

If Hackers Steal a Bank's Quant Code, Do We Still Have a Functioning Market? - stsmytherie
http://emptywheel.firedoglake.com/2011/03/01/if-a-tbtf-bank-lost-its-quant-code-to-chinese-hackers-and-no-one-knew-would-we-still-have-a-functioning-market/

======
JSig
The title implies that we have functioning market today. Let's say a
functioning market is something that provides real time price discovery and
efficient transaction execution.

I think it's fair to say that a clever person would not have to steal a bank's
quant code to take down the market. I'm sure some element of the
infrastructure could be targeted.

Maybe a better question to ask is, Do we currently have a fair market and if
Hackers steal a bank's quant code would we have less of a fair market?

I suggest this question based on the following quote:

"The bank has raised the possibility that there is a danger that somebody who
knew how to use this program could use it to manipulate markets in unfair
ways," said Assistant U.S. Attorney Joseph Facciponti [in regards to the code
taken by Sergey Aleynikov]

[http://noir.bloomberg.com/apps/news?pid=newsarchive&sid=...](http://noir.bloomberg.com/apps/news?pid=newsarchive&sid=a_6d.tyNe1KQ)

Here we have the bank admitting that the software can be used to "manipulate
markets." With these banks having quarters with no losing trading days, are we
to believe that they are not using this software to manipulate markets?

~~~
yummyfajitas
The manipulation being referred to is most likely some form of layering.
Basically, since you know how some bank will respond, you can manipulate the
bank's trading program and rob the bank.

This has already occurred even without code thefts. Remember Trillium?

[http://blogs.reuters.com/felix-salmon/2010/09/14/trillium-
wa...](http://blogs.reuters.com/felix-salmon/2010/09/14/trillium-wasnt-quote-
stuffing/)

~~~
ig1
More likely is things like front running, where you use buy/sell something
upfront when you know someone else is about to move the market price

Layering is a completely different practice which involves creating an
impression of volume when there isn't one (which is strictly regulated in the
equities market, less so in others).

It's not uncommon for firms to try and exploit flaws in each others trading
strategies, for example a rooky mistake in pricing algorithms is to use the
last traded price as the basis of your price, so a common strategy in
infrequently traded items is causing a price spike causing the rooky algorithm
to go way off market allowing them to be taken to the cleaners.

I've seen firms manipulate prices in weird monotonic ways in order to see how
other firms algorithms work in order to reverse engineer them.

I've done similar things myself in order to figure out the internals of
exchanges, in one case I was even able to identify an exchange had incorrectly
configured it's kernel tcp settings causing an irregular latency spike in
their internal systems.

Trading algorithms to some extent have to be designed to protect against
vulnerabilities, not because of code theft, but because people are getting
very good at doing remote reverse engineering based upon observed
inputs/outputs.

~~~
yummyfajitas
Front running would be tricky - even if you have Goldman's code, you'll still
need to build an infrastructure faster than theirs. Good luck with that.

In contrast, if you can figure out how to implement layering in such a way
that their system acts on it, or use price spikes, or something of that
nature, you don't need to beat them on speed. You manipulate them, they trade
against you as fast as they want to, and you win.

~~~
ig1
Only if you're talking HFT, most quant trading isn't HFT.

~~~
yummyfajitas
That is what JSig was discussing, no?

 _"...somebody who knew how to use this program could use it to manipulate
markets in unfair ways," said Assistant U.S. Attorney Joseph Facciponti [in
regards to the code taken by Sergey Aleynikov]_

(Aleynikov is the guy who allegedly stole code from Goldman.)

~~~
ig1
Yes the GS code was HFT, but the article is discussing the MS case where
there's no indication the code was HFT, the article mistakenly assumes all
quant trading code is HFT.

------
ig1
Essentially the problem is the same in the case of stolen documents or quant
code, it allows insider trading. And frankly it's a lot easier to make money
from insider trading on M&A activity than trying to understand how someone's
trading code works.

------
natnat
I don't really see how much damage hackers could do with quant code if they
don't have the capital to execute significant trades.

If they're working independently, there is no way they could have anywhere
near the amount of capital as Morgan Stanley. If they're stealing the code on
behalf of the Chinese government, we should probably be more worried that the
Chinese government is actively trying to steal from American banks.

------
jwb119
arguably, we actually have a more efficient market if the code is in the open
or if M&A deals are revealed..

