Discussion of article "Securing MQL5 code: Password Protection, Key Generators, Time-limits, Remote Licenses and Advanced EA License Key Encryption Techniques"
Published article Protecting MQL5 Programs: Passwords, Keys, Time Limit, Remote Licence Check:
Author: investeo
Excellent implementation! The Datetime expire script would just be placed in the code of the EA correct and if so, how would one be able to make a predefined expiry based on a timelimit e.g. 2 weeks from first placing on chart?
datetime allowed_until = D'2012.02.11 00:00'; int password_status = -1; //+------------------------------------------------------------------+ //| Expert initialization function | //+------------------------------------------------------------------+ int OnInit() { //--- printf("This EA is valid until %s", TimeToString(allowed_until, TIME_DATE|TIME_MINUTES)); datetime now = TimeCurrent(); if (now < allowed_until) Print("EA time limit verified, EA init time : " + TimeToString(now, TIME_DATE|TIME_MINUTES)); //--- return(0);
to
double allowed_tf = 7; // in days int password_status = -1; //+------------------------------------------------------------------+ //| Expert initialization function | //+------------------------------------------------------------------+ int OnInit() { //--- printf("This EA is valid until %s", TimeToString(allowed_until, TIME_DATE|TIME_MINUTES)); datetime now = TimeCurrent(); datetime allowed_until = TimeCurrent() + allowed_tf; if (now < allowed_until) Print("EA time limit verified, EA init time : " + TimeToString(now, TIME_DATE|TIME_MINUTES)); //--- return(0);
??
good article...
Syntax error in the title "...oorg anisation pr time...". Please correct it.
It's an interesting article. We'll look into it...
call base64 encryption...
by the way, this encoding is easily recognisable and does not scare anyone. Moreover, it is widely used when communicating web applications with others (if you need to exchange not only strings).
When decompiling code, even PGP won't help and index encryption won't help either. Not to mention that PGP requires a separate dll, which means that, for example, remote optimisation is no longer possible. Not to mention the fact that many traders are scared when all sorts of scripts/indicators/advisors get into the Internet and transmit who knows what.
In general, as always, there is something to defend.
The article is useful and shows directions for the application of protections in your software.
For our part, we are thinking about providing a standard and fast MQL5 interface for working with cryptosystems (MD5, SHA, RSA, DES, etc), which will make it easier to work with encryption.
If we talk about the mass market, we have specially implemented a good and human mode of protection in MQL5 Market - applications are encrypted for each device uniquely, allowing up to 3 activations.
We invite authors to publish their applications more actively.
We invite authors to publish their applications more actively.
is it possible for authors who want to publish free software not to make it compulsory to fill in passport data?
Unfortunately, the problem is exactly in the opposite direction. We suffer direct losses due to various fraudsters (carders, stolen paypal accounts, etc.) in various services, although we have learnt to fight them effectively.
We are forced to move in the direction of controlling first of all sellers for the sake of unbreakability of the service. You can't treat a public service carelessly - the general trend is to strengthen the security of many similar services.
Our approach is to protect end users and not allow anything dangerous into their infrastructure.
For completely free software with sources there is Code Base - it's a good way to raise your rating.
By the way, we are about to release a large rating system for all users. It will be a very interesting innovation - "give me a trader of level 80!".
Renat:
For completely free software with source code, there's Code Base - it's a good way to boost your rankings.
That's a bit of a misnomer.
A marketplace is one thing, and a code base is quite another.
A product in the market is great because it is more trustworthy in terms of quality. Perhaps the word "respect" is appropriate here. Free software in the market automatically becomes "level 80". And codebase somehow pales into insignificance ...
By the way, we will soon release a large rating system for all users. It will be a very interesting innovation - "give me a trader of level 80!".
On this forum, a rating for "level 80 programmer" is desirable. Trader no detekted.
If there are any indicators of a programmer's quality on the forum - his articles, posts, published developments or service work- there is absolutely nothing objective for traders.
A trader cannot be evaluated. If he evaluates himself, you know what spam advertising will lead to :).
- 2010.06.18
- MetaQuotes Software Corp.
- www.mql5.com
... There is absolutely nothing objective for traders. A trader cannot be evaluated.
- Free trading apps
- Over 8,000 signals for copying
- Economic news for exploring financial markets
You agree to website policy and terms of use
New article Securing MQL5 code: Password Protection, Key Generators, Time-limits, Remote Licenses and Advanced EA License Key Encryption Techniques is published:
Author: investeo