[CQ-Contest] L.O.T.W.

Ron Notarius wn3vaw at verizon.net
Sun Jul 24 22:24:56 EDT 2005 

Bill,

Excuse me?  What number of hoops are you talking about?

I have two extra steps that most don't, since I have to extract my pertinent
log segements from my database application, and then convert them to ADIF.
No one to "blame" for that but myself, since it's my own choice to keep
using dBase IV instead of buying someone else's package.  But aside from
that, let's see what's involved here:

(1)  Get ADIF file to upload
(2)  Encrypt & compress ("sign") the file
(3)  Upload the file the the LotW Server

What could be simpler?

Oh... I guess encrypting the file isn't quite THAT simple.  You have to:
(2a) select the station location (which includes call used)
(2b) select the file to sign
(2c) name resulting .TQ8 file
(2d) verify the call & station location
(2e) enter a date range if needed;
(2f)  enter your password

Took longer to write all that than to run it; just about all menu driven and
pretty straight forward.

And you have two choices to upload to the server; log directly to the server
via the web, or email the file to the server.  Again, can't get much simpler
than that.

(Logging onto the server?  Enter user id -- call -- and password.  Uploading
the file?  Point to the compressed file on your hard drive and click on a
button.  Sound familiar?)

Now... would it be nice to be able to upload an ADIF file without signing
it?  Sure.  Could you make the argument that they've taken security about
one level further than might be neccesary?  Sure.  Such is life.  And I just
think of the alternative, another system out there that has given me
"credit" for North Korea -- a "QSO" on the 1 mm band with P5SLIM.  A hoax
perpetuated about 5 years ago, yet it's still out there, unpurged by the
system.  Could this be perpetuated on LotW?  Maybe.  But I'd bet it'd be a
LOT harder!)

73, ron wn3vaw

----- Original Message ----- 
> Date: Sun, 24 Jul 2005 10:23:41 -0700
> From: Bill Turner <dezrat1242 at ispwest.com>
> Subject: Re: [CQ-Contest] L.O.T.W.
> To: Jim Rhodes <k0xu at iowadsl.net>, <CQ-CONTEST at contesting.com>
>
> At 11:12 PM 7/23/2005, Jim Rhodes wrote:
> >Actually I have sent them support for running it just the way that they
do.
> >I found it truly simple to set up and run. And I find the level of
security
> >to be appropriate. And I am sure that you did not just log onto your
bank's
> >website & set up an account remotely. You had to go into the bank and
sign
> >up for an account. The ARRL did not make you do that, so they need some
way
> >to make you prove who you are. When was the last time you made a deposit
> >over the internet? The comparison of LOTW to internet banking is really a
> >bogus one.
>
> _________________________________________________
>
> I agree about the initial level of security during the sign up phase. The
> ARRL's requirement to send the password only to the address in the FCC's
> database seems OK to me. What I object to is the number of hoops one has
to
> jump through each and every time one wants to upload a log. All that
should
> be necessary is to go to the LoTW website, enter one's username and
> password, and upload an ADIF file. Period.
>
> When was the last time I made a (bank) deposit over the internet? How
about
> every payday? How about every pension deposit? How about every Social
> Security deposit? I pay nearly all my bills over the internet... doesn't
> that count as a 'deposit' into their account? My point is, financial
> transactions are handled simply and easily with perfect security. LoTW
> should strive to do the same.
>
>
> Bill, W6WRT
>
> _______________________________________________
> CQ-Contest mailing list
> CQ-Contest at contesting.com
> http://lists.contesting.com/mailman/listinfo/cq-contest

More information about the CQ-Contest mailing list