[CQ-Contest] Spoofed Self spots

K3IB Peter k3sss at townpoint.net
Tue Nov 2 17:25:02 EDT 2021 

inline...

On Tue, Nov 2, 2021, at 09:55, Michael Adams wrote:
> As someone else mentioned, I'm skeptical that authentication would be 
> as effective as some might hope, especially given the challenges of 
> securely propagating authentication across the hive of the spotting 
> network.
>

I envision 2 parallel networks, the new one authenticated for sending spots, but not receiving.  The legacy network remains as is, but hopefully has hooks in it to feed the new network, and likewise in return.

The new, authenticated network is like airport security: once through the gate, you can go anywhere (ie post and receive spots).  You can leave at any time (receive spots only).

> However, I do think it would be helpful if there were a shift towards a 
> 2.0 format of spotting traffic, one where (perhaps among other data) 
> "name of originating node" in addition to the spotter were propagated 
> across the network, and where nodes reported where they received a 
> particular from (both IP address and node name?) rather than just 
> retaining that information in the logs.   The spotting network has been 
> primarily internet-focused rather than packet-focused for years; we 
> don't need to be quite so miserly when it comes to information relayed 
> with individual spots 

Yes, an enhanced messaging format should be required at least among cluster servers.  It's important that cluster clients need to make no changes if at all possible.

(although the processing implications of the RBN 
> firehose still must be considered).
>
> Such a format wouldn't prevent spoofing, of course.  However, those two 
> pieces of information would facilitate analysis of node logs for 
> contest inquiries about self-spotting, as well as providing sysops 
> another tool for blocking bad actors / crap spots.

With proper authentication, garbage in will be easy to follow back to the origin.

>
> (And if the project resulted in node software that works as well as AR 
> Cluster, I'd be extremely happy.)

Who maintains AR Cluster now ?   I keep hitting dead ends.

73
-peter K3IB


> -- 
> Michael Adams | mda at n1en.org
>
> -----Original Message-----
> From: CQ-Contest <cq-contest-bounces+mda=n1en.org at contesting.com> On 
> Behalf Of K3IB Peter
> Sent: Tuesday, 2 November, 2021 08.07
> To: cq-contest at contesting.com
> Subject: Re: [CQ-Contest] Spoofed Self spots
>
> Hi Pete
>
> convincing (incenting?) each of the stakeholder groups to get on board 
> is the problem.   We could come up with the greatest idea in the  
> world, but if no one uses it, it's a failure.
>
> I imagine an authenticated spotting network in parallel with what we 
> use today.  On this new network (Spotting 2.0?) spots from 
> authenticated sources are distinguished from unauthenticated spots on 
> the original (Spotting Classic?)  network; spots could flow both ways 
> between the 2 networks.  Access to Spotting 2.0 could be bimodal, ie 
> read only (unauthenticated) or read write (authenticated), to make 
> adoption/transition as easy as possible.
>
> On day 1 several years from now, both networks run, with Spotting 2.0 
> showing mostly spots from the Classic network, plus spots from early 
> adopters (contest clubs maybe?).  I expect a transition to 
> authentication will happen over many years (a decade?), with several 
> step function moves along the way, likely as contest sponsors and 
> organizers get on board, and/or as some malfeasor attacks the network 
> and causes enough damage.
>
> Authentication makes at least 2 things possible:  spotters will be 
> unable to deny sending spots, so self-spotting will continue to be 
> available for groups which use it, like POTA / IOTA, but easily 
> detectable by contest scorers; and sources of bad spots, or intentional 
> interference, could have their ability to spot revoked until the 
> problem is fixed (the revocation moves the spotter from read write back 
> to read only).  If spotting node operators all use / support the same 
> authentication mechanism, then a single revocation could remove the bad 
> actor globally.
>
> This is not a small amount of work... but we're better off starting the 
> work now before it's forced upon us.
>
> -peter K3IB
> _______________________________________________
> CQ-Contest mailing list
> CQ-Contest at contesting.com
> http://lists.contesting.com/mailman/listinfo/cq-contest

More information about the CQ-Contest mailing list