[CQ-Contest] authentication for log submission
xdavid at cis-broadband.com
Wed Jun 6 13:09:11 PDT 2012
You're primarily concerned about the integrity of the log submission
process (the bombproof door) while I'm referring to cheating for the
contacts themselves (the tar paper shanty). Here are a few examples
off the top of my head ... I'm sure others could come up with a few more.
a. running illegal power to make a QSO
b. using a remote receiver
c. having a friend (maybe even in another state or country) contact a
rare DX from his station under your callsign
d. hearing a station with a callsign similar to yours work a rare DX
and then trying to get a QSL card before he submits
You can't seriously tell me that those things don't happen.
There's an old engineering principle that says you shouldn't carry
calculations out to a precision beyond that of the input data itself.
That's exactly how I view the LoTW authentication process relative to
DXCC, and the fact that there hasn't been a single reported case of a
spoofed log for any contest I know of makes it even less appropriate for
contesting. Howitzers for unicorns ...
On 6/6/2012 4:17 AM, Dick Green WC1M wrote:
> It's not as easy to cheat in DXCC as you think. You might be able to get
> away with a faked QSL or two with non-rare countries, which is pretty
> meaningless, but it's very difficult to cheat on a semi-rare or rare
> country. But do prove me wrong: let's hear some of the many ways you can
> cheat. I'm not talking about cheating at the DX end, like Don Miller or
> Romeo, which is supremely difficult to do and very uncommon, but cheating
> that would result in awards that are not deserverd.
> And just because it may be possible for some minor cheating to occur, that
> doesn't mean we should leave the door wide open. I don't see the logic in
> that. If QSLs submitted to LoTW were not authenticated, it would be possible
> to completely corrupt the DXCC program, making a mockery of it. If you're
> interested in how that might occur, read the threat analysis in the original
> LoTW specifications:
> Yes, the security is strong, which requires a slight inconvenience and delay
> when you sign up, and running a program on your log when you use it, but I
> feel the security of this venerable program is well worth the trouble.
> 73, Dick WC1M
>> -----Original Message-----
>> From: David Gilbert [mailto:xdavid at cis-broadband.com]
>> Sent: Tuesday, June 05, 2012 6:06 PM
>> To: cq-contest at contesting.com
>> Subject: Re: [CQ-Contest] authentication for log submission
>> I've always thought that such an extreme level of security for LoTW was
>> wildly inappropriate given the numerous ways that people can and do
>> cheat in DXCC. It's like installing a bombproof door on the entrance to
>> a tar paper shanty, and the day that sort of thing shows up in
>> contesting is the day I no longer bother to contest. I can manage my
>> online IRA more simply than I can a hobby ... where's the sense in that?
>> Besides, I've yet to hear of a single case of anyone actually being able
>> to alter someone else's log submission, so at this point incorporating
>> LoTW authentication for contest logs sounds to me like setting up a
>> Howitzer to kill a unicorn in case one should ever show up.
>> Dave AB7E
>> On 6/5/2012 10:40 AM, Dick Green WC1M wrote:
>>> Don, you are a man after my own heart! I'm totally paranoid about
>>> security scenarios, which is one reason LoTW security is so tight.
>>> So, I don't think it would work. However, if there is a scenario that
>>> would work, the best solution would be to use the LoTW authentication
>>> system for log submissions. That would have the dual advantage of
>>> verifying the call sign in the log and allowing automatic submission
>>> of the log to the LoTW QSL system (something many have asked for.)
>>> 73, Dick WC1M
More information about the CQ-Contest