[aprssig] Secutiry for the aprs protocol and software
Matti Aarnio
oh2mqk at sral.fi
Wed Aug 26 19:18:51 EDT 2009
On Wed, Aug 26, 2009 at 03:32:24PM -0700, Scott Miller wrote:
> And basically we just have to hope that Roger was as vigilant with
> UI-View, since we don't have any way to check.
Indeed. Unmaintained software without sourcecode should not be used for
anything sensitive, or a large effort should be put on to decompile it..
...
> There's a lot of string parsing going on in an APRS client, and lots of
> rules and exceptions to rules to follow. That makes a lot of possible
> targets for data driven attacks.
Been there, seen surprises.... (it was an other protocol, but careless
parsing is careless parsing...)
...
> Some aspects of the system just don't lend themselves to securing. For
> example, you can generate a packet on the air that has a CR/LF pair and
> a fake second packet in TNC-2 format grafted on. By the time it gets to
> an IS client, there's no way to tell that it wasn't two legitimate
> packets. Not that that really matters since you can spoof packets all
> day anyway, but it might at least get you past filters on an IGate.
This is why I recommend using KISS protocol when reading packets from
TNC to computer. Then you chop the payload at first LF, and such easter-
eggs are impotent. (There should be no CR/LF within the APRS packet
on RF.)
> Scott
> N1VG
73 de Matti, OH2MQK
More information about the aprssig
mailing list