Quicken Quotes Server on the Fritz?

12346»

Answers

  • fizzylogic
    fizzylogic Member ✭✭✭
    edited March 2021
    Looks like it's time to park myself on the couch, turn on the TV, grab my MacBook, and settle in for an exciting evening of refreshing my spreadsheet until today's quotes show up.
  • fizzylogic
    fizzylogic Member ✭✭✭
    edited March 2021
    Quotes showed up between 9:50 and 10:00 PM EDT tonight.

    Edit: Corrected EST to EDT
  • kohster
    kohster Member ✭✭
    OK that's pretty cool. I had noticed the connection log entries noted in another thread about max file size for the Quicken data file, but I definitely didn't think to see if there was another quotes server that would respond!
  • fizzylogic
    fizzylogic Member ✭✭✭
    @Taz Xen Works perfectly! Thank you so much for sharing this.

    I am now putting my QIF-generator spreadsheet into mothballs, at least until such time as Quicken permanently canks our ability to download Q7M quotes, or until I forget to do it for a couple of weeks and need to go back further than five trading days!
  • kohster
    kohster Member ✭✭
    Hahahahah definitely thanks from me as well! The ancientness of the program is exhibited by the fact that it uses HTTP instead of HTTPS. I can only hope that the newer versions of Quicken use HTTPS for everything. I wonder too if Quicken 2007 was also using HTTP only to get transaction data. Makes me shudder. Not that I ever used it to get transaction data - I'm like fizzylogic and enter everything manually.
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    @kohster there isn't any reason for the quotes to go through a secure channel.  

    Downloading of transactions and such private information definitely goes through a secure channel.

    To everyone on this thread that has spreadsheet such on my website, let me know if you want to take it down.
    Signature:
    This is my website: http://www.quicknperlwiz.com/
  • smayer97
    smayer97 SuperUser ✭✭✭✭✭
    I would recommend keeping the spreadsheets available... as long as @Chris_QPW is still willing to host them.

    Have Questions? Help Guide for Quicken for Mac
    FAQs: Quicken MacQuicken WindowsQuicken Mobile
    Add your VOTE to Quicken for Mac Product Ideas

    Object to Quicken's business model, using up 25% of your screen? Add your vote here:
    Quicken should eliminate the LARGE Ad space when a subscription expires

    (Now Archived, even with over 350 votes!)

    (Canadian user since '92, STILL using QM2007)

  • dboltson
    dboltson Member ✭✭
    Ingenious, Taz Xen!
    Brilliant sleuthing, and workaround ~ THANK YOU!
  • fizzylogic
    fizzylogic Member ✭✭✭
    For anyone interested, I just verified that @Taz Xen's excellent solution also works for the copy of QM7 on my Fusion 12 Mojave VM running under Big Sur.
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    I'm wondering if I should throw hornet's nest into the room...   Hmmm.  Yeah I'm feeling a bit evil today.  >:)

    I guess everyone realizes that with a one line code change Quicken Inc could bring this functionality back to Quicken Mac 2007 and people wouldn't have to do the workaround.  Now would they consider that worth it?
    Signature:
    This is my website: http://www.quicknperlwiz.com/
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    Actually that was pretty dumb of me.  They don't need to change a line of code.
    They control the quicken.com domain.  Just as you can put in a machine name in your host file to redirect it, they can redirect the old machine name to the new one.
    It is a simple change on their server.
    Signature:
    This is my website: http://www.quicknperlwiz.com/
  • Taz Xen
    Taz Xen Member ✭✭
    I believe that's why it stopped working for me: it had been fine until March 2. That's when they removed the "qw2007" subdomain, which kills off quotes for the older versions without a workaround like this. Fortunately the identical functionality is still available at another URL.
  • kohster
    kohster Member ✭✭
    I disagree that there isn't any reason to pass quotes through a secure channel. I can see back in 2007 making a decision that since that the quotes aren't personal information that it wasn't quite necessary to encrypt them, but in this day and age everything that can be encrypted should be by default.
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    kohster said:
    I disagree that there isn't any reason to pass quotes through a secure channel. I can see back in 2007 making a decision that since that the quotes aren't personal information that it wasn't quite necessary to encrypt them, but in this day and age everything that can be encrypted should be by default.
    And yet you gleefully are downloading quotes into Quicken Mac 2007.  Do you think that somehow Quicken Mac 2007 is somehow more secure doing this download than newer version of Quicken Mac would be?

    Whereas I agree that there isn't any reason why Quicken Inc shouldn't use a secure connection for everything these days, the reason is more about "convince" than security.  Why have different connect methods if you can just use one kind and it serves for all the use cases.  But in fact the main reason they probably haven't changed this is backwards compatibility.

    If the new Quicken Mac adopts that policy your quotes will be quickly cut off.
    Having a secure connection is a two way street.  The moment that they decide that all the server communication has the be on a secure channel and change the servers over the clients, which currently include Quicken Mac 2007 have to change too.  And if they aren't willing to put out a new version of Quicken Mac 2007, there goes your quotes.  And BTW if you think Quicken Mac 2007 is the only version that has noticed this your wrong.  People have come in here complaining of being cut off with old versions of Quicken Windows.

    I have no idea how "Quicken Inc" feels about supporting Quicken Mac 2007 and if they will put out a new version for something like this, but I would imagine as business they are pretty tired of what they see as supporting a product that they get no money for.
    Signature:
    This is my website: http://www.quicknperlwiz.com/
  • kohster
    kohster Member ✭✭
    I'm totally fine accepting the risk of downloading quote information. I'm consciously using 14 year old software that isn't being maintained and supported. All I was doing in my post about HTTP vs HTTPS was commenting on those old design decisions and wondering how much attention was being paid to security back then.

    As far as backwards compatibility, it's just a matter of maintaining the old method in parallel with the new. After all qw.quicken.com accepts both HTTP and HTTPS connections. If we wanted to have secure quote download in Quicken 2007 something would have to change on the client end.
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    "Security" is a "touchy" subject with me.  There are tons of people that tell you what is "secure" or not and most of the time they are reading from a 30 year old playbook that was never really right in the first place.  Security needs to be thought out and kept current with what is known now.  And what's more its cost should be weighed too.

    Currently the financial institutions put in a lot painful blocks in their system that at the least make it hard for the user (and programs like Quicken) and at the worse actual make the system less secure ("security questions" that allow the person to "bypass" the password are one such case).

    From the above you might say then why even mention that HTTP isn't really "needed", after all shouldn't I be "keeping current"?

    Understanding security is knowing when something is truly needed or not, or more exactly what "price" you are paying for such (in both risk and money/time).  If something isn't truly needed then it comes down to the cost.  If you go to my website you will see that it is HTTP not HTTPS.  Why?  It costs money to have HTTPS opposed to HTTP both for the service and for certificate.  And even above that certificate requires a business address, and the only one I would have is my home.  And so the "cost" to me would be my privacy.

    So yes everyone that comes to my site risks me having software that might collect information on them.  Or that somehow someone might track what they are doing on my site.  You will notice though that any of the downloaded files are from secure sites.  Some of the sites that I read news and comics on aren't HTTPS either, and I personally have no problem with that at all.

    The world is filled with compromise.  And everyone has to decide for themselves what compromises they will make for what they want.  I personally have zero concern about Quicken getting quotes on an unsecure connection.  And wouldn't be "shuddering" if they aren't using a secure connection, which BTW I'm sure they aren't.   I hope you don't really believe that they left that machine running that @Taz Xen found just so that Quicken Mac 2007 can use it right?
    Signature:
    This is my website: http://www.quicknperlwiz.com/
  • kohster
    kohster Member ✭✭
    Absolutely I don't think that they just left the server lying around. It's almost certainly being used by some other version of Quicken or some other application. And eventually it will go away as well, and then we can all go back to the spreadsheets and manual imports. :)

    HTTPS should be a close to zero cost item at this point. I have no idea where you're hosting your site, but the vast majority of hosting companies these days have free Let's Encrypt functionality built in, and for those running their own servers completely, the APIs and software are also free. Of course, though, the time required to set it up and maintain it is not quite free to the administrator.

    And you're totally correct that security is a holistic thing with many interconnected pieces that all need to be considered. Good security is hard - the attackers always have the advantage because they only need to be right once, and the defenders need to be right every single time. For most people the best you are trying to do is live up to the old joke about the 2 friends who started getting chased by the bear and as the punchline one says to the other, "I don't have to outrun the bear, I just have to outrun you." Make yourself just slightly less attractive/noticeable to the hackers/miscreants, and they'll have more than enough targets to work with.
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    kohster said:
    For most people the best you are trying to do is live up to the old joke about the 2 friends who started getting chased by the bear and as the punchline one says to the other, "I don't have to outrun the bear, I just have to outrun you." Make yourself just slightly less attractive/noticeable to the hackers/miscreants, and they'll have more than enough targets to work with.
    The problem with this statement is that most people have no idea how hackers work or how they can make themselves less of a target.  They buy into the hype of what is put out on websites and fail to really spend their time working to have real security.

    Point in fact, the the new “rage” is VPN.  Well guess what that by its nature groups you with others and as such makes for a nice target.   And that is exactly what has happened.  There have been various VPN programs hacked.

    Another big one on here is the complaint about not having allowing more that say 15 character passwords (set by their own financial institution BTW, since Quicken’s limit is 32 characters).  Not only would it take centuries to brute force a 15 character password, financial institutions lock your account after three incorrect tries.  The only time a password hack comes into play is if they research the person and they are stupid enough to have a very simple password to guess or use the same one on a non encrypted site that has been hacked.  In general hackers attach the website’s network/software or your device.  That is where it pays.  And once they have that none of your “security” is means anything.

    And some of the most valuable/vulnerable data out there you have no control over, like your social security number or your credit history.  That is just to world we live in.

    BTW one of the things that I noticed over the years is how easy it is to setup the online part of accounts.  As in I imagine there are plenty of people that say, I’m not vulnerable to online attack because I have never setup online access.  But I have connected online access to accounts with knowing little more than the account number (which is on your checks) and some simple details about my history.  So in fact those accounts were far less vulnerable after I connected them for online access, because at least they had to somehow bypass my password.

    I do agree that one of (maybe the only true one) defense the average person has is being as anonymous as possible.  But short of keeping all my money under your mattress (which has its own risks) you are already a big “known” target because all the financial institutions are targets.
    Signature:
    This is my website: http://www.quicknperlwiz.com/
  • neongreen
    neongreen Member ✭✭
    @"Taz Xen" I am not having success saving my edited hosts file in terminal. When I press control and O, it seems to save it. Then when I press control and X, I get the bump sound and nothing happens. So, I can't exit nano editor and move onto the next step of flushing the dns cache. Can anyone help?
  • dboltson
    dboltson Member ✭✭
    @neongreen Look for the filename to come up, after you save it. Press enter to confirm the save.

    That's what I recall, getting stuck at the same place. see if that helps . . .
  • neongreen
    neongreen Member ✭✭
    edited March 2021
    I figured it out: Control-O, then hit return, then Control-X. (Her instructions skip the return step)

    Thank you so much for posting this solution. This has made QFM2007 work again!
  • kohster
    kohster Member ✭✭
    A number of other CLI text editors are available as well on the Mac by default. vi/vim, emacs, pico, ed.... :smile:
  • cg1001
    cg1001 Member
    I’m late to this party, but was searching for a way to update stock prices in Quicken 2007 Mac after they shut off the servers.
    I tried to get Numbers loaded by installing iWorks09 trial, but got no offer in Apple Update to update versions as per that method I found elsewhere. Also tried Chris_QPW’s GetPrices.xlsm but got scripting errors.

    So I turned to Google Sheets and created a workbook where you have three options;
    Update stock prices to the previous week’s (Friday) closing, Update to the five previous workday closing prices, or update historical prices of a single stock. (This is not for getting latest prices)

    Here’s the link if anyone wants to try it: Stock Quotes to QIF_v1
    https://docs.google.com/spreadsheets/d/1DMgI5IJmpf5aSvTboLBSxe7AawDy56ie0GImb6NqhYM/copy

    Of course you have to have a Google Doc’s account to use. Also note it sometimes takes a while for the previous day’s prices to come up from their servers. Try closing and reopening the spreadsheet.
  • dipe_c
    dipe_c Mac Beta Beta
    Taz Xen said:
    Also a Quicken Mac 2007 user here. Have not been interested in any of the new Quicken Mac versions since (too simplified), and especially with the subscription model, so I will be moving on to other systems.

    I saw in this thread: https://community.quicken.com/discussion/7863709/quotes-have-stopped-downloading-for-q-mac-2007 that someone suggested manually or programmatically creating QIF files for import.

    I have another solution that works for now.

    If you look at the connection logs ("CONNLOG.TXT") stored within the Quicken qdfm file, you can see something like:

    20210309 08:22:36: QFN: Beginning get from http://qw2007.quicken.com/desktop/qw2007/quotes/?stk.0=AAPL
    20210309 08:22:36: ***QFN kQFFInished: returns 1560

    (I have omitted additional query parameters from the URL for brevity)

    So Quicken is trying to get quotes from qw2007.quicken.com, and if try to visit that page or use a utility like ping, you can see it no longer exists.

    But quicken has other subdomains! qw.quicken.com resolves; what happens if we modify the query above? http://qw.quicken.com/desktop/qw2007/quotes/?stk.0=AAPL

    It works!

    How can we make Quicken get quotes from this other server?

    Modify your /etc/hosts file.

    qw.quicken.com resolves to 209.234.234.183, so add the following to your /etc/hosts file:
    209.234.225.183 qw2007.quicken.com

    Now restart the computer, and click the Quotes download button in Quicken. Up to date prices!

    Here are instructions on editing the hosts file:
    https://www.imore.com/how-edit-your-macs-hosts-file-and-why-you-would-want#how-to-edit-the-hosts-file
    I wonder if it is possible to go a step further, and point Quicken Mac 2007 to get quotes from Yahoo Finance? Would be hugely useful for getting prices of international securites directly into QM07 Portfolio.
  • dboltson
    dboltson Member ✭✭
    @cg1001

    See TaxZen's elegant solution from March 19th. It works beautifully!

    Modify your /etc/hosts file.

    qw.quicken.com resolves to 209.234.234.183, so add the following to your /etc/hosts file:
    209.234.225.183 qw2007.quicken.com

    Now restart the computer, and click the Quotes download button in Quicken. Up to date prices!

    Here are instructions on editing the hosts file:
    https://www.imore.com/how-edit-your-macs-hosts-file-and-why-you-would-want#how-to-edit-the-hosts-file
This discussion has been closed.