steve at dimse.com
Mon Jan 5 10:41:41 CST 2009
From an infosec standpoint, you shouldn't go anywhere near the APRS IS.
I can't say it often enough or loud enough, there is no security on
the transport backend. Repeat after me - "Anyone can send anything on
the APRS IS". You are locking the front door of a building without a
Imagine your bank's account database has no security. Anyone with a
high school hacker education can go to the bank web site and drain the
money out of your account. Would you really feel more secure if the
bank gave you one of those fancy one-time-password keychain dongles?
This involved two-stage authentication creates support headaches,
limits the usefulness of the system (I can't send you message if I
need to get ahold of you without prior approval), and creates extra
work for the legitimate users of the system, all without providing a
lick of security.
The best way to prevent abuse? Do not processes a message with more
than, say, 45 characters or that contains html (especially A links and
IMG tags). There is very little spam like that.
On Jan 5, 2009, at 11:10 AM, Ben Jackson wrote:
> On 1/5/2009, "Gregory A. Carter" <gcarter at openaprs.net> wrote:
>> If there is interest in this I'll whip something up and impliment
>> it, let me
>> know on or off list...
> Since you asked... You're pretty much right on the money. Coming
> from an
> infosec standpoint, I think there should be a two-stage authentication
> for incoming e-mail:
> * User specifies what e-mail addresses can send him mail.
> * Authorized users need to enter a "password" in the subject line for
> each message.
> This way this snuffs any kind of "accidental" leakage of spam-ish
> material onto the APRS network.
> aprssig mailing list
> aprssig at tapr.org
More information about the aprssig