I object! -Danger on GPS

Something has you frustrated, let it all out, you can even abuse the Pi-Star team here too!
KM6HK
Posts: 13
Joined: Tue Jul 30, 2019 3:12 pm

I object! -Danger on GPS

Post by KM6HK »

I have the following objection:

The recent inclusion of the GPS link in the Gateway Activity / Callsign field is, in my estimation, very dangerous.
Consider the following:

1.) The world is a dangerous place with a lot of weird types that like to steal things that do not belong to them
2.) With two or three clicks anyone can access the exact geolocation of the Ham Operators Shack
3.) The front page of pi-star is accessible to anyone (not just Hams with the password can access it!) It is on the public internet served by the built in web server in pi-star.
4.) Here is the most important part of all this: It is outrageous but the author and the powers that control APRS will not remove data from their system, even at the request of the Ham. I have tried and was told that after "two years" the data will scroll off, but I do not believe that as my data has been there for much longer than that. Even though I do not use APRS, they are spreading my geolocation around the public internet despite my direct request to them to REMOVE it!

Many Hams have at one time or another logged onto the APRS system not realizing that their ham Shack location is, at that moment, placed in full view of the public internet, via the new dashboard console in Pi-Star, with no way to for them to remove it or control its use.

99.99% of all Hams are very honorable folks, and there is little to no danger to having your location information shared with other Hams. But I am not talking about Hams here. I am talking about the weird-o scum factor in the Black Hat Hacker world. It would be trivial to write a script that scrapes all the geolocation of all hams using the new DMR console at pi-star and circulate it on the underground for those that like to steal things.

We need a way to TOGGLE OFF the inclusion of the GPS data on the new pi-star console.

Ownership and control of private information is a critical issue in todays world.
User avatar
MW0MWZ
Site Admin
Posts: 1357
Joined: Wed Apr 04, 2018 9:15 pm
Location: Wales, UK
Contact:

Re: I object! -Danger on GPS

Post by MW0MWZ »

KM6HK wrote: Thu Feb 04, 2021 4:32 pm I have the following objection:

The recent inclusion of the GPS link in the Gateway Activity / Callsign field is, in my estimation, very dangerous.
Consider the following:

1.) The world is a dangerous place with a lot of weird types that like to steal things that do not belong to them
2.) With two or three clicks anyone can access the exact geolocation of the Ham Operators Shack
3.) The front page of pi-star is accessible to anyone (not just Hams with the password can access it!) It is on the public internet served by the built in web server in pi-star.
4.) Here is the most important part of all this: It is outrageous but the author and the powers that control APRS will not remove data from their system, even at the request of the Ham. I have tried and was told that after "two years" the data will scroll off, but I do not believe that as my data has been there for much longer than that. Even though I do not use APRS, they are spreading my geolocation around the public internet despite my direct request to them to REMOVE it!

Many Hams have at one time or another logged onto the APRS system not realizing that their ham Shack location is, at that moment, placed in full view of the public internet, via the new dashboard console in Pi-Star, with no way to for them to remove it or control its use.

99.99% of all Hams are very honorable folks, and there is little to no danger to having your location information shared with other Hams. But I am not talking about Hams here. I am talking about the weird-o scum factor in the Black Hat Hacker world. It would be trivial to write a script that scrapes all the geolocation of all hams using the new DMR console at pi-star and circulate it on the underground for those that like to steal things.

We need a way to TOGGLE OFF the inclusion of the GPS data on the new pi-star console.

Ownership and control of private information is a critical issue in todays world.
This is crazy honestly... but whatever I'll bite.

1. you do NOT have to transmit your GPS data, you can set the fields in the dashboard to 0 and turn off the GPS on your radio, I don't force you to transmit your position information in *any* way.

2. you are not forced to use Pi-Star, feel free to use anything else.

3. The front page provides a link, to already publicly accessible information, it is not owned by, or hosted by Pi-Star, if you wish aprs.fi to remove your information, please take it up with them - again Pi-Star does NOT provide your location on the dashboard, it provides a link only.

So just to iterate, the Pi-Star dashboard only knows what YOU tell it, if YOU want to use a USB GPS dongle, YOU have to enable that, if YOU set your location to zeros, that is what will be sent - the system cannot send anything that you didn't tell it.

YOU can choose to turn GPS on or off on your radios, if you keep it off, no position information can be sent.

As a ham operator, you are expected to share your information, its a licence requirement, I can see on your FCC information that you elected to use a PO box, so probably you also choose not to give your location - I understand that the FCC has slightly different rules to other locations;

Please do not accuse Pi-Star of sharing your information inappropriately, it is up to you what you share and always has been.
Andy

73 de MW0MWZ
http://pistar.uk
User avatar
G8SEZ
Posts: 437
Joined: Fri Apr 13, 2018 8:26 pm

Re: I object! -Danger on GPS

Post by G8SEZ »

Have to say that US amateurs are required to allow their data to be available in terms of licensing and address, so it comes with the territory.

As Andy says, you can easily turn this off if you need to.
--

Brian G8SEZ
W1MSG
Pi-Star Team
Posts: 29
Joined: Wed Apr 04, 2018 10:20 pm

Re: I object! -Danger on GPS

Post by W1MSG »

You may want to do a search of your name on the internet. Then for a small fee you will find that there is a large amount of your personal data available for the taking . Not to mention how easy it is to get data from a license plate. :lol:
K2GC
Pi-Star Team
Posts: 7
Joined: Wed Apr 04, 2018 9:58 pm

Re: I object! -Danger on GPS

Post by K2GC »

KM6HK wrote: Thu Feb 04, 2021 4:32 pm
3.) The front page of pi-star is accessible to anyone (not just Hams with the password can access it!) It is on the public internet served by the built in web server in pi-star.
Umm.... it should NOT be on the public internet. If you are on your private network, it should be behind your firewall, and not available to the public.

If YOURS is on the public internet, that is all on you!
Mike
K2GC

Hotspots
Zumspot Pi-0 ■ DV-Mega Pi-3

Radios
D-star -> ID-5100 ■ ID-51+ ■ IC7100
DMR -> GD-77 ■ GD-55+ ■ RD-5R ■ CS-800D
Fusion -> FT-70dr
Other -> TK-790 ■ TK-890 ■ TK-6110 ■ XTL-2500 ■ FT-450 ■ TS-480SAT ■ Flex 5000
KM6HK
Posts: 13
Joined: Tue Jul 30, 2019 3:12 pm

Re: I object! -Danger on GPS

Post by KM6HK »

Well, I see I have touched a nerve.

OK all you fan boys can relax. I am going away. This is my last post on this topic. I want to thank you for bringing me a little humor today. amusing is watching people chant misstatements of fact, just so they can remain firm members of the gang. :lol:

One at a time:
K2GC: thousands of Pi-Star users have public facing (not password required) internet servers. It is built into Pi-Star as distributed.
W1MSG: let me see if I grasp your logic: If It's a common practice then it is OK?
G8SEZ: You are factually wrong about the FCC rules regard this. They honor licensees request to hold the information private.
MW0MWZ: The core issue here that you refuse to ack is that once APRS has your geolocation (even if years old) it refuses to remove, or stop publicly disseminating it, on demand of the owner. That information becomes public via the new Pi-Star dashboard. That is the core issue. -I want to point out that this issue is very soon going to be solved for you and them by the US Congress. It will soon be illegal in the USA to run a public facing server that reuses to obey a lawful written request to remove private information. Additionally, "terms of service" contacts that are known in legal parlance as "adhesion contracts". They are not now, nor have they ever been, legal or enforceable.

:roll:
User avatar
MW0MWZ
Site Admin
Posts: 1357
Joined: Wed Apr 04, 2018 9:15 pm
Location: Wales, UK
Contact:

Re: I object! -Danger on GPS

Post by MW0MWZ »

KM6HK wrote: Thu Feb 04, 2021 7:21 pm MW0MWZ: The core issue here that you refuse to ack is that once APRS has your geolocation (even if years old) it refuses to remove, or stop publicly disseminating it, on demand of the owner. That information becomes public via the new Pi-Star dashboard. That is the core issue. -I want to point out that this issue is very soon going to be solved for you and them by the US Congress. It will soon be illegal in the USA to run a public facing server that reuses to obey a lawful written request to remove private information. Additionally, "terms of service" contacts that are known in legal parlance as "adhesion contracts". They are not now, nor have they ever been, legal or enforceable.
That information is in the public domain, regardless of the Pi-Star dashboard showing a link to it or not, the Pi-Star dashboard does not contain the information, it links to it only.

EDIT: I was a little quick with the post trigger there.. I absolutely believe that you have a case that aprs.fi need to answer if you have requested to have your data forgotten, please don't doubt that for a moment.
Andy

73 de MW0MWZ
http://pistar.uk
KG6RUT
Posts: 75
Joined: Thu Dec 24, 2020 7:28 pm

Re: I object! -Danger on GPS

Post by KG6RUT »

So I couldnt find the ability to hide your address of record on FCC. its an address and the best you can do is what you have a PO Box. and considering you live in a pretty small place, everyone in town probably knows you :) :)
User avatar
G8SEZ
Posts: 437
Joined: Fri Apr 13, 2018 8:26 pm

Re: I object! -Danger on GPS

Post by G8SEZ »

KM6HK wrote: Thu Feb 04, 2021 7:21 pm G8SEZ: You are factually wrong about the FCC rules regard this. They honor licensees request to hold the information private.
Didn't know that, we can do it here with Ofcom but I wasn't aware that the FCC allowed it too, so my point is withdrawn.
--

Brian G8SEZ
WA8YXM
Posts: 10
Joined: Mon Jun 03, 2019 7:53 pm

Re: I object! -Danger on GPS

Post by WA8YXM »

Though I do understand the dangers. I also understand the advantages.
But currently the Hotspot is feeding 0:0 to APRS Even though it knows where it is at in my case
it appears the only way to get it off 0:0 is to hook a GPS to it. That's worse than OFF in my opinion

Now as for relaying the radio's GPS (Which is what it did before the last updates) that I can turn on and off in the radio if i choose (Well 2 out of 3 of them #3 GPS Tracking also requires an external dongle and I don't have one hooked up)

As for the (GPS) link it's mislabeled should be (ARPS) because it takes you, in my case, to ARPS.FI/WA8YXM and then you got to guess which Icon is where I am.. Good luck with that (Blue Handset works best).
Post Reply