After that, the decision is really, (actually, always has been), up to the user whether or not they want to use the code. At the same time, one has to assume that a vendor who has identified himself to NinjaTrader would be foolhardy to place malicious code into a product that is being sold. The potential damage to the vendor's business is immeasurable, if a vendor got exposed doing that.
Ultimately, no matter what we do, when we use any closed code, we are also, ipso facto, making a decision of measured trust. Do you REALLY know everything that your operating system itself is doing behind the scenes? Have we not had many accusations that the closed-code Windows operating system has backdoors for the NSA? Are they true? We cannot be sure, but we all still use Windows if we want to use NinjaTrader, even in a sandboxed Virtual Machine.
Comment