Previous Next Index Thread

No Subject

 Archive-name: investment-faq/general/part7
 Version: $Id: faq-p7,v 1.33 1996/05/28 13:40:32 lott Exp lott $
 Compiler: Christopher Lott,
 This is the general FAQ for misc.invest, part 7 of 7.
 Compilation copyright (c) 1995 by Christopher Lott.  Use and copying
 of this information, distribution of the information on electronic
 media, and preparation of derivative works based upon this information
 are permitted, so long as the following conditions are met:
     + No fees or compensation are charged for this information,
       excluding charges for the media used to distribute it.
     + Proper attribution is given to the authors of individual articles.
     + This copyright notice is included intact.
 Disclaimer: This information is made available AS IS, and no
 warranty is made about its quality or correctness.
 Subject: Trading - via the Internet
 Last-Revised: 27 Mar 1994
 In September 1994 I wrote an article that severely criticized making
 trades via the Internet.  In that article, I discussed problems of
 sending information *in the clear* via various routes:
   + With an asynchronous communication setup (e.g., e-mail), timeliness
     is impossible to guarantee; a message may be delayed for many hours.
   + With either a synchronous communication setup (e.g., telnet) or
     asynch. comm. (e-mail), security is impossible to guarantee because 
     of packet sniffers.
 Well, I'd like to recant. :-)  Recent developments on the net have
 addressed these two problems.  The fundamental development is the use
 of *encryption* technology.  While schemes such as PGP have been out
 there for a while, only the recent incorporation of encryption
 technology into the WWW browser _Netscape_ makes this fairly secure
 mode of communication easily accessible.  This scheme is called
 ``secure http'' aka HTTPS.  My understanding of HTTPS (warning: I am
 a cryptographic novice) is that your Netscape client negotiates with
 the remote WWW server to figure out a way to encrypt all communications,
 and you (the user) are not required to type any secret key or otherwise
 take any steps.  Thereafter, the user can be reasonably sure that even
 if someone is sniffing packets, the sniffer will have to work Extremely
 Hard at deciphering them, in fact sufficiently hard that the attack on
 the sniffee is not worth their time.  But remember that cryptography
 is often quite subtle, and I am NOT QUALIFIED to judge whether the
 Netscape scheme is sufficiently difficult to break such that it is
 suitable for the average investor.
 I know of one service that accepts trades via the HTTPS scheme: PAWWS.
 PAWWS, aka ``Wall Street on the Internet,'' is a division of Chicago-based
 Security APL.  To learn about making trades on the Internet, use the
 URL <>.  Obviously you will require a browser
 that supports HTTPS.  PAWWS offers access to these services:
     + The Net Investor, from Howe Barnes Investments of Chicago
     + NDB Online, from National Discount Brokers.
 In the end, I'm still not sure I'm personally comfortable with having
 my account accessible on the internet.  I want to emphasize also that
 I'm not some kind of Luddite, just somewhat mistrustful of combining
 WWW servers and my portfolio.  My recommendation for those who want to
 trade via some computer interface still stands: get an account with a
 provider such as Prodigy (which offers access to some trading system)
 or with any of the discount brokers who offer an electronic trading