Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Hackers Find New Way To Cheat On Wall Street

timothy posted more than 3 years ago | from the just-downstream dept.

Security 271

GMGruman writes "The high-speed trading exchanges that conduct the business of buying and selling stocks and mutual funds are so fast that hackers can introduce delays of a few microseconds completely unnoticed by today's network monitoring technology — and manipulate prices in the process to reap millions of dollars to the detriment of everyone else, InfoWorld's Bill Snyder reports. This kind of activity creates new reason to distrust Wall Street and shows how the computer networks we all rely on for conducting business and moving information are ripe for undetectable hacking."

cancel ×

271 comments

Sorry! There are no comments related to the filter you selected.

Move to quantified data (4, Interesting)

omnichad (1198475) | more than 3 years ago | (#34783618)

Trades only take effect every 5 seconds. Wouldn't that stop this sort of abuse?

Re:Move to quantified data (5, Funny)

kevinmenzel (1403457) | more than 3 years ago | (#34783654)

AGH! You'll ruin the foundation of capitalism! Down with your regulations, you dirty commie!

Re:Move to quantified data (0, Interesting)

Anonymous Coward | more than 3 years ago | (#34783900)

Don't confuse government regulations with other kinds of regulations. Even Wal-Mart has regulations requiring shirt and shoes. There's nothing wrong with voluntary regulations. It's only an issue when the government violently imposes them, usually in a piss-poor fashion though that's irrelevant. It's still rape even if the sex was good.

Re:Move to quantified data (1)

Anonymous Coward | more than 3 years ago | (#34783962)

Don't confuse government regulations with other kinds of regulations. Even Wal-Mart has regulations requiring shirt and shoes. There's nothing wrong with voluntary regulations. It's only an issue when the government violently imposes them, usually in a piss-poor fashion though that's irrelevant. It's still rape even if the sex was good.

Is it still theft if it occurred > 200 years ago?

Re:Move to quantified data (3, Insightful)

spun (1352) | more than 3 years ago | (#34784056)

Don't confuse good government regulations with bad. No regulations are completely voluntary, if they were, we would not need to even mention them. No, the reason we have them is precisely because not everyone does the right thing voluntarily. All effective regulations come with consequences for breaking them. There is no fundamental difference between a law and a regulation. Breaking a law amounts to the initiation of force against the parties that enacted the law. Responding to a threat with force is not immoral. The idea that all government regulations are bad is simply an argument put forth by those who do not want to be held responsible for the consequences of their actions.

Re:Move to quantified data (1)

Anonymous Coward | more than 3 years ago | (#34784328)

Why the fuck have any regulations at all? I should be able to go 60 MPH in my neighborhood, and 140 on the freeway. If I kill someone, who cares? I won't go to jail. Their family could try to sue me but since there are no regulations specifying fault, I have nothing to fear.

Re:Move to quantified data (1)

letherial (1302031) | more than 3 years ago | (#34784364)

Violently? I am rather sure that wallstreet does not have the national guard threatening them to follow the rules, however, i cant say its not a bad idea.

Re:Move to quantified data (1)

Surt (22457) | more than 3 years ago | (#34784704)

What do you suppose happens if they refuse to comply with federal regulations? No, it won't be the national guard, but if they resisted enough it would eventually be the US Army knocking down their doors.

Re:Move to quantified data (1)

plopez (54068) | more than 3 years ago | (#34784830)

Nah. They'll just buy a few key politicians and get away scot free.

Re:Move to quantified data (1)

letherial (1302031) | more than 3 years ago | (#34784936)

the supporting agency would fine them, if they didn't comply, then a lawsuit would be filed, it would go before a judge, the judge may say pay this amount, if they dont, the US government would have a court order to simply take it from there accounts. I dont see a gun getting involved anywhere in the process.

Re:Move to quantified data (0, Insightful)

Anonymous Coward | more than 3 years ago | (#34784074)

AGH! You'll ruin the foundation of capitalism! Down with your regulations, you dirty commie!

Oh noes, not the day traders! People who make lots of money while producing no useful product might get ripped off. Quick, somebody call the whaaambulance!

Re:Move to quantified data (1)

NevarMore (248971) | more than 3 years ago | (#34784124)

Oh noes, not the day traders! People who make lots of money while producing no useful product might get ripped off.

Politicians watch out for their own.

Re:Move to quantified data (1)

c0lo (1497653) | more than 3 years ago | (#34784470)

AGH! You'll ruin the foundation of capitalism! Down with your regulations, you dirty commie!

What??? What do I hear, "net neutrality regulations" would became suddenly capitalistic?

Re:Move to quantified data (1)

LordNacho (1909280) | more than 3 years ago | (#34784054)

That's just a different game. One that incidentally is already being played at start and end of session auctions.

Re:Move to quantified data (5, Interesting)

0100010001010011 (652467) | more than 3 years ago | (#34784114)

Why not every 30? That should be enough time for a HUMAN to decide if they want to buy or sell something. It seems that this lightning fast trading works great and they're happy if they're making money. If something cascades into failure (like it did earlier last year, or was it '09?) then they just say 'oops, do over'. Imagine you were cashing out your 401k during the 'accidental' crash last year. One second stuff is at 1000, the next it's at 300. In the time it took for electrons to travel from your broker to the market.

The worth of a company what a stock is supposed to buy you into, doesn't change even from minute to minute.

I mean, they wouldn't make as much, but it'd be fair to the common person. (So it'll never happen).
-
OR, the other suggestion that I heard suggested would be to tax trades inversely proportional to how long they're held.
1 minute: 90%
1 hour: 80% .. .. .. ..
20 years: 5%
40 years: 1% (people that actually it as investment).

Re:Move to quantified data (1)

TheRaven64 (641858) | more than 3 years ago | (#34784210)

Why not make it every hour or even every day - that gives people time to think before each trade and means that you get better luck from algorithms that predict the long-term viability of a company, which biases investment towards companies that have a long-term future. Taxing based on the amount of time the stock is held for sounds great. I'd love to see very high tax rates for people who don't actually create anything.

Re:Move to quantified data (0)

Anonymous Coward | more than 3 years ago | (#34784300)

But, but, the High Frequency Traders create volatility! ... whoops, bit of a freudian slip there... "liquidity"!

Re:Move to quantified data (0)

Anonymous Coward | more than 3 years ago | (#34784760)

Just because you don't think "arbitrage" is something doesn't mean it's not.

Besides, I can think of a simple counter example: I'm a regular Joe employee of company XYZ and I am granted options that
vest a long time period in lieu of a higher salary. As I can't mail the options to the mortgage company I have to exercise them
in order to actually realize that salary. If I want all that money, I'm taking a huge tax hit. If I want to exercise the options but don't have the capital to do so, I'm going to take a huge hit on my cashless exercise.

Plus a random fraction of a second. (4, Interesting)

khasim (1285) | more than 3 years ago | (#34784136)

Setting a fixed time moves the goal to whomever can shave their systems closest to that fixed time.

Set a fixed time ... plus a random fragment of a second. That way no one knows exactly WHEN the trade will go through. But it's still close enough for humans choosing to trade.

The key here is to reduce the ability of software to "cheat" but still allow humans to trade.

Re:Plus a random fraction of a second. (1)

omnichad (1198475) | more than 3 years ago | (#34784248)

That does sound even better, though shaving close to that fixed time still leads to less abuse. During that whole 5 seconds, you have no feedback on what the rest of the market is going to do. Plus, you've opened up almost-high-frequency trading to the entire world, rather than just the local datacenter.

Re:Plus a random fraction of a second. (2)

kasperd (592156) | more than 3 years ago | (#34784402)

Setting a fixed time moves the goal to whomever can shave their systems closest to that fixed time.

There would only be to reasons for going that way. One reason would be to be able to complete some heavier calculations before the deadline. But if that was the reason then more processing power and faster algorithms is a much more reliable way to achieve the same than playing the latency games.

The other (more likely) reason for wanting to get close to the deadline is to take benefit of additional information that became available later. You can stop information from the market itself from being used in this way by ensuring it is only published at the same intervals. Let bids be submitted encrypted and then be published after the bid closes for the round.

With this approach the only reason left for playing with the latency is if external information could affect the prices. So, if something comes up in the news that could change the prices, then if such news breaks just before the deadline and automatic trading systems takes this into account, then playing with latencies can matter in those rare cases.

The longer the period, the less likely the news is to break just before the deadline.

That way you'd remove the "legitimate" reasons for worrying about subsecond latencies. If none of the regular traders are dependent on subsecond latencies, then hackers trying to affect prices by affecting those latencies will have a much harder job.

If you try to affect the one remaining place where the latencies matters, namely for external news, you'd have a much higher chance of any significatn impact by manipulating the contents of the news themselves rather than the timing of them.

Re:Plus a random fraction of a second. (1)

RobertLTux (260313) | more than 3 years ago | (#34784588)

so in effect say 30 minutes and (5d20)/6 seconds is when a given trade will "count"

Re:Plus a random fraction of a second. (1)

Dishevel (1105119) | more than 3 years ago | (#34784872)

That dose not seem like a AD&D players dice. Old school pen and paper Harpoon player maybe?

Re:Plus a random fraction of a second. (1)

DriedClexler (814907) | more than 3 years ago | (#34784986)

That's not necessary -- you can just remove the margin to be faster altogether. Just collect all the bids placed before the fixed point, without telling anyone what the other bids are. (i.e., everyone sends in their supply/demand curve for a given security) Then, the computer could look at just those bids (any further bids would apply to the *next* fixed time), resolve the trades by an algorithm, and spit out the results when it's done.

In that case, everyone who got their bet in before the fixed time is on equal footing. You don't know any more or less, nor get any better or worse treatment as a result of being able to place a bid one pico/nano-second before the fixed time, and the race to compete on insanely fast execution of trades is over.

Re:Move to quantified data (0)

Anonymous Coward | more than 3 years ago | (#34784142)

quantized you mean?

Re:Move to quantified data (1)

omnichad (1198475) | more than 3 years ago | (#34784284)

Yes. That's exactly what I meant. The temptation of a +anything first post was just too great for me to remember the right word.

Re:Move to quantified data (1)

Charliemopps (1157495) | more than 3 years ago | (#34784158)

5 HOURS

Re:Move to quantified data (0)

Anonymous Coward | more than 3 years ago | (#34784952)

I heard an argument against this in the context of levelling the playing field between individuals and big firms. It basically said that long pauses between trading increases volatility and creates artificial spikes in demand.

I doubt it (5, Informative)

_merlin (160982) | more than 3 years ago | (#34783630)

I work in this business, and trust me - we count nanoseconds. We would notice if "hackers" were introducing delays.

Re:I doubt it (5, Insightful)

Anonymous Coward | more than 3 years ago | (#34783674)

I work in this business as well, this article is pure nonsense. I honestly don't know what the fuck this guy is talking about. Artificial delays would be picked up on immediately, no matter how brief. And it's not like this shit is trading over the internet, all endpoints are known, there is no anonymity, if someone tried this shit they'd be in jail by the end of the day.

Re:I doubt it (1)

dwarfsoft (461760) | more than 3 years ago | (#34783772)

Even as somebody who does not work in the industry, I cannot see how " Hackers Find New Way To Cheat On Wall Street", It even says in the article "Kay says he does not know if anyone has yet launched a side-channel attack against a high-frequency trading network". How did the Hackers find this? Or is this story really just "Rony Kay Worries that Hacker MIGHT Find A Way To Cheat On Wall Street".

Re:I doubt it (0)

Anonymous Coward | more than 3 years ago | (#34784046)

"Hacker" as a term does not denote positive or negative intentions. "Hackers" would claim to have discovered anything here regardless of whether or not the attack had been launched as most security experts handling bug discovery would call themselves white hat hackers. Duh.

Re:I doubt it (1)

dwarfsoft (461760) | more than 3 years ago | (#34784140)

So he suffers from Multiple Personality Disorder? The article only mentioned him, and from TFA it doesn't even say he has managed to implement this so how exactly is he considered a Hacker, or claim that he found anything. As far as I can tell he is just theorizing that it MAY be possible.

Re:I doubt it (2)

euyis (1521257) | more than 3 years ago | (#34783918)

It's InfoWorld. What else could you expect from a website that inserts shitty inline advertisements in the articles and splits a short story that fits well in one page into three pages?

Re:I doubt it (1)

chimpo13 (471212) | more than 3 years ago | (#34784360)

You never noticed when I changed the percentage of cents from everyone's salary to go into my secret account. The trick to avoid passwords is typing in "override all security". Works every time. My old mentor Gus Gorman filled me in. He's dead now, so I'm not ratting him out.

Re:I doubt it (0)

Anonymous Coward | more than 3 years ago | (#34784540)

You think it's reasonable to take away somebody's freedom because they delay your computer for a microsecond? Your job consists of manipulating imaginary numbers, while leeching value from members of society that produce something useful. Maybe you should get a grip on reality...

Re:I doubt it (1)

Slackus (598508) | more than 3 years ago | (#34783710)

I agree, I believe Endace also plays in this market and their DAG capture cars used for monitoring has a 7.5ns packet timestamp resolution.

Re:I doubt it (0)

Anonymous Coward | more than 3 years ago | (#34784152)

And then they sync the NIC timestamp with the host clock, losing up to 2us precision over PCIe. Datasheet, meet Reality...

Re:I doubt it (0)

Anonymous Coward | more than 3 years ago | (#34784254)

Actually they sync the NIC to an external PPS (pulse per second) signal generated from a stable clock which is synced to multiple GPS satellites. In that setup you get much better than 1us precision

Re:I doubt it (2)

kyhwana (18093) | more than 3 years ago | (#34784272)

Actually, you can sync the DAG card to GPS time.

Re:I doubt it (5, Insightful)

countSudoku() (1047544) | more than 3 years ago | (#34783762)

While not directly for Wall Street, I've been at a couple of related industries (super five 9 HA hardware maker and a free stock website) and I'll wholeheartedly agree; the end results will get noticed faster than you can login to Ameritrade. And what is up with the completely false term "undetectable hacking?" That's got to be the stupidest term I've heard this century. There is no such thing as undetectable hacking. Shame on the coiner's lack of knowledge in computer security and forensics. FAIL.

Re:I doubt it (1)

Anonymous Coward | more than 3 years ago | (#34783858)

Interesting, someone else who "works in the industry" mentioned this a few months back in a post related to wall street, and said it was a common practice they see on just about everything. Something about flooding the server with bogus transactions preventing competitors from making purchases before theirs go in, or something to that effect.

Re:I doubt it (4, Insightful)

_merlin (160982) | more than 3 years ago | (#34783910)

That might let you attack investment banks and hedge funds who are communicating with their brokers over the Internet or VPNs like BT Radianz, but in that situation, it's nothing more than a regular Internet DOS attack. It won't affect real HF traders. If you're HF, your gear is colocated with the broker or exchange, and you use point-to-point links to control it from your office. Attacks would be noticed and attackers identified, as it would have to be an inside job.

Re:I doubt it (1)

trentblase (717954) | more than 3 years ago | (#34783886)

Wasn't the flash crash caused by incorrect time stamps, though? If quotes are not being stamped correctly, how would you detect the delays? (no, I did not RTFA)

Re:I doubt it (-1, Troll)

History's Coming To (1059484) | more than 3 years ago | (#34783992)

You work in the business? Then tell everyone you know that the geeks not only think this way of working is a bad idea (see below), but that a small subset of them are going to take advantage to the point where your systems collapse. We're seeing the start of that already.

You've, collectively and as a worldwide organisation, agreed that data is worth a huge amount of money, which doesn't exist and may pop in and out of existence. You've created a metastable chaotic system governed by belief. You've put that system on the internet. You're funding it with everybody's bank accounts and pension funds. You're idiots, and so are those who allow it...the voters and the parties and the regulatory framework. The system is unstable, stop perturbing it.

And all of that is, of course, nonsense, because there's profit to be had.

Re:I doubt it (5, Informative)

_merlin (160982) | more than 3 years ago | (#34784146)

You're an idiot and you don't know what market making is. The prices options trade at are so close to the theoretical fair price that there is very little money to be made on each trade - often only cents. To keep the company in the black while paying a bunch of talented developers and network engineers, you have to make as many trades as possible. The reason for cutting down latency is so that we can snap up that 80c before anyone else.

Maybe you're not thinking about market making - maybe you're thinking about those clowns trying to game each others' algos on NASDAQ. The guys who place orders and delete them faster than they could ever trade just to see how the other guys' algos react, and have "geniuses" talking crap about how foolproof their theory of predicting stock prices falling is, and basically treat trading as a black art. They serve no useful purpose, and just create extra noise in the data feeds that need to be processed. I don't think they really do a great deal of harm most of the time - most of the money they make and lose is just being passed around between each other. They're all a big circle jerk.

You can't lump all HF traders together. (And for the record, I'm a geek: I design, develop and support the systems; I don't sit on the dest trading.)

Re:I doubt it (2, Insightful)

LordNacho (1909280) | more than 3 years ago | (#34784450)

Amen. You're in minority here. With me. I do what you do, and the debate in the public sphere is unbelievably uninformed.

BTW, it's not just option hedging that requires HFT. There's loads of different things to do, and some of them look silly from the outside. I've seen quite a variety of algos, all trying to do different things, on different timescales, on different markets. Of course the media tend to focus on what they've heard of, stocks.

Re:I doubt it (0)

Anonymous Coward | more than 3 years ago | (#34784874)

A lot of wishful thinking here.
Millions are made by that "black art" of yours, but you don't know, and how should you.

And it's a good thing to stay that way...

Posting AC obviously.

Oh, btw:

To keep the company in the black while paying a bunch of talented developers and network engineers, you have to make as many trades as possible.

I think grandparent's gripe is with this: what's the purpose of such a HF company? Why do we allow them to leech away the money that could go to something actually useful?

Re:I doubt it (0)

Anonymous Coward | more than 3 years ago | (#34784190)

I work in this business

Oh yeah? Well fuck you then. Please, even if you can't think of a way to give back to society, come up with a way to make a living without gambling away working peoples' pensions.

Re:I doubt it (1)

c0lo (1497653) | more than 3 years ago | (#34784494)

I work in this business, and trust me - we count nanoseconds. We would notice if "hackers" were introducing delays.

And what would you do when you detect such delays? Call the police in femptoseconds?

Re:I doubt it (1)

eedlee (1448129) | more than 3 years ago | (#34784544)

We call what you do "trading", but if anyone else does it it's called "hacking". Awesome.

Re:I doubt it (0)

Anonymous Coward | more than 3 years ago | (#34784612)

Electric signals travel at about .3 - 3 m in a nanosecond, assuming no collisions in the network.

I call bullshit.

Re:I doubt it (2)

Sparohok (318277) | more than 3 years ago | (#34784654)

trust me - we count nanoseconds

Incidentally, light travels a bit more than one foot in a nanosecond. I trust you that you think you're counting nanoseconds.

Martin

OK (4, Funny)

afidel (530433) | more than 3 years ago | (#34783632)

So they are going to steal from the HFT's that are already performing a salami attack on the broader market, I'm not sure I see a problem here....

terrific usage (0)

Anonymous Coward | more than 3 years ago | (#34783650)

but unsurprising

Hacking? (4, Insightful)

timeOday (582209) | more than 3 years ago | (#34783660)

How is this really any different from bread-and-butter high-frequency trading? Firms spend millions to put their servers physically closer to the trading computers to edge out everybody else by a few milliseconds. Boo hoo, now some "hacker" almost put them back on a level playing field with almost everybody else. It's all financially meaningless, totally legal theft.

Re:Hacking? (0)

MichaelKristopeit341 (1967638) | more than 3 years ago | (#34784380)

it's not different at all...

slashdot = stagnated

Only millions? (4, Insightful)

dkleinsc (563838) | more than 3 years ago | (#34783668)

That's chump change on Wall St. Compared to the kind of stuff Goldman Sachs pulls on a regular basis, I'm not too worried about high-frequency traders getting scammed. What's very clear is that none of it has much of anything to do with actual sound investing.

Re:Only millions? (1)

tverbeek (457094) | more than 3 years ago | (#34783834)

All the more reason to regulate this whole approach to "investing" out of the picture altogether.

Re:Only millions? (1)

dkleinsc (563838) | more than 3 years ago | (#34783872)

Good luck with that.

I mean, the kind of stuff Elizabeth Warren's proposed for regulating credit cards has approval of something like 95% of the public in polls. That doesn't mean she can actually make it happen.

The money has to come from somewhere. (2)

khasim (1285) | more than 3 years ago | (#34784238)

If they're allowed "advantages" or whatever, the profits they make have to come from somewhere. I'd rather a system to prevents such and allows more of the profits to go to the smaller investor.

High-speed trading (0)

Anonymous Coward | more than 3 years ago | (#34783686)

The high-speed trading exchanges that conduct the business of buying and selling stocks and mutual funds are so fast that hackers can introduce delays of a few microseconds [...] and manipulate prices in the process to reap millions of dollars to the detriment of everyone else

And this is different from automated high-speed trading HOW?

Distrust (2, Insightful)

Anonymous Coward | more than 3 years ago | (#34783690)

This kind of activity creates new reason to distrust Wall Street

Aw, c'mon! What's wrong with all the old reasons?!?

Good grief... (5, Insightful)

tool462 (677306) | more than 3 years ago | (#34783738)

That's not a news article, it's an advertisement.

High-frequency trading networks, which complete stock market transactions in microseconds, are vulnerable to manipulation by hackers who can inject tiny amounts of latency into them. By doing so, they can subtly change the course of trading and pocket profits of millions of dollars in just a few seconds, says Rony Kay, a former IBM research fellow and founder of a cPacket Networks, a Silicon Valley firm that develops chips and technologies for network monitoring and traffic analysis.

(emphasis mine)

A man who claims companies are losing millions due to network latency sells tools to monitor network latency? A reliable source, I'm sure.

Re:Good grief... (1)

JeffSh (71237) | more than 3 years ago | (#34783868)

"There's a big problem, says man with solution to said problem"

Re:Good grief... (1)

b4dc0d3r (1268512) | more than 3 years ago | (#34784222)

"Hackers" didn't find it, and the article is like 4 paragraphs on 3 pages. It's an advert and a revenue generator for infoworld. Of course I have NoScript and other blockers, so I clicked through all 3 pages to waste their bandwidth. I suggest everyone do the same.

Re:Good grief... (2, Funny)

TheRaven64 (641858) | more than 3 years ago | (#34784260)

The summary said:

InfoWorld

You said:

That's not a news article, it's an advertisement

Your post therefore deserves -1, Redundant.

Spot on, skippy (2)

sgt_doom (655561) | more than 3 years ago | (#34784332)

Yup, as anyone familiar with The Street knows, the banksters have it sewn up as the usual suspects own all the exchanges and all the clearinghouses.

Ergo, the same people who own the holding company which owns all the climate exchanges (Climate Exchange PLC) also is the same bunch who owns the InterContental Exchange (ICE) and all its subsidiaries, plus the DTCC, plus Markit Group (which prices all those thousands of categories of pesky credit derivatives [otherwise, they'd be worthless!], and ELX Futures, etc., etc., etc. I think we all get the picture by now.

Liuqidity! Liquidity! Liquidity! (5, Insightful)

Daniel Dvorkin (106857) | more than 3 years ago | (#34783748)

That's what we hear, anyway, whenever anyone proposes that maybe ever-higher-speed trading isn't such a great idea.

It's a load of crap, of course. Yes, liquidity is good. No, restricting trades to, say, one per second -- which is still faster than any trading ever took place during the centuries of stock trading before computer trading became common -- would not bring our economy to a screeching halt. In fact, it would probably encourage economic growth by encouraging actual investing instead of the giant casino that the stock market has become.

Of course, in a casino, the house always wins, and since in the case the house also owns the House and the Senate too, this is never going to happen. Sigh.

Re:Liuqidity! Liquidity! Liquidity! (4, Interesting)

jfengel (409917) | more than 3 years ago | (#34784060)

Liquidity IS good, and in the end, I don't see how this is doing anything but provide more of it.

If the hackers are netting themselves a bunch of money by out-trading the other high-frequency-traders... good for them. It's not my money they're taking, because I've got better places to put my money than trying to out-arbitrage the arbitrageurs. But both of them, the Evil Hackers and the White Hat Ginormous Wall Street Bank, are both making sure that when I do sell my stocks, I've always got somebody to sell it to.

The arbitrage means that maybe I'm losing .01% off the transaction. If that's Big Money in aggregate, it's still only a tiny fraction of the mount of money on the line. It's money I couldn't ever get my hands on.

So I don't really much care who wins here. Let 'em fight it out.

Re:Liuqidity! Liquidity! Liquidity! (4, Insightful)

DriedClexler (814907) | more than 3 years ago | (#34784882)

If the hackers are netting themselves a bunch of money by out-trading the other high-frequency-traders... good for them. It's not my money they're taking...

That's what I thought, too -- until Fall '08 hit, and I found out that if one of the big players lose to these guys, the government bails them out (at which point it *is* my money they're taking), revealing as a sham this whole idea that the big guys nobly make risky bets. No, if you're going to be bailed out on the downside, you weren't taking a risk to begin with -- ever.

In theory, you're right -- but let's bring back the concept of "failing when you're wrong" to Wall Street before blithely dismissing the harm these guys can cause.

And seriously -- is the tiny bit of extra liquidity REALLY worth the billions these guys sink into HFT?

Re:Liuqidity! Liquidity! Liquidity! (0)

Anonymous Coward | more than 3 years ago | (#34784928)

Of course, in a casino, the house always wins

Not true.

In Ontario, Canada, where the casinos are owned & run by Ontario Lottery and Gaming Corporation [www.olg.ca] (a corporation owned by the government), they managed to LOSE MONEY [canada.com] .

Sad. The usual complaint is that how many of the poor & dim-witted waste their money at casinos.

Marketing from a start-up (3, Informative)

jsailor (255868) | more than 3 years ago | (#34783750)

There are several products on the market that are employed by the Exchanges and their large customers to track all of this.
This is a marketing paper for what appears to be an interesting product.
Existing vendors already capture, log, analyze (in realtime), traffic across multiple probes and provide real-time alerting along with monitoring, measurement, etc. These products are all leading edge and are changing rapidly. They've solved many problems with proprietary schemes of various sorts. Not the least of which was time synchronization at the nanosecond level.

For very simple public information, just look at latencystats.com. Keep in mind, more detailed info and analysis is going on behind the scenes.

Ok, settle down there .. (1)

Bitmanhome (254112) | more than 3 years ago | (#34783752)

Firstly, it's not undetectable, since you just detected it. Secondly, it doesn't affect everybody, just the HFT people. Most of us don't have much sympathy for them, so we wouldn't consider it a problem.

Scanning for this behavior is going to be challenging, as HFTers will want to detect this particular misbehavior while hiding their own misbehavior.

Hackers or Goldman Sachs? (1)

Anonymous Coward | more than 3 years ago | (#34783764)

There have been a series [market-ticker.org] of articles [market-ticker.org] about this problem [market-ticker.org] on the Market Ticker (Karl Denninger). Read his blog for a couple weeks and you will have nothing but contempt for our financial system -- especially the large banks and our government "regulators". It needs a thorough purging of indictments and prosecutions in order to achieve anything close to reliable for investment.

Unfortunately, every other possible avenue for investment seems to be on just as shaky ground. It is one of those times when I am glad I am not rich (I have less to lose).

While the article is BS.... (5, Interesting)

HerculesMO (693085) | more than 3 years ago | (#34783768)

The reality of Wall Street ripping off the consumer is not far from reality. I work "in the industry" as well (and have, for 10 years), and I've seen and been witness to all kinds of shams and problems that Wall Street is culpable for.

Let's just leave it simply, the average investor doesn't know *anything* about investing. They don't know stocks, bonds, they don't know diversification, they don't know how to change allocations before retirement age for 401ks, etc. But the sad thing is, Wall Street doesn't either. They may know the P/E ratios of firms, the current stock price, and lots of fancy math, but the reality is that a lot of money made on Wall Street isn't in active trading, it's in knowing their customers and playing on that information, and topping it all off with fees. For example, Goldman advises its customers, and the clients lose out, and Goldman wins -- See here. This isn't uncommon.

The simplest secret about Wall Street is that the average investor can forgo using a trading firm, and just invest in an index fund instead (like the S&P). Those funds have very low fees, and require zero understanding about Wall Street. They go up as the economy gets better, they go down as it doesn't. And less than 20% of firms out there can *BEAT* the S&P, meaning that 80% actually do worse. In addition, they charge higher fees. So if you throw your money into the index fund, you don't have to know anything, and you do just as well as 80%+ of the firms out there, and keep the fees they'd charge you to just meet the same ROR in your pocket.

Sadly, you'll never hear about this on the Street, because it would ruin their whole scam. The only thing you need to know is that 5-10 years before retirement age, pull out of indexes and put into guaranteed products so you don't get thrashed on your retirement day, and you'll be a happy camper.

With the amount of influence Wall Street has in our government, in our economy, it's about due time we start getting them the hell out of the way so that we can do better as a country. I know it sounds cheesy, but it's true.

Re:While the article is BS.... (1)

u19925 (613350) | more than 3 years ago | (#34784020)

The article is indeed bullshit and some of the claims violate the very fundamental laws of physics the author cite. Take for example "...it typically takes about 50 milliseconds to send a message from New York to London. Placing a server in between the two could cut the speed of communication in half, they said, which may be enough time to take advantage of some momentary pricing discrepancy....". How do you accomplish this. By the time you get trading data to server halfway and create a trade and send the trade to NY for execution, the data from London has already reached NY. In fact theoretically you cannot take advantage of speed of light by itself. What you can take advantage would be if you setup a custom network between London and New York, which uses shorter and faster cable (coax RF is faster than optical) and networking equipments which are custom built to eliminate latency.

Re:While the article is BS.... (4, Informative)

labradore (26729) | more than 3 years ago | (#34784072)

When everyone buys index funds, the index managers have huge leverage to manipulate. The high freq traders have more leverage to manipulate the fund traders. The market as a whole becomes more correlated. There's nothing wrong with index investing, but if everyone does a lot of index investing, at some point you are looking into a pricing hall of mirrors instead of a working market and it takes fewer and smaller non-conforming players get enough leverage to tilt the whole applecart. We already see the effects of this from the studies that show that the markets are now more correlated than before the popularity of the index funds.

If you want to limit the effects of rogue players, don't just ignore them. Prohibit their abuses. The 5-second trade granularity mentioned above seems like a good start.

Re:While the article is BS.... (0)

Anonymous Coward | more than 3 years ago | (#34784474)

The 5-second rule would just create the same kind of cold war: this time it would be about who processes all the external data fastest during those 5 seconds and who gets it into the next 5 seconds batch at the last possible moment (nanoseconds before the window closes).

There would also be a whole bunch of secondary markets that would feed into the primary market - and the high-speed investing would happen in the secondary markets.

You'd have to bar secondary markets all around the globe, with no exception. It only takes a Lichtenstein or Luxemburg to create the next super-secondary-market.

So this is not going to happen and everyone knows it.

Nor is HFT really a problem. High-speed trading is a computerized tool, so if you have an investment edge you can use those tools yourself to get a slightly more efficient entry into the market. And if arbitrage increases volatility that's even better for the value investor: you can buy the dip even cheaper than you could a decade ago - and at superb liquidity.

Also, the 'cost' of HFT to the average investor is at most 1 or 2 cents. A far cry from the pre-electronic stock market where the overhead was 50 cents or more ...

Re:While the article is BS.... (0)

Anonymous Coward | more than 3 years ago | (#34784128)

You need to diversify your bonds nigga

physical access (1)

rla3rd (596810) | more than 3 years ago | (#34783804)

The type of attack they are talking about here requires physical access of some sort. good luck pulling that off in the HFT's location.

I've seen this (1)

medge_42 (173874) | more than 3 years ago | (#34783888)

In The Grifters [imdb.com] and at least one episode of Hustle [imdb.com] .

Of course, they're called hedge funds (1)

Anonymous Coward | more than 3 years ago | (#34783976)

What do you think Hedge funds do.. They use computer algorithms to trade, not sound
investment strategies. Wall Street is a place where big banks and hedge funds siphon off of
peoples retirement plans these days..

Calling all tree huggers! (-1)

Anonymous Coward | more than 3 years ago | (#34783998)

..0..
./.).
..X..
8===D
Adopt a penis bird today!

This isn't bullshit (1)

DontLickJesus (1141027) | more than 3 years ago | (#34784012)

Nor is it exactly new. After the last strange dip in the stock exchange a lot of research was done into this, and it basically comes down to inserting bullshit data into the stream so that competitors have to process the data while the injector does not.

http://www.theatlantic.com/technology/archive/2010/08/market-data-firm-spots-the-tracks-of-bizarre-robot-traders/60829/ [theatlantic.com]

Re:This isn't bullshit (1)

LordNacho (1909280) | more than 3 years ago | (#34784242)

This is more realistic, but TFA is talking about readingthe electromagnetic emissions from equipment, rather than injecting packets onto the network by ordinary means:

(A side-channel attacker looks at indirect information related to the computer -- the electromagnetic emanations from screens or keyboards, for example -- to determine what is going on in the machine. )

Get off my lawn! (5, Funny)

antifoidulus (807088) | more than 3 years ago | (#34784030)

Back in my day Wall Streeters got money the old fashioned way, they bribed politicians to funnel taxpayer money into the firms while simultaneously getting the politicians to look the other way when banks committed crimes....whats that you say? They are still doing that? Well I guess somethings never change.

Now get off my lawn.....Whats that you say? The bank has illegally foreclosed on my property despite not actually being in debt to them and it's legally THEIR lawn now, and I'M the one that has to get off of it? Well, it's a good thing I have support from my local polit....ah fuck it.

Re:Get off my lawn! (1)

iceaxe (18903) | more than 3 years ago | (#34784552)

This is why front porches need shotguns.

What else is new? (1)

aarroneous (973056) | more than 3 years ago | (#34784160)

And this is different from Goldman's flash trading program in that these crooks don't wear suits?

Why Cheat? (1)

ackthpt (218170) | more than 3 years ago | (#34784204)

So much trading is done by program these days - in the big sell off of stock in the banking crisis, if you bought Ford at $0.89 per share OR Dow at ~ $5 per share you'd be sitting pretty right now.

Curse the holidays! If I hadn't been spending money on gifts and travel I could have made a killing!

Goldman Sachs anyone? (1, Interesting)

rsilvergun (571051) | more than 3 years ago | (#34784216)

just ban this kind of trading already. The easy way to do it is set a minimum timeframe you're required to hold onto stock before selling.

HFT != Wall Street (1)

LordNacho (1909280) | more than 3 years ago | (#34784312)

It's not just the major banks that are in HFT. Quite a few of them are literally just guys who said "hey, why the heck can't I just rent a rack, buy some servers, and write some code?". I've met numerous guys who have done this, some as offshoots from banks, some from market making, some rather more green.

Many of the HFT firms don't even see themselves as financial firms, but rather tech firms. Latency is everything, so their conversations are about technology rather than finance.

Just a crank-up of standard Wall Street technique (1)

sehlat (180760) | more than 3 years ago | (#34784316)

Quoting from the article:

"substantial risk of creating unfair trading, if used by the wrong people"

Of course, Goldman Sachs and other Wall Street trading houses regularly front-run client orders, delaying them a bit
while they get in ahead of the wave. They're still regarded as "the right people" to run our financial system.

News flash (1)

iceaxe (18903) | more than 3 years ago | (#34784548)

Stock trading is a scam!

d'oh! Why did I not realize this years ago?!?!

</sarcasm>

Faster-than-human-speed trading should be illegal (1, Interesting)

davidwr (791652) | more than 3 years ago | (#34784584)

For investments available to the average investor OR products available to sophisticated investors which are known to "quickly and significantly" influence the value of products available to the Average Joe:

Instead all bids should be firm for a certain period of time - say, 30 seconds, and the trade should be delayed as long as the price keeps going up and the market would stay open to allow those trades to complete.

If the seller needs to sell by a specific time, then anyone bidding in the last 30 seconds will have the right to match the high bid, with the shares going to either the "earliest" bidder who was willing to pay the final price or divided up among all of the "winning" bidders in a predictable, well-defined way.

In any case, the "market price" wouldn't be defined until the trade completed.

For products available only to sophisticated investors which don't quickly and significantly affect the value of products you or I might buy, there shouldn't be any "protect the naive investor" rules, just rules to prevent outright fraud.

Hackers cheating on Wall Street? (1)

Esteban (54212) | more than 3 years ago | (#34784798)

I didn't even know they were dating.

Goldman Sacks (1)

Anonymous Coward | more than 3 years ago | (#34784820)

Goldman Sacks does it everyday with government approval

This is Good (1)

Chardansearavitriol (1946886) | more than 3 years ago | (#34784858)

For way, WAY too long this world, and this country, have followed the cheaper-is-better model. And its not just from one incident, everyone seems to want things done the cheapest. Well, you get a cheaply made home or a power drill cobbled together from harvested parts, and you're probably not going to get the most reliable tool. If you build computer systems cheap, and you make those computers do a whole lot of probably not very well encrypted, and really simply patterned things, far faster than a human could ever model, and then give this system control of basically all the worlds floating wealth, stuffs gonna start going wrong. It used to not matter, back when things would just fall on people. But now that same ethic is losing money. With any luck, we'll learn the lesson and start building things to last again. Just my two cents rant.

As had already been said... (1)

Genda (560240) | more than 3 years ago | (#34784938)

The story is organic fertilizer. If anything, the problem isn't hackers... the market is now an autonomous exercise in artificial intelligence, and for the most part, beyond human understanding. Don't get me wrong, we can understand parts, and even how some of those parts interact, we simply have no way of comprehending the aggregate and its immense degree of complexity. We have systems milking the tiniest fluctuations in the system sifting out whispers of profit in a hurricane of transactional data. These systems interact with the existing trade ecology and the data dance just keeps growing new harmonics of feedback. Something as ham-fisted as screwing with signal timing would show up like setting off a nuke in nunnery.>/p>

In fact, the only effective way to hack the system would be to black box the entire system (good luck building that model on anything smaller than a big box at Lawrence Livermore), and messing with a tiny group of nodes in a financially interesting place. You'd need the same kinds of computers network resources as the one's doing the trading, and the model analysis would take tens of thousands of person hours and many millions of dollars. Unless you had some certainty of snatching many billions of dollars (before the existing environment simply networked around you and picked your financial carcass clean in the instant of time it takes the neurotransmitters to cross the synapses in your brain), your time would be better spent selling your IP to Wallstreet and cashing at a significantly lower levels of risk.

Of course there are adrenaline junkies who might do it for the risk, or the street cred among hackers... good luck on that, and you might want to purchase that chastity belt now so your stay at Club Fed doesn't include unwanted fraternizing. If you're at all interested in the current state of the networks that carry money check out this months WIRED article on AI [wired.com] , its truly enlightening. Oh, and for those who think they could walk away from hacking the financial network, just remember the people you're playing with... you'd be lucky not to end up an inventory of parts at a Mumbai transplant hospital.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?