This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
cn:about:start [2017/12/26 08:30] linthetranslator |
cn:about:start [2018/05/15 00:41] chinger1313 [Censorship] |
||
---|---|---|---|
Line 23: | Line 23: | ||
* 很多用户对于DJI在固件更新中带来的一些变更感到厌恶。当中部分用户对DJI大疆产品进行了逆向工程以解除这些限制并修改DJI大疆的客户端软件 | * 很多用户对于DJI在固件更新中带来的一些变更感到厌恶。当中部分用户对DJI大疆产品进行了逆向工程以解除这些限制并修改DJI大疆的客户端软件 | ||
===== 剽窃行为 ===== | ===== 剽窃行为 ===== | ||
- | * DJI are using open source software components without acknowledging the contributions from the authors, and without complying with GPL license conditions for those components. (( | + | * |
- | Drone company | + | |
- | * As well as being un-lawful, it is simply un-ethical to use someones work without crediting it, or abiding by their license conditions. | + | 到目前为止,根据分析,已经确定比先前披露的更多的信息正在对外传播。7)DJI已经同意创建一个离线的mode.8,但是DJI并没有公开在离线模式下发送的数据。离线模式被认为是非常积极的一步。DJI在非脱机模式下对通信的进一步评论将极大地帮助DJI客户恢复信任。DJI已经删除了iOS和Tinker的热补丁插件jsPatch,并将检查DJI GO和DJI GO 4的其他第三方插件和服务,并承诺在采取这些插件之前对任何新的第三方插件进行彻底的调查,以应对这里提出的安全问题。 |
- | * **Update: 25-Aug-2017 - DJI provided a link to an [[http:// | + | |
===== Data Leakage ===== | ===== Data Leakage ===== | ||
* Based on analysis so far, it has been determined that more information than has been previously disclosed is being transmitted externally. ((A video of network chatter from just opening DJI GO 4 is published | * Based on analysis so far, it has been determined that more information than has been previously disclosed is being transmitted externally. ((A video of network chatter from just opening DJI GO 4 is published | ||
* DJI have agreed to create an offline mode.((China drone maker steps up security after U.S. Army ban [[https:// | * DJI have agreed to create an offline mode.((China drone maker steps up security after U.S. Army ban [[https:// | ||
* **Offline mode is seen as a very positive step. Further comments by DJI on communications in flight when not in offline mode would greatly help to restore trust by DJI clients.** | * **Offline mode is seen as a very positive step. Further comments by DJI on communications in flight when not in offline mode would greatly help to restore trust by DJI clients.** | ||
- | * **DJI have [[http:// | + | * **DJI have [[http:// |
===== Back Doors ===== | ===== Back Doors ===== | ||
* It has been found that the DJI GO application for both Android and IOS have back-doors allowing DJI to "hot patch" applications in a manner that breaches the rules imposed on DJI by both Google and Apple. ((Drone-maker DJI's Go app contains naughty Javascript hot-patching framework[[http:// | * It has been found that the DJI GO application for both Android and IOS have back-doors allowing DJI to "hot patch" applications in a manner that breaches the rules imposed on DJI by both Google and Apple. ((Drone-maker DJI's Go app contains naughty Javascript hot-patching framework[[http:// | ||
Line 39: | Line 39: | ||
* While not technically a back-door, being forced into firmware changes is a concern. An alternate approach might be to guarantee that there are at least two firmware versions available for all products, so that in the event of concerns that are believed to be firmware related, that a pilot will at least have the chance to eliminate firmware as the root cause by downgrading to a different firmware level. | * While not technically a back-door, being forced into firmware changes is a concern. An alternate approach might be to guarantee that there are at least two firmware versions available for all products, so that in the event of concerns that are believed to be firmware related, that a pilot will at least have the chance to eliminate firmware as the root cause by downgrading to a different firmware level. | ||
* From a change management and risk mitigation perspective, | * From a change management and risk mitigation perspective, | ||
+ | * 人们已经发现, | ||
===== Censorship ===== | ===== Censorship ===== | ||
* In DJI forums, it is against the rules to criticise DJI, or to talk about reverse engineering of DJI software. ((Threads | * In DJI forums, it is against the rules to criticise DJI, or to talk about reverse engineering of DJI software. ((Threads | ||
* In third party forums sponsored by DJI, similar censorship is taking place for those that discuss topics that are not endorsed by DJI. | * In third party forums sponsored by DJI, similar censorship is taking place for those that discuss topics that are not endorsed by DJI. | ||
* **DJI have recently removed their "NO UNAUTH MODIFICATIONS" | * **DJI have recently removed their "NO UNAUTH MODIFICATIONS" | ||
+ | * 在DJI论坛中,批评DJI或讨论DJI软件的逆向工程是违反规则的。10)在DJI赞助的第三方论坛中,类似的审查正在为那些讨论不被DJI认可的话题进行。DJI最近在论坛上删除了他们的NO UNAUTH修改警告。然而,该政策并未改变。让我们希望DJI能够继续这个方向,并回顾他们的论坛规则,鼓励用户社区,而不是压迫它。 | ||
===== Safety ===== | ===== Safety ===== | ||
* DJI has recently rushing out multiple updates and patches to prevent reverse engineering. | * DJI has recently rushing out multiple updates and patches to prevent reverse engineering. |