.ex4 files
.key files
.dll file
.tpl files

Can any of these files be used to compromise an account?
Are their built in protections?

society wrote: Wed Sep 13, 2017 3:21 am .ex4 files
.key files
.dll file
.tpl files

Can any of these files be used to compromise an account?
Are their built in protections?

Dlls called from an ex4 file - can.
No protection - since you will allow it to work - but that is all in a case of a malicious code
Even "pure" ex3 files can (especially when they "require" that you add some web address in the allowed web request URLs

mladen wrote: Wed Sep 13, 2017 3:54 am

Dlls called from an ex4 file - can.
No protection - since you will allow it to work - but that is all in a case of a malicious code
Even "pure" ex3 files can (especially when they "require" that you add some web address in the allowed web request URLs

I try to stay away from programs that use DLL. How is the account compromised ? And does the ability to access stop once you stop using DLL's ? Can you give a few suggestions on protecting yourself ?

The definitive way of avoiding malicious code is to refuse to use anything that is pre-compiled; I would hazard a guess that was probably the reason why an MQL decompiler was placed into the public domain. Using anything other than source code requires a level of trust.

Here is a list of MQL account functions that return parameters of the current account

JADragon3 wrote: Sat Sep 30, 2017 8:38 pm ... does the ability to access stop once you stop using DLL's ?

Metatrader has program instructions that can access information about an account through MQL code. It provides a DDL-free way of capturing, recording and communicating information about the user once the code is executed. Once the code is compiled, the malicious instructions are hidden and can not be easily detected.

By way of example, I have written and compiled an indicator that plots a channel. Furthermore, it captures and records user input which is manipulated to a degree before being printed to the 'Experts' tab in the terminal window. The captured input is then piped to a text file in the common folder and saved as 'yourInput.txt'.

So make it clear to me, please. Some indicator's author can get an access on my ip-adress or smth? Let's say i bought some indi on the market. Can the indi's author/seller see any information on what PC his indi is being worked on? Let's say i run this indi on another PC - can he see that new user IP?

Fresh_Prince wrote: Sat Dec 16, 2017 1:06 pm So make it clear to me, please. Some indicator's author can get an access on my ip-adress or smth? Let's say i bought some indi on the market. Can the indi's author/seller see any information on what PC his indi is being worked on? Let's say i run this indi on another PC - can he see that new user IP?

Upon executing Metatrader limited information about the computer and the account is presented in the journal including the current IP address. The broker's IP address can be found in the SRV files that stores the brokers's MT4 Server information.

MrSortable wrote: Sat Dec 16, 2017 1:22 pm

Upon executing Metatrader limited information about the computer and the account is presented in the journal including the current IP address. The broker's IP address can be found in the SRV files that stores the brokers's MT4 Server information.

I'm asking if someone could get this information from the indicator's code?