Jump to content
Sign in to follow this  
mvanrijnen

StockSharp, anybody worked with this?

Recommended Posts

Posted (edited)
33 minutes ago, mvanrijnen said:

... but it's Russian, so people heard about this, can it be trusted? ...

Yes, of course.

I think all major hackers put russian and chinese Unicode strings in their code, but in reality they live in in San Francisco, Redmont and Cupertino :classic_biggrin:

 

But jokes aside, why don't you look into the sources, to find something suspicious ?

Hackers are usually very eager to leave their tags anywhere.

Edited by Rollo62

Share this post


Link to post
Posted (edited)
35 minutes ago, Rollo62 said:

Hackers are usually very eager to leave their tags anywhere.

N0n53N53.

 

/733t d00d3

Edited by Anders Melander
;-)
  • Like 1

Share this post


Link to post
2 hours ago, mvanrijnen said:

I want (maybe) use it for a custom trading bot,  but it's Russian, so people heard about this, can it be trusted?

Of course absolutely no. Evil Russian hackers will drain all of your bitcoins in seconds just between faking US votes and drinking vodka with their bears

  • Haha 3

Share this post


Link to post
12 hours ago, mvanrijnen said:

It's about: GitHub - StockSharp/StockSharp: Algorithmic trading and quantitative trading open source platform to develop trading robots (stock markets, forex, crypto, bitcoins, and options).

 

I want (maybe) use it for a custom trading bot,  but it's Russian, so people heard about this, can it be trusted?

 

Hi!

 

I don't know that any specific repo can be trusted when it comes to BTC etc. without intense static analysis be it Russian or not. 

Also keep in mind that GitHub itself has been subject to a mining attack whereby a pretend-NodeJS instance was available and executed which would perform crypto mining leveraging GitHub servers, so... kinda shady the whole thing whoever does it. 

But this library is developed in C# so static analysis is an option and I think there are several products that can do it. 

 

Static Analysis is your first line of defense, especially if you can establish "shady patterns" to look for. 

 

I am muchly more worried about situations where, say, the repo is on Russian/Chinese servers and with Internet-related laws that are questionable at least, if not downright awful. 

 

Static analysis is your friend, mate, use it!

  • Like 1

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×