Cluster abuse…..

Posted: April 22, 2016 in Uncategorized

p5_spots

Photo by MM0NDX

Today’s topic is about call sign abuse on DX clusters.

DX Summit was recently overhauled and much improved. Unfortunately it is still a rather simple process to “spoof” or fake a submitter’s call sign. While there is technology to prevent this, the owners of DX Summit have not implemented it. When DX Summit was overhauled, it allowed two factor authentication but apparently this feature is no longer supported as it has been removed. This makes DX Summit a “mosh pit” of filth and abuse just like the many other clusters.

Today, my own call sign is being abused on DX Summit as it is being spoofed to initiate fake P5 DX spots. I call upon the owners/operators of DX Summit to fix your cluster to prevent this abuse!

What do you think?

Advertisements
Comments
  1. Rick WA6NHC says:

    Saw the spots and was happy for you, I know you’ve been working on this project. The first question is obviously, is it true or is a all spam? If true, no 160? 😀

    If false, it is left to you to clean up the mess, which is appalling.

    The day is coming that a true login for cluster posting will happen. Sad, yes, but that is the direction our society leads us.

    73,
    Rick

  2. Russ Guidry Sr. K5OA says:

    There must be a true log in system as this is very poor use of the great tool. We know Paul and his team would not be using this tool like this as well.
    73, Russ K5OA

    • n6pse says:

      When DX Summit was overhauled last year, it initially required two factor authentication but that has since been removed, making it prone to abuse as what happened today.

  3. Jerry Lewine says:

    This is just another example of DQRM, likely done by the same sickies. At least this abuse of DXSummit can be minimized by proper filtering.

  4. Gary says:

    Absolutely Paul.. I knew it wasn’t you, but some moron KA5 called for us to mailbomb ur email address. Always been a sore topic with me, at least they could have 1-2 layers of security. A lot “moan & groan” about having to jump thru the hoops to make a account on LOTW.. wonder if these same folks would like their online banking as loose as this was?? 73 Gary K7ZD

  5. Gary says:

    What makes you say DX Summit is the problem? Very few cluster nodes have any meaningful user authentication, so it is trivial to inject fake/abusive spots into the DXcluster network through almost any node. DX Summit is just a Web window onto the DXcluster traffic.

    • n6pse says:

      DX Summit is part of the problem. It used to require two factor authentication and no longer does. It also takes feeds from other clusters which are “open” and subject to abuse. DX Summit should bring back the username/password requirement. It would be much more reliable and valid to me.

  6. I certainly agree, We need a aystem where one have to register and prove your identity so that we can have real spots, and not all those stupid comments on the cluster as it is today. Why is this so difficult? Here in LA we have a skype chat which is very useful, only registered members, and we hand out spots and encourage each other in hunting DX.

  7. Mike KJ4Z says:

    The current state of the clusters reminds me of SMTP back in the late 90s. Everyone everywhere just asserts their identity with no proof, and the result is spam. Fixing DX Summit won’t solve the problem, because almost no clusters that I know of validate their users, and a weak link anywhere ruins the whole chain. The only solution I can think of is a new spotting network that validates the cluster nodes, and expects each node to validate its users. Bad nodes can get kicked out if they don’t kick out bad users. But that sure does seem like a lot of work for a hobby.

    • n6pse says:

      Mike, that is a good analogy. Today’s clusters are the “wild west” and some controls need to be put in place. DX Summit had them but seems to have removed them recently.

  8. Col MM0NDX says:

    What do I think? I think you should credit me for providing you the screenshot 🙂

    73 Col MM0NDX

  9. Jarmo says:

    As a sysop, I can tell, that putting up dx-cluster is easiest part. Many of those individual clusters have all ports open and they put messages running addresses where to connect, no registering.. My case, I have not required registering, because of trusting peoples goodness. In normal cases, we can track abusers IP-number and original call also, but case of OH8X, we do not get that info, only sysop of OH8X can track that. I really wait, that DIRK, author of DX-SPIDER change new versions so, that registration is must. Naturally it makes more job for sysops, but we have to do, if we keeping up such a system.

  10. Welcome to Godless internet! I had my callsign abused on the air for causing DX-ped QRM.

    73 de Mario, S56A, N1YU

  11. Art - N4PJ says:

    I agree wholeheartedly that some sort of decent security can and should be instituted. As another above suggested – if there are nodes who refuse to “fall in line” then refuse to “echo” their information. In today’s day and age where we have many, many amateurs who pride themselves on the advancement of technology and there’s essentially no sign in??? Shameful and ridiculous.

    It is sometimes really difficult to listen to the garbage on a DX frequency. But no matter how frustrating it is, I resist the urge to yell “split, split” or send “up, up, idiot,” or equivalent. As we all seem to know, the cops quickly become as bad (or worse) as the offenders.

    But I refuse to believe that more secure sign-ons are so difficult that they aren’t worth pursuing.

    Personally speaking, I’m on the CW honor roll and only need four (4) to have everything. So there’s a lot less “junk” that affects me. But what about the thousands of others who are still far, far away from the honor roll and have to put up with tons of “junk” on a somewhat regular basis?

  12. YU4DX says:

    @Jarmo

    Forget individual clusters for now..The most one in use is DX SUMMIT as is known.. I’ve spoken about this many times with you, also with Toni.. I can say I do not give a FK about what some sitting-in a chair idiotic mind is putting upon DX SUMMIT.. On the other side, I asked you guys for the IP address of someN0CALLs DX0DXs etc etc in some cases but you would not reveal it under the note that you are protecting “your users”.. Which users//These kind of internet throlls.. So, Toni Linden, Jarmo or may be Marti OH2BH get uself upthere and make some sense in proper use of DX SUMMIT.. TNX es 73 GL!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s