11. December 2024
The latest:

European Ham radio portal

Antennas, radio stations and amateur broadcasting and reception

European Hamradio portal
Ham information 

OM CallBook and Security

admin 0 Comments

Most of us remember the times, when a person's personal information was something, to which no importance was attached (if we forget the year of their birth for women). It was possible to reach them at any time, all now so overly classified data, such as. date of birth, identification number, marital status, exact address and what I know, what else, they hung before the election on the bulletin boards of the apartment buildings, authorities, schools… But it was strict, under threat of a heavy fine, it is forbidden, for example, to take pictures of wagons at the railway station!Times have changed and now we are often unhappy about it, when somehow our phone number ends up in some publicly accessible place. Or try going to a block of flats - how many apartment doors have name tags? I'm thinking, will we not come to that in time?, that we will not even be willing to put our name on mailboxes, because…

And here let's think for a moment, Why. Except for the feeling, that we are citizens of the European Union and therefore rightly important to ourselves, perhaps the bad experiences of others also play a role in this, described in print, on the Internet, broadcast in Kriminovy.

So what are the risks??

Identification number. Some risks associated with our personal data can be really high. If you mindlessly publish your social security number, sooner or later a cheater will be found, which can in some way misuse your social security number. Perhaps by producing a fake document, by ordering goods, of, who are familiar with this method of fraud, they certainly have many options. It amazes all the more, that there are naive individuals, who, without blinking an eye, register on various fraudulent websites and fill in all their personal information there with childlike credulity. Of course, then it affects the surrounding world, when TV JOJ in Kriminovy ​​broadcasts horrors in connection with, for example, 60-euro websites.

E-mail adress. This is also part of our personal data. Its abuse no longer has such devastating consequences, they are rather unpleasant. But when we look for one on the Internet, possibly a "cured" program, in the frenzy of hope to obtain it, we headlessly write our email address, for which they promise to send us "penicillin". And then we are not surprised by the amount of spam in our inbox.
In this context, I will mention one huge sin, which radio amateurs (and not only them) they commit daily. This is mainly done by Internet beginners, but it is also common with old net fighters. They will receive an email, whose content is indeed serious, or some "fun". There are maybe thirty email addresses in the email header, to which, besides us, the sender sent it. We will not be embarrassed and will send it to another thirty friends, while all thirty email addresses, to which we send it, put in the "Recipient" line. So each of them gets an email, in which he will see already 60 email addresses. And this is how it spreads and spreads. And at the end, maybe at only one of those 2000 recipients, a simple script will be waiting on your computer, which nicely extracts all email addresses from the body of the message and sends them to the author of the script. He then sells them to companies by the tens of thousands, dealing with the distribution of unsolicited advertising - spam.
And at the same time, so little is enough - if we receive an email, which we also want to send to our friends, all email addresses in the body of the message must be deleted after clicking on "Send forward"., enter yourself and all thirty addresses in the recipient of the message, to which we want to forward the email, enter in the "Bcc" line (also referred to as BCC). And the problem is over (if it's not too late).

Telephone number – also sensitive data, but sometimes we cannot do without its publication. There is a risk here, that they will call us companies and companies and force us to buy the best quality goods, as we can imagine for the prices, which are promotional only and only for us, the lucky ones, whom they addressed. When I asked the lady who called, where did he get my number from?, usually answers, that "the machine generated it for us". But how did the machine also assign my name to that number, she didn't know that anymore. After a while, the summoning started to annoy me, so I always politely announced to the lady at the beginning of the conversation, that I am not interested in anything and that I do not participate in any surveys. Calls (approx 2-3 monthly) but they didn't stop, so i tried one technique, which is perhaps not entirely fair on my part, the turn signals were dropped 99% she helped. When the caller introduces herself and is from this group of bullies, I will ask them, to wait on the phone for a while, that I still have to arrange something. I put the phone aside and let them wait. Po 10 minutes they usually hang up by themselves and don't call again. And surprisingly, the number of these "unsolicited" calls has significantly decreased, until I suspect, that these companies exchange databases of numbers and experiences with "customers"..

So much for the most likely risks. Of course, it is also possible in another way. We will close ourselves at home, we will pay for the non-disclosure of the telephone number, activate CLIR on mobile, tear off all the name tags - and we'll be safe. We will not place any advertisement, we will not send any email, we will not join any community, we will not communicate with anyone. It can be done anyway…

So what are the dangers of publishing your data in OM CallBook?
I'll say it directly: almost all of the above (of course, except for the social security number). A potential "criminal" can choose victims one by one and send them SPAM or manually list all the phone numbers and sell them to an annoying company. But it has one major drawback: it is amazingly hardworking, so the effect would be zero, rather negative. And you can trust me, I know, what does such rewriting entail. If such a rascal really wanted to collect names, addresses and numbers, it would be much easier, e.g. in some advertising magazine, where, among other things, the financial possibilities of the advertiser as a potential victim can be observed from the text of the ad.

When the callbook was launched, I also published an Excel version on the website. I dropped it precisely because of the possibility of mass collection and sale of data. Assumption, that the data will be collected one by one "manually" is really minimal.

Security of OM CallBook

The security of OM CallBook can basically be divided into two areas:
1. technical, that is, data integrity and availability
2. content, that is, the confidentiality of stored data

Data integrity and availability
All OMCB data is stored on WebSupport's servers. I have had my data with this company since. 2004 and except for one outage of about 2 days I have not experienced any problems. The company thoroughly and regularly backs up not only database areas, but also web and mail servers. Site availability was not lower than 99,6%, which is excellent data.
The MySQL callbook database itself on the server is secondary. It also works with FC-20, that I have the main database on my PC (backed up to 4 other media, it is backed up automatically, so I can't forget) and after any change in the tables, I simply export it to the web server. Thus, even in the case of an attack on the database, basically nothing special will happen. Moreover, it is directly on the servers of WebSupport last 14 database versions. The scripts themselves are also backed up.
To ensure the lowest possible risk of attack, I used several protective procedures, which are aimed as protection for Internet robots, so before "manual" attacks. Of course, no protection is perfect, there is always a fighter, which finds something untreated and can convert the attack. Hence the excessive backup. I'm counting on it too, that the callbook does not belong to the destination group, which attackers would target, we are uninteresting to them.

Confidentiality of stored data
As I mentioned above, I stopped publishing the callbook in the form of an Excel file, or publishing the entire callbook table on one page. Data published in this form is very easy to import anywhere and has a significantly higher value for an attacker.
Stealing a database is a bit more difficult, and even if it's not such a problem for an experienced fighter, Take a look at the DK7ZB website and find the length around it, that due to the low commercial value of the stored data, only a depraved malefactor would be interested in it. Several methods are used here as well, which should prevent database destruction, but – nothing is impossible. So I can't say that the callbook is safe on 100% , but no administrator can say that about his database.

Conclusion

What to advise at the end - is OM CallBook safe? To register or not to register in OM CallBook?

I advise YES, to register. Data, which are necessary for registration, they are so general, that if someone really wanted to do us harm, it has significantly more other options. (you remember that CD, where the names were published, titles, addresses, OP numbers, I also suspect social security numbers and especially phone numbers? This CD leaked from who knows where, all the phones and their T-Mobile and Orange owners were there…). In short, if someone wants to harm someone, it does not need a callbook.

Finally, if you want to be registered and not tell anyone anything about yourself, just enter the name, surname, radio amateur class and community. Nothing more. However, you will not receive a forwarding email address, which in itself represents a certain protective element by, that the real email address is not published, but you will also be registered in OMCB and you will not say anything about yourself. Although your address, telephone number, e-mail address etc. is owned by a bunch of advertising companies, your friends will not be able to call or email you… And if you "reveal" your number or email address to them, you will never have a warranty again, that they will not give this data to anyone else.

I remember my radio amateur beginnings in. 1972, when I first heard about something like that, such as callbook. And I remember that too, that the then licensed radio amateurs considered it a matter of honor to be listed in the call book.

But times are indeed changing.

0 0 voices
Article evaluation

You could take another look

Icom IC-7000 TCVR

m expedition - April

admin 0
ACOM 1000 koncový stupeň

10 HAM Spirit points

admin 0
Rádioamatérska stanica s mikrofónom

Congratulations on the first birthday of CQ.sk

admin 0
Set up
Set alerts
guest
0 Comments
The oldest
The latest Most rated
Feedback inserted
View all comments
0
We will be happy for your comments, Please, comment!x