A few opinions of my own (not necessarily ARRL's):
First of all, LoTW is not more strict than most well-engineered online
financial systems. The person who wrote that was mistaken.
Second, although I am certainly biased on this subject, I would not
characterize LoTW's security system as obsessive. In designing LoTW, ARRL
understood that amateur radio is a hobby. However, many holders of DXCC and
Honor Roll take the program very, very seriously. In some cases it has taken
20 years or more and hundreds or thousands in postage to attain the top
awards. For decades, DXCC has meticulously checked licenses and other
authentication documents for rare DX QSLs, adding significant time and cost
to the program. The Honor Roll listings continue to be sorted by deleted
countries because there would be a gigantic outcry if only current countries
were used (resulting in no "first place".) Past attempts to defraud DXCC
(e.g., Don Miller, Romeo, etc.) have resulted in cries for blood. It's not a
stretch to say that some hams care as much about the integrity of DXCC as
they care about money (well, almost... ;-)
So, it was very important to protect the integrity of DXCC and LoTW. Online
systems are different in that they permit a much broader level of fraud than
manual or paper-based systems. There is no question that among the million
or more hams in the world, some bad apples will try to cheat the system --
to gain an undeserved award, to embarrass the sponsor or simply out of sheer
malice. If the system can be compromised in such a way that the participants
lose confidence in its integrity, then the program will collapse.
It's certainly possible that someone will find a security hole in LoTW -- no
system is perfect. Hopefully, the design is strong enough that such a breach
will be quickly detected and corrected. You can bet that if this ever
happens, loud voices will ask why the security was not made stronger. The
answer will be that it could have been made even stronger, but there would
have been too large a price to pay in terms of usability. The present system
balances the ever-conflicting properties of security and convenience fairly
well. Hopefully, a one-time inconvenience for authentication will pay
dividends in decades of hassle-free QSLing and awards submission.
73, Dick WC1M
> -----Original Message-----
> From: Warren C. Stankiewicz [mailto:nf1j@earthlink.net]
> Sent: Friday, May 21, 2004 9:44 AM
> To: CQ-Contest@contesting.com
> Subject: [CQ-Contest] A Lack of Focus? (Was LotW - Needs More
> Participation)
>
>
> You know, someone brought up a good point about this that
> bears mentioning. They discussed how their financial
> institution delivered their account and password information.
>
> You can even argue that the ARRL's position is even stricter
> than that you'll find at your local bank or brokerage.
> Certainly, my bank and my brokerages do things much
> differently than LoTW does.
>
> Which brings up a question: Why? I can see when my money's
> involved. But we're talking about mere operating awards here.
> A certificate to put on the wall. Maybe a pin. If you're one
> of the "Deserving", someday a plaque. That's it, folks. And
> when we're gone, how long do you figure they'll stay up on
> the wall before they make the trip to the dust bin?
>
> This obsession with security by ARRL's LoTW program mirrors
> the obsession with the awards it supports by the users
> themselves. This used to be a hobby, and some say it's a
> "public service"; but some people seem to certainly have
> taken this beyond the looking glass.
>
> With malice towards none,
>
> Warren, NF1J/6
>
>
>
_______________________________________________
CQ-Contest mailing list
CQ-Contest@contesting.com
http://lists.contesting.com/mailman/listinfo/cq-contest
|