This shows you the differences between two versions of the page.
Next revision | Previous revision Next revision Both sides next revision | ||
cn:about:start [2017/12/26 08:01] linthetranslator created |
cn:about:start [2018/05/15 00:39] chinger1313 [Back Doors] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== 关于 ====== | ====== 关于 ====== | ||
+ | 本翻译由Lin(DV15)提供,技术内容由原开发者(OG)提供。自2017/ | ||
+ | |||
如果你来到了这个网站,那么你应该是对大疆DJI的飞行器,及其可能的系统自定义和更改选项感兴趣的。这个网站存在的目的就是为了探讨这些话题。但在开始探讨技术细节之前,我们有必要讲清楚我们是谁。 | 如果你来到了这个网站,那么你应该是对大疆DJI的飞行器,及其可能的系统自定义和更改选项感兴趣的。这个网站存在的目的就是为了探讨这些话题。但在开始探讨技术细节之前,我们有必要讲清楚我们是谁。 | ||
Line 13: | Line 15: | ||
| | ||
====== 但是 ====== | ====== 但是 ====== | ||
- | DJI customers have started to distrust DJI based on a number of factors... | + | 由于包括但不限于已下列表内的诸多原因,DJI大疆的客户已经开始对其产品产生不信任 |
- | ===== Control | + | ===== 对用户的限制和控制 |
- | * DJI implemented " | + | * 强制禁飞区。大疆以安全为由在其无人机内采用了电子围栏系统,在没有政府授权的情况下划设了禁飞区。这导致那些有合法许可的操作员无法在大疆私自划设的禁飞区内进行任务。 |
- | * Unlock processes are cumbersome and time consuming. In many countries, requests to unlock need to be made weeks in advance by email. Some requests are not being answered by DJI. ((I wrote a mail to flysafe@dji.com | + | * 禁飞区的解锁过程及其耗时且麻烦。在许多国家,解锁请求必须提前于飞行任务数周用电子邮件提交。有些解锁请求甚至没有得到大疆的答复。((我给flysafe@dji.com |
- | * DJI have rejected requests by commercial pilots for an alternative solution | + | * DJI大疆曾拒绝过一些商业飞行员提出的关于禁飞区的更好的解决方案。((Brendan Schulman,大疆法律部门的副总管和电子围栏系统的管理员,曾收到来自商业飞行员的提议,要求在操作员提供了DJI认为必要的证件和政府许可后,提供一年期或者永久地解锁无人机上的禁飞区。而到目前为止,他拒绝了这个提议。并且一直以来他也拒绝解释为什么他认为在这件事上大疆中国应该有最终决定权。[[https:// |
- | * This cumbersome process is impacting commercial operators. | + | * 这个麻烦的解锁过程已经对商业飞手造成了影响。((One pilot advises they are " |
- | * Owners are unhappy with the changes made by DJI. Some have worked to bypass these restrictions through reverse engineering and modification of DJI software. | + | * 很多用户对于DJI在固件更新中带来的一些变更感到厌恶。当中部分用户对DJI大疆产品进行了逆向工程以解除这些限制并修改DJI大疆的客户端软件 |
- | ===== Plagiarism | + | ===== 剽窃行为 |
- | * DJI are using open source software components without acknowledging the contributions from the authors, and without complying with GPL license conditions for those components. (( | + | * |
- | Drone company | + | |
- | * As well as being un-lawful, it is simply un-ethical to use someones work without crediting it, or abiding by their license conditions. | + | 到目前为止,根据分析,已经确定比先前披露的更多的信息正在对外传播。7)DJI已经同意创建一个离线的mode.8,但是DJI并没有公开在离线模式下发送的数据。离线模式被认为是非常积极的一步。DJI在非脱机模式下对通信的进一步评论将极大地帮助DJI客户恢复信任。DJI已经删除了iOS和Tinker的热补丁插件jsPatch,并将检查DJI GO和DJI GO 4的其他第三方插件和服务,并承诺在采取这些插件之前对任何新的第三方插件进行彻底的调查,以应对这里提出的安全问题。 |
- | * **Update: 25-Aug-2017 - DJI provided a link to an [[http:// | + | |
===== Data Leakage ===== | ===== Data Leakage ===== | ||
* Based on analysis so far, it has been determined that more information than has been previously disclosed is being transmitted externally. ((A video of network chatter from just opening DJI GO 4 is published | * Based on analysis so far, it has been determined that more information than has been previously disclosed is being transmitted externally. ((A video of network chatter from just opening DJI GO 4 is published | ||
* DJI have agreed to create an offline mode.((China drone maker steps up security after U.S. Army ban [[https:// | * DJI have agreed to create an offline mode.((China drone maker steps up security after U.S. Army ban [[https:// | ||
* **Offline mode is seen as a very positive step. Further comments by DJI on communications in flight when not in offline mode would greatly help to restore trust by DJI clients.** | * **Offline mode is seen as a very positive step. Further comments by DJI on communications in flight when not in offline mode would greatly help to restore trust by DJI clients.** | ||
- | * **DJI have [[http:// | + | * **DJI have [[http:// |
===== Back Doors ===== | ===== Back Doors ===== | ||
* It has been found that the DJI GO application for both Android and IOS have back-doors allowing DJI to "hot patch" applications in a manner that breaches the rules imposed on DJI by both Google and Apple. ((Drone-maker DJI's Go app contains naughty Javascript hot-patching framework[[http:// | * It has been found that the DJI GO application for both Android and IOS have back-doors allowing DJI to "hot patch" applications in a manner that breaches the rules imposed on DJI by both Google and Apple. ((Drone-maker DJI's Go app contains naughty Javascript hot-patching framework[[http:// | ||
Line 37: | Line 39: | ||
* While not technically a back-door, being forced into firmware changes is a concern. An alternate approach might be to guarantee that there are at least two firmware versions available for all products, so that in the event of concerns that are believed to be firmware related, that a pilot will at least have the chance to eliminate firmware as the root cause by downgrading to a different firmware level. | * While not technically a back-door, being forced into firmware changes is a concern. An alternate approach might be to guarantee that there are at least two firmware versions available for all products, so that in the event of concerns that are believed to be firmware related, that a pilot will at least have the chance to eliminate firmware as the root cause by downgrading to a different firmware level. | ||
* From a change management and risk mitigation perspective, | * From a change management and risk mitigation perspective, | ||
+ | * 人们已经发现, | ||
===== Censorship ===== | ===== Censorship ===== | ||
* In DJI forums, it is against the rules to criticise DJI, or to talk about reverse engineering of DJI software. ((Threads | * In DJI forums, it is against the rules to criticise DJI, or to talk about reverse engineering of DJI software. ((Threads |