security in ex4

[[Deleted]]

Hello how are you

I want to ask the question, sorry if the answer already, but I want a current response,

I'm doing some EAs in MetaEditor 5.0 Build 1154, and want to know if the ex4 file generated after compilation, it is easy for someone else to decompile and get my code,

as I can make my code more secure, and I can put a password to my EAS, and prevent them from stealing my ideas put there?

thanks for your answers

[honest_knave]

As of yet, nobody has proven they can decompile code post Build 600 (2014). That isn't to say it won't change in the future.

If you publish your EA through the MetaQuotes Market, there is supposed to be an extra layer of security.

Alternatively, write part of your EA into a DLL and reference that in your code. 

[[Deleted]]

somebody1:
As I can make my code more secure, and I can put a password to my EAS, and prevent them from stealing my ideas put there?

Well one of these 1 day writing the EA code, 10 days spending to protect it, things. If you want to prevent your ideas being stolen, then simply never hand out either the source or compiled code. Best and only protection ever.

[JD4]

somebody1:
Hello how are you

I want to ask the question, sorry if the answer already, but I want a current response,

I'm doing some EAs in MetaEditor 5.0 Build 1154, and want to know if the ex4 file generated after compilation, it is easy for someone else to decompile and get my code,

as I can make my code more secure, and I can put a password to my EAS, and prevent them from stealing my ideas put there?

thanks for your answers

To be honest, hasn't been done yet doesn't mean cannot be done in the future.  And to be completely honest, if someone wants to get to your code, and have enough motivation to do so, they will find a way sooner or later.  There is nothing you can do to totally prevent it, short of not even writing the EA.  Password protection is one way.  I have also heard it recommended to run the EA on a server you control access to, and only have the user download a stub code that has to access the server file to run.  This could present problems to potential users as it would jack up their data consumption, and people using their smartphone to trade could blow through their data plans in record time.  There are also supposedly code obfuscators out there that can help with this by making your code, if they can get it decompiled, will give a non-functioning version because there is garbage code in with the real stuff.

[ydrol]

JD4:
  This could present problems to potential users as it would jack up their data consumption, and people using their smartphone to trade could blow through their data plans in record time. 

Sending trade signals to a client will be insignificant traffic.

[JD4]

ydrol:
Sending trade signals to a client will be insignificant traffic.

I have not worked on that side of things to know.  I defer to you on this without hesitation.

[Ex Ovo Omnia]

JD4:
To be honest, hasn't been done yet doesn't mean cannot be done in the future.  And to be completely honest, if someone wants to get to your code, and have enough motivation to do so, they will find a way sooner or later.  There is nothing you can do to totally prevent it, short of not even writing the EA.  Password protection is one way.  I have also heard it recommended to run the EA on a server you control access to, and only have the user download a stub code that has to access the server file to run.  This could present problems to potential users as it would jack up their data consumption, and people using their smartphone to trade could blow through their data plans in record time.  There are also supposedly code obfuscators out there that can help with this by making your code, if they can get it decompiled, will give a non-functioning version because there is garbage code in with the real stuff.

I doubt the obfuscator could ensure non-working decompiled code in MQL, unless you find a weak point of the particular decompiler. Moreover, variables and functions names do not seem to be saved with executables in MQL, so no advantage of using the obfuscator.

[JD4]

Ovo:

I doubt the obfuscator could ensure non-working decompiled code in MQL, unless you find a weak point of the particular decompiler. Moreover, variables and functions names do not seem to be saved with executables in MQL, so no advantage of using the obfuscator.

Heard people recommend it, have not used it myself, as I do not yet have any programs coded.

[[Deleted]]

Hello, thanks to all,  i take notes

PDTA

Ovo:

I doubt the obfuscator could ensure non-working decompiled code in MQL, unless you find a weak point of the particular decompiler. Moreover, variables and functions names do not seem to be saved with executables in MQL, so no advantage of using the obfuscator.

#Ovo, this is you web: http://ovo.cz/?????

[Ex Ovo Omnia]

somebody1:

#Ovo, this is you web: http://ovo.cz/?????

Sure, it is published in my profile.