|
PureBytes Links
Trading Reference Links
|
Dear Omega people,
For a quick summary see the last paragraph.
The problem with the security issue is partly related to Omegas TS position
in the market place. Lets look at the competition.
First of all we have got the low-end amateur products like WOW,
Supercharts and zillions of others. They all sell de-dongled and
without password protection unless they are sold over the internet.
Basically it would be too expensive to provide security mechanism for these
products given the low price.
Secondly we have got medium to professional league. These products
are either sold exclusively with the data feed or they are licenced monthly.
Here we find Townsend Analytics, Robert Slade and others.
However these products differ slightly because you can run them on
networks and the software must provide password authentication
mechanisms in order to ensure that only certain number of users are using the
software and the datafeed. To dongle all those machines on the
network is impracticable that is why some central authentication
mechanism is provided on the server. The monthly licencing ensures
that the software producer provides a real support otherwise no one
would still use the software.
The professional products which are run on trading desks at banks
have either no copy protection or are protected by authentication mechanisms -
otherwise the avarage trader at the bank would have 20 dongles
sticking out of the back of his machine. Furthermore it is assumed
that banks which invest millions in their hardware and software do
not need to cheat.
TS Realtime is half way in between an amateur and the medium to a professional
product. The server and the software only runs on one machine.
Therefore it can only be used by small operations. (Larger operations
need to share the database information). As TS is sold with a one-off
licence fee the user must expect that he can use the software
forever and on whatever machine he likes. Therefore it does not seem
reasonable to sell the software with an authentication mechanism
which is bound to the machine. If Omega is bankrupt the user would be
without software. In any case: although he bought a forever licence he
still needs to deal with Omega when he switches machines. I would
think that many users find this uncomforting.
The alternative is that Omega switches to monthly licencing for TS realtime
and move into the medium professional league and detaches the server
from. However such a move would propably require much more support
otherwise people would not licence the software.
The point of all this is: As long as Omega sells one-off licences and
chooses to protect their software it should provide a mechanism which
gives the client total ownership of the product.
The dongle is only partially an answer because it the user
is always frightend that he looses the dongle or that the dongle is stolen.
Neither the dongle nor the machine authentication seems to be the
answer in Omegas case.
Given the moderate number of TS sold it is possible to code a
personal authentication code of the client into the software.
Basically you would get one standard CD with the main part of the
software and a custom burnt CD or diskette with the rest of the
software and some authentication code cleverly hidden somewhere in
it. (Given the speed of todays computers such a dll or exe could be
compiled in no time and be transferred to disk.) This would allow
the user to copy his software for safety reasons and deter him from
selling the software illegally because it could be traced back.
Gerrit Jacobsen
If you need further advice how to implement this in a serious way
please contact me. (Yes - I would be grateful for a free TS
upgrade in advance)
|