In article , rickman wrote:
On 4/22/2016 2:47 PM, N6PSE via rec.radio.amateur.moderated Admin wrote:

Today, my own call sign is being abused on DX Summit as it is being
spoofed to initiate fake P5 DX spots. I call upon the owners/operators
of DX Summit to fix your cluster to prevent this abuse!

Is there really technology to prevent this? Normally it requires
substantial cryptography or validation through some key info that can be
verified.

I don't use clusters much, but I was playing around on a few the other
day to find NPOTA stations, and all I had to do when I connected was enter
a callsign. I used my own calsign, of course, but none of the systems I
used (all of them using one of three telnet-accessible software platforms)
required me to verify that I was the true owner of that callsign. And how
could they, unless, as you say, they go through some sort of validation
process? (For example, like the one ARRL uses for LOTW.) And given the
distributed nature of the clusters, what governing body would implement
the authentication system?

The best I can think of in Paul's case is for the cluster website to
identify the IP address of the spoofer and block them--or at least,
block them from using Paul's callsign.


Patty N6BIS