[aprssig] APRS-IS Passcode Has Become An Utter and Total Joke....
Stephen H. Smith
wa8lmf2 at aol.com
Fri Mar 28 16:08:38 EDT 2014
I was Googling for information on the APRS-IS today, and discovered that there
are now numerous webpages that have interactive self-serve passcode generators
for APRS-IS "validated" log-ins on them. Many will accept absolutely any
random alphanumeric string such as tactical calls, CB handles, cipher groups or
anything else.
Here are some of the ones I found:
<http://callpass.kf5jwc.us/>
This one DOES verify that the string entered is a real callsign.
<http://apps.magicbug.co.uk/passcode/index.php/passcode>
This one will accept anything as input
If you don't want to go online to generate your passcode, this downloadable
Windows program will do the job locally:
<http://blog.eagleflint.com/software-downloads/aprs-is-passcode-generator/>
K4HG has been warning for ages that the APRS passcode scheme is totally
non-secure, but it has now reached a new level of uselessness with these
ready-to-run interactive pages and apps.
I.e. you no longer need to know how to translate the documented algorithm into
actual program code in some language.
_____________________________________________________
--
Stephen H. Smith wa8lmf (at) aol.com
Skype: WA8LMF
EchoLink: Node # 14400 [Think bottom of the 2-meter band]
Home Page: http://wa8lmf.net
Long-Range APRS on 30 Meters HF
http://wa8lmf.net/aprs/HF_APRS_Notes.htm
High Performance Sound Systems for Soundcard Apps
http://wa8lmf.net/ham/imic.htm
http://wa8lmf.net/ham/uca202.htm
"APRS 101" Explanation of APRS Path Selection & Digipeating
http://wa8lmf.net/DigiPaths
More information about the aprssig
mailing list