[Dxspider-support] Secure node to node connection proposal

Mikel EA2CW ea2cw at gautxori.com
Sun Feb 26 13:00:07 GMT 2023 

Thank you Steve, 
Anyway, many years ago my grandmother already said to me:
"Don't feel offended by those who do, but by those who can"
More than a bunch of acronyms and titles after your name, you are defined by your words, and even more by your facts.
73, Mikel

En 26 feb 2023 13:53, en 13:53, Stephen Carroll via Dxspider-support <dxspider-support at tobit.co.uk> escribió:
>Matthew,
>
>While your opinion and comments are greatly appreciated, calling
>someone's
>proposal "...a very, very stupid idea..." isn't how we promote
>international goodwill. Enough said...
>
>73, Steve - AA4U
>
>
>On Sun, Feb 26, 2023, 6:27 AM Matthew Chambers via Dxspider-support <
>dxspider-support at tobit.co.uk> wrote:
>
>>
>>
>> >> Just because the OS supports SSH doesn't mean all software
>> >> environments can! For example for me to add SSH to a NodeJS based
>> >> desktop app, I'd have to pull in additional "node modules" or
>> >> libraries which add additional bloat to our software. This is
>likely
>> >> true of many programming environments. And I'm sure there are some
>> >> out there that have no option for SSH so their software will no
>> >> longer be able to participate.
>> > One of the basis in the proposal is that -at least at this point-
>> > everybody will be allowed to connect and show spots,anns,
>wwv,wcy,etc.
>>
>> You'd still be leaving a lot of users out to be able to contribute
>> spots, what would they be receiving if no one is sending anything
>> because everyone is receive only?
>>
>> >>
>> >> Encrypted tunnels between nodes seems reasonable but SSH for end
>> >> users is too far. I might as well shut off my node at that point
>as
>> >> would probably the vast majority of sysops. Yeah you'd have a very
>> >> secure network with no traffic!
>> > In case ssh tunnels should be a must for end users, I think that it
>> > must be transparent for them. I think that even now, few or no
>users
>> > use telnet windows to connect, but 3rd part software that can do it
>> > (only if they want to upload information, of course.) as they are
>> > already doing it with other platforms.
>>
>> My point is that to add SSH natively to the software it doesn't
>matter
>> one bit if windows or linux supports it. You'd have to add it
>natively
>> to the client program unless your proposing that we dump client
>support
>> in logging programs and force everyone to use the OS SSH client only.
>I
>> can't add it to the program I'm working on, even adding telnet was
>too
>> much so I had started working on a server side translation of telnet
>to
>> websockets for receive only for now but I might as well just scratch
>> that project completely as it wouldn't meet your overly high standard
>> for end to end encryption.
>>
>> I'm also wondering how encryption is going to stop bad actors from
>> logging in via SSH with a fake callsign and throw away password and
>> injecting their bad data into the system.
>>
>>
>> I'm going to conclude my thoughts for this thread with this is a very
>> very stupid idea and is going to not fix what you think it will and
>will
>> only kill what's left of the DX Cluster network. I think the path we
>> started of getting everyone updated and getting the badwords and
>badips
>> lists up to date is about all we're going to be able to realisticly
>do.
>> If you want an extremely secure network, just eliminate all the users
>> and you won't have a problem with bad data because there will be no
>data.
>>
>> --
>> ----
>> Matthew Chambers, CBRE
>> Amateur Operator NR0Q
>> Tulsa, OK - Tulsa ARC
>>
>> GridTracker Development Team Lead
>>
>> SBE Certified Broadcast Radio Engineer
>>
>> --
>> The content of this email is confidential and intended for the
>> recipient
>> specified in message only. It is strictly forbidden to share
>> any part of
>> this message with any third party, without a written consent
>>  of the
>> sender. If you received this message by mistake, please reply to
>>  this
>> message and follow with its deletion, so that we can ensure such a
>>  mistake
>> does not occur in the future.
>>
>> Please do not print this email unless it is
>> necessary. Every unprinted email helps the environment.
>>
>> _______________________________________________
>> Dxspider-support mailing list
>> Dxspider-support at tobit.co.uk
>> https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support
>>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Dxspider-support mailing list
>Dxspider-support at tobit.co.uk
>https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.tobit.co.uk/pipermail/dxspider-support/attachments/20230226/a7ee5694/attachment.htm>

More information about the Dxspider-support mailing list