DRM vs Dongle

Questions about MultiCharts and user contributed studies.

Do you prefer to use dongle instead of DRM?

I like it and I'm ready to pay $20 (+ shipping) for it.
12
26%
I like it, but it is expensive for me.
1
2%
No, I'm happy with the existing DRM.
26
57%
I don't know. I need further details.
7
15%
 
Total votes: 46

User avatar
Andrew Kirillov
Posts: 1589
Joined: 28 Jul 2005
Has thanked: 2 times
Been thanked: 31 times
Contact:

DRM vs Dongle

Postby Andrew Kirillov » 29 Jan 2010

Dear Customers,
We fixed DRM and it should work perfectly, but we do listen to your concerns and we want to offer you an alternative.
Last edited by Andrew Kirillov on 22 Mar 2010, edited 1 time in total.

Trader79
Posts: 21
Joined: 22 Nov 2009
Has thanked: 3 times

Postby Trader79 » 29 Jan 2010

I use Multicharts on Webfarm virtual machine.
Can work dongle on it?

Thanks

SUPER
Posts: 622
Joined: 03 Mar 2007
Has thanked: 99 times
Been thanked: 80 times

Postby SUPER » 29 Jan 2010

I don't mind a dongle, but not something that I have to key in a number every time I login.

If DRM is fixed and we will not have outage then that should be prefered solution.

User avatar
geizer
Posts: 375
Joined: 16 Jun 2008
Has thanked: 40 times
Been thanked: 38 times

Postby geizer » 29 Jan 2010

Andrew,

Good to hear you've got the DRM straight.

Although I belive that it is entirely possiible to have nearly 100% DRM uptime, I am inclined towards a dongle for one main reason:

The dongle is more expensive to circuimvent.
So it is reasonable to assume more sales going your way in the future.
But if users take all the cost (of dongles) and TS Support assumes all the benefits (more sales) then it aint any good. The cost paid for a dongle should return back in one way or another: either through more resources dedicated to future development of Multicharts or some sort of a discount for additional licenses, add-on modules or whatever else you may come up with in the future. There are many variables in this equation, but I am sure hardware (dongle) vendors have some numbers to show that will help to evaluate the risk, cost, and benefits for both developer and traders/users. The cost of the dongle is not high so I don't mind to pay for it if this transforms into more resources for Multicharts development.

Bottom line is: for this to be sustainable solution, the cost of a dongle would be shared between developer and users.

Regards,
Pavel

Emmanuel
Posts: 287
Joined: 21 May 2009
Has thanked: 68 times
Been thanked: 19 times

Postby Emmanuel » 29 Jan 2010

Hi Andrews,


Thank you for considering this point seriously,

safety come always first,

We are 200 % for the dongle, we are willing to pay for it, furthermore 20 $ is a reasonable price.

This is safer for the user, it's mean more revenu for Tssupport because it is effective against piracy. We are against piracy.

Everyone win ! this is a win win situation.

It give more flexibility and security for the user, more security for TSsupport.

We are willing to pay for it as soon as it is available.

+2 Vote !!!!

Emmanuel

I think Dongle work with virtal machine :

if it is an aladdin key, you just have to install the USB port in the WM

http://legacydiary.com/tutorials_pc/vmw ... le_fix.htm

http://www.google.ca/search?hl=fr&sourc ... =&aq=1&oq=

bowlesj3
Posts: 2016
Joined: 21 Jul 2007
Has thanked: 171 times
Been thanked: 402 times

Postby bowlesj3 » 29 Jan 2010

For me it is simple.

Dongle:
If I loose or fry the dongle or it just stops working I am back to MC 2.1.999.999 for 2 or 3 weeks maybe (can't even use my notebook to view charts with the latest MC and a dongle gone bad).

DRM:
If DRM goes down I close out my trade (if I am in one) with my bracket order and wait maybe 30 minutes or a day at worse (I can use my notebook to view charts).

What are the odds? It is a guess since the sample size is real small but about even I figure.

So it is DRM unless it goes out more than once every 5 years.

marekj
Posts: 51
Joined: 07 Aug 2009

Postby marekj » 29 Jan 2010

Starting this pool it tells me that 100% confidence in DRM functionality does not exist (otherwise why to do this pool if DRM is working 100%). Also using alone dongle (as pointed bowlesj3) doesn’t provide 100% confidence.

What about dual protection: first Multicharts will check if dongle exists and if not, will check against DRM (paying for dongle in this case is a customer option)?
Last edited by marekj on 29 Jan 2010, edited 2 times in total.

tekram
Posts: 96
Joined: 26 May 2009
Has thanked: 6 times
Been thanked: 18 times

Re: DRM vs Dongle

Postby tekram » 29 Jan 2010

Dear Customers,
We fixed DRM and it should work perfectly, but we do listen to your concerns and we want to offer you an alternative.
Could you share with us how you fixed the DRM without giving away the protection scheme?
Last time your assumption was that the server will never be down for more than 30 minutes and so you gave users a 30 minute grace period. That assumption was proven incorrect.
Has the grace period been increased to a more reasonable (2-3hrs) period and will there be any notification to the trader should that period be exceeded (please give us a notification to be ready to get out of a trade before everything freezes). Thanks.

brendanh
Posts: 154
Joined: 07 Apr 2007

Postby brendanh » 29 Jan 2010

I also run MC on a remote virtual server, so don't think a dongle will work.

brodnicki steven
Posts: 407
Joined: 01 Jan 2008
Been thanked: 3 times

Postby brodnicki steven » 29 Jan 2010

I'm ok with the DRM ONLY IF it's 100% reliable. Traders have thousands of $$$ on the line , so reliability is a must. I'm ok with the dongle, as well, IF it's seemless and no additional login or password would be required everytime we load up MC.

geektrader
Posts: 100
Joined: 17 Jul 2009
Location: Germany

Postby geektrader » 29 Jan 2010

Happy with DRM, never had a problem and even if DRM didn´t work, Multicharts continued to work fine until DRM was back.

Don´t want to hookup additional hardware as well and don´t pay anything extra for that.

I´ve always hated dongles.

And since I run Multicharts on a VPS, a dongle is anyway no option at all.

brodnicki steven
Posts: 407
Joined: 01 Jan 2008
Been thanked: 3 times

Postby brodnicki steven » 30 Jan 2010

Happy with DRM, never had a problem and even if DRM didn´t work, Multicharts continued to work fine until DRM was back.

Don´t want to hookup additional hardware as well and don´t pay anything extra for that.

I´ve always hated dongles.

And since I run Multicharts on a VPS, a dongle is anyway no option at all.


** "Multicharts continued to work fine until DRM was back. "
You must be using an old version of MC because the new versions locked up for hours.

Spaceant
Posts: 252
Joined: 30 May 2009
Has thanked: 1 time
Been thanked: 3 times

Postby Spaceant » 30 Jan 2010

Andrew,

Before I make the pull, I should understand both thoroughly. I don't think I have a full understanding on both.

Could you give us a full explanation and the potential weaknesses / faults of both?

To me, the convenience to customer is the key. I don't want any interruption of MC usage during trading hour or on every boot up; activation of MC and probably re-activation after rebooting the computer. DRM has a potential weakness with your server problem; while dongle has a severe problem with the physical condition - say my child break it for any reason, contact problem (I presume it is a kind of USB type of device or similar type of physical device.) for on going usage, or damage for any reason.

In fact, I don't want to pick up any if there is a choice to me. If you insist to ask the question, the answer would probably DRM, not because of the cost, but I see a lot of potential risks out of dongle.

wegi
Posts: 111
Joined: 02 Jun 2009
Has thanked: 3 times
Been thanked: 12 times

Postby wegi » 30 Jan 2010

Hi,


i rented an root server at a hoster, so i can´t use an dongle, because i don´t have access to the server.

At my local server, i use ESXi for virtualization, not sure if an dongle would work here ?

I had only one time a problem with the drm, MC stopped working for about 45 minutes.
This was an horror szenario, because i slept at this time and i had some open orders !
This should not happen. I think DRM is good, but MC should not stop working immediately if the DRM Server is down.
Is it a way to keep MC running for 1-2 hours, even if the DRM Server is down ?
So MC have the time to solve der problems and our trading is not broken ?

Wegi

bowlesj3
Posts: 2016
Joined: 21 Jul 2007
Has thanked: 171 times
Been thanked: 402 times

Postby bowlesj3 » 30 Jan 2010

Is TSS asking because they need X amount of customers on board before they invest in a dongle? If so maybe a comitted purchase list from existing customers is the way to go.

Anyway, Here is the main thing about DRM. The amount of time between interuptions will decrease with each interuption and at the same time the length of time that the interruption lasts for will reduce. The reason is obvious but why not state it. Because TSS is under a huge amount of pressure to make this true. The last time may have been the last time.

I can only think of two things that would make this not so
1/ the internet itself having a major problem like a worm or
2/ TSS going out of business
3/ IB has some disconnects at times so the broker could be included.

#1 effects the broker so it is not a concern (you can't trade anyway).
#2 requires a dongle to have been already purchased if there is an interuption. However someone will likely buy TSS anyway and it could be that interruption does not occur here either as it could be a smooth transition to the new owner (both buyer and seller want a smooth transition)
#3 Same as #1
Last edited by bowlesj3 on 30 Jan 2010, edited 2 times in total.

bowlesj3
Posts: 2016
Joined: 21 Jul 2007
Has thanked: 171 times
Been thanked: 402 times

Postby bowlesj3 » 30 Jan 2010

It just occured to me that TSS can't use DRM with dongle as backup because that would allow you to run live on machine #1 with DRM and also run on machine #2 for unlimited time with MC offline with the dongle for backtesting (unless the data file transfers contained a way to detect this). I removed a part of my prior post as a result.
Last edited by bowlesj3 on 30 Jan 2010, edited 2 times in total.

Tresor
Posts: 1104
Joined: 29 Mar 2008
Has thanked: 12 times
Been thanked: 51 times

Postby Tresor » 30 Jan 2010

Andrew,

Just being curious, what is the estmate number of illegal users / copies of MC in relation to the number of legitimate users / copies?

Trying to determine the seriousness of the problem.

Regards

User avatar
arnie
Posts: 1581
Joined: 11 Feb 2009
Location: Portugal
Has thanked: 472 times
Been thanked: 508 times

Postby arnie » 30 Jan 2010

After reading all the previous comments, I must say that the DRM sounds more "user friendly".

It's one less piece of hardware connected, and any problem with it can leave us without MC for weeks, at least until the new dongle arrives.

If TSSupport can guarantee that MC will work at least 30 minutes after all DRM servers went down, I think that's more then enough time to rearrange all positions before the connection is cut off.
For the discretionary traders, they can easily switch to their brokers charts to manage their positions for the time MC is down.
For the automatic system traders, I can see that this will be a serious problem for them.

Regards,
Fernando

tekram
Posts: 96
Joined: 26 May 2009
Has thanked: 6 times
Been thanked: 18 times

Postby tekram » 30 Jan 2010

After reading all the previous comments, I must say that the DRM sounds more "user friendly"....
If TSSupport can guarantee that MC will work at least 30 minutes after all DRM servers went down, I think that's more then enough time to rearrange all positions before the connection is cut off....

Were you around on Jan 10, 2010? MC already has a grace period of 30 minutes and the DRM server was down for more than 1 hour so every MC trader was cut off for more than 30 minutes without prior notice. In addition the reconnection and data collection was not automatically restored.

hxxp://forum.tssupport.com/viewtopic.php?t=6800

hxxp://forum.tssupport.com/download.php?id=2504

change to http

User avatar
arnie
Posts: 1581
Joined: 11 Feb 2009
Location: Portugal
Has thanked: 472 times
Been thanked: 508 times

Postby arnie » 30 Jan 2010

Were you around on Jan 10, 2010? MC already has a grace period of 30 minutes and the DRM server was down for more than 1 hour so every MC trader was cut off for more than 30 minutes. In addition the reconnection and data collection was not automatically restored.


When I arrived home that day I saw that MC was offline, assuming that the DRM had failed or my internet connection went down.

If I'm not mistaken, that problem was due to an error not taken in consideration at the time?
I'm certain that those that were trading at the time didn't appreciate to be cut off, but I think that we must accept that this type of problems will be always available to us.

Nothing is 100% free of error, NOTHING!

I believe that most of us have two internet connections (one of them for backup purposes). Who can guarantee us that at the time one of the connections go down, the other will work or don't go down either? No one!

What we MUST do is prepare ourselves for problems like this. It's the same as a trading system. If such and such occurs, than we'll do such and such. Simple!

We cannot complicate things more that they already are.

What do we do if our online trading platform freezes? Well, I guess we call them via telephone, right?
So what will we do if the DRM fails? What are the steps that we must take to get around the problem?

It's Andrew job to prepare everything so the system won't fail, and it's our job to help Andrew getting feedback regarding problems that will pop up from time to time and also to protect ourselves against them.

User avatar
geizer
Posts: 375
Joined: 16 Jun 2008
Has thanked: 40 times
Been thanked: 38 times

Postby geizer » 30 Jan 2010

Andrew,
Definitely will buy a dongle when it becomes available.
Please count on me, if you need a minimal pool of dongle users.
Regards,
Pavel

P.S.
Did some brief research on the subject resulting a few interesting links:
(I did not use google to search, so you might still consider looking at these links :wink: )

- Security implications
http://www.hbarel.com/publications/Security_Implications_of_HW_vs_SW_Cryptographic_Modules.pdf

- Example of a product
http://discretix.com/CryptoFlash/index.html

- Israelis are tough when it comes to security...
http://www.hbarel.com/index.html

hope this is helpful.
Last edited by geizer on 31 Jan 2010, edited 1 time in total.

User avatar
geizer
Posts: 375
Joined: 16 Jun 2008
Has thanked: 40 times
Been thanked: 38 times

Postby geizer » 31 Jan 2010

I think Dongle work with virtal machine :

if it is an aladdin key, you just have to install the USB port in the WM

http://legacydiary.com/tutorials_pc/vmw ... le_fix.htm

http://www.google.ca/search?hl=fr&sourc ... =&aq=1&oq=


Emmanuel,

Compatibility with virtual environments is a very serious argument. I totally with you on this point. Thanks for bringing it up.

but...
There is one very serious concern I have - adopting the mainstream vendor such as Aladdin is also a guaranteed way that you have the whole army of crackers instantly available to undo all efforts made to protect the intellectual property (Multicharts) at the very early stage. Unfortunately.

please do this little experiment:
Search these two words in google: aladdin dongle see, don't even have to use the word 'emulator' to have an answer.
In my browser a cracking solution comes 4th in the list.

Here is another google search: dongle minutes to crack
The first returned link is the answer. Depends how you look at it, this is actually fun to read and contains wealth of information for the developer specifically on how to better protect against crackers.
Andrew, if you reading my post, here are couple of direct links to save you time: http://www.woodmann.com/crackz/Dongles.htm#protection and here: http://www.woodmann.com/crackz/Tutorials/Protect.htm.

So what is my point then? I believe that using a security solution that everyone else around is using is not a security. It gives a false sense of security. Just like buying google stock at $700 in an attempt to make a profit. You buy google when now one knows about it in 1999. Then, when it becomes popular, - sell, and move on. (that's the theory though :) ).
Let's move on.
Suppose you run a Windows XP and need an Antivirus to protect you from 200,000+ viruses flying around. So you go and buy Kaspersky, McAfee, AVG or whatever might appeal to you the most. It's Ok, but... the real solution against viruses lies in the different domain - buying an Apple Macintosh would be it (only 2 viruses exist), because it's not economically feasible to write viruses that target only a small number of Mac users. It's much easier to profit from millions of Windows users. Same with the dongle emulators written by crackers.
THE solution would be to go with the vendor that provides a kind of protection similar to big vendors like Aladdin, similar usability, and compatibility, but just not as popular and wide spread as they are, and have much smaller market share. This would put you in a much better position to withstand against crackers for longer period of time. Another analogy comes to mind, is choosing a girl to marry - but I don't think this is a right place to post this example :oops:

I think that a less known hardware vendor does not automatically means it's more expensive, it may be just it is harder to find, but this carries some serious benefits, and will be rewarding because there would be no emulators available for unknown hardware vendor with micro market share. This will buy some time for a developer.

I will stop here. This post was not intended to become so long. Hopefully this can be usefull.

Cheers,
Pavel

User avatar
RobotMan
Posts: 375
Joined: 12 Jul 2006
Location: Los Altos, California, USA
Has thanked: 31 times
Been thanked: 12 times
Contact:

Postby RobotMan » 31 Jan 2010

I think a dongle is silly.

TSS has looked into all the available security options for this software and has determined that DRM would be the best choice for a myriad of reasons including reliability and practicality. Andrew says DRM is fixed.

What is the MTBF for the DRM? I bet your local internet connection goes down more often than the DRM now. More than likely, you will not be able to trade when that happens either.

Dongles were tried with early versions of TS and easily defeated with software. "Well, they are more sophisticated now." you say - well, so are the guys that will crack it. There is not a software program out there that can't be hacked and cracked by someone somewhere just for fun.

In my opinion, this is purely a psychological reaction to a normal developmental period with a few glitches on a new security feature that seems to work perfectly fine.

Emmanuel
Posts: 287
Joined: 21 May 2009
Has thanked: 68 times
Been thanked: 19 times

Postby Emmanuel » 31 Jan 2010

Hi Robotman

NO : MY INTERNET NEVER GO DOWN MORE THAN the DRM server.

Sorry to disappoint you but as you trade,

you have at least two or three internet provider with your router, and your internet never go down.

Every thing is double (at least) on the network, double computer, double licence for double multicharts , but only one DRM server,
And this is not good : You can not use Multicharts Offline !!!! this is half of the use of multichart !!!!!

One more reason why the dongle can bring more to multicharts is :

When you test , you don't alway have internet access in you network, it can be behind a firwall, or you are simply not connected for security reason,
and you don't always have internet access to connet to the DRM server.
, only the dongle can work offline and online, but the DRM server can't.This mean that multichart could work two time more, we could by two time more licence

We have only few computer online for security reason, which mean we can not use multichart on the offline computer, because they can not connet to the DRM server

We have already 2 licences, we will buy more licence this year if we can work with multichart with more computer on our network (the computer which don't have internet access)


Emmanuel

Emmanuel
Posts: 287
Joined: 21 May 2009
Has thanked: 68 times
Been thanked: 19 times

Postby Emmanuel » 31 Jan 2010

Hi geizer

I agree with you, about the security of the dongle. it is important to have custom made dongle for TSsSupport.

A friend of mine is a developer for Oberthur chips, they provide the chips of Visa and Master card. You can program the chips with you software on it. He was developing depending on the need of the company, He may accept to develop a specific algorythm for TSSupport with the same security level you get for your credit card.

Those card are secure, and I know we can have USB reader with the chips of visa on it. ( I use to have some to read them)

In this case, with the visa chips on it, I am confident people can not crack it.

I am sure the TSSupport have access to USB key custom made. with the same security as we have on the credit card.

Emmanuel

bowlesj3
Posts: 2016
Joined: 21 Jul 2007
Has thanked: 171 times
Been thanked: 402 times

Postby bowlesj3 » 31 Jan 2010

My understanding is that with one license MC+DRM are programmed so you can use MC offline for one month to do backtesting then it needs a DRM connection at the end of this month to extend for another month (I suppose they have a hidden file somewhere). I use MC offline every night and every weekend (off and on all weekend). The TSS policy is that with one license you are to use this MC on only one computer at a time. Eventually I believe that they will program MC to force users to follow their policy by using a matching records process to detect MC overlap usage at the end of that month. Violators will be contacted by sales people first.

I believe that in time DRM can be set up such that it can only go down if the internet goes down on mass. They would have to have 3 or more separate service providers with constant rotational testing by every MC out there and software controlled rationed access. Specifically every MC copy would be software mapped to have specific times to check during its constant rotation to all these different service providers. MC forces the PC clock to an atomic clock time for perfect execution of this process. This ration would adjust based upon the number of servers available for DRM at the moment so that if the number drops a bit too low they will not clog it up. It will be self testing such that it will tell TSS when they have to add more service providers to ensure constant up time for the load. As TSS perfects this approach the frequency of DRM outage will drop to zero (I would guess 1 year after implementation). It will also self adjust to provide proper grace period. In other words the DRM system adjusts this automatically leaving this discussion about grace period obsolute because you never know what it is because 1/ it is constantly changing and 2/ your connection never goes down anyway (unless your provider(S) go down, your broker(s) go down or the intenet goes down on mass). Oviously they do not have this good a system yet (because they just asked about the dongle) but I believe that in time they will. Yes it is true that in theory with such a system all their providers could go down at the same time while the internet is still up and your broker(s) are is still available but is that going to happen soon if ever. I bet your dead before it happens.

On dongle versus DRM maybe they will give you an option and if you want to switch from dongle to DRM when the system meets the above quality spec then you have to send the dongle back within one month or your DRM access stops.

Having both dongle and DRM access would allow a user to use one MC live and one MC to backtest at the same time with no way of stopping this. Maybe this would require a special 1 and 1/2 license pricing. It would allow the user to use the dongle for live if DRM stopped running and at this time they would have to stop backtesting (not a big deal for currently successful traders - especially when the above DRM system is perfected and it never happens anyway). They would not pay a full double license for this setup since the DRM would stop them from running 2 copies live.
Last edited by bowlesj3 on 31 Jan 2010, edited 7 times in total.

drwar
Posts: 218
Joined: 31 Jul 2005

Postby drwar » 31 Jan 2010

Why not make the best of both worlds. Use DRM and offer a Dongle as backup to those with sensitive applications. So if DRM is not there It checks for a Dongle and if the dongle is not found only then your system goes down. I can also see that this might raise the cost some because fewer people would opt to get it. But as long as it remains within reason, that's ok as long as we have the extra security of knowing the system won't go down.

So I vote for both.

J~

User avatar
geizer
Posts: 375
Joined: 16 Jun 2008
Has thanked: 40 times
Been thanked: 38 times

Postby geizer » 31 Jan 2010


After more research on the subject, giving some serious thoughts once again.

Realizing, that I don't really have enough knowledge to objectively evaluate the robustness of one security solution over the other, I am trying to look at the problem at a different angle:



* DRM Assumptions: DRM would consist of minimum two authorization servers, physically isolated, on two different IP networks, AND two different internet backbones.
* Dongle Assumptions: there are no engineering design flaws in the dongle that will cause it to fail on the regular basis under certain conditions.

Given that toughness of both DRM and Dongle against crackers is unknown,

Comparing the Cost to implement

DRM
- appears to be the one with higher operational cost
- It also appear to be more expensive up-front ( time required to develop, test, & startup )
- Cost per user significantly drops with large user base.
- Scalability is very high

Dongle
- operational cost includes added demand for technical support, flashing and shipping dongles, keeping track.
Cost is unknown. Depends on the dongle, and the vendor.
- Up-front cost is lower but can be comparable
- Cost per user remain nearly constant (?) with growing number of users.
- Scalability is low

Comparing the cost of 'failure'

DRM
- each incident has an impact on All traders, trading live at that moment. Cost of the failure significantly varies for each user.
- each failure is a stress-test for developer, it's dispatch team, and Data centre network engineers. Cost is unknown.
- each incident will highlight weak links and is an opportunity for improvement.
- High Probability of each failure to create negative publicity, and affect the image of the product.
- High Probability of negative effect on developer's ability to make money in the future through reduced sales (due to negative publicity).

Dongle
- each hardware failure is an isolated case and has an impact only on that trader. Hardware usually fails when stressed (during power-up), so probability of failure during trading is significantly lower.
- dongle incidents do not create stress for developer. Each case is handled through typical shipping procedure.
- failure incidents are likely to fit into patterns. FAQ helps.
- Low Probability that an each isolated dongle failure can create negative publicity and affect the image of the product.
- Low Probability of negative effect on developer's ability to make money in the future by affecting its sales.
- The distribution of hardware failures is concentrated in the first weeks of its use, and beyond the warranty period.
If it works it's expected to work without failures for long.
- Cost of warranty replacements need to be added (depends on the hardware vendor).

Other considerations

- What is the price of Dongle replacement. If lost or destroyed? ( is it price of the Dongle or Full Multicharts License?) Need clarification on this one...


Competitiveness of a Licensed trader vs Software Pirate IF either the DRM or the dongle fail
(assuming the Software Pirate was able successfully circumvent either the DRM or a Dongle)


DRM
- Each Software Pirate will have an immediate advantage OVER ALL licensed users at the event of failure.
Pirates (because they circumvented the system) will continue to trade.
Honest License holders have lost their control.

Dongle
- Each Software Pirate will have an immediate advantage OVER SINGLE licensed dongle user, whose dongle failed.



I agree with other RobotMan on Psychology plays a significant part. Thinking it contributed when introduction of DRM could have played a catalytic effect on the spread of piracy.

There is a book comes to my mind by Dan Ariely, who studies the behavioural economics - the book "Predictably Irrational". He has done a lot of field studies, good to understand pain - pleasure relationship. Excellent addition to any Trader's Library. Worth taking a look.
http://www.predictablyirrational.com/

this is just an attempt to analyse. Please do your own research, don't count on it.

Thanks,
Pavel

tekram
Posts: 96
Joined: 26 May 2009
Has thanked: 6 times
Been thanked: 18 times

Postby tekram » 01 Feb 2010

“ There are known knowns. These are things we know that we know. There are known unknowns. That is to say, there are things that we now know we don’t know. But there are also unknown unknowns. These are things we do not know we don’t know.“


Then again, they could just tell us.

bowlesj3
Posts: 2016
Joined: 21 Jul 2007
Has thanked: 171 times
Been thanked: 402 times

Postby bowlesj3 » 01 Feb 2010

Cool quote. Of course the 3rd one exceeds the size of the first two by an amount so large that we can not possibly guess what it is. And I am talking about the total of all human knowledge here (not just one).

User avatar
Andrew Kirillov
Posts: 1589
Joined: 28 Jul 2005
Has thanked: 2 times
Been thanked: 31 times
Contact:

Postby Andrew Kirillov » 04 Feb 2010

Dear Tresor, Emmanual, Arni, bowlesj3, tekram and all other who share your ideas.
I really appreciate it and I apologize for the late reply.
I appreciate your comments regarding a dongle with VPS. It is very important.
I decided to ask your opinion, because we want to solve two tasks: your confidence in our product and piracy protection. It is important to note that we expect that thousands of MC licenses are illegal. It is impossible to get exact numbers.
The modern dongles can execute a custom C code that allows us to put a part of program into USB. It could be cracked or bypassed, but it is very expensive. It is a positive side.
The negative side is a user experience. You can buy and use the product within minutes with DRM, but you will have to wait 1-3 days to get hardware. It is too long. Plus we must consider costs of the hardware and delivery which is about $30-50 depending on destination.

So the initial idea was a complete replacement of DRM with dongles doesn’t seem right. So probably we will introduce it as an alternative to DRM for people who don’t want to be connected to the internet. In this case we will not improve the product security, but will help to build a customer’s confidence in the life time license of MultiCharts.
We are quite confident in our fixed DRM. We didn’t test a large number of simultaneous switches to the redundant servers at the moment of the main server failure. It was our fault. After the failure we made some stress testing and it demonstrated weaknesses. We’ve fixed it. It is important to note that not all users affected the last time. Majority of users have been switched successfully. The new DRM should handle such mass reconnects properly.

Tresor
Posts: 1104
Joined: 29 Mar 2008
Has thanked: 12 times
Been thanked: 51 times

Postby Tresor » 04 Feb 2010

I decided to ask your opinion, because we want to solve two tasks: your confidence in our product and piracy protection. It is important to note that we expect that thousands of MC licenses are illegal. It is impossible to get exact numbers.


Up to 3 - 5% of illegal copies may under certain circumstances be acceptable for a software licensor. It would mean the product is good enough to be cracked.

But thousands of illegal users for a niche (non-mainstream like Windows) product is WAY TO MANY. I am getting a clearer picture of the reasons why TSS have been taking so much effort to introduce DRM and investigate Dongle.

1,000 of illegal MC copies = a potential loss of USD 1.5 million loss of sales - transaction costs
2,000 of illegal MC copies = a potential loss of USD 3.0 million loss of sales - transaction costs

Emmanuel
Posts: 287
Joined: 21 May 2009
Has thanked: 68 times
Been thanked: 19 times

Postby Emmanuel » 05 Feb 2010

Hi Andrews,

the initial wait of few day to get a dongle is not a problem because anyway we have 30 days to test MC, when you try it the first time. Furthermore, once you have Multicharts you use it for many years.

Moneywise, 50 $ for a dongle is not much when you consider the thousands of dollars (and more) of potential losse when MC shut down in the middle of your transaction.

Futher more the dongle give you more security and more flexibility.

It is a big plus for multicharts.

You can count us in, we are ready to buy a soon as it is available.

Emmanuel

User avatar
Andrew Kirillov
Posts: 1589
Joined: 28 Jul 2005
Has thanked: 2 times
Been thanked: 31 times
Contact:

Postby Andrew Kirillov » 05 Feb 2010

Tresor,
It is just our rough estimations. Nobody can guarantee that people who prefer to steal will purchase a legal copy. It is not a fact that it is zero sum game. So unfortunately simple math doesn’t work here.

Emmanuel,
If we have 30 day trial the dongle doesn’t make sense hackers will just remove 30 day check. So it is a large and comfortable back door.
Anyway I appreciate your support!

Tresor
Posts: 1104
Joined: 29 Mar 2008
Has thanked: 12 times
Been thanked: 51 times

Postby Tresor » 05 Feb 2010

So unfortunately simple math doesn’t work here.


That's why I used the phrase ''a potential loss'' :wink:

User avatar
geizer
Posts: 375
Joined: 16 Jun 2008
Has thanked: 40 times
Been thanked: 38 times

Postby geizer » 05 Feb 2010

Appearances to the mind are of four kinds.
Things either are what they appear to be; or they neither are, nor appear to be;
or they are, and do not appear to be; or they are not, and yet appear to be.
Rightly to aim in all these cases is the wise man's task.
-- Epictetus (c. 60 AD)


Will this help to win the battle against software piracy? :wink:
Image

Kasper
Posts: 17
Joined: 30 Dec 2008

Postby Kasper » 09 Feb 2010

A dongle can be a problem.

There are "public" dongle formats out there - the musicinstrument software industry uses "standard" ILOK dongles where MULTIPLE software can be activated in.

If the dongle was one of the standard ones - where you can "buy" the dongle in ANY musicinstrument shop - then i'm all for it. (Most musicinstrument stores actually stock the empty dongles - but hey are more expensive - about $50-$80)

Then if you had a problem - you could get a new dongle quite easy. There would need to be a procedure in place if you lost your dongle of course.

Then TS could just do a "by-weekly" check-in to validate the dongle is still fine - or deactivate a dongle that has been stolen.

But for me - I would love to have a 2 computer license - one for development (no active trading) and one for trading - and I would gladly pay something for that feature - but not a full license. :-) I think it is very important to keep trade and "experimental software" apart :-) to be sure I can run my trading uninterrupted.

that was just two cents :-)

(please note the word musicinstrument had to be used because of some annoying anti-spam bot rule...)

User avatar
geizer
Posts: 375
Joined: 16 Jun 2008
Has thanked: 40 times
Been thanked: 38 times

Postby geizer » 10 Feb 2010

But for me - I would love to have a 2 computer license - one for development (no active trading) and one for trading - and I would gladly pay something for that feature - but not a full license. :-)

Kasper, I agree with you on the cost of license. This post: http://forum.tssupport.com/viewtopic.php?t=7124 also confirms that. Given the changed market conditions, I think it safe to assume that many traders are focusing more on finding new strategies. Thus they need separate platform for development.
--
Pavel

User avatar
geizer
Posts: 375
Joined: 16 Jun 2008
Has thanked: 40 times
Been thanked: 38 times

Postby geizer » 17 Feb 2010

Here is an interesting USB key: http://yubico.com/products/yubikey/
My email provider (Fastmail.net) just started offering these autentication keys at a 25% discount.

With a simple touch on the YubiKey, it sends the user's identity and a secure one time pass code every time it is used.

Sounds like a perfect security device. That could make it a nice play together with the TSS DRM.
Interesting, there is no client software to run, so nothing crackers will do about it.
And it's cheap also.

drwar
Posts: 218
Joined: 31 Jul 2005

Postby drwar » 17 Feb 2010

Here is an interesting USB key: http://yubico.com/products/yubikey/
My email provider (Fastmail.net) just started offering these autentication keys at a 25% discount.

The device sends time-variant secure code to the service provider. That could make it a nice play together with the TSS DRM.
Interesting, there is no client software to run, so nothing crackers will do about it.
And it's cheap also.



I don't get it. Maybe I am missing something.(won't be the first time). It still relies on an internet connection and this company's servers instead of Tssupports. That seems to defeat the purpose of moving to the dongle and away from DRM.

J~

User avatar
geizer
Posts: 375
Joined: 16 Jun 2008
Has thanked: 40 times
Been thanked: 38 times

Postby geizer » 17 Feb 2010

I don't get it. Maybe I am missing something.(won't be the first time). It still relies on an internet connection and this company's servers instead of Tssupports. That seems to defeat the purpose of moving to the dongle and away from DRM.
J~

There is an option to rely on your own server as an alternative to "theirs". I think, all that this device can offer is the strong authentification (hardware based, no software to run) with the central DRM server, which creckers should not be able to circumvent (that's in theory). Hopefully TS Support developers look at this as a viable option. And it's cheap.

drwar
Posts: 218
Joined: 31 Jul 2005

Postby drwar » 17 Feb 2010

There is an option to rely on your own server as an alternative to "theirs". I think, all that this device can offer is the strong authentification (hardware based, no software to run) with the central DRM server, which creckers should not be able to circumvent (that's in theory). Hopefully TS Support developers look at this as a viable option. And it's cheap.


Ok, I see what your saying. However from my view it's not just the issue of TSSupport protecting their product. The whole reason I would pay extra and put up with a dongle would be not having to rely on anybodies servers beyond the data supplier and broker to run my charting and trade. In simpler terms, I see Removing a server, removes a potential point of failure.

J~

janus
Posts: 747
Joined: 25 May 2009
Has thanked: 41 times
Been thanked: 83 times

Postby janus » 22 Feb 2010

In simpler terms, I see Removing a server, removes a potential point of failure.
J~


That's assuming the dongle never fails, which is almost 100% true but not perfect. So, I like the idea of having the DRM by default and the dongle as an optional extra for those who like to have redundancy. If the DRM system fails then the dongle takes over. The chances of both failing at the same time is probably too small to even contemplate. I would be prepared to pay for one but still use the DRM as the primary method.

drwar
Posts: 218
Joined: 31 Jul 2005

Postby drwar » 22 Feb 2010

[quote][quote]In simpler terms, I see Removing a server, removes a potential point of failure.
J~[/quote]

That's assuming the dongle never fails, which is almost 100% true but not perfect. So, I like the idea of having the DRM by default and the dongle as an optional extra for those who like to have redundancy. If the DRM system fails then the dongle takes over. The chances of both failing at the same time is probably too small to even contemplate. I would be prepared to pay for one but still use the DRM as the primary method.[/quote]

Janus

That was exactly my original point, so we agree. My post you responded to was about an internet connected dongle which required a server and to me made no sense.

J~

jek
Posts: 163
Joined: 24 Dec 2006
Been thanked: 2 times

Postby jek » 25 Feb 2010

So the initial idea was a complete replacement of DRM with dongles doesn't seem right. So probably we will introduce it as an alternative to DRM for people who don't want to be connected to the internet. In this case we will not improve the product security, but will help to build a customer's confidence in the life time license of MultiCharts.
This sounds very good to me.

I also use a virtual server for one of my licenses and a dongle would be a problem if required.

As others have pointed out, if a diverse internet DRM solution can't be reached, there is a strong overlap with your broker being unreachable too.

So allowing both sounds reasonble.

User avatar
Bruce DeVault
Posts: 438
Joined: 19 Jan 2010
Location: Washington DC
Been thanked: 2 times
Contact:

Postby Bruce DeVault » 09 Mar 2010

There are hosting providers who have no problem with you plugging in a hardware key.

I would just like to add my voice to the discussion, to say that I would be happy to pay a fee for a hardware key as an alternative to DRM. I think $50 is not unreasonable (and $20 even more so), and would pay it immediately, as I think would a good many others.

It's important to recognize that for 95% of all people out there, DRM (even if it's just exactly as currently implemented) is probably the right solution and any concerns about it are largely overblown for reasons discussed extensively above.

It may never be possible to do away with DRM because the piracy concerns are too significant and it would never make sense for a platform vendor to do so, HOWEVER for those users who are specifically concerned about this and for whom this is an issue, $20 or even $50 is basically nothing (what, 4 ticks on ES?) and we would pay it without any further question.

This shouldn't be an either/or situation - MultiCharts should ship with DRM just like it does now, and offer the OPTION to users to also buy a hardware key in exchange for a nominal fee to cover the costs of providing this service.

bowlesj3
Posts: 2016
Joined: 21 Jul 2007
Has thanked: 171 times
Been thanked: 402 times

Postby bowlesj3 » 12 May 2010

After Text_GetActive / Arw_GetActive and I am assuming TL_GetActive being removed from MC 6.0 Beta 3 for (hopefully as short a period of time as possible), I have decided that I will imediately sign up for the dongle (the sooner the better). That way if TSS goes belly up with no equally intellegent buyers of the company, I can continue use the higher MC versions without threat. I will continue to use DRM (which I trust) but the dongle will go in the safety deposit box for insurance against the unexpected (the getactive removals being highly unexpected).

User avatar
geizer
Posts: 375
Joined: 16 Jun 2008
Has thanked: 40 times
Been thanked: 38 times

Postby geizer » 12 May 2010

After Text_GetActive / Arw_GetActive and I am assuming TL_GetActive being removed from MC 6.0 Beta 3 for (hopefully as short a period of time as possible), I have decided that I will imediately sign up for the dongle (the sooner the better). That way if TSS goes belly up with no equally intellegent buyers of the company, I can continue use the higher MC versions without threat. I will continue to use DRM (which I trust) but the dongle will go in the safety deposit box for insurance against the unexpected (the getactive removals being highly unexpected).

John, I think TS Support values it customers and there should be little to worry about.
Andrew stated in his post on EliteTrader.com:
It is obvious that any company that goes out of business must unlock their software. People purchase a lifetime license and it must work lifetime. So it is not a concern since we are committed to this idea.
Link: http://www.elitetrader.com/vb/showthread.php?s=&postid=2480096#post2480096

--
To TSS: what is the decision on the "DRM vs Dongle" subject ?

bowlesj3
Posts: 2016
Joined: 21 Jul 2007
Has thanked: 171 times
Been thanked: 402 times

Postby bowlesj3 » 12 May 2010

Hi geizer,

I am sure we can trust Andrew and TSS. It would be the new company I would be concerned about. I got thinking about that old Jessy Livermore saying "Expect the Unexpectable" (seems many have used it) and decided getting the dongle was in order. Besides a copy of all important software I use is in that safety depost box anyway so it makes sense to have the dongle there. Being discretionary I am not worried about minor DRM drops (haven't seen one yet either).

John.

User avatar
Andrew Kirillov
Posts: 1589
Joined: 28 Jul 2005
Has thanked: 2 times
Been thanked: 31 times
Contact:

Postby Andrew Kirillov » 13 May 2010

Thank you. We are still in decision making process. We must consider a lot of factors.


Return to “MultiCharts”