Re: [wsjt-devel] Callsign Security

2023-10-12 Thread Christoph Berg via wsjt-devel
Re: William Smith via wsjt-devel > So now we would require cryptographic signing of QSOs? I mean, I'd be ticked > if someone used one of my callsigns, but I wouldn't rally the entire amateur > community around a complex solution to the 'problem'. > > It was hard enough for me as a computer prof

Re: [wsjt-devel] Callsign Security

2023-10-12 Thread William Smith via wsjt-devel
So now we would require cryptographic signing of QSOs? I mean, I'd be ticked if someone used one of my callsigns, but I wouldn't rally the entire amateur community around a complex solution to the 'problem'. It was hard enough for me as a computer professional to get TQSL set up, I gotta say I

Re: [wsjt-devel] Callsign Security

2023-10-11 Thread Ashhar Farhan via wsjt-devel
I guess, a simpler approach would be to provide a checksum derived from your secret key associated with your callsign in your QSLs. This needs to be outside the wsjtx. The infrastructure should be maintained by a non-profit international body. Like the eff.org. - f On Tue, Oct 10, 2023, 11:58 PM G

Re: [wsjt-devel] Callsign Security

2023-10-10 Thread Glenn Williams via wsjt-devel
Hi, Why not be concerned about your password on QRZ.COM? If that gets hacked by someone they have access to a huge database of names and addresses to pick through. Password security is well described in: 12 character passwords are no longer safe enough. That's it. Done. All over. Tell your

Re: [wsjt-devel] Callsign Security

2023-10-10 Thread Christopher Wawak via wsjt-devel
> Another hams callsign used for operation on 60m and then reported by another > for illegal operation is a bit beyond 'hurt feelings' This should not rise to the level of "hurt feelings". Anyone can "report" anyone for anything. The transmission of a callsign does not necessarily mean that the

Re: [wsjt-devel] Callsign Security

2023-10-09 Thread Adrian via wsjt-devel
I accept it is not practical regarding the relevant coding team response. However it is not as trivial as below. In VK 60m operation is not legal. Another hams callsign used for operation on 60m and then reported by another for illegal operation is a bit beyond 'hurt feelings' 73 On 10/10/2

Re: [wsjt-devel] Callsign Security

2023-10-09 Thread Jeff Stillinger via wsjt-devel
To in any way lock down the software is 100% inappropriate.   It's not just "ham radio" software as we can clearly see, but also a very important scientific tool used world wide for various purposes.  We can not turn our backs on the scientific community over a few ham radio contacts that might

Re: [wsjt-devel] Callsign Security

2023-10-05 Thread Kevin McQuiggin via wsjt-devel
It won’t “solve” the problem, but you can always register for a free account at https://hamalert.org and set up a trigger for your own callsign. Then you will receive an email or a text message when your call is spotted on the bands. It doesn’t solve the problem but at

Re: [wsjt-devel] Callsign Security

2023-10-05 Thread Graham c via wsjt-devel
And not only that, there are legitimate users of WSJT-X that are not licensed amateru radio operators. For example SWL users and experimenters on ISM bands. Restricting something in the ways suggested just doesn't work, it just doesn't stop the abuse. You are supposed to have a driver's licence i

Re: [wsjt-devel] Callsign Security

2023-10-05 Thread Tom M0LTE via wsjt-devel
Broken in 60 seconds by looking at the source code. See APRS-IS. On Thu, 5 Oct 2023 at 09:36, Adrian via wsjt-devel < wsjt-devel@lists.sourceforge.net> wrote: > As a victim of another local foundation ham (caught) unlawfully using my > callsign on 20m FT8 recently, and reports > > heard of other

Re: [wsjt-devel] Callsign Security

2023-10-05 Thread Adrian via wsjt-devel
Thanks Barry, Yes, I just wanted to put the idea on the table. Perhaps another ham database could be used/shared for purpose in the future. Perhaps a code issued by QRZ for their registered calls could be utilised if they are onboard.  Anyhow p[perhaps someone may have an idea to at least imp

Re: [wsjt-devel] Callsign Security

2023-10-05 Thread Barry Jackson via wsjt-devel
On 05/10/2023 09:33, Adrian via wsjt-devel wrote: of a digital Mode database setup & registered to , with license proof etc, similar to QRZ. Hmm... Nice idea. Are you going to set up, maintain, pay for and verify (in multiple languages) a database of every call sign in the world? If no

Re: [wsjt-devel] Callsign Security

2023-10-05 Thread F4HTB via wsjt-devel
Hello dear, As you know wsjtx is opensource. In these conditions, it is completely useless to add such a function because you can always compile the software by removing the function. We are unfortunately victims of usurpation and false identities to in the rest of the world... It is a global

Re: [wsjt-devel] Callsign Security

2023-10-05 Thread Luis Miguel Castañeda via wsjt-devel
I guess it'll be easier to use the arrl certificate and do not reinvent the wheel. Yeah I can foresee people not wanting to register with the arrl, but everything has to start somewhere. On Thursday, October 05 2023, 18:33:52, Adrian via wsjt-devel wrote: [1. text/plain] As a victim of an

[wsjt-devel] Callsign Security

2023-10-05 Thread Adrian via wsjt-devel
As a victim of another local foundation ham (caught) unlawfully using my callsign on 20m FT8 recently, and reports heard of other fake and unauthorized callsign use, I wonder about the possibility of a digital Mode database setup & registered to , with license proof etc, similar to QRZ. A