[aprssig] Callsign Verification (Was: Pirates on APRS IS)
hessu at hes.iki.fi
Fri Mar 15 12:56:21 EDT 2013
On Fri, 15 Mar 2013, Steve Dimse wrote:
> fixed with any add-on security. The only option is to create a new
> APRS-IS that is secure. As we have seen time and again, hams don't make
> changes unless something new gives them a clear and significant benefit.
> If someone spent the effort to create a system that was truly secure,
> and others diligently performed the required verification, you still
> need to give the users a reason to switch.
I wholeheartedly agree, just adding strong authentication would create an
awful lot of extra work for everyone, and would make people go for an
unsecure alternative instead, or set it up themselves.
> The fact is that despite the complete lack of security there have been
> no significant problems in these 12 years. Hackers have much more
> interesting and valuable networks to target. I would propose that the
> effort to create a secure APRS-IS would be better spent elsewhere.
Well, apparently APRS is gaining popularity in CB circles
(http://cbaprs.de/), and some of them would prefer to get their packets on
APRS-IS. It's a small problem for now, but makes it too scary for many to
run TX igates for two-way messaging.
Also, if there was a secure way to authenticate hams on the Internet,
whole new classes of services could be provided. Not just on APRS-IS. Free
Personally, I could let people inject packets to the APRS-IS and my APRS
RF transmitters directly from aprs.fi. I could let them delete and edit
their own historic APRS data stored on aprs.fi. Could provide a nice web
chat interface to APRS messaging. All sorts of new cool stuff.
Others could let people automatically access repeater networks and even HF
transmitters remotely from the Internet. Or something along those lines.
Currently all ham service providers need to do their own validation, which
is an impossible undertaking for most. If there was a common way to
validate an Internet users ham license in a more reliable way, I suppose a
lot of new innovations could pop up.
- Hessu, OH7LZB
More information about the aprssig