User Panel
User Panel
User Panel
|
Posted: 5/17/2024 8:31:19 AM EST
[Last Edit: K9-Bob]
LoTW Status
05/16/2024 We are in the process of responding to a serious incident involving access to our network and headquarters-based systems. Several services, such as Logbook of The World® and the ARRL Learning Center, are affected. Please know that restoring access is our highest priority, and we are expeditiously working with outside industry experts to address the issue. We appreciate your patience. This story will be updated with new developments. ARRL Systems Service Disruption LoTW has been down for three days. Sounds like a data breach.   Attached File |
|
|
|
|
Posted: 5/17/2024 9:19:04 AM EST
[#1]
Supposedly (but don't quote me) it was the result of a Windows update that zorched some important settings - but I could be totally off base here.
|
|
|
|
|
Posted: 5/17/2024 9:29:57 AM EST
[Last Edit: K9-Bob]
[#2]
Ransomware and data breaches are always the first thing that comes to my mind, but yes Windows updates often rounds out the "usual suspects" when things go bad.
|
|
|
|
|
Posted: 5/17/2024 9:31:34 AM EST
[#3]
|
|
|
|
|
Posted: 5/17/2024 9:38:19 AM EST
[#4]
With most of the ARRL staff manning the booths at Hamvention I'm sure nothing will get resolved this weekend.
|
|
|
|
|
Posted: 5/17/2024 9:47:56 AM EST
[#5]
So we can expect more mail from them in the future asking for money, the same way as the NRA bugs you because daddy wayne needs a new suite.
|
|
|
|
|
Posted: 5/17/2024 9:49:33 AM EST
[Last Edit: K9-Bob]
[#6]
The ARRL pays $350,000 annually to the general manager (aka CEO) but the IT staff salaries are nowhere near as competitive.
 You get what you pay for I suppose. |
|
|
|
|
Posted: 5/17/2024 11:14:46 AM EST
[#7]
Quote HistoryYeah, you can bet they have the "A team" working on it. |
|
|
|
|
Posted: 5/17/2024 11:38:12 AM EST
[#8]
Quote HistoryOriginally Posted By K0UA: Yeah, you can bet they have the "A team" working on it. Based on the web page they probably hired the web admin from the FCC uls. |
|
|
|
|
Posted: 5/17/2024 12:06:17 PM EST
[#9]
Frankly, I am surprised this doesn't happen more often.
|
|
|
|
|
Posted: 5/17/2024 1:18:27 PM EST
[#10]
Quote HistoryOriginally Posted By stanprophet09: Based on the web page they probably hired the web admin from the FCC uls. Quote HistoryOriginally Posted By stanprophet09: Originally Posted By K0UA: Yeah, you can bet they have the "A team" working on it. Based on the web page they probably hired the web admin from the FCC uls. 
|
|
|
|
|
Posted: 5/17/2024 3:52:03 PM EST
[#11]
If they need a cybersecurity guy.... I need a job lol
|
|
|
|
|
Posted: 5/17/2024 3:59:29 PM EST
[#12]
Quote HistoryOriginally Posted By stanprophet09: Based on the web page they probably hired the web admin from the FCC uls. Quote HistoryOriginally Posted By stanprophet09: Originally Posted By K0UA: Yeah, you can bet they have the "A team" working on it. Based on the web page they probably hired the web admin from the FCC uls. Cold man. Very cold. Accurate, but cold. 
|
|
|
|
|
Posted: 5/17/2024 4:31:23 PM EST
[#13]
Quote HistoryOriginally Posted By sseagle: If they need a cybersecurity guy.... I need a job lol https://www.arrl.org/employment-opportunities |
|
|
|
|
Posted: 5/17/2024 6:29:15 PM EST
[#14]
I am upset that my QSOs might have been breached and compromised.
|
|
|
|
|
Posted: 5/17/2024 6:45:03 PM EST
[#15]
From what I've read, they are having server problems. This was not any sort of attack.
|
|
|
|
|
Posted: 5/17/2024 7:12:52 PM EST
[#16]
Quote HistoryDang. No way I'm moving to Connecticut. |
|
|
|
|
Posted: 5/17/2024 7:52:16 PM EST
[#17]
Quote HistoryOriginally Posted By Emoto: From what I've read, they are having server problems. This was not any sort of attack. Please post a link. |
|
|
|
|
Posted: 5/17/2024 8:00:45 PM EST
[#18]
Quote HistoryOriginally Posted By Mach: I am upset that my QSOs might have been breached and compromised.  |
|
|
|
|
Posted: 5/17/2024 8:06:23 PM EST
[#19]
Quote HistoryOriginally Posted By K9-Bob: Please post a link. Nope. Not going to try to trace my way back across all of the social media and web sites I have consumed over the last 8 hours. It was probably one of the big Ham Radio FB groups. You might want to go to the ARRL web site and read what they have to say about it. Spoiler alert: no mention of an attack. |
|
|
|
|
Posted: 5/17/2024 8:34:35 PM EST
[Last Edit: K9-Bob]
[#20]
Quote HistoryOriginally Posted By Emoto: Nope. Not going to try to trace my way back across all of the social media and web sites I have consumed over the last 8 hours. It was probably one of the big Ham Radio FB groups. You might want to go to the ARRL web site and read what they have to say about it. Spoiler alert: no mention of an attack. Quote HistoryOriginally Posted By Emoto: Originally Posted By K9-Bob: Please post a link. Nope. Not going to try to trace my way back across all of the social media and web sites I have consumed over the last 8 hours. It was probably one of the big Ham Radio FB groups. You might want to go to the ARRL web site and read what they have to say about it. Spoiler alert: no mention of an attack.  Attached FileI hope it's a just glitch in the matrix, but the "serious incident" verbiage used by the ARRL and their subsequent lockdown of comments to this post makes me wonder if they have something to hide.  If there is nothing nefarious going on they should just say so instead of dancing around it. |
|
|
|
|
Posted: 5/17/2024 9:17:46 PM EST
[#21]
Quote HistoryOriginally Posted By K9-Bob: https://www.ar15.com/media/mediaFiles/54857/Capture_JPG-3216898.JPG I hope it's a just glitch in the matrix, but the "serious incident" verbiage used by the ARRL and their subsequent lockdown of comments to this post makes me wonder if they have something to hide. If there is nothing nefarious going on they should just say so instead of dancing around it. Just my opinion, but organizations rarely like to issue a mea culpa, so if they had been able to blame an outside actor for the problem, they would likely have done so. |
|
|
|
|
Posted: 5/18/2024 10:00:51 AM EST
[#22]
|
|
|
|
|
Posted: 5/18/2024 11:28:29 AM EST
[#23]
Quote HistoryOriginally Posted By Colt653: Lotw repairs underway . . . . https://www.youtube.com/watch?v=QpWhugUmV5U 
|
|
|
|
|
Posted: 5/19/2024 7:54:58 PM EST
[#24]
I don't know how true any of this is ("incident" does not = cyberattack), but here it is for your consideration: https://www.bleepingcomputer.com/news/security/arrl-cyberattack-takes-logbook-of-the-world-offline/
|
|
|
|
|
Posted: 5/19/2024 8:03:10 PM EST
[#25]
Not another dime to ARRL until Wayne LaPierre is GONE ! ! ! ! 
|
|
|
|
|
Posted: 5/20/2024 10:47:06 AM EST
[#26]
It’s almost mid day and LoTW is still down. So much for the theory of it being a “Patch Tuesday” glitch. The lack of transparency by the ARRL is baffling.
|
|
|
|
|
Posted: 5/20/2024 10:48:14 AM EST
[#27]
|
|
|
|
|
Posted: 5/20/2024 11:14:16 AM EST
[#28]
No surprise considering their site looks like it’s from 2002.
|
|
|
|
|
Posted: 5/20/2024 11:16:02 AM EST
[#29]
Quote HistoryOriginally Posted By K9-Bob: https://www.ar15.com/media/mediaFiles/54857/Capture_JPG-3216898.JPG I hope it's a just glitch in the matrix, but the "serious incident" verbiage used by the ARRL and their subsequent lockdown of comments to this post makes me wonder if they have something to hide. If there is nothing nefarious going on they should just say so instead of dancing around it. Not really a denial, just them saying anything on our site could be found anyway. So yeah, probably got hacked. |
|
|
|
|
Posted: 5/20/2024 11:45:40 AM EST
[#30]
Quote HistoryOriginally Posted By Colt653: working on it… https://www.ar15.com/media/mediaFiles/2275/IMG_1251_png-3219040.JPG Dos disk would be more accurate 😂 |
|
|
|
|
Posted: 5/20/2024 12:02:03 PM EST
[Last Edit: Emoto]
[#31]
Your huge dues increase at work!
 ETA: LotW has a HUGE user base around the world and, as far as I know, universal acceptance as authoritative for confirming QSOs. Much of the amateur radio community depends on LoTW. Given that, one might reasonably imagine that they would have some level of redundancy and/or backup machines, in order to avoid down time. Since they haven't actually told us what happened, I can only speculate on the cause(s), but it would seem their web presence is not well managed. (I'm trying to be nice.) |
|
|
|
|
Posted: 5/20/2024 12:10:27 PM EST
[#32]
Quote HistoryOriginally Posted By Emoto: Your huge dues increase at work! ETA: LotW has a HUGE user base around the world and, as far as I know, universal acceptance as authoritative for confirming QSOs. Much of the amateur radio community depends on LoTW. Given that, one might reasonably imagine that they would have some level of redundancy and/or backup machines, in order to avoid down time. Since they haven't actually told us what happened, I can only speculate on the cause(s), but it would seem their web presence is not well managed. (I'm trying to be nice.) Just hope they have an airgapped backup, people might come with torches, pitchforks, and walkers if they lost everything |
|
|
|
|
Posted: 5/20/2024 12:15:09 PM EST
[#33]
Quote HistoryOriginally Posted By sseagle: Just hope they have an airgapped backup, people might come with torches, pitchforks, and walkers if they lost everything Got to watch the old guys though, they know the end is near and DGAF anymore. All joking aside I do hope they get it fixed. I am not much into rewards and all that. I use to apply for them on QRZ but anymore I just like to make contact. I update my grid square hunt on 6m and above. But I am content to work them, I really do not care anymore if I confirm them. I know plenty of people do like the awards and there is nothing wrong with that. Seems like a cheaper system. I do use LOTW because I know plenty like to get confirmations so if I can help them with that great. |
|
|
|
|
Posted: 5/20/2024 12:48:43 PM EST
[#34]
Oh I'm just joking around, the more I fall apart the less igaf too.
|
|
|
|
|
Posted: 5/20/2024 2:07:49 PM EST
[#35]
I will be that guy....
What is LOTW and why is it needed? Can't you just use QRZ? |
|
|
|
|
Posted: 5/20/2024 3:25:41 PM EST
[#36]
Quote HistoryOriginally Posted By Sailboat: I will be that guy.... What is LOTW and why is it needed? Can't you just use QRZ? So the ARRL is the original place to get Awards like DXCC and Grid squares. In the old days you had to exchange QSL cards and then go to a hamfest or arrange to get an ARRL card checker to check the cards to validate for awards. It was a PITA. ARRL does LOTW now where it syncs with logging programs or manual upload instantly for confirming contacts. Its a way you can prove that contacts were made. In fact it's a safer bet since both stations have to confirm the QSO happened and at a certain time and frequency/Mode. QRZ awards are kind of an after thought. So that is what it is. Some people are serious about the awards and confirmations. |
|
|
|
|
Posted: 5/21/2024 6:25:36 AM EST
[Last Edit: Emoto]
[#37]
Quote HistoryOriginally Posted By stanprophet09: So the ARRL is the original place to get Awards like DXCC and Grid squares. In the old days you had to exchange QSL cards and then go to a hamfest or arrange to get an ARRL card checker to check the cards to validate for awards. It was a PITA. ARRL does LOTW now where it syncs with logging programs or manual upload instantly for confirming contacts. Its a way you can prove that contacts were made. In fact it's a safer bet since both stations have to confirm the QSO happened and at a certain time and frequency/Mode. QRZ awards are kind of an after thought. So that is what it is. Some people are serious about the awards and confirmations. Quote HistoryOriginally Posted By stanprophet09: Originally Posted By Sailboat: I will be that guy.... What is LOTW and why is it needed? Can't you just use QRZ? So the ARRL is the original place to get Awards like DXCC and Grid squares. In the old days you had to exchange QSL cards and then go to a hamfest or arrange to get an ARRL card checker to check the cards to validate for awards. It was a PITA. ARRL does LOTW now where it syncs with logging programs or manual upload instantly for confirming contacts. Its a way you can prove that contacts were made. In fact it's a safer bet since both stations have to confirm the QSO happened and at a certain time and frequency/Mode. QRZ awards are kind of an after thought. So that is what it is. Some people are serious about the awards and confirmations. LotW is (was?) the gold standard for QSO confirmation. It was accepted as authoritative around the world, due to the user authentication required to use it. Club Log is also very good and used by many DXpeditions in addition to LotW. I upload all of my QSOs to QRZ, Club Log, and LotW. I find that the UI for my logbook on QRZ to be the easiest. 07:25 AM 2024-05-21 LotW is still down. |
|
|
|
CO, USA
|
Posted: 5/21/2024 8:19:43 AM EST
[Last Edit: SimpleScout]
[#38]
Originally Posted By Sailboat: I will be that guy.... What is LOTW and why is it needed? Can't you just use QRZ? LOTW in a nutshell: Hams like getting meaningless paper awards. Some hams use said awards in dick measuring contests. Some hams are dishonest and lie to get the meaningless awards. The uptight hams get bent out of shape because the dishonest hams suddenly have a bigger dick. The uptight hams compile all their nerd knowledge and create LOTW - a logging/check system that uses more authentication keys than a nuclear missile silo to regain their biggest dick status. Now, when LOTW is hacked/crashed all the uptight hams cry because they can't compare dick sizes anymore. It's ironic because most hams probably haven't even seen their own dick in years because their gut is in the way. I think the easiest way to fix LOTW is to go for a walk, watch the sunset, maybe do a little cardio workout, go to the range with your rifle and work on your iron sight skills. Once everyone has reacclimated to living in reality, LOTW will be least of their worries... |
|
|
|
Posted: 5/21/2024 8:43:14 AM EST
[#39]
Quote HistoryOriginally Posted By SimpleScout: LOTW in a nutshell: Hams like getting meaningless paper awards. Some hams use said awards in dick measuring contests. Some hams are dishonest and lie to get the meaningless awards. The uptight hams get bent out of shape because the dishonest hams suddenly have a bigger dick. The uptight hams compile all their nerd knowledge and create LOTW - a logging/check system that uses more authentication keys than a nuclear missile silo to regain their biggest dick status. Now, when LOTW is hacked/crashed all the uptight hams cry because they can't compare dick sizes anymore. It's ironic because most hams probably haven't even seen their own dick in years because their gut is in the way. I think the easiest way to fix LOTW is to go for a walk, watch the sunset, maybe do a little cardio workout, go to the range with your rifle and work on your iron sight skills. Once everyone has reacclimated to living in reality, LOTW will be least of their worries... 
|
|
|
|
|
Posted: 5/21/2024 8:47:48 AM EST
[#40]
Quote HistoryOriginally Posted By Colt653: This is golden right there. |
|
|
|
|
Posted: 5/21/2024 2:58:53 PM EST
[#41]
I wonder if they got hit with a ransom ware. Pay up or all the QSOs are gone type thing.
|
|
|
|
|
Posted: 5/21/2024 3:24:42 PM EST
[Last Edit: K9-Bob]
[#42]
Quote HistoryOriginally Posted By Mach: I wonder if they got hit with a ransom ware. Pay up or all the QSOs are gone type thing. The new CEO is a tool, so the old geezers will certainly burn him at the stake if they were in fact hacked. |
|
|
|
|
Posted: 5/21/2024 4:15:32 PM EST
[Last Edit: K9-Bob]
[#43]
Quote HistoryOriginally Posted By SimpleScout: LOTW in a nutshell: Hams like getting meaningless paper awards. Some hams use said awards in dick measuring contests. Some hams are dishonest and lie to get the meaningless awards. The uptight hams get bent out of shape because the dishonest hams suddenly have a bigger dick. The uptight hams compile all their nerd knowledge and create LOTW - a logging/check system that uses more authentication keys than a nuclear missile silo to regain their biggest dick status. Now, when LOTW is hacked/crashed all the uptight hams cry because they can't compare dick sizes anymore. It's ironic because most hams probably haven't even seen their own dick in years because their gut is in the way. I think the easiest way to fix LOTW is to go for a walk, watch the sunset, maybe do a little cardio workout, go to the range with your rifle and work on your iron sight skills. Once everyone has reacclimated to living in reality, LOTW will be least of their worries... Quote HistoryOriginally Posted By SimpleScout: Originally Posted By Sailboat: I will be that guy.... What is LOTW and why is it needed? Can't you just use QRZ? LOTW in a nutshell: Hams like getting meaningless paper awards. Some hams use said awards in dick measuring contests. Some hams are dishonest and lie to get the meaningless awards. The uptight hams get bent out of shape because the dishonest hams suddenly have a bigger dick. The uptight hams compile all their nerd knowledge and create LOTW - a logging/check system that uses more authentication keys than a nuclear missile silo to regain their biggest dick status. Now, when LOTW is hacked/crashed all the uptight hams cry because they can't compare dick sizes anymore. It's ironic because most hams probably haven't even seen their own dick in years because their gut is in the way. I think the easiest way to fix LOTW is to go for a walk, watch the sunset, maybe do a little cardio workout, go to the range with your rifle and work on your iron sight skills. Once everyone has reacclimated to living in reality, LOTW will be least of their worries... As far as the dick measuring contest for ARRL awards, it's not much different than someone displaying their prized deer rack, fish mount, or anything else they felt was important. Nobody but you actually gives a fuck about all you held dear. Just remember your family will most likely toss all of your "dick measuring" mementos into the trash not long after you assume room temperature. Haters gonna hate no matter what it is...especially if they're from ARFCOM. |
|
|
|
|
Posted: 5/22/2024 6:11:06 AM EST
[#44]
Quote HistoryOriginally Posted By sseagle: Oh I'm just joking around, the more I fall apart the less igaf too. Last weekend I was entering a convenience store and an older teenager held the door for me. I grinned and teased him a bit thanking him for showing so much kindness to a senior citizen. "You old guys don't worry about getting life sentences anymore. I justdidn't want to get shanked." (I admit. I almost wet my pants laughing. He was funny good kid.) |
|
|
|
|
Posted: 5/22/2024 8:20:24 AM EST
[Last Edit: Emoto]
[#45]
I just called ARRL HQ. Spoke with... damn I am bad with names... might have been Margie.
IT is not located at HQ. It is all remote to them. I told her to let Corporate Communications (who is at HQ) know that: The status should be updated with actual information on what happened, and what is being done about it, and when they expect to be back up and running. I pointed out that the notification up there was entirely devoid of any real information. Not asking for server names or directory paths, but actual information about what happened and what is being done. "They are working on it" does not qualify as either of those things. I told her that the members deserve to have real information, and that this lack of transparency will be taken into account when membership renewal time comes around. She said she would relay the message. For anyone else who wishes to speak with them, here's the contact info: Tel: 1-860-594-0200 | Fax: 1-860-594-0259 Toll-free: 1-888-277-5289 email [email protected] |
|
|
|
|
Posted: 5/22/2024 8:32:33 AM EST
[#46]
The silence is deafening from the League.
|
|
|
|
|
Posted: 5/22/2024 8:36:05 AM EST
[#47]
Quote HistoryOriginally Posted By K9-Bob: The silence is deafening from the League. Indeed. That's why I called them. Since followed up with an email. |
|
|
|
|
Posted: 5/22/2024 9:15:20 AM EST
[#48]
The silence, and the length of time that has elapsed, implies major disaster. As someone already mentioned, perhaps a ransomware attack. As the organization is only worth around $40M, and much of that likely to be illiquid, paying the ransom might be tough. Look for an increase in membership fees next year!
On the other hand, if ARRL and their internal and external IT folks are doing their jobs correctly, the worst case scenario is they restore from, say, a month old (prior to infection) backup, then make everyone re-upload the last month's worth of contacts. That's really not that bad of a solution. However, the length of time that has elapsed begs the question on whether or not ARRL has been doing proper backups of the LOTW system
|
|
|
|
|
Posted: 5/22/2024 9:21:42 AM EST
[#49]
Quote HistoryOriginally Posted By aa777888-2: The silence, and the length of time that has elapsed, implies major disaster. As someone already mentioned, perhaps a ransomware attack. As the organization is only worth around $40M, and much of that likely to be illiquid, paying the ransom might be tough. Look for an increase in membership fees next year! On the other hand, if ARRL and their internal and external IT folks are doing their jobs correctly, the worst case scenario is they restore from, say, a month old (prior to infection) backup, then make everyone re-upload the last month's worth of contacts. That's really not that bad of a solution. However, the length of time that has elapsed begs the question on whether or not ARRL has been doing proper backups of the LOTW system People would be more sympathetic if they actually told us what was going on rather than hiding behind uninformative corporate blather. |
|
|
|
|
Posted: 5/22/2024 10:18:28 AM EST
[#50]
Quote HistoryOriginally Posted By Emoto: People would be more sympathetic if they actually told us what was going on rather than hiding behind uninformative corporate blather. Quote HistoryOriginally Posted By Emoto: Originally Posted By aa777888-2: The silence, and the length of time that has elapsed, implies major disaster. As someone already mentioned, perhaps a ransomware attack. As the organization is only worth around $40M, and much of that likely to be illiquid, paying the ransom might be tough. Look for an increase in membership fees next year! On the other hand, if ARRL and their internal and external IT folks are doing their jobs correctly, the worst case scenario is they restore from, say, a month old (prior to infection) backup, then make everyone re-upload the last month's worth of contacts. That's really not that bad of a solution. However, the length of time that has elapsed begs the question on whether or not ARRL has been doing proper backups of the LOTW system People would be more sympathetic if they actually told us what was going on rather than hiding behind uninformative corporate blather. I am sure all LOTW users (myself included) feel pretty much like you do in that we want some answers. BUT according to IT professionals that have commented on this situation, this situation is much like a war where the enemy strikes a location, and the place that is struck does battle damage assessment for the enemy by making comments about what was struck, how bad it was and what is being done about it. Also noted that if the FBI was called in, and it likely was, they order that no comments be made beyond the fact that something happened, and "we are working on it" while the FBI tries to track down the enemy that attacked. I think that this is what is going on. I have no proof or information of course. And us rank and file users would like to think we can demand answers, but even if we had answers it would not make a damn bit of difference in getting this "problem" solved. What we really want to know is how much longer is it going to be down, and how much of a pain in the ass it is going to be for us users to be whole again. But it wont fix anything to know. Just like the victims of any major crime, we want the police to "keep us informed", and many times keeping the victims informed is NOT a good idea. Lets all sit back, be patient, and work on other things we can do something about. Thank You James K0UA |
|
|
|
Win a FREE Membership!
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.
Attached File
Attached File
