[CQ-Contest] A Lack of Focus? (Was LotW - Needs More Participation)

George Skoubis george.skoubis at verizon.net
Sat May 22 01:05:36 EDT 2004

Hi Warren,

  I'm a programmer at a large company and I can assure you we use a
"stricter" method of transferring any files that leave our company than
the LOTW method.

  We use 2048 bit public/private key encryption (such as PGP / GnuPG).
We encrypt the files on servers behind our firewalls and transfer them
to our servers outside the firewall via encrypted file transmission as
well (scp or sftp both work well).

  When we exchange the public keys we call and verbally ensure we have
received the key from a contact at the receiving company before we sign
the key and add it to our "key ring".

  The files I've dealt with have only had customer name and address
information so it's not as important as financial information (in the
grand scheme of things, I'm not belittling a person's right to privacy).

  When I set up my personal online banking accounts we had to sign an
agreement at the bank, wait for a card to come via the post office with
our account password, log on to the website, change our password, before
we could access our account.  It's pretty close to the LOTW (minus the
keys, but SSL uses a simpler version of the key encryption process).

  I didn't find it too difficult (no command line arguments or vi
commands to remember here) and I've been having fun watching the amount
of confirmed contacts build as others add their logs.  It's still nice
to get QSL's in the mail but I think the effort required to hack the
LOTW system is much greater than any potential return (what would a
hacker gain? DXCC?  5Band?, it's probably easier to steal credit card
numbers from most web sites!).

   Hopefully the major contest next weekend will change everyone's focus
to contesting and put to bed all the LOTW talk.


George / KF9YR

-----Original Message-----
From: cq-contest-bounces at contesting.com
[mailto:cq-contest-bounces at contesting.com] On Behalf Of Warren C.
Sent: Friday, May 21, 2004 8:44 AM
To: CQ-Contest at contesting.com
Subject: [CQ-Contest] A Lack of Focus? (Was LotW - Needs More

You know, someone brought up a good point about this that bears
They discussed how their financial institution delivered their account
password information.

You can even argue that the ARRL's position is even stricter than that
you'll find at your local bank or brokerage. Certainly, my bank and my
brokerages do things much differently than LoTW does.

Which brings up a question: Why? I can see when my money's involved. But
we're talking about mere operating awards here. A certificate to put on
wall. Maybe a pin. If you're one of the "Deserving", someday a plaque.
That's it, folks. And when we're gone, how long do you figure they'll
up on the wall before they make the trip to the dust bin?

This obsession with security by ARRL's LoTW program mirrors the
with the awards it supports by the users themselves. This used to be a
hobby, and some say it's a "public service"; but some people seem to
certainly have taken this beyond the looking glass.

With malice towards none,

Warren, NF1J/6

CQ-Contest mailing list
CQ-Contest at contesting.com

Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.687 / Virus Database: 448 - Release Date: 5/16/2004

Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.687 / Virus Database: 448 - Release Date: 5/16/2004

More information about the CQ-Contest mailing list