Differences

This shows you the differences between two versions of the page.

--- cn:about:start [2017/12/26 08:30]
linthetranslator
+++ cn:about:start [2018/05/15 00:37]
chinger1313 [Data Leakage]
@@ Line 23: / Line 23: @@
   * 很多用户对于DJI在固件更新中带来的一些变更感到厌恶。当中部分用户对DJI大疆产品进行了逆向工程以解除这些限制并修改DJI大疆的客户端软件
 ===== 剽窃行为 =====
-  * DJI are using open source software components without acknowledging the contributions from the authors, and without complying with GPL license conditions for those components. ((
+  *
-Drone company DJI in active non-compliance of GPL (binaries released) [[https://linustechtips.com/main/topic/808436-drone-company-dji-in-active-non-compliance-of-gpl-binaries-released/|Linustechtips Article]]))
+  * DJI使用开源软件组件而不承认作者的贡献，并且不遵守GPL许可条件。除了不合法之外，使用别人的工作而不相信它，或遵守他们的许可条件是不道德的。更新:25- 8 -2017 - DJI提供了一个链接到一个开源下载页面。目前还不知道这是不是所有的开源代码，但这是DJI的一个非常积极的步骤。我们正在寻求DJI的官方声明，如果他们愿意发表一些关于这个话题的东西。*
-  * As well as being un-lawful, it is simply un-ethical to use someones work without crediting it, or abiding by their license conditions.
+到目前为止，根据分析，已经确定比先前披露的更多的信息正在对外传播。7)DJI已经同意创建一个离线的mode.8，但是DJI并没有公开在离线模式下发送的数据。离线模式被认为是非常积极的一步。DJI在非脱机模式下对通信的进一步评论将极大地帮助DJI客户恢复信任。DJI已经删除了iOS和Tinker的热补丁插件jsPatch，并将检查DJI GO和DJI GO 4的其他第三方插件和服务，并承诺在采取这些插件之前对任何新的第三方插件进行彻底的调查，以应对这里提出的安全问题。
-  * **Update: 25-Aug-2017 - DJI provided a link to an [[http://www.dji.com/opensource|open source download page]]. It is not yet known if this is all of the open source code, but this is a VERY positive step by DJI. We are seeking an official statement from DJI if they are willing to publish something on this topic.**
 ===== Data Leakage =====
   * Based on analysis so far, it has been determined that more information than has been previously disclosed is being transmitted externally. ((A video of network chatter from just opening DJI GO 4 is published  [[faq:dataleakage:chatter|here]])) ((Details of network traffic displayed visually when opening DJI GO here [[https://youtu.be/cuG-nVPQ3Dw|Youtube]]))
   * DJI have agreed to create an offline mode.((China drone maker steps up security after U.S. Army ban [[https://ca.reuters.com/article/technologyNews/idCAKCN1AU294-OCATC|Reuters]])) However, DJI have not disclosed what data is sent when not in offline mode.
   * **Offline mode is seen as a very positive step. Further comments by DJI on communications in flight when not in offline mode would greatly help to restore trust by DJI clients.**
-  * **DJI have [[http://www.dji.com/newsroom/news/dji-enhances-software-security-in-its-flight-control-apps|removed “hot-patching” plugins jsPatch for iOS and Tinker for Android, and will examine other third-party plugins and services in DJI GO and DJI GO 4, and is committed to thoroughly investigating any new third-party plugins before adopting them]] in response to security concerns raised here.**
+  * **DJI have [[http://www.dji.com/newsroom/news/dji-enhances-software-security-in-its-flight-control-apps|removed “hot-patching” plugins jsPatch for iOS and Tinker for Android, and will examine other third-party plugins and services in DJI GO and DJI GO 4, and is committed to thoroughly investigating any new third-party plugins before adopting them]] in response to security concerns raised here.**到目前为止，根据分析，已经确定比先前披露的更多的信息正在对外传播。7)DJI已经同意创建一个离线的mode.8，但是DJI并没有公开在离线模式下发送的数据。离线模式被认为是非常积极的一步。DJI在非脱机模式下对通信的进一步评论将极大地帮助DJI客户恢复信任。DJI已经删除了iOS和Tinker的热补丁插件jsPatch，并将检查DJI GO和DJI GO 4的其他第三方插件和服务，并承诺在采取这些插件之前对任何新的第三方插件进行彻底的调查，以应对这里提出的安全问题。
 ===== Back Doors =====
   * It has been found that the DJI GO application for both Android and IOS have back-doors allowing DJI to "hot patch" applications in a manner that breaches the rules imposed on DJI by both Google and Apple. ((Drone-maker DJI's Go app contains naughty Javascript hot-patching framework[[http://www.theregister.co.uk/2017/08/15/dji_go_app_jspatch_tinker_silent_update_no_review/|Theregister]]))

User Tools

Site Tools

Differences

Page Tools