[Quenty]

Ham radio’s community is open. Part of the joy is being able to communicate with anyone on a Ham radio. Encrypting Ham radio doesn’t make any sense.

While I agree with your overall sentiment of privacy, I think Ham radio shouldn’t be encrypted.

When we talk about national security and Ham radio “secure” communication is not what we mean as a risk factor.

[godelski]

I disagree. Lack of encryption, imo, is going to kill HAM.

People now aren't enticed by being able to talk to anyone anywhere. There are substantially easier and cheaper methods to do this with the internet and will connect you to more groups with more relevant interests.

As a guy in his late 20's I don't really care much to talk to people on ham. But what got me in was a satellite project during my undergrad (everyone my age or under that I know with a licence has it for similar reasons). Being able to control systems is enticing though. I can't do that with the internet. But playing with iot devices, controlling robots, etc, THAT IS COOL! You aren't going to be about to do this with the internet and you can't get the range (I've never done this, but it is interesting, I just don't have time since I'm in grad school). There's also plenty of ideas I'd like to try that would require encryption (like making a server accessible over HAM frequencies).

I talk to older HAMs and they are confused why the younger generation isn't interested. Well frankly times have changed. Hackers/Makers still exist (this site is proof!), we just aren't enticed just by being able to speak to others around the world. We've been doing that trivially since a young age.

So I think it's silly to say that we don't need encryption. Without users HAM bands will go away. So let's start asking why the younger generation don't want to get in instead of saying "business as usual" when it is clear the business is dying (and dying fast).

Edit: I also disagree with the premise that encrypted == closed. We access tons of https websites and we don't consider those closed.

[vitaflo]

> Without users HAM bands will go away. So let's start asking why the younger generation don't want to get in instead of saying "business as usual" when it is clear the business is dying (and dying fast).

This is simply not true. There are more hams now than there ever has been, and it's growing every year. [1]

[1]http://www.arrl.org/news/us-amateur-radio-numbers-reach-an-a...

[vvanders]

You can control things over ham radio, authentication is allowed and I've built AX.25 systems that used libsodium for the auth side of things.

Not an old ham and very much like hacking on digital things, I don't think the lack of encryption is hampering anything.

[KirinDave]

You don't need encryption to make a secure amateur device control system, you need MACs. Those are fine, so it seems to me like you don't actually have a problem.

[jdietrich]

>But playing with iot devices, controlling robots, etc, THAT IS COOL!

That's what the ISM bands are for.

[kawfey]

With encryption you cannot validate that a transmission is truly an amateur transmission, or one from a commercial, government, or military entity. If anything, proliferation of encryption would kill it.

Leave encryption to the ISM bands, where it belongs.

[420codebro]

You are ignoring the bandwidth differential of RF v Fiber-based transmission systems. We don't care if some random unknown crypto session happens on the internet - there is near infinite bandwidth - and someone is paying a bill (on both ends).

With amateur RF it is different - it is a shared, finite resource (in a given area/radius).

Not allowing enciphered communications is a fairly easy way to be able to audit what is taking up the spectrum. If it all goes enciphered, you have no idea what is occurring, for what purposes.

[godelski]

There's definitely not infinite bandwidth. If there was then we wouldn't have dos attacks. Can we not treat radio in the same way? I mean if we can knock on someone's door that left their mic on why can't we knock on someone's door that is abusing bandwidth? I'm not sure what message content has to do with this abuse. It seems original to me.

[vvanders]

It's many, many, many orders of magnitude difference.

I haven't done the math but my hunch is you could fit the entire ham allocation from VHF down in a single 10mbit pipe. VHF is usually 1200bps per channel and gets slower as you get lower in bandwidth.

[godelski]

Okay but you're still ignoring the main question "how does encryption require more bandwidth?"

[msla]

Security is an essential social norm, because it reinforces the notion that, no, eavesdropping is not good, it is not acceptable, and we will not stand for it, regardless of the medium.

[geofft]

And yet we're all talking on this community over encrypted connections.

[VLM]

The internet bucket is too big, you got free for all http or secure (ish) https providing authentication, authorization, accounting, and encrypted data transfer.

I'd argue that HN doesn't require encrypted data transfer at all, and encrypted data transfer is illegal on ham radio freqs anyway. The other three AAA words are what HN requires as a multi user BBS like service, and are legal under ham radio rules, or at most only need to be bent slightly into being legal.

I was motivated enough to look up the Apache webserver docs to force a https ciper; apparently "SSLCipherSuite" lets you force a specific openSSL cipher name; then I checked openSSL docs and for better or worse "cleartext" is not an allowable cipher for openSSL. Via some code changes in browser and server you could technically implement something like HTTPS that would work legally over ham radio.

Although this is a slight simplification, conceptually there's nothing wrong with the idea of accessing HN while using a cipher of cleartext. I really want to know that I'm not getting MITM'd when I read and post, and I want that CA proof that I'm talking to the genuine CA approved HN server. I really don't care if the general public can read the contents of this post so cleartext would be fine. Logging in by typing my password would be an obvious corner case to handle.

[geofft]

Yeah, recent versions of TLS don't specify a "null" cipher any more.

One of the reasons I think we should allow encryption over ham links is that you can't run normal internet protocols - you have to do significant code changes/hacking to make things work. The internet community has decided (for reasons of national security, even!) that it's just not worth having the option.

[msla]

> I'd argue that HN doesn't require encrypted data transfer at all

It's still a good default, because it sets up a social expectation of privacy, which is very important in this era of data mining.

[KirinDave]

Unencrypted communication to a website with identity would require some radical restructuring and very smart clients to generate and check the MAC codes. Pretty sure everyone everywhere would hate that.

[tuxxy]

> I'd argue that HN doesn't require encrypted data transfer at all

I guess you're okay with sending your passwords in plain, then.

[TeMPOraL]

With that one obvious little caveat. But that's an authentication issue, and does not require all other HN communication (posts, comments) to be encrypted.

[tuxxy]

But you're widely ignoring all the privacy issues that come with cleartext traffic. Why would you give up this clear win for consumers and users and relegate them to easily trackable, non privacy-preserving techniques?

Do you not see that you're literally arguing against privacy here? Why should amateur radio not get the same benefits? All I hear are arguments in defense of regulation and Kafkaesque government bureaucracy.

[TeMPOraL]

clears eyes. What?

HN is a public board, viewable without logging in. There is no expectation of privacy in communications here.

[wil421]

Do you broadcast your HAM radio password unencrypted before you login to HAM? Do you broadcast your bank account information and SSN over HAM? No you don’t on HAM, but if you use HTTP you do.

[vvanders]

No, because you don't do any commercial transmissions on ham radio. If you want to do that grab some Ubitqui gear or other Part 15 device and go crazy.

Also you do transmit callsigns which anyone can look up and find out who you are + where you live. There's no expectation of privacy and never has been on the bands.

[kawfey]

This is a pet peeve of mine, but it's ham radio, not HAM. https://en.wikipedia.org/wiki/Etymology_of_ham_radio