[aprssig] China Has Hijacked WA8LMF.com !! 2

Mon Sep 27 17:41:42 EDT 2021

 No, because the obnoxious individual could just change his APRS-IS server login callsign, generate the corresponding passcode, and do it under a different I-gate identity. The only way would be to ban Stephen's own callsign (and there's no central authority in the APRS-IS backbone to enforce such a blacklist), and Stephen would have to change his callsign (and then the jerk could just look the new one up in the FCC public records and do it again).

The APRS-IS backbone has a fundamental security flaw (discussed on this mailing list a few years ago), which basically allows anybody (licensed amateur radio operator or not) to connect to it, because the security is so weak and the program for generating passcodes is publicly available (including to people of weak morals and unsavory habits, such as the obnoxious individual that is harassing Stephen). Although the SSL certificate alternative works, the issue with "who is the gatekeeper?" would eventually end us all up in the same situation, because the authority for the evil operator would verify their identity and let them in, or the authentication data would be stolen or otherwise compromised. The sole present "gatekeeper" for SSL access to APRS-IS is the ARRL, which does not necessarily sit well with amateur radio operators in other nations. How do we decide which other identification authorities to trust? And how do we get it done at a reasonable cost for amateurs? And how do we deal with phasing out the old insecure mechanism without breaking thousands of amateur radio operators running old computers and software that can't handle the new authentication scheme?

As for the domain name, once someone "owns" a name, it's very hard to get them to release it unless they don't lock it down against being released or otherwise modified in the top-level domain name servers and registrars. Now that Stephen's domain name is controlled by a Chinese registrar and locked down there, he's out of luck to get it back unless he can prove theft of a valid registration elsewhere to the satisfaction of that Chinese registrar.

Andrew, KA2DDOauthor of YAAC

    On Monday, September 27, 2021, 05:10:13 PM EDT, david vanhorn <kc6ete at gmail.com> wrote:  

 Is there a way to drop his packets?

On Mon, Sep 27, 2021 at 2:19 PM Stephen H Smith via aprssig <aprssig at lists.tapr.org> wrote:

  On 9/27/2021 12:51 PM, WA8LMF via groups.io wrote:

For about a week now, looking up WA8LMF on findu.com or aprs.fi   has yielded a map showing my location as being in Los Angeles.  (Rather than my current location in Haslett in central Michigan.) 

 This is due to the igate  BG0GE-6 in Xi'an China constantly igating a playback of the APRS Test CD I created over 16 years ago.  This CD was intended for direct audio playback into TNCs for testing; not for over-the-air transmission. One of the tracks on the CD is a recording of me, off-the-air, doing a 20-mile drive test around the San Gabriel Valley east of Los Angeles. 

 BG0GE has now upped the transmit rate into the APRS-IS  to once every 10 seconds, apparently in response to my once a minute beaconing of the correct posit.  Further, he is including the Chinese porn site URL in his comment/status field.  

A portion of APRS.fi's raw packet log:

2021-09-27 13:19:56 EDT: WA8LMF>APU25N,TCPIP*,qAC,T2USANW:=/8qp_9/pH>  BBG0GE-6 Igate In China Disrupting My Posit! [Rate limited (< 5 sec)]
 2021-09-27 13:20:03 EDT: WA8LMF>STPTXV,WIDE2-2,qAR,BG0GE-6:'.\!n^_>/]"4v} [Location changes too fast (adaptive limit)]
 2021-09-27 13:20:08 EDT: WA8LMF>STPTXV,WIDE2-2,qAR,BG0GE-6:'.\.nh_>/]"4w}
 2021-09-27 13:20:14 EDT: WA8LMF>STPTXU,WIDE2-2,qAR,BG0GE-6:'.\7nh_>/]"4x}
 2021-09-27 13:20:19 EDT: WA8LMF>STPTXU,WIDE2-2,qAR,BG0GE-6:'.\An,_>/]"4y}
 2021-09-27 13:20:24 EDT: WA8LMF>STPTXU,WIDE2-2,qAR,BG0GE-6:'.\Cl"_>/]"4y}
 2021-09-27 13:20:30 EDT: WA8LMF>STPTXT,WIDE2-2,qAR,BG0GE-6:'.\Pn^_>/]"4y}
 2021-09-27 13:20:35 EDT: WA8LMF>STPTXT,WIDE2-2,qAR,BG0GE-6:'.\]n^_>/]"4z}
 2021-09-27 13:20:40 EDT: WA8LMF>STPTXT,WIDE2-2,qAR,BG0GE-6:'.\fn^_>/]"4{}
 2021-09-27 13:20:45 EDT: WA8LMF>STPTXS,WIDE2-2,qAR,BG0GE-6:'.\sn^_>/]"4z}
 2021-09-27 13:20:51 EDT: WA8LMF>STPTXS,WIDE2-2,qAR,BG0GE-6:'.]<0x1c>nT^>/]"4z}
 2021-09-27 13:20:56 EDT: WA8LMF>STPTXR,WIDE2-2,qAR,BG0GE-6:'.]$n^_>/]"4z}
 2021-09-27 13:20:57 EDT: WA8LMF>APU25N,TCPIP*,qAC,T2USANW:=/8qp_9/pH>  BBG0GE-6 Igate In China Disrupting My Posit! [Rate limited (< 5 sec)]
 2021-09-27 13:21:01 EDT: WA8LMF>STPTXR,WIDE2-2,qAR,BG0GE-6:'.]1nT^>/]"4{} [Location changes too fast (adaptive limit)]
 2021-09-27 13:21:12 EDT: WA8LMF>STPTXQ,WIDE2-2,qAR,BG0GE-6:'.]FnT_>/]"4{}
 2021-09-27 13:21:17 EDT: WA8LMF>STPTXQ,WIDE2-2,qAR,BG0GE-6:'.]Gl"W>/]"4{}
 2021-09-27 13:21:56 EDT: WA8LMF>APU25N,TCPIP*,qAC,T2USANW:=/8qp_9/pH>  BBG0GE-6 Igate In China Disrupting My Posit! [Location changes too fast (adaptive limit)]
 2021-09-27 13:22:03 EDT: WA8LMF>APU25N,WIDE1-1,qAR,BG0GE-6:>202337zhttp://wa8lmf.com
 2021-09-27 13:22:57 EDT: WA8LMF>APU25N,TCPIP*,qAC,T2USANW:=/8qp_9/pH>  BBG0GE-6 Igate In China Disrupting My Posit! [Duplicate position packet]
 2021-09-27 13:23:56 EDT: WA8LMF>APU25N,TCPIP*,qAC,T2USANW:=/8qp_9/pH>  BBG0GE-6 Igate In China Disrupting My Posit! [Duplicate position packet]
 2021-09-27 13:24:57 EDT: WA8LMF>APU25N,TCPIP*,qAC,T2USANW:=/8qp_9/pH>  BBG0GE-6 Igate In China Disrupting My Posit! [Duplicate position packet]
 2021-09-27 13:25:56 EDT: WA8LMF>APU25N,TCPIP*,qAC,T2USANW:=/8qp_9/pH>  BBG0GE-6 Igate In China Disrupting My Posit! [Duplicate position packet]
 2021-09-27 13:26:47 EDT: WA8LMF>STPYXT,WIDE2-2,qAR,BG0GE-6:'._<0x1d>l#?>/]"7,} [Location changes too fast (adaptive limit)]
 2021-09-27 13:26:57 EDT: WA8LMF>APU25N,TCPIP*,qAC,T2USANW:=/8qp_9/pH>  BBG0GE-6 Igate In China Disrupting My Posit! [Location changes too fast (adaptive limit)]

 _______________________________________________
aprssig mailing list
aprssig at lists.tapr.org
http://lists.tapr.org/mailman/listinfo/aprssig_lists.tapr.org

-- 
K1FZY (WA4TPW) SK  9/29/37-4/13/15
_______________________________________________
aprssig mailing list
aprssig at lists.tapr.org
http://lists.tapr.org/mailman/listinfo/aprssig_lists.tapr.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tapr.org/pipermail/aprssig_lists.tapr.org/attachments/20210927/55fa391f/attachment.html>