The last CEC manual I could find is for v 1.072 and you're right it says for BFO to save by pressing PTT but that doesn't work.? ?I have the 5" Nextion display and can find only 1 CEC version that supports it.? Also doesnt help with calibrate as the manual says push in the VFO knob.?

Pretty sure you need to key the mic to save, but maybe it depends on the firmware you're running.

Bill

cool stuff - I get sometimes we need to turn off the high tech rigs like the ubitx - and go pioneering.? back in those days each transistor might be dreadfully expensive - not to mention the coils and variable capacitor.?

reminds me a few years ago saw my venerable HR20 receiver sitting there, not a mating transmitter in sight.? so inspired by N5IB I integrated a IRF510 with a tuna tin line-up, and applied some xtals collecting dust.? I called it the odd couple - tube Rx with a solid state Tx.?

my nearly stock ubitx purrs along - just a board to clean up its low band CW spurs and a VK3YE inspired AGC - it rocks without rocks.? enjoy your silicon induced radiations.

Curt

开云体育

Not bad at all! What kind of audio amp did you use? We were at a farm yesterday and I carried a KX3 with a longnwire. It was hopeless. I couldn't get the vswr below 4 and the band was dead. No contact made.

- f

On Sun 7 Jul, 2019, 9:49 PM Bill Meara via Groups.Io, <n2cqr=[email protected]> wrote:

Thanks to all for the security notes. Your collective commentary is thoughtful and on target.

My general environment is kept up to-date with Security/OS stuff. ?And the remote accessed AtomicPi is dedicated for uBITX only operation.?

It seems a bit intimidating if you’ve never implemented any of the organic remote access and port management tools in Linux/Ubuntu. And there is the real concern that doing so could introduce unknown vulnerabilities (in the hands of a newbie like me), ?So there is a trade in the security space.?

Nevertheless, I now have a much better understanding of the security concerns from managed solutions.?

Thank you all all again very very much.?

P.S. I tell my wife (all the time) that the folks I meet in the amateur radio ecosystem are wicked smart. With one exception. Hahha.

Thanks again. ??

Don
km4udx

What! a KX3 and not the uBITX!

Just Kidding.
Dave
k0mbt

I'm in theory I'm a fan of managed solutions that only involve outgoing connections to a reflector server. That way the average user does not have to get involved with opening ports through their router/firewall. I also recommend that people put there computers behind a NAT firewall. Almost everyone using a WiFi router is doing that.

Another approach is to run your remote controlled radios or whatever through a battle tested VPN server, like OpenVPN. That provides a whole extra layer of authentication through certificates, (and even two factor authentication) by a well known and proven VPN system. Clients are available for Windows, Mac and Linux. You can run the server as a preconfigured Raspberry Pi distribution to lessen the chance of incorrectly building the VPN server. ?

The problem with managed solutions is on so many occasions, we find out the companies providing these have failed security 101 with the most glaring errors at the most fundamental levels. We have seen this with cloud file backup companies and with secure network services with communication/email/social apps. And even cloud server performance and security management/monitoring applications. Things like passwords stored in the clear in a database. Non-salted passwords. Inadequate log-in credentials checking and session management on APIs, like being able to feed guesses on record ID's or user ID's right into an API connected to the internet and have the request go through unchallenged and actually retrieve data based on the guesses of what may be a valid record. No request throttling. Or just try enough to get lucky on some percentage of hits that return records. Not to mention the older hacks of stealing cookies and such.?

But we can't be frozen in fear afraid to build anything because of the unseen forces of hackers. For the most part they are using scripts to automate their search for the easiest to exploit weaknesses. That includes things like your perviously mentioned WiFi router (or security cameras if not installed inside your NAT firewall) having an unfixed known exploit or even worse one of the 100 or so default passwords the hacker scrips check for, left there courtesy of the manufacture.?

In most cases if your router is hacked, they are still not so interested in your internet activity (most is through SSL nowadays and they can't read it) as having an army of bots to send spam or do denial of service attacks on bigger more interesting targets. If they think you are worth the trouble, they may launch an attack on your home computers from your compromised WiFi router, if it provides enough resources for that to be done.

If you run servers on the internet you know how there is a constant flow of traffic from hacker scripts working through a list of attacks. The vast majority of servers are surviving this onslaught. Directly, or even better, with an exploit aware proxy firewall.?

So if you are already surfing the web, the level of danger you are exposed to is in line with a *competently* designed and managed third party remote access service. The problem is identifying if the service is well implemented or maybe had some troubles in the past but have actually learned from their mistakes. But, I'd not recommend making your home computer with all your important information exposed to being remotely controlled, at least not just left that way continuously. As the computer doing the remote controlling OK. ?

Tom, wb6b

Teamviewer host on the pi is free for personnel use. ? From a Win. 10 system, voice is available. ?Linux not tried.?
On Ubuntu Studio, I work remotely from an iPad Air connecting with Teamviewer first, then NoMachine. With NoMachine nrunning, swipe up from bottom of page to get Teamviewer back up also. I have used this with Audacity to split out & process ?recorded clogging music for several years . ?Some adjustment with Ubuntu Studio's volume control may be needed.?
Win 10 users will find this setup works there also.
Aldo works with VLC Music player as audio source. Should work as well to hear the units or any other audio.?

Frank(kj5wi)?

On Sun, Jul 7, 2019 at 06:23 PM, Christopher Miller wrote:

You are opening a door for hackers to use your station etc.

Yes, that is a good reason to use a dedicated PC, Linux machine or Raspberry Pi type machine to be the computer running your station. And put the least amount of software applications as you can on the machine. Certainly don't use that machine to do your banking or store your Bitcoin wallet :)

If your computer controlling the station can accept incoming connections from the internet (You can connect to it and log in for your remote computer directly) you need to try to keep your computer up to date with security patches, as well as choose software where the developers currently maintain the software and keep up with what is going on in the security/exploit arena. For open source projects you can generally check how recently the last code commits were and if bug reports regarding security issues have been addressed.?

If you connect to your computer running the station through a third party website, and the station and remote access computers only make outbound connections, the security issues can be less. However, it that case you are somewhat at the mercy of whether the third party site was designed by true technical experts or just business people seeing a market to build a business around and not understanding (aware or care about) the nuances of what they are having built for them.

-- Tangent warning -- Of course you can go overboard. Not every little exploit discovered is a real threat. Risk has to be weighed with the possible damage. I worked for a company when they went into the first phase of evaluating/addressing security aspects of their internet service (good!) they went into full blown paranoia and the security people reacted to every exploit they read about on security sites without reason. Had a new set of servers provisioned for a project and just about the only way they would sign off the systems, was if only the operating system without the custom software that made our business a business, was installed on the machines. And, no, our custom software was not faulty from a security perspective. Reason on both sides prevailed eventually. ?-- End of tangent --

Tom, wb6b

开云体育

Josh, With this new code you can no longer select frequency calibration it seems as well!

-- Tim Keller - KE2GKB