[aprssig] Pirates on APRS IS

Gregory A. Carter gcarter at openaprs.net
Thu Mar 14 16:07:25 EDT 2013 

Fortunately we don't allow users to signup and immediately start
posting positions/messages. The process for iAPRS is that they must
signup for an account with OpenAPRS, activate their account by
responding to an email link then 'verify' their account either for
free by sending a message with a key on RF->gated to APRS-IS to us or
via a PayPal fee which deters most who don't have a license from
getting access.

I monitor the signups that get verified. In this case the individual
probably did not understand they needed to be licensed. Typically if
they have to pay a fee to make the account work they aren't a
troublemaker, they just don't understand our hobby.

Unfortunately due to callsign patterns in non-us territories it's
virtually impossible to validate callsigns themselves as there are too
many variations.

Greg

On Thu, Mar 14, 2013 at 1:57 PM, Samúel Úlfr Þór Guðjónsson
<tf2sut at ulfr.net> wrote:
> Thanks for the quick response on this matter.
> While not implying that iAPRS should be closed upon. I'd guess that more
> hams are using that application than pirates.
> Hand picking one and one is probably the only solution for now, but only
> postpones the problem.
>
> Hopefully this wont get too widespread, but with the smartphone market
> growing and the ease of getting passcodes (there's even a website offering a
> passcode generator), I'm afraid this could grow into a bigger problem.
>
>
> 73 de TF2SUT - Samúel
>
>
> On 14 March 2013 18:16, Gregory A. Carter <gcarter at openaprs.net> wrote:
>>
>> iAPRS is a third party app that uses our DCC interface. Ultimately
>> I'll take responsibility to disable it's broadcasting through us. We
>> use direct email/password accounts locked to callsigns and typically
>> try to spot bunk calls but missed this one.
>>
>> The account was created yesterday and verified today before it started
>> beaconing so it's only been active for 24 hours.
>>
>> Greg
>>
>> On Thu, Mar 14, 2013 at 11:53 AM, Samúel Úlfr Þór Guðjónsson
>> <tf2sut at ulfr.net> wrote:
>> > Hi all, I'm new to this post list.
>> >
>> > I have not been very worried of "pirates" using APRS IS, but today I
>> > noticed
>> > one locally on aprs.fi using iAPRS for Apple's IOS.
>> > As it is only on Internet I'm not that worried, however, there is a
>> > possibility that this information could go to a TX Igate which would
>> > broadcast the information, being either positon or messages, as position
>> > is
>> > always gated after a message. That'd make the operator of the TX igate
>> > responsable for illegal use of the amateur frequency. Over here this is
>> > a
>> > great concern, as connecting internet and RF is on a very gray zone,
>> > legally
>> > speaking.
>> >
>> > The "pirate":
>> > http://aprs.fi/info/a/STEBBI-9
>> >
>> > Now what can be done about this?
>> > I suppose doing modification on all the TX igates to do some
>> > verification of
>> > the sender of the message, but it could be quite painful.
>> >
>> >
>> > Not very familiar with iAPRS, it seems that it's just a frontend for
>> > OpenAPRS, and it seems to me that it does not do any passcode
>> > verification.
>> > Anyone correct me if I'm wrong. Now I know that passcode verification is
>> > not
>> > really that much of a verification, but having a bad verification is the
>> > better of worse.
>> >
>> > I'm quite sure that there are other countries than Iceland who are
>> > running
>> > on gray zone concerning RF to IS and vica versa traffic. Apperantly
>> > France
>> > has the same concerns, and pirates on APRS-IS is not helping.
>> >
>> > So, what should I do? Try to implement blacklisting on all the TX Igates
>> > over here? (Thankfully, they are not that many at the moment) or just
>> > stop
>> > all the TX IGates? That would kind of ruin one of a very great usable
>> > feature in APRS.
>> >
>> > Sorry if this post sounds abit confusing, I'm a little puzzled about
>> > this
>> > matter.
>> >
>> > 73 de TF2SUT - Samúel
>> >
>> > _______________________________________________
>> > aprssig mailing list
>> > aprssig at tapr.org
>> > http://www.tapr.org/mailman/listinfo/aprssig
>> >
>>
>>
>>
>> --
>> NV6G
>> OpenAPRS.Net
>> OpenAPRS iPhone Edition
>> Find RC sites and weather in your area on iPhone/iPad with WhereBRC
>> _______________________________________________
>> aprssig mailing list
>> aprssig at tapr.org
>> http://www.tapr.org/mailman/listinfo/aprssig
>
>
>
> _______________________________________________
> aprssig mailing list
> aprssig at tapr.org
> http://www.tapr.org/mailman/listinfo/aprssig
>



-- 
NV6G
OpenAPRS.Net
OpenAPRS iPhone Edition
Find RC sites and weather in your area on iPhone/iPad with WhereBRC

More information about the aprssig mailing list