[Dxspider-support] Secure node to node connection proposal

Stephen Carroll aa4u.steve at gmail.com
Sun Feb 26 12:52:46 GMT 2023 

Matthew,

While your opinion and comments are greatly appreciated, calling someone's
proposal "...a very, very stupid idea..." isn't how we promote
international goodwill. Enough said...

73, Steve - AA4U


On Sun, Feb 26, 2023, 6:27 AM Matthew Chambers via Dxspider-support <
dxspider-support at tobit.co.uk> wrote:

>
>
> >> Just because the OS supports SSH doesn't mean all software
> >> environments can! For example for me to add SSH to a NodeJS based
> >> desktop app, I'd have to pull in additional "node modules" or
> >> libraries which add additional bloat to our software. This is likely
> >> true of many programming environments. And I'm sure there are some
> >> out there that have no option for SSH so their software will no
> >> longer be able to participate.
> > One of the basis in the proposal is that -at least at this point-
> > everybody will be allowed to connect and show spots,anns, wwv,wcy,etc.
>
> You'd still be leaving a lot of users out to be able to contribute
> spots, what would they be receiving if no one is sending anything
> because everyone is receive only?
>
> >>
> >> Encrypted tunnels between nodes seems reasonable but SSH for end
> >> users is too far. I might as well shut off my node at that point as
> >> would probably the vast majority of sysops. Yeah you'd have a very
> >> secure network with no traffic!
> > In case ssh tunnels should be a must for end users, I think that it
> > must be transparent for them. I think that even now, few or no users
> > use telnet windows to connect, but 3rd part software that can do it
> > (only if they want to upload information, of course.) as they are
> > already doing it with other platforms.
>
> My point is that to add SSH natively to the software it doesn't matter
> one bit if windows or linux supports it. You'd have to add it natively
> to the client program unless your proposing that we dump client support
> in logging programs and force everyone to use the OS SSH client only. I
> can't add it to the program I'm working on, even adding telnet was too
> much so I had started working on a server side translation of telnet to
> websockets for receive only for now but I might as well just scratch
> that project completely as it wouldn't meet your overly high standard
> for end to end encryption.
>
> I'm also wondering how encryption is going to stop bad actors from
> logging in via SSH with a fake callsign and throw away password and
> injecting their bad data into the system.
>
>
> I'm going to conclude my thoughts for this thread with this is a very
> very stupid idea and is going to not fix what you think it will and will
> only kill what's left of the DX Cluster network. I think the path we
> started of getting everyone updated and getting the badwords and badips
> lists up to date is about all we're going to be able to realisticly do.
> If you want an extremely secure network, just eliminate all the users
> and you won't have a problem with bad data because there will be no data.
>
> --
> ----
> Matthew Chambers, CBRE
> Amateur Operator NR0Q
> Tulsa, OK - Tulsa ARC
>
> GridTracker Development Team Lead
>
> SBE Certified Broadcast Radio Engineer
>
> --
> The content of this email is confidential and intended for the
> recipient
> specified in message only. It is strictly forbidden to share
> any part of
> this message with any third party, without a written consent
>  of the
> sender. If you received this message by mistake, please reply to
>  this
> message and follow with its deletion, so that we can ensure such a
>  mistake
> does not occur in the future.
>
> Please do not print this email unless it is
> necessary. Every unprinted email helps the environment.
>
> _______________________________________________
> Dxspider-support mailing list
> Dxspider-support at tobit.co.uk
> https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.tobit.co.uk/pipermail/dxspider-support/attachments/20230226/977885b0/attachment.htm>

More information about the Dxspider-support mailing list