I still maintain that it would be wise to create an OpenID style system. Of course it would take quite a while before the various pieces of software eventually got up to date to use the new auth system for APRS-IS (and some software may never), however the longer the implementation is delayed, the longer it will take to impliment (how's that for a brain teaser).<br>
<br>It's easy to fire off emails to the list and complain about how APRS-IS's hash algirythm is weak or how this web service or that web service is secure/insecure but it is all counter productive without action. As I've stated several times, I'm willing to open up our verification system for use with an OpenID project, but I won't bother if no one is willing to use it. It wouldn't be too difficult to create some sort of user replication system for redundancy and allow all of the APRS-IS servers the ability to verify incoming connection auth pairs.<br>
<br>Claiming that anyone can use RF and spoof a message is a poor excuse to not be diligent about securing APRS-IS from abuse. Head-in-the-sand approaches always backfire in the end, the Internet is full of bored teenagers and dranged adults just waiting to annoy someone.<br>
<br>Greg<br><br>NV6G<br>OpenAPRS.Net<br><br><div class="gmail_quote">On Thu, Oct 23, 2008 at 2:52 PM, Tyler Allison <span dir="ltr"><<a href="mailto:tyler@allisonhouse.com">tyler@allisonhouse.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="Ih2E3d"><br>
>> There should be a secure way of checking who places the message and the<br>
>> content of the message...<br>
><br>
> It is not possible without a complete revamping of the APRS Internet<br>
> System. This would be the best possible outcome. It would be difficult<br>
> and painful, like the APRS QSY was, but the end result would also be as<br>
> worthwhile.<br>
<br>
</div>Not just the APRS-IS. All of APRS. APRS was never designed to authenticate<br>
the owner. You can secure the APRS-IS all you want and I can still send a<br>
"nasty" APRS message to somebody in NZ using my APRS enabled radio using<br>
someone elses callsign, unless you stop traffic in the RF to internet<br>
direction..which effectively breaks the value of the APRS-IS.<br>
<div class="Ih2E3d"><br>
>> As an Igate sysop if the Universal APRS messaging gets out of control<br>
>> and is abused then the easiest way would be to exclude messaging from<br>
>> the Igate every Igate Sysop is in control of his / her own station.<br>
><br>
> Absolutely, that is where the responsibility rightfully, and (at least in<br>
> the US) legally belongs. I turned off the internet to RF direction of my<br>
> IGate on the day many years ago when the APRS Internet System became<br>
> insecure. The thing I fear I have still not adequately conveyed is there<br>
> is NO new insecurity in the APRS IS. From the day aprsd published the<br>
> source code to do APRS IS validation, ANYONE could send ANYTHING on the<br>
> APRS IS completely without detection or traceability.<br>
<br>
</div>Let's be pure in our argument please. There never was real security in the<br>
authentication system with or without the publishing of the aprsd source<br>
code. It would take a reasonably smart developer about an hour to reverse<br>
the algorithm used for 'authentication' by doing simple crypto analysis.<br>
If you want an actual time, I'll ask one of the guys at my work to do it<br>
blind and I'll time him. I got beer money he can do it under an hour.<br>
<br>
I'm not trying to thrown stones or claim this was some huge oversight. It<br>
is what it is. The choice before us is a mater of "reasonable" security. I<br>
personally think even _after_ the publication of the algorithm it is still<br>
"reasonable" security. It is sufficiently difficult to stop the average<br>
man on the street. The point is...you will _NEVER_ make APRS, or a future<br>
derivative, secure enough to claim within impunity you know who originated<br>
the session. Propose an idea you think can do it and I'll poke wholes in<br>
it all day long. Stop trying to make it perfect and find a "reasonable"<br>
solution.<br>
<font color="#888888"><br>
-Tyler<br>
</font><div><div></div><div class="Wj3C7c"><br>
<br>
<br>
_______________________________________________<br>
aprssig mailing list<br>
<a href="mailto:aprssig@lists.tapr.org">aprssig@lists.tapr.org</a><br>
<a href="https://lists.tapr.org/cgi-bin/mailman/listinfo/aprssig" target="_blank">https://lists.tapr.org/cgi-bin/mailman/listinfo/aprssig</a><br>
</div></div></blockquote></div><br>