[aprssig] Universal APRS messaging

Tyler Allison tyler at allisonhouse.com
Thu Oct 23 17:52:38 EDT 2008 

>> There should be a secure way of checking who places the message and the
>>  content of the message...
>
> It is not possible without a complete revamping of the APRS Internet
> System. This would be the best possible outcome. It would be difficult
> and painful, like the APRS QSY was, but the end result would also be as
> worthwhile.

Not just the APRS-IS. All of APRS. APRS was never designed to authenticate
the owner.  You can secure the APRS-IS all you want and I can still send a
"nasty" APRS message to somebody in NZ using my APRS enabled radio using
someone elses callsign, unless you stop traffic in the RF to internet
direction..which effectively breaks the value of the APRS-IS.

>> As an Igate sysop if the Universal APRS messaging gets out of control
>> and is abused then the easiest  way would be to exclude messaging from
>> the Igate  every Igate Sysop is in control of his / her own station.
>
> Absolutely, that is where the responsibility rightfully, and (at least in
> the US) legally belongs. I turned off the internet to RF direction of my
> IGate on the day many years ago when the APRS Internet System became
> insecure. The thing I fear I have still not adequately conveyed is there
> is NO new insecurity in the APRS IS. From the day aprsd published the
> source code to do APRS IS validation, ANYONE could send ANYTHING on the
> APRS IS completely without detection or traceability.

Let's be pure in our argument please. There never was real security in the
authentication system with or without the publishing of the aprsd source
code.  It would take a reasonably smart developer about an hour to reverse
the algorithm used for 'authentication' by doing simple crypto analysis.
If you want an actual time, I'll ask one of the guys at my work to do it
blind and I'll time him. I got beer money he can do it under an hour.

I'm not trying to thrown stones or claim this was some huge oversight. It
is what it is. The choice before us is a mater of "reasonable" security. I
personally think even _after_ the publication of the algorithm it is still
"reasonable" security.  It is sufficiently difficult to stop the average
man on the street. The point is...you will _NEVER_ make APRS, or a future
derivative, secure enough to claim within impunity you know who originated
the session. Propose an idea you think can do it and I'll poke wholes in
it all day long. Stop trying to make it perfect and find a "reasonable"
solution.

-Tyler

More information about the aprssig mailing list