[Dxspider-support] Here we are again (huge flooding)

[Mikel EA2CW]

Dear Michael,

First of all, thank you for your master class about IT security. Perhaps 
there is someone in the list who don't have any bank account, email, 
credit cards or so. But more than talking about the most modern ways of 
securing the transmission of information,I think we might focus our 
"real" problem.

With all my respect,while reading your post I started to laught. When we 
are in a situation like ours, where:

Several sysops are against identifying their partners with a simple 
password,

Several sysops are against identifying their clients before being able 
to put information into the cluster net,

Some of the cluster server softwares said they will never implement 
passwords,

and cluster telnet clients developers (webapps or dx/contesting 
software) are reluctant to implement passwords,

Did you say that the solution would be the implementation of password, 
(not enough, of course) a 2FA mechanism, and a drop of blood from all 
members of the network before being able to come into a ChatGPT 
generated python server software???


     Are you serious???

Being sure that our biggest problem is not the dxspider software, but 
some people's (say sysops, developers and users) attitude, in case you 
include a system to prevent repeated spots from a single DX station on a 
small period of time, how will you prevent that fake spots of random dx 
callsigns can be sent and -again- fill all the net with garbage? There 
are several kinds of attacks which are not related to this.

Item more, that measure which you proposed... is already implemented on 
dxspider!!!


Please, we can try to include NSA level measures, but let's focus on 
reality and start taking the most simple actions (KISS). Then, we can 
walk towards a perfect security panorama.


Sorry and 73 de Mikel EA2CW | AE2CW

-- 
73 de Mikel Berrocal EA2CW-AE2CW
Bilbao, Basque Country
ea2cw at gautxori.com
https://www.ea2cw.eus