Discussion of article "Securing MQL5 code: Password Protection, Key Generators, Time-limits, Remote Licenses and Advanced EA License Key Encryption Techniques" - page 3
You are missing trading opportunities:
- Free trading apps
- Over 8,000 signals for copying
- Economic news for exploring financial markets
Registration
Log in
You agree to website policy and terms of use
If you do not have an account, please register
You could also replace your front door with reinforced steel but it won't to anything to prevent entry if you leave the key on the doormat. The protection you have described is fine to deter the casual coder but certainly not against a motivated attacker.
The question here is not the encryption - that's the easy part - but rather how you handle keys and the decryption process.
In the scenario where an attacker, in the classic parlance we'll call her, Mallory, wishes to copy and distribute an EX5 she has the key to then surely she can do by:
i. running the EX5 with the key;
ii. monitor the process as it is running, say by attaching a DLL to the process, and dumping the contents of the EX5 immediately after it is decrypted;
iii. reassemble the now plaintext EX5 (and potentially disassemble into source if can be bothered).
If your first point protection involves signature verification then all that the attacker need do to distribute files is distribute a different MQL executable with relevant public keys replaced. If MQL5 uses a cryptographic API to verify cert then that can be ripped out the binary. This continues ad infinitum.
This is all before you start considering the nightmare that will be your key management.
While this sort of binary analysis is out of my capabilities these days, I know several people that could accomplish it without hassle. So it is not the strength of the encryption you should be concerned about but rather that you have an invalid security model. It isn't a particular problem per se, as nobody expects MetaTrader to solve that problem - there are other very usable solutions to this problem, specifically having the owner of MQL5/EX5 code run it on a separate sever they control and license access/signals to buyers.
So, I'm at a loss to understand why people are requiring this facility when it is so difficult to implement properly, at least without tamper proof hardware.
allicient brings up a lot of valid points. For any real protection, I recommend the following:
For basic protection of the source code, stuffing as many functions as possible into a dll should do the trick. Minimal code to interface between MT5 and programming is ok. I would not trust the complete source code in ex4/ex5, unless you are giving your software away. But this article is about protecting your intellectual property for paid/commercial products or free products where source code is not given.
For licensing, the best protection is having separate demo and live versions of the ex4/dll combination. The tradeoff is that it is a bit more of a hassle for the developer and client, as the developer has to maintain/compile two versions of their own software. But you lessen the chance of someone gaining hacked access to full version of software; they only can use the demo version. A lot depends on the goal of the demo. If you want to offer the client full functionality, then
Also, implement licensing that may require that a small piece of essential code be run remotely before the local software can be run. CNS SaaS (Software as a Service) has actually done just this, and it is called CCoHS (Call code on hosted server) functions. You can place a limited portion of code needed for your EA to run properly in a hosted fashion. Then even if someone runs off with the EA, or cracks the licensing dll somehow, it would still render the dll useless. There is latency between the hosted code server and the EA and/or licensing servers, but you can work around that. The implementation isn't too difficult, but the user does have to find a way to implement CCoHS on his/her own servers. When you are small, you can do this on a a budget server or wherever, and then scale up when your subscriber base grows.
Hosted functions, while the most expensive of all the options offers real protection in case someone were in fact able to decompile your dll, which is very unlikely. They would most likely 'crack' the dll to get your software to work. But without the required hosted functions, it would still be useless. Unless I missed something here.
Published article Protecting MQL5 Programs: Passwords, Keys, Time Limit, Remote Licence Check:
Author: investeo
3. Binding to account - I tried to bind the work of the Expert Advisor to the account. The protection does not work, it gives the message /the work of the Expert Advisor on this account is not allowed/ , but the EA still trades. There are no errors during compilation. I don't understand what's wrong.
Where would this line of code be placed. ??
Hello, I have a question, I want to sell advisor on my site but I don't know how to do it, is there anyone who can help?
Thanks in advance!
Hi,
Thanks for the Article. Please advice me for Password protection, how to make when type the password, the input display as asterisk ("*") or a dot ("•")
I am not good programer.
Thanks
Sorry to be scathing but what was presented in the article is not security, it is obscurity. Copy-protection is an exceedingly difficult problem, hence the efforts of the music/film industry with DRM and their repeated failures.
At best, the information here will waste some peoples' time; at worst you may have given the reader a false sense of security. If they then decide to "protect" a product using your advice, they may be somewhat surprised when their consumer strips out the protection within a matter of hours and resells it for a fraction of the price.
An seriously - base64 encoding is not related to encryption. Base64 encoding was designed to allow 8-bit data to be transmitted safely using protocols that consider data encoding to be 7-bit. You can trivially reverse base64 encoding - and it is designed for that purpose!
The only solution I can see of securely distributing MQL5 software is either via the broker's limited power of attorney provisions, or installing an instance of MQL5 with the .ex5 files on a server somewhere and allowing the customer access using a thin client (so they cannot download the .ex5). And yes, I've worked in information security for over 15 years, so have a fair idea of what I'm talking about.
To be honest, I'm rather surprised that Metaquotes published the article.
Hello good afternoon consultation I need help to be able to achieve the use of an EA by account number in mt4 and that allows me to modify and that can only work the accounts that are within the license and that can enable and disable it remotely as it used two mt4 one master and one slave I attach the description of the code and how I can better for it to work well because if I enter another account that is outside the license it works the same.
<?xml version="1.0" encoding="UTF-8"?>
<license>
<programVersion>
</programVersion>
<licenseType>Full</licenseType>
<validityPeriod>
<endDate>1/18/2080</endDate>
</validityPeriod>
<Owners>
<ownerName>
<Account>6789</Account>
<Account>7994</Account>
<Account>22302</Account>
</ownerName>
</Owners>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>Cl8vF8+Uyyms3pEodjip5ol5J4s=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue> p/NlTyHeUy5CVC01H/2WmvTcN8TqJhrInkhqtyzR6vqn/koJHqm6fiD6mepklpn4fud0em7vqOiyWcQ9KQ8jqoyoN9ExkJUEvepWBQT2HHHcaoW2kpV17ch+CZvtFX74cHE23WrOi9/p3RoK/4G0rsgvdjvefdZRQRsM5k=</SignatureValue>
</Signature>
</license>
I have an idea. Suppose there is a web monitor that allways look through the web flow.
1. EA client call the web server for a sha.pub key which is generated by the server randomly.
2. EA send some data asking for authorization to the server with the pub key so the monitor can't know what the data is. And in the data can contain some random key generated by the client. The monitor can't decrypt the data because of the sha key.
3. The server received the data and send authorization allowed infomation encrypted by the key client sent to it. The monitor maybe decrypt this information because it may know the pub sha key, but it doesn't know the client's key, so it is still useless.
In this way, the server can control the EA client's behavior.
Hi, should it be possible to update this article taking into account the new Python release ?
I can't make it working. PS: Python is still new for me.
Thx,
Danny