CQ-Contest
[Top] [All Lists]

Re: [CQ-Contest] authentication for log submission

To: "'W0MU Mike Fatchett'" <w0mu@w0mu.com>, <cq-contest@contesting.com>
Subject: Re: [CQ-Contest] authentication for log submission
From: "Dick Green WC1M" <wc1m73@gmail.com>
Date: Wed, 6 Jun 2012 07:01:16 -0400
List-post: <cq-contest@contesting.com">mailto:cq-contest@contesting.com>
Not true.

Without access to AA1AA's log, how exactly would you construct the AA1AA log
that has a lower score? Exactly what QSOs would you put in it?

Remember, every QSO must match a QSO in another log. If you "make up" QSOs
for the second log, they won't show up in any other log. Sure, not everyone
submits a log, but if the computerized log checker gets a ton of Not In Logs
(which it would if you just made up the QSOs), then the log would be
rejected or spit out for human inspection.

73, Dick WC1M

> -----Original Message-----
> From: W0MU Mike Fatchett [mailto:w0mu@w0mu.com]
> Sent: Tuesday, June 05, 2012 2:06 PM
> To: cq-contest@contesting.com
> Subject: Re: [CQ-Contest] authentication for log submission
> 
> Actually the question is how would the ARRL, NCJ or CQ know that   AA1AA
> submitted a 1.1 million score and then I submitted some other log for
> something less.
> 
> Nobody needs to get the original log.  It will take human intervention
> to figure out that there is something really wrong with the 2nd log
> submission.
> 
> 
> 
> 
> 
> 
> 
> 
> Mike W0MU
> 
> W0MU-1 CC Cluster w0mu.net:23 or w0mu-1.dnsdynamic.com
> Http://www.w0mu.com
> 
> 
> On 6/5/2012 11:40 AM, Dick Green WC1M wrote:
> > Don, you are a man after my own heart! I'm totally paranoid about
> > security scenarios, which is one reason LoTW security is so tight.
> >
> > However, I think the scenario you describe isn't plausible. As I
> > understand it, the scheme would be used in a case where two stations
> > are close in score. It would involve the second-place station
> > uploading an altered log for the first-place station after the
> > first-place station uploaded his/her real log. The altered log would
> > be mostly the same as the real log, but with a few QSOs omitted or a
> > few calls or exchanges busted. It has to be an altered copy of the
> > first-place station's log because if the log was a complete fake, none
> > of the QSOs would match during log checking. I'm sure in such a
> > scenario, where the log for a high claimed score generated a huge UBN
> > deduction, the log would be visually inspected by a person. That would
> > alert the contest sponsor and the first place station that something
> > very fishy had happened. Therefore, the altered log must be a copy of
> the first-place station's log, with just enough QSOs altered to affect
> the standings.
> >
> > The question is, how does the second-place station get a copy of the
> > first-place station's log? ARRL doesn't publish logs. I think CQ WW
> > waits to do that until after log checking, but I'm not sure. If they
> > don't, they should.
> >
> > The only way I can see pulling this off is if the cheater had a
> > confederate who operated in the contest and generated a relatively
> > high score, slightly less than the second place station's score. The
> > confederate's log would be submitted under the call of the first-place
> > station. But that depends on how the log-checking software determines
> > the call sign. Is it solely from the Cabrillo header, or is the call
> > in the header checked against the sender's call in the individual QSO
> > records? In any case, this is a very risky ploy for the confederate
> > because if the log is inspected visually by a person, which I believe
> happens with most high-scoring logs, the jig will be up.
> >
> > So, I don't think it would work. However, if there is a scenario that
> > would work, the best solution would be to use the LoTW authentication
> > system for log submissions. That would have the dual advantage of
> > verifying the call sign in the log and allowing automatic submission
> > of the log to the LoTW QSL system (something many have asked for.)
> >
> > 73, Dick WC1M
> >
> >> -----Original Message-----
> >> From: Katsuhiro Kondou [mailto:kondou@voyackey.net]
> >> Sent: Monday, June 04, 2012 10:29 PM
> >> To: cq-contest@contesting.com
> >> Subject: [CQ-Contest] authentication for log submission
> >>
> >> Change the subject from the original, and removed related References
> >> headers.
> >>
> >> In article<4FCC7194.3080802@ei5di.com>,
> >>    "Paul O'Kane"<pokane@ei5di.com>  wrote,
> >>    on "Mon, 04 Jun 2012 09:28:04 +0100";
> >>
> >> } In the days of paper logs, we had to submit a signed } declaration
> >> with each log.  With electronic logs, the } declaration is assumed,
> >> but largely forgotten.  One } practical solution is for the logging
> >> software to } display the declaration and ask for the operator's }
> >> agreement, by having to type the word YES, before the } Cabrillo log
> is created.
> >> }
> >> } The declaration, in effect a pledge that is renewed } with each
> >> entry, is good enough for me.
> >>
> >> I'm not sure this was discussed before, but this reminds me that
> >> someone who has malicious intention may submit other station's log to
> >> defeat the station after first submission by actual station.
> >> There looks no authentication method to verify the station for major
> >> contests(please correct me if I am wrong).  Complicated method to
> >> authenticate the station may lead decreasing the number of log
> >> submission, so this may not be applied to all stations.  But I think
> >> there should be some method to authenticate at least for stations who
> >> want to win a prize.
> >>
> >> Please ignore this message if my concern is baseless fear, the
> >> contest sponsors have already taken care of this, or we can trust
> >> everybody since we all have good morals.
> >> --
> >> Katsuhiro "Don" Kondou, JH5GHM
> >> Tokyo, JAPAN
> >
> > _______________________________________________
> > CQ-Contest mailing list
> > CQ-Contest@contesting.com
> > http://lists.contesting.com/mailman/listinfo/cq-contest


_______________________________________________
CQ-Contest mailing list
CQ-Contest@contesting.com
http://lists.contesting.com/mailman/listinfo/cq-contest

<Prev in Thread] Current Thread [Next in Thread>