In 2005, the Securities and Exchange Board of India (SEBI) issued a circular to stock exchanges directing them to get affidavits from brokers / sub-brokers operating trading terminals, targeting use of unauthorised software. The link to the circular is here:
http://www.sebi.gov.in/circulars/2003/cir3403.html
Read the first clause of the affidavit format. The requirement that SEBI's prior approval be sought before modifying any part of the terminal software is directly in conflict with terms of FOSS licenses like the GPL.
This may have a bearing on the use of open technologies on trading platforms. Can any of the enlightened comment on what can be done to level the playing field for FOSS? Have any of the developers come across emphasis on use of closed technologies for compliance with SEBI requirements?
Read the first clause of the affidavit format. The requirement that SEBI's prior approval be sought before modifying any part of the terminal software is directly in conflict with terms of FOSS licenses like the GPL.
Ah well ! I don't blame SEBI for putting in that clause. In the wrong hands, a slight modification of the terminal software might prove to be costly to the investors and to SEBI. I'm not really sure, if SEBI can be pursuaded to go the FOSS and GPL way on this issue or if its even worth it.
-- Sharninder
On Saturday 01 March 2008 03:46 pm, Sharninder wrote:
Read the first clause of the affidavit format. The requirement that SEBI's prior approval be sought before modifying any part of the terminal software is directly in conflict with terms of FOSS licenses like the GPL.
Ah well ! I don't blame SEBI for putting in that clause. In the wrong hands, a slight modification of the terminal software might prove to be costly to the investors and to SEBI.
Right. The crooks who do write their skripts are going to report their fun and games by filing daily, weekly and quarterly reports with sebi. And sebi IT staff are going to diss the code to check for vulnerabilites. WOW
There are a hundred ways to mess around if someone wanted to, without touching the code on the terminal.
Ditto with RBI and banks for clearing, bank securities trading etc.
The levels of both physical and data security in our finance sector are so abysmal that its a real miracle that we havent had some major frauds.
-
jtd -
Nishit Dave -
Sharninder