neihart@smu.UUCP (10/17/84)
Packet radio repeaters provide multiple 1200 baud virtual-channel data links between any two points within radio range simultaneously on a single frequency pair. If one end were connected to the Vax, the other end could be us with our 2-meter radios connected to our RS232C terminals by a packet assembler/disassembler. This would be preferable to the dial-up ports since 1) several users could use the remote radio link simultaneously, 2) our home telephones wouldn't be tied up while we're on-line, 3) the valuable Vax dial-ups wouldn't be used by us, 4) it wouldn't be as necessary to log off if we were going to be idle for a few minutes since we are consuming merely a virtual channel, and 5) we could be on-line anywhere in the city, such as our vehicles, as long as we're in range of the repeater. The drawback (if you can call it that) is one would have to have an amateur radio license, class Technician or above, to utilize this radio link. Does anyone know if it would be legal to use 2-meters or any ham band for this purpose? Ruling out business Vaxs, academic 4.2bsd Vaxs cannot be used for profitable purposes according to the Berkeley license agreement, so does this open the door for the above type of arrangement? Unfortunately, the telephone company has only business tariffs for their data links, so the opinion within Bell anyway is that any type of data communications traffic is business. I sure hope the FCC doesn't feel the same way! Please respond if you have any ideas or information. Carl Neihart Southern Methodist University Dallas, Texas
wn9nbt@ecn-ee.UUCP (10/19/84)
The problem that would create is that of security. Your password could be picked out and/or any other "secure" information could be obtained by any station in "watch all" mode. I had thought of a gunplexer link between Purdue ECN systems and my home, as they are quite directional and much less likely to be heard, but still far from secure. I had thought of a scheme that you would have a list of passwords, such that it would move to the next password in the list after each login, but that would be pretty kludgy, not to mention inefficient. If you attempted to use an encryption scheme that wouldn't be legal for amateur radio. Might be a neat idea for a public domain bull board though. ........Dave Chasey - wn9nbt
hardie@sask.UUCP (Peter Hardie) (10/20/84)
The password problem is a bit awkward but you should be able to circumvent it by having the machine transmit a 'challenge' sequence to you which you have to mangle in some specified way and send back. Since you are the only one who knows how to mangle the sequence correctly it should be secure. But this does not solve the problem of anyone being able to watch your entire session. I assume that anything related to work that is done using amateur frequencies would be illegal but how about doing an assignment? For that matter, would it be illegal to do ham-related work (e.g. compute predictions for oscar-10) on an amateur radio link into a machine for which you are paying commercial rates for cpu time etc.? pete ve5bel ihnp4!sask!hardie
karn@mouton.UUCP (10/20/84)
I too have been thinking a lot about using packet radio for high speed remote access to a Unix system. The problem of broadcasting your Unix password all over two meters is a real one, but there are ways the problem could be solved with public key cryptosystems. The current sentiment among the legal eagles is that such a scheme would NOT violate the prohibition against "codes and ciphers" in the amateur service because it is intended as a authentication scheme and not to hide information. There is ample precedent for authentication schemes, e.g., repeater autopatch and control codes. The regular traffic would still have to be transmitted in the clear, of course, and this would provide "spoofing" opportunities for a bad guy. It would only take one spurious packet of the form "rm -rf *" from some clown and even though the protocol might recover from the unsolicited acknowledgement, the higher-level damage would obviously be done. About the only thing that could prevent this would be a public key authentication scheme on each and every packet. Another clever (non-encryption) scheme for protecting radio communications links is in use by the military. It works on the fact that the atmosphere has widely varying attenuation with frequency, and in particular at frequencies near 60 GHz the atmosphere is virtually opaque due to oxygen absorption lines. Secure point-to-point radio systems use frequency-agile transmitters which operate as high up on this absorption curve as possible while still being received at the intended recipient. If an enemy tries to intercept the beam somewhere farther along, atmospheric noise and attenuation will make the signal useless. You're probably best off using a laser (infrared, so to not attract attention.) It has the additional advantage of not needing a license, and not being subject to the amateur rule restrictions against business use. Phil
neihart@smu.UUCP (10/21/84)
Of all the mail I've received on this idea, by far the most limiting aspect is the password broadcast. Perhaps a landline could be dedicated to receiving calls from people wishing to connect, and their password could be dialed from their pushbutton phone. Of course, this begins to limit the usuablitiy of the system. Disposable passwords or passwords which are a function of some variables known only by the user (such as time of day, number of times logged on, etc) is the only alternative.
mikey@trsvax.UUCP (10/23/84)
I don't think an encryption of your password would be illegal. As long as you ID'd yourself unencrypted anything else could be considered your "data" and as such wouldn't have to be in english. Besides, you don't want to have a password scheme on a radio system. You'd want a system that was interactive. The host would send a data stream to the terminal, the terminal would transform the data stream by an equation or algorithm that is unique to that terminal and known only to the terminal and the host, then transmit the modified data back to the host. The host would then check to see if it was the correct transformation. By using short data streams with complex algorithms the code would be virtually unbreakable. You could even have it "re-id" anytime the link is brought back from an idle state of say more than 2 minutes, and in any case, every few exchanges. I think the only legal issue is the business use. You could use it for "notes", personal mail, and "home"projects but that would be it. mikey at trsvax (KA5MJQ)