This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
about:start [2017/08/15 21:21] czokie [Data Leakage] |
about:start [2017/09/11 05:33] czokie [Censorship] |
||
---|---|---|---|
Line 2: | Line 2: | ||
If you have reached this website, we have to assume you are interested in DJI aircraft, and any tweaks and modifications you could possibly make for your equipment. This website is dedicated to just that topic. But first, who are we. | If you have reached this website, we have to assume you are interested in DJI aircraft, and any tweaks and modifications you could possibly make for your equipment. This website is dedicated to just that topic. But first, who are we. | ||
- | ===== The OG's (Original Gangsters) ===== | + | I will start with a little bit of a mission statement... |
- | We came up with the title "The Original Gangsters" | + | "//**We shall disperse disruptive information via quantitative data and reproducible results**//" |
- | For reference, our assorted repositories are listed below | ||
- | |||
- | ^[[http:// | ||
- | ^[[https:// | ||
- | ^[[https:// | ||
- | ^[[https:// | ||
- | ^[[https:// | ||
- | ^[[https:// | ||
- | ^[[https:// | ||
- | ^[[https:// | ||
- | ^[[https:// | ||
- | ^[[https:// | ||
Now that we have the introductions out of the way, its time for a story. | Now that we have the introductions out of the way, its time for a story. | ||
Line 34: | Line 22: | ||
* This cumbersome process is impacting commercial operators. ((One pilot advises they are " | * This cumbersome process is impacting commercial operators. ((One pilot advises they are " | ||
* Owners are unhappy with the changes made by DJI. Some have worked to bypass these restrictions through reverse engineering and modification of DJI software. | * Owners are unhappy with the changes made by DJI. Some have worked to bypass these restrictions through reverse engineering and modification of DJI software. | ||
- | ===== Plagarism | + | ===== Plagiarism |
* DJI are using open source software components without acknowledging the contributions from the authors, and without complying with GPL license conditions for those components. (( | * DJI are using open source software components without acknowledging the contributions from the authors, and without complying with GPL license conditions for those components. (( | ||
Drone company DJI in active non-compliance of GPL (binaries released) [[https:// | Drone company DJI in active non-compliance of GPL (binaries released) [[https:// | ||
* As well as being un-lawful, it is simply un-ethical to use someones work without crediting it, or abiding by their license conditions. | * As well as being un-lawful, it is simply un-ethical to use someones work without crediting it, or abiding by their license conditions. | ||
+ | * **Update: 25-Aug-2017 - DJI provided a link to an [[http:// | ||
===== Data Leakage ===== | ===== Data Leakage ===== | ||
- | * Based on analysis so far, it has been determined that more information than has been previously disclosed is being transmitted externally. ((A video of network chatter from just opening DJI GO 4 is published | + | * Based on analysis so far, it has been determined that more information than has been previously disclosed is being transmitted externally. ((A video of network chatter from just opening DJI GO 4 is published |
- | * DJI have agreed to create an offline mode. However, DJI have not disclosed what data is sent when not in offline mode. | + | * DJI have agreed to create an offline mode.((China drone maker steps up security after U.S. Army ban [[https:// |
+ | * **Offline mode is seen as a very positive step. Further comments by DJI on communications in flight when not in offline mode would greatly help to restore trust by DJI clients.** | ||
+ | * **DJI have [[http:// | ||
===== Back Doors ===== | ===== Back Doors ===== | ||
- | * It has been found that the DJI GO application for both Android and IOS have back-doors allowing DJI to "hot patch" applications in a manner that breaches the rules imposed on DJI by both Google and Apple. | + | * It has been found that the DJI GO application for both Android and IOS have back-doors allowing DJI to "hot patch" applications in a manner that breaches the rules imposed on DJI by both Google and Apple. |
* The practice of hot patching essentially allows DJI to totally change the functionality of the DJI go application without the knowledge or consent of a pilot. | * The practice of hot patching essentially allows DJI to totally change the functionality of the DJI go application without the knowledge or consent of a pilot. | ||
- | * Putting this into a different context, hot patching is the equivalent of the avionics of an aircraft being totally replaced mid flight. | + | * Putting this into a different context, hot patching is the equivalent of the avionics |
+ | * **DJI have held true to their word on this point. Analysis so far confirms the removal of JSPatch and Tinker from recent DJI GO updates.** | ||
+ | * While not technically a back-door, being forced into firmware changes is a concern. An alternate approach might be to guarantee that there are at least two firmware versions available for all products, so that in the event of concerns that are believed to be firmware related, that a pilot will at least have the chance to eliminate firmware as the root cause by downgrading to a different firmware level. | ||
+ | * From a change management and risk mitigation perspective, | ||
===== Censorship ===== | ===== Censorship ===== | ||
- | * In DJI forums, it is against the rules to criticise DJI, or to talk about reverse engineering of DJI software. | + | * In DJI forums, it is against the rules to criticise DJI, or to talk about reverse engineering of DJI software. |
* In third party forums sponsored by DJI, similar censorship is taking place for those that discuss topics that are not endorsed by DJI. | * In third party forums sponsored by DJI, similar censorship is taking place for those that discuss topics that are not endorsed by DJI. | ||
+ | * **DJI have recently removed their "NO UNAUTH MODIFICATIONS" | ||
===== Safety ===== | ===== Safety ===== | ||
* DJI has recently rushing out multiple updates and patches to prevent reverse engineering. | * DJI has recently rushing out multiple updates and patches to prevent reverse engineering. | ||
- | * These botched changes have caused unstable flight for many pilots. | + | * These botched changes have caused unstable flight for many pilots. |
* Mobile phone manufacturers have failed to win a "war of attrition" | * Mobile phone manufacturers have failed to win a "war of attrition" | ||
* Safety will be the loser in the war between DJI and the community. | * Safety will be the loser in the war between DJI and the community. | ||
- | |||
====== Position ====== | ====== Position ====== | ||
* **Control**: | * **Control**: | ||
Line 66: | Line 57: | ||
====== Conclusion ====== | ====== Conclusion ====== | ||
- | It is fair to say that this whole community started as a result of a lack of trust in DJI. We have stated our position. It is our hope that DJI will listen to the community, and respond in a way that will benefit DJI and its clients. | + | It is fair to say that this whole community started as a result of a lack of trust in DJI. We have stated our position. It is our hope that DJI will listen to the community, and respond in a way that will benefit DJI and its clients. At the start of this page, it talks about who we are. It also said that the question of why will be answered at the bottom of the page. Lets keep that promise now. |
+ | |||
+ | The why is ultimately a lack of trust. There were already individual researchers that were interested in DJI products. The decisions by DJI that are documented above are what has brought a larger community of people together, with a goal to state a communal case, and hope that DJI will respond to our plea for change in a positive manner. | ||
Long Live the Original Gangsters | Long Live the Original Gangsters | ||
+ | |||
+ | ====== The OG's (Original Gangsters) ====== | ||
+ | |||
+ | We came up with the title "The Original Gangsters" | ||
+ | |||
+ | For reference, our assorted repositories are listed below | ||
+ | |||
+ | ^[[http:// | ||
+ | ^[[https:// | ||
+ | ^[[https:// | ||
+ | ^[[https:// | ||
+ | ^[[https:// | ||
+ | ^[[https:// | ||
+ | ^[[https:// | ||
+ | ^[[https:// | ||
+ | ^[[https:// | ||
+ | ^[[https:// |