CQ-Contest
[Top] [All Lists]

Re: [CQ-Contest] Spoofed Self spots

To: Hans Brakob <kzerohb@gmail.com>, cq-contest <cq-contest@contesting.com>
Subject: Re: [CQ-Contest] Spoofed Self spots
From: Ken K6MR <k6mr@outlook.com>
Date: Wed, 3 Nov 2021 03:35:47 +0000
List-post: <mailto:cq-contest@contesting.com>
+1

Fire suit on….

Ken K6MR

From: Hans Brakob<mailto:kzerohb@gmail.com>
Sent: Tuesday, November 2, 2021 20:08
To: Randy Thompson<mailto:k5zd@outlook.com>; Stanley 
Zawrotny<mailto:k4sbz.stan@gmail.com>
Cc: CQ-Contest<mailto:cq-contest@contesting.com>
Subject: Re: [CQ-Contest] Spoofed Self spots

Or we could just shut the monster down and let contesting be about radiomen.

73, de Hans, KØHB
“Just a Boy and his Radio”™
________________________________
From: CQ-Contest <cq-contest-bounces+kzerohb=gmail.com@contesting.com> on 
behalf of Randy Thompson <k5zd@outlook.com>
Sent: Tuesday, November 2, 2021 8:05:09 PM
To: Stanley Zawrotny <k4sbz.stan@gmail.com>
Cc: CQ-Contest <cq-contest@contesting.com>
Subject: Re: [CQ-Contest] Spoofed Self spots

Not sure self-spotting is the solution to the actual problem...

Someone spammed the cluster system with cleverly designed spots that spoofed 
the sender's callsign.  As someone who has been harassed by this method of fake 
spots, it is frustrating.  I don't think people quite realize how unprotected 
the cluster network is.  Anyone can use any callsign to spot anything at any 
time.

The cluster is not the banking system, but just as we need passwords for every 
other aspect of our on-line lives, it may be time for the cluster network to 
adopt the same.  Even if it is just for originating spots.  This of course 
means that spots traveling from one node to another will also need to carry 
some form of verification or validation of the originator.

Randy K5ZD



-----Original Message-----
From: CQ-Contest <cq-contest-bounces+k5zd=outlook.com@contesting.com> On Behalf 
Of Stanley Zawrotny
Sent: Tuesday, November 2, 2021 9:04 AM
To: John Dorr <cqk1ar@gmail.com>
Cc: Steve Dyer <w1srd@yahoo.com>; CQ-Contest <cq-contest@contesting.com>
Subject: Re: [CQ-Contest] Spoofed Self spots

The solution has already been proposed—allow self-spotting. Put SSB on a par 
with the CW RBN. No messy, long-drawn out technical effort required. Just say 
that it’s OK.

Stan, K4SBZ

"Real radio bounces off the sky."

> On Nov 2, 2021, at 8:43 AM, John Dorr <cqk1ar@gmail.com> wrote:
>
> Good morning,
>
> Just so everyone knows, the CQWW Contest Committee is taking this
> issue very seriously and is investigating the issue in great detail
> via some very smart network guys on my team. These spots will have no
> impact on anyone's score. However, as always, we will continue to
> review other cases where self-spotting is obvious and beyond what has
> occurred in this particular situation.
>
> 73, John, K1AR
> CQ WW Contest Director
>
>
>
>> On Tue, Nov 2, 2021 at 8:03 AM Steve Dyer via CQ-Contest <
>> cq-contest@contesting.com> wrote:
>>
>> I really hope we don't have to start authenticating to clusters. The
>> hassle to the many global users seems to far exceed the gravity of
>> the problem. Every piece of software that uses clusters would have to
>> implement whatever scheme was used. It would be a mess.
>> Steve
>> W1SRD
>>
>>> On 11/1/2021 18:10, K3IB Peter wrote:
>>> Identifying bad guys by IP addresses is not a thing any more.
>>>
>>> I can change my home IP address at will.  Good luck getting Comcast
>>> to
>> tell you what IP address was on my router 3 days ago.
>>>
>>> I can also attack from dozens of countries around the world by using
>>> one
>> of any number of inexpensive VPN services.
>>>
>>> The best way forward is for clusters to start authenticating their
>>> users
>> with a simple, widely available mechanism like SQRL.
>>>
>>> -peter K3IB
>>>
>>>
>>>
>>>> IIRC, maybe 20 years ago Dave, K1TTT did some pioneering work in
>>>> identifying self-spotters, I think through the use of IP addresses
>>>> It may be that the same techniques can be used today - or maybe
>>>> they can at least demonstrate that these were *not* self-spots. Dave?
>>>>
>>>> 73, Pete N4ZR
>>>> Check out the new Reverse Beacon Network web server
>>>> at<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fbeta.reversebeacon.net%2F&amp;data=04%7C01%7C%7C4c5816c8e7134f641c9f08d99e24c9e2%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637714703115056396%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=6V7wNvb8ozUbD2knfydlnkBP57qLOQHvOh9JKc1%2FV5A%3D&amp;reserved=0>.
>>>> For spots, please use your favorite "retail" DX cluster.
>>>>
>>>> On 11/1/2021 2:46 PM, Michael Walker wrote:
>>>>> Wow, what a surprise.  I just went and looked at my cluster and
>>>>> sure enough.
>>>>>
>>>>> I was running unassisted and I see that I spotted myself twice.
>>>>>
>>>>> This is not good and the only reason is for someone to ensure that
>>>>> the cluster logging can't be trusted.
>>>>>
>>>>> Mike va3mw
>>>>>
>>>>>
>>>>> VA3MW-7>
>>>>>    7215.1  VA3MW       31-Oct-2021 2319Z
>>>>> <VA3MW>
>>>>>    7215.1  VA3MW       31-Oct-2021 2313Z
>>>>> <WT8WV>
>>>>>    7215.1  VA3MW       31-Oct-2021 2305Z  LSB
>>>>> <N2YO>
>>>>>    7214.9  VA3MW       31-Oct-2021 2252Z  LSB
>>>>> <N4SS>
>>>>>    7215.0  VA3MW       31-Oct-2021 2249Z
>>>>>   <W3MR>
>>>>>    7215.0  VA3MW       31-Oct-2021 2244Z  LSB
>>>>> <WU9D>
>>>>>    7215.0  VA3MW       31-Oct-2021 2237Z
>>>>>   <N3GT>
>>>>>    7215.0  VA3MW       31-Oct-2021 2235Z  LSB
>>>>>   <AC3LZ>
>>>>>    7215.1  VA3MW       31-Oct-2021 2211Z
>>>>> <VA3MW>
>>>>>    7215.1  VA3MW       31-Oct-2021 2205Z
>>>>> <KE1IH>
>>>>>
>>>>> On Mon, Nov 1, 2021 at 1:39 PM Dave K2XR via CQ-Contest <
>>>>> cq-contest@contesting.com> wrote:
>>>>>
>>>>>> GM contesters.  Hope you all are resting well.
>>>>>>
>>>>>> In the FRC chat room we have been discussing the abundance of
>>>>>> apparent self spots during the contest.  Many of our participants
>>>>>> who run had their callsigns spoofed and spots of themselves made. It 
>>>>>> seems to have
>>>>>> happened to enough of us that the question was posed...   'Was it just
>>>>>> FRC that was targeted, or was it all contesters? "
>>>>>>
>>>>>> Looking on this reflector as well as the 3830 reflector, it
>>>>>> didn't
>> take
>>>>>> long to see that it wasn't just FRC.
>>>>>>
>>>>>> https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fl
>>>>>> ists.contesting.com%2Farchives%2F%2Fhtml%2F3830%2F2021-11%2Fmsg00
>>>>>> 174.html&amp;data=04%7C01%7C%7C4c5816c8e7134f641c9f08d99e24c9e2%7
>>>>>> C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637714703115066391%7C
>>>>>> Unknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI
>>>>>> 6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=ivIW9Nn1XPNTt6BxeKNlN5Jf
>>>>>> 5Co0%2FpE9co46pVpc0Ps%3D&amp;reserved=0
>>>>>>
>>>>>> Curious to know who else out there was targeted.  The were about
>>>>>> 10 cases in the chat room I was in this AM, and suspect it might
>>>>>> have
>> been
>>>>>> a huge problem.
>>>>>>
>>>>>> Is there a way for the sysops to track down the origin ?     I would
>>>>>> think so, but am not positive.
>>>>>>
>>>>>> It would be great to nail the perpetrator, and some of us are
>> demanding
>>>>>> it if it is all possible.  Kind of ruins everything for some.
>>>>>>
>>>>>>       Dave   K2XR      Frankford Radio Club
>>>>>>
>>>>>> _______________________________________________
>>>>>> CQ-Contest mailing list
>>>>>> CQ-Contest@contesting.com
>>>>>> https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fl
>>>>>> ists.contesting.com%2Fmailman%2Flistinfo%2Fcq-contest&amp;data=04
>>>>>> %7C01%7C%7C4c5816c8e7134f641c9f08d99e24c9e2%7C84df9e7fe9f640afb43
>>>>>> 5aaaaaaaaaaaa%7C1%7C0%7C637714703115066391%7CUnknown%7CTWFpbGZsb3
>>>>>> d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0
>>>>>> %3D%7C1000&amp;sdata=Cy16cmjTfMGAw4g7sIS43OEt442CdajENE29TjzVadU%
>>>>>> 3D&amp;reserved=0
>>>>>>
>>>>> _______________________________________________
>>>>> CQ-Contest mailing list
>>>>> CQ-Contest@contesting.com
>>>>> https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fli
>>>>> sts.contesting.com%2Fmailman%2Flistinfo%2Fcq-contest&amp;data=04%7
>>>>> C01%7C%7C4c5816c8e7134f641c9f08d99e24c9e2%7C84df9e7fe9f640afb435aa
>>>>> aaaaaaaaaa%7C1%7C0%7C637714703115066391%7CUnknown%7CTWFpbGZsb3d8ey
>>>>> JWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7
>>>>> C1000&amp;sdata=Cy16cmjTfMGAw4g7sIS43OEt442CdajENE29TjzVadU%3D&amp
>>>>> ;reserved=0
>>>> _______________________________________________
>>>> CQ-Contest mailing list
>>>> CQ-Contest@contesting.com
>>>> https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Flis
>>>> ts.contesting.com%2Fmailman%2Flistinfo%2Fcq-contest&amp;data=04%7C0
>>>> 1%7C%7C4c5816c8e7134f641c9f08d99e24c9e2%7C84df9e7fe9f640afb435aaaaa
>>>> aaaaaaa%7C1%7C0%7C637714703115066391%7CUnknown%7CTWFpbGZsb3d8eyJWIj
>>>> oiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000
>>>> &amp;sdata=Cy16cmjTfMGAw4g7sIS43OEt442CdajENE29TjzVadU%3D&amp;reser
>>>> ved=0
>>> _______________________________________________
>>> CQ-Contest mailing list
>>> CQ-Contest@contesting.com
>>> https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Flist
>>> s.contesting.com%2Fmailman%2Flistinfo%2Fcq-contest&amp;data=04%7C01%
>>> 7C%7C4c5816c8e7134f641c9f08d99e24c9e2%7C84df9e7fe9f640afb435aaaaaaaa
>>> aaaa%7C1%7C0%7C637714703115066391%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC
>>> 4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;
>>> sdata=Cy16cmjTfMGAw4g7sIS43OEt442CdajENE29TjzVadU%3D&amp;reserved=0
>>
>> _______________________________________________
>> CQ-Contest mailing list
>> CQ-Contest@contesting.com
>> https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists
>> .contesting.com%2Fmailman%2Flistinfo%2Fcq-contest&amp;data=04%7C01%7C
>> %7C4c5816c8e7134f641c9f08d99e24c9e2%7C84df9e7fe9f640afb435aaaaaaaaaaa
>> a%7C1%7C0%7C637714703115066391%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLj
>> AwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata
>> =Cy16cmjTfMGAw4g7sIS43OEt442CdajENE29TjzVadU%3D&amp;reserved=0
>>
> _______________________________________________
> CQ-Contest mailing list
> CQ-Contest@contesting.com
> https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists.
> contesting.com%2Fmailman%2Flistinfo%2Fcq-contest&amp;data=04%7C01%7C%7
> C4c5816c8e7134f641c9f08d99e24c9e2%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7
> C1%7C0%7C637714703115066391%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMD
> AiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=Cy16
> cmjTfMGAw4g7sIS43OEt442CdajENE29TjzVadU%3D&amp;reserved=0
_______________________________________________
CQ-Contest mailing list
CQ-Contest@contesting.com
https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists.contesting.com%2Fmailman%2Flistinfo%2Fcq-contest&amp;data=04%7C01%7C%7C4c5816c8e7134f641c9f08d99e24c9e2%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637714703115066391%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=Cy16cmjTfMGAw4g7sIS43OEt442CdajENE29TjzVadU%3D&amp;reserved=0
_______________________________________________
CQ-Contest mailing list
CQ-Contest@contesting.com
http://lists.contesting.com/mailman/listinfo/cq-contest
_______________________________________________
CQ-Contest mailing list
CQ-Contest@contesting.com
http://lists.contesting.com/mailman/listinfo/cq-contest

_______________________________________________
CQ-Contest mailing list
CQ-Contest@contesting.com
http://lists.contesting.com/mailman/listinfo/cq-contest
<Prev in Thread] Current Thread [Next in Thread>