and not as reliable.
I think the question was misunderstood, therefore the answer is not relevant.
I *might* find myself in the future needing to install custom proprietary indicators in a 3rd party location (hedge fund).
Since I don't want the compromise my IP (Intellectual Property) I would like to find a way that ensure that the code (or the binary .dll for that matter) cannot be accessed while I'm not physically present in the location.
This is made possible by the fact that the computer I'll be using will remain turned off completely when I'm not there physically.
For this purpose, I want to make sure I'm using some sort on encryption software on the source + binary of my relevant indicator. Relying on someone's determination to reverse engineer my .DLLs is not a chance I'm willing to take.
A possible solution is to use HW encrypted disk drives (such as the Seagate 2.5" FDE drives).
Another, more flexible solution is to create a custom encrypted software drive, by using tools such as www.truecrypt.org, and moving the relevant files to that drive.
Both of these solutions are optimal as far as I'm concerned, since even if the physical hard-drive is physically removed (stolen) from the machine, the proprietary data will never be compromised, unless the pass-phrase is compromised (or someone can brute force a 4096 bit RSA key )
I'm not asking the MC team to actively support this solution, but I would like to receive a list of locations where my source code + binary files may reside during normal operation.
This includes temporary directories which PL Editor uses while compiling as well as database files where the .DLLs may be stored etc.
I would like this list to be kept as minimal as possible (i.e. no redundant files) so that' MC's performance is not impeded by my security needs.
I *could* reverse engineer this information by using 3rd party tools (like those from sysinternals), but I would rather it came straight from the horses mouth...
So, in summary, while I CAN MANAGE without official support or information, I think that posting this this information publicly, as well as a future guide written by me on how to accomplish this from an end user perspective could prove useful the MC community as a whole.
I *might* find myself in the future needing to install custom proprietary indicators in a 3rd party location (hedge fund).
Since I don't want the compromise my IP (Intellectual Property) I would like to find a way that ensure that the code (or the binary .dll for that matter) cannot be accessed while I'm not physically present in the location.
This is made possible by the fact that the computer I'll be using will remain turned off completely when I'm not there physically.
For this purpose, I want to make sure I'm using some sort on encryption software on the source + binary of my relevant indicator. Relying on someone's determination to reverse engineer my .DLLs is not a chance I'm willing to take.
A possible solution is to use HW encrypted disk drives (such as the Seagate 2.5" FDE drives).
Another, more flexible solution is to create a custom encrypted software drive, by using tools such as www.truecrypt.org, and moving the relevant files to that drive.
Both of these solutions are optimal as far as I'm concerned, since even if the physical hard-drive is physically removed (stolen) from the machine, the proprietary data will never be compromised, unless the pass-phrase is compromised (or someone can brute force a 4096 bit RSA key )
I'm not asking the MC team to actively support this solution, but I would like to receive a list of locations where my source code + binary files may reside during normal operation.
This includes temporary directories which PL Editor uses while compiling as well as database files where the .DLLs may be stored etc.
I would like this list to be kept as minimal as possible (i.e. no redundant files) so that' MC's performance is not impeded by my security needs.
I *could* reverse engineer this information by using 3rd party tools (like those from sysinternals), but I would rather it came straight from the horses mouth...
So, in summary, while I CAN MANAGE without official support or information, I think that posting this this information publicly, as well as a future guide written by me on how to accomplish this from an end user perspective could prove useful the MC community as a whole.
- Alex Kramer
- Posts: 834
- Joined: 23 Feb 2006
OK Great,
Last question(s) about this subject though:
Are all of the temporary files located there?
i.e., unless I am not mistaken, g++ would use the %TEMP% of %TMP% Directory as well, would it not?
Are the output DLL files only stored in that directory?
no hidden copy in a database (*.gdb) file or something like that?
Last question(s) about this subject though:
Are all of the temporary files located there?
i.e., unless I am not mistaken, g++ would use the %TEMP% of %TMP% Directory as well, would it not?
Are the output DLL files only stored in that directory?
no hidden copy in a database (*.gdb) file or something like that?
- Alex Kramer
- Posts: 834
- Joined: 23 Feb 2006