CQ-Contest
[Top] [All Lists]

Re: [CQ-Contest] Spoofed Self spots

To: "cq-contest@contesting.com" <cq-contest@contesting.com>
Subject: Re: [CQ-Contest] Spoofed Self spots
From: Michael Adams <mda@n1en.org>
Date: Tue, 2 Nov 2021 13:55:17 +0000
List-post: <mailto:cq-contest@contesting.com>
As someone else mentioned, I'm skeptical that authentication would be as 
effective as some might hope, especially given the challenges of securely 
propagating authentication across the hive of the spotting network.

However, I do think it would be helpful if there were a shift towards a 2.0 
format of spotting traffic, one where (perhaps among other data) "name of 
originating node" in addition to the spotter were propagated across the 
network, and where nodes reported where they received a particular from (both 
IP address and node name?) rather than just retaining that information in the 
logs.   The spotting network has been primarily internet-focused rather than 
packet-focused for years; we don't need to be quite so miserly when it comes to 
information relayed with individual spots (although the processing implications 
of the RBN firehose still must be considered).

Such a format wouldn't prevent spoofing, of course.  However, those two pieces 
of information would facilitate analysis of node logs for contest inquiries 
about self-spotting, as well as providing sysops another tool for blocking bad 
actors / crap spots.

(And if the project resulted in node software that works as well as AR Cluster, 
I'd be extremely happy.)
-- 
Michael Adams | mda@n1en.org

-----Original Message-----
From: CQ-Contest <cq-contest-bounces+mda=n1en.org@contesting.com> On Behalf Of 
K3IB Peter
Sent: Tuesday, 2 November, 2021 08.07
To: cq-contest@contesting.com
Subject: Re: [CQ-Contest] Spoofed Self spots

Hi Pete

convincing (incenting?) each of the stakeholder groups to get on board is the 
problem.   We could come up with the greatest idea in the  world, but if no one 
uses it, it's a failure.

I imagine an authenticated spotting network in parallel with what we use today. 
 On this new network (Spotting 2.0?) spots from authenticated sources are 
distinguished from unauthenticated spots on the original (Spotting Classic?)  
network; spots could flow both ways between the 2 networks.  Access to Spotting 
2.0 could be bimodal, ie read only (unauthenticated) or read write 
(authenticated), to make adoption/transition as easy as possible.

On day 1 several years from now, both networks run, with Spotting 2.0 showing 
mostly spots from the Classic network, plus spots from early adopters (contest 
clubs maybe?).  I expect a transition to authentication will happen over many 
years (a decade?), with several step function moves along the way, likely as 
contest sponsors and organizers get on board, and/or as some malfeasor attacks 
the network and causes enough damage.

Authentication makes at least 2 things possible:  spotters will be unable to 
deny sending spots, so self-spotting will continue to be available for groups 
which use it, like POTA / IOTA, but easily detectable by contest scorers; and 
sources of bad spots, or intentional interference, could have their ability to 
spot revoked until the problem is fixed (the revocation moves the spotter from 
read write back to read only).  If spotting node operators all use / support 
the same authentication mechanism, then a single revocation could remove the 
bad actor globally.

This is not a small amount of work... but we're better off starting the work 
now before it's forced upon us.

-peter K3IB
_______________________________________________
CQ-Contest mailing list
CQ-Contest@contesting.com
http://lists.contesting.com/mailman/listinfo/cq-contest

<Prev in Thread] Current Thread [Next in Thread>