[CQ-Contest] authentication for log submission

[David Gilbert]

You're primarily concerned about the integrity of the log submission 
process (the bombproof door) while I'm referring to cheating for the 
contacts themselves (the tar paper shanty).   Here are a few examples 
off the top of my head ... I'm sure others could come up with a few more.

a.  running illegal power to make a QSO

b.  using a remote receiver

c.  having a friend (maybe even in another state or country) contact a 
rare DX from his station under your callsign

d.  hearing a station with a callsign similar to yours work a rare DX 
and then trying to get a QSL card before he submits

You can't seriously tell me that those things don't happen.

There's an old engineering principle that says you shouldn't carry 
calculations out to a precision beyond that of the input data itself.  
That's exactly how I view the LoTW authentication process relative to 
DXCC, and the fact that there hasn't been a single reported case of a 
spoofed log for any contest I know of makes it even less appropriate for 
contesting.   Howitzers for unicorns ...

73,
Dave   AB7E





On 6/6/2012 4:17 AM, Dick Green WC1M wrote:
> It's not as easy to cheat in DXCC as you think. You might be able to get
> away with a faked QSL or two with non-rare countries, which is pretty
> meaningless, but it's very difficult to cheat on a semi-rare or rare
> country. But do prove me wrong: let's hear some of the many ways you can
> cheat. I'm not talking about cheating at the DX end, like Don Miller or
> Romeo, which is supremely difficult to do and very uncommon, but cheating
> that would result in awards that are not deserverd.
>
> And just because it may be possible for some minor cheating to occur, that
> doesn't mean we should leave the door wide open. I don't see the logic in
> that. If QSLs submitted to LoTW were not authenticated, it would be possible
> to completely corrupt the DXCC program, making a mockery of it. If you're
> interested in how that might occur, read the threat analysis in the original
> LoTW specifications:
>
> http://www.eqsl.cc/qslcard/LOTWSpec.pdf
>
> Yes, the security is strong, which requires a slight inconvenience and delay
> when you sign up, and running a program on your log when you use it, but I
> feel the security of this venerable program is well worth the trouble.
>
> 73, Dick WC1M
>
>> -----Original Message-----
>> From: David Gilbert [mailto:xdavid at cis-broadband.com]
>> Sent: Tuesday, June 05, 2012 6:06 PM
>> To: cq-contest at contesting.com
>> Subject: Re: [CQ-Contest] authentication for log submission
>>
>>
>> I've always thought that such an extreme level of security for LoTW was
>> wildly inappropriate given the numerous ways that people can and do
>> cheat in DXCC.  It's like installing a bombproof door on the entrance to
>> a tar paper shanty, and the day that sort of thing shows up in
>> contesting is the day I no longer bother to contest.  I can manage my
>> online IRA more simply than I can a hobby ... where's the sense in that?
>>
>> Besides, I've yet to hear of a single case of anyone actually being able
>> to alter someone else's log submission, so at this point incorporating
>> LoTW authentication for contest logs sounds to me like setting up a
>> Howitzer to kill a unicorn in case one should ever show up.
>>
>> Dave   AB7E
>>
>>
>>
>> On 6/5/2012 10:40 AM, Dick Green WC1M wrote:
>>> Don, you are a man after my own heart! I'm totally paranoid about
>>> security scenarios, which is one reason LoTW security is so tight.
>> (snip)
>>> So, I don't think it would work. However, if there is a scenario that
>>> would work, the best solution would be to use the LoTW authentication
>>> system for log submissions. That would have the dual advantage of
>>> verifying the call sign in the log and allowing automatic submission
>>> of the log to the LoTW QSL system (something many have asked for.)
>>>
>>> 73, Dick WC1M
>>>
>
>