Support Board
Date/Time: Fri, 11 Apr 2025 19:13:01 +0000
Post From: User Contribution: Sierra++
| [2024-02-11 22:27:58] |
| Trader & Sierra++ developer - Posts: 110 |
|
Answering your question : Sierra++ only uses the Sierra Chart API, from within its custom study that acts as a bridge. It does not read any file except its own config files, which are listed on Sierra++ website. One can check this with one of the existing tools for Windows able to trace how a program interacts with the system. Considering your questions and thoughts (which once again I fully understand), I think it is important to make it clear that any developer creating a .exe or .dll file (including SC custom studies) has complete access to the system through the Windows API. This is an inherent aspect of the amazing speed of C/C++ : there is no safety mid-layer beyond Windows itself. In essence, there are only two effective methods to restrict 3rd party code impact on a system : 1) utilizing scripting/interpreted code, like TradingView, with the obvious cost of performance, 2) running native code within what developers call a sandbox. Indeed, you can install VirtualBox on your system, set up Sierra Chart without exposing any sensitive files or studies, and then use Sierra++ to update your chartbooks. It works well, that's what I do for testing S++ on other OS like Win11 and Linux. Following yesterday’s words about certification : while valuable, it does not guarantee perpetual safety. Even if a renowned authority validates the first 42 versions of an application, the 43rd may introduce unsafe or even malicious code. Of course my intention is not to provoke or incite fear. It’s just the reality and this forum is a good place to tell the truth without the wahoo´s of marketing. I just want to say that from the first time you execute an external .exe or .dll on your system, you inherently place trust in the author. Fortunately, to the best of my knowledge, it seems that SC Custom Study developers are generally digilent and reliable. Summary : - As high-performance native code, any SC custom study executed by Sierra Chart has complete access to the user’s system (files, network, Registry etc) - Sierra++ is not more dangerous than any other SC custom study - It's all about trusting the author - I say what I do and everyone can check that I do what I say Date Time Of Last Edit: 2024-02-12 10:38:07
|