DJI Mavic, Air and Mini Drones
Friendly, Helpful & Knowledgeable Community
Join Us Now

Prismatic

Well-Known Member
Joined
Feb 26, 2018
Messages
587
Reactions
644
Age
70
Location
Northern Colorado
There are several threads about the DJI Assistant 2 software being flagged--by several different virus scanners--as infected. (That concern is largely countered with "Norton sucks!", "False positive!", "They're working on it.", and similar arguments.)

But in these times, what would be the greater surprise: that DJI works covertly with PRC intelligence, or that it does not?

Is it too paranoid to imagine that DJI funnels data collected from our thousands of flights to the intelligence agencies of the autocratic and politically unfriendly nation in which it exists? Probably. Maybe. I honestly don't know.

Am I the only one who thinks about this?
 
  • Like
Reactions: MPDronePilot1
Assuming you're not flying around secret military bases, what exactly is China going to learn from your flights that they can't already see just by looking at Google Earth?
 
  • Like
Reactions: Clinton1
Assuming you're not flying around secret military bases, what exactly is China going to learn from your flights that they can't already see just by looking at Google Earth?
Who knows? I'm no military analyst. But here's the thing: It's been astutely observed that once you grant someone the authority to install their software on your computer, you'll never again be sure it's your computer.

Well, we do that all the time. But when I install this software, it triggers virus alarms from multiple products from multiple vendors. And the source company is based in the PRC--with which the US has deep and simmering hostilities. And I'm told to ignore it? Sorry, but that's just stupid. (I can say with some certainty--my brother has very high security clearances in the Navy--that this software would never be permitted in even a low-security military context.)

Now, I've no idea, really, if those virus alerts are real. Maybe they are false positives, and not an issue. Then again, maybe they aren't false at all. The core of my system may be compromised. I may have a keylogger waiting to grab my passwords as I type them in. Nah. Couldn't happen to me!

I'll note that during the 2016 campaign, some 50 million or so Facebook users were presented at least once, probably many times, with content from Russian sources with Russian objectives. Yet I challenge you to find someone who really believes they're in that number, much less that they were actually influenced by it the slightest. We're all innocent and ignorant.

The point is this : If Facebook, seeking money, willingly compromises millions upon millions of users private data ("see no evil" is their mantra, it seems), imagine the pressure on any Chinese company to make their data available in their nation's quest for power and influence. The ethical rules in China, both traditional and political, are utterly foreign to Americans. Ask Sony.

Like it or not, the fact is that no-one running DJI Assistant 2 can be sure they're not on the cusp of having their identities and their wealth stolen, nor can they be sure they're not unwittingly Chinese spies (your Google Earth comment notwithstanding). In our times, I'd say the probabilities are small, but not that small. It's not your father's world.

Why do I even worry? Because DJI Assistant 2 consistently throws security warnings, without so much as the acknowledgement of its authors! (I suppose that should be good news; someone in China knows how to write a virus that doesn't trigger flags, and this software is lousy in that way! Cold comfort if you ask me.)

Well, if utterly necessary I'll install it--offline--when I need it, and remove it and scrub my machine for root-kit viruses before I'm back online. That's no guarantee, either, but it's about the best I can do.

It's not that the software isn't useful! It is. But I believe there is every reason to distrust it.
 
There are several threads about the DJI Assistant 2 software being flagged--by several different virus scanners--as infected. (That concern is largely countered with "Norton sucks!", "False positive!", "They're working on it.", and similar arguments.)

But in these times, what would be the greater surprise: that DJI works covertly with PRC intelligence, or that it does not?

Is it too paranoid to imagine that DJI funnels data collected from our thousands of flights to the intelligence agencies of the autocratic and politically unfriendly nation in which it exists? Probably. Maybe. I honestly don't know.

Am I the only one who thinks about this?

There is no evidence that DJI is covertly sending data anywhere. If you sync your flights then those data are uploaded to the DJI servers, as expected, although there is no way to know who else may be granted access. If you don't sync your flights then there doesn't appear to be significant traffic to the DJI servers, but the app does communicate with other sites (mostly ad related it seems).

You can also use the beta Pilot app that has a local data mode that shuts down all external traffic if you are particularly concerned.
 
There is no evidence that DJI is covertly sending data anywhere. If you sync your flights then those data are uploaded to the DJI servers, as expected, although there is no way to know who else may be granted access. If you don't sync your flights then there doesn't appear to be significant traffic to the DJI servers, but the app does communicate with other sites (mostly ad related it seems).

You can also use the beta Pilot app that has a local data mode that shuts down all external traffic if you are particularly concerned.
I totally agree about the absence of evidence, and I do not take that as evidence of anything.
I suppose the recent revelations about the massive misuse of data for ulterior motives, by a supposedly 'friendly' actor, make me mistrust data-gathering of all stripes more than I used to. I'm less inclined to freely share the information that, in aggregate, creates a detailed, marketable, and exploitable profile of me. That data can, and does, wind up in the hands of actors with whom I would never knowingly share such information.
It's some comfort to hear there's normally minimal traffic to DJI, though it doesn't completely address my concerns.
So, what is the deal with the virus warnings that everybody says are of zero concern? I can't fathom why DJI allows this issue to continue, especially when Americans--and many others--are deeply and rightly concerned about this sort of stuff!
 
I totally agree about the absence of evidence, and I do not take that as evidence of anything.
I suppose the recent revelations about the massive misuse of data for ulterior motives, by a supposedly 'friendly' actor, make me mistrust data-gathering of all stripes more than I used to. I'm less inclined to freely share the information that, in aggregate, creates a detailed, marketable, and exploitable profile of me. That data can, and does, wind up in the hands of actors with whom I would never knowingly share such information.
It's some comfort to hear there's normally minimal traffic to DJI, though it doesn't completely address my concerns.
So, what is the deal with the virus warnings that everybody says are of zero concern? I can't fathom why DJI allows this issue to continue, especially when Americans--and many others--are deeply and rightly concerned about this sort of stuff!

I'm not sure about the virus warnings, but those have been reported intermittently for years. My impression is simply that DJI doesn't pay much attention to the kind of stuff, although they have been pushed into working harder on it by their desire to make inroads into the enterprise and government markets.
 
  • Like
Reactions: Prismatic
I wonder how GDPR that is coming in to force in the EU is going to affect what DJI do with our data? Even Apple is changing its OS to make us more aware of what data they collect and how they use it and who they share it with.
 
  • Like
Reactions: Prismatic
Who knows? I'm no military analyst. But here's the thing: It's been astutely observed that once you grant someone the authority to install their software on your computer, you'll never again be sure it's your computer.

Well, we do that all the time. But when I install this software, it triggers virus alarms from multiple products from multiple vendors. And the source company is based in the PRC--with which the US has deep and simmering hostilities. And I'm told to ignore it? Sorry, but that's just stupid. (I can say with some certainty--my brother has very high security clearances in the Navy--that this software would never be permitted in even a low-security military context.)

Now, I've no idea, really, if those virus alerts are real. Maybe they are false positives, and not an issue. Then again, maybe they aren't false at all. The core of my system may be compromised. I may have a keylogger waiting to grab my passwords as I type them in. Nah. Couldn't happen to me!

I'll note that during the 2016 campaign, some 50 million or so Facebook users were presented at least once, probably many times, with content from Russian sources with Russian objectives. Yet I challenge you to find someone who really believes they're in that number, much less that they were actually influenced by it the slightest. We're all innocent and ignorant.

The point is this : If Facebook, seeking money, willingly compromises millions upon millions of users private data ("see no evil" is their mantra, it seems), imagine the pressure on any Chinese company to make their data available in their nation's quest for power and influence. The ethical rules in China, both traditional and political, are utterly foreign to Americans. Ask Sony.

Like it or not, the fact is that no-one running DJI Assistant 2 can be sure they're not on the cusp of having their identities and their wealth stolen, nor can they be sure they're not unwittingly Chinese spies (your Google Earth comment notwithstanding). In our times, I'd say the probabilities are small, but not that small. It's not your father's world.

Why do I even worry? Because DJI Assistant 2 consistently throws security warnings, without so much as the acknowledgement of its authors! (I suppose that should be good news; someone in China knows how to write a virus that doesn't trigger flags, and this software is lousy in that way! Cold comfort if you ask me.)

Well, if utterly necessary I'll install it--offline--when I need it, and remove it and scrub my machine for root-kit viruses before I'm back online. That's no guarantee, either, but it's about the best I can do.

It's not that the software isn't useful! It is. But I believe there is every reason to distrust it.

That’s a very long winded way of not answering my question.

I don’t know what A/V software you’re using but I use two of the top rated products out there and have never gotten an alert about DJI’s software. It’s been around for years, used by millions of people. If there really were a problem with it it would have been flagged by security experts by now.

And Norton does, in fact, suck.
 
Last edited:
I'm always one to come down on the side of awareness and caution. I worked in "Black Projects" for years, and a such I, along with my coworkers, was extremely aware of possible data breaches. Overall, a data breach is no good if the users are aware of it, so if DJI is, indeed, sharing the data with the PRC, we would see no evidence of it. That link would be within the borders of the PRC, not between our beloved drones and the PRC directly. Even ff it was detected, all sorts of whining would break out, and there would be demands for changes. One thing to note is that military and security personnel are not allowed to use DJI equipment anywhere near their bases and facilities, and never in an official capacity. DJI has put in a special software switch that allows that data transfer to be turned off, but the US military ain't buying it, and won't let its troops use the drones. It is important to understand that when it comes to espionage or hacking, quite often data is gathered which seems completely innocuous to the target. That data is combined with data gathered elsewhere, that also seems innocuous, and a puzzle is solved without targets being aware that their data has contributed to sensitive knowledge gathering. Additionally, who knows what data might be getting gathered as our toys fly. Cell phone tower information, wifi data, and anything else you can think of. Our atmosphere is chocked full of valuable data in the form of radio waves, if one cares to gather it. Our own military does the very same thing, but perhaps not through drones. At least not small ones. And the thought occurred to me a few days ago. Imagine a scenario where conflict broke out between the US and the PRC. What better way to make it difficult for attack and/or support aircraft to take off than to have all airborne "toy" drones in the area come under the control of the mothership, then start buzzing around airfields to create flight hazards. OK. OK. I should probably be fitted for a tinfoil hat, but it's an interesting idea.
 
  • Like
Reactions: Prismatic
It is pretty obvious that too many people are watching way too much TV.......:D
How many of you have checked inside you DJI stuff for explosives?
 
It is pretty obvious that too many people are watching way too much TV.......:D
How many of you have checked inside you DJI stuff for explosives?
HEY! I told you I was in danger of joining the tinfoil hat club! But that said, you'd be amazed how countries gather interesting data on each other. Even something as seemingly innocuous as a company phone book can be really valuable. When I worked for an aerospace company in southern California, one of the engineers was discovered providing information to the Russians. He wound up in Federal prison for a very long time. During the debriefing with a rubber hose (OK, OK I made that up) , it came to light that agents fora foreign entity targeted him because they knew his alimony payments were back breaking, he was nearly bankrupt, and that he had been attending lectures with groups that were not particularly patriotic, and by finding his name and number in a company phone book they knew he worked in a classified area. After he was arrested, they had big gatherings in auditoriums for those of us in similar positions, and discussed how he had been "turned". They gathered bits and pieces of information that seemed innocuous, and targeted a vulnerable individual. That was the point I was making. The stuff about drones causing problems in airspace was just pure fantasy. But hey, maybe I should write a book. I've already got a title. "Day of the Drones." I'm taking pre-publication deposits right now, if you want to send me a check. ;-)
 
There are stories of people going to the "dark side" that predate; Drones, Social Media, The Internet, Telephones, Telegraph, ETC. There will always be an "our side" and a "their side"
in your story the biggest problem wasnt because of electronic data, it was because of the weak individual that put greed before country.
 
Absolutely agree. But consider that in the days of espionage before the internet, it took a lot of effort to "turn" someone, and it was a delicate process. Now, hackers and bad actors can access data without having to turn anyone. There is a data war being waged right now, between adversaries, as evidenced by headlines, and those are just the ones we hear about. So, we come full circle, the innocuous data which we don't think we should care about may be used in ways we don't expect. Well, acOj, I'm really enjoying this discussion with you, but I think we've wandered off subject a bit. If you want to continue, then send me a private message, so our fellow operators can get back to the serious fun of flying drones. :)
 
  • Like
Reactions: Prismatic
we are still on topic technically But I agree. All points are made and agreed to!
 
  • Like
Reactions: Prismatic
It does seem a bit paranoid... It could also be true to a certain degree but on a separate note think about Google and even iPhone... iPhone has had a tracker installed in the factory for every phone and Google is always listening under the guise of when you say "Ok Google" to ask it something... I can assure you your phone is sending more data out about you than anything else... I also bought a Google home today... The only way you can be sure Google is not able to send everything you say back to the human species anaylists in deep space is to cut the microphone wire and Install a manual flip switch to turn it on and off at source... That would piss Google off etc but they shouldn't be allowed unaccountable control over our lives and data. Our data is ours and we should get a cut if it gets sold... in regards to if your drone being used to spy on you... It is... The DJI Go 4 app does collect data on everyone's flights and you can review your stats in their app... If they ever passed this data on to make an arrest etc on their customers they would destroy their business by effectively shooting down their customers.... They do use your data to make more money... That's all companies really care about is money and control over people... But again just chill and fly your Mavic... And hopefully you can make your own money and your data is useless to them...
 
Google and iphone dont have anything on your Bank, Mortgage company, local government, Insurance companies.

I decided to shop around on the internet for home owners insurance. Went to Progressive, Gieco, and a few others. As soon as I put in my street address, They had everything on me already. What cars and motorcycles I owned, claim history, you name it.
If anyone thinks they are immune from big brothers technology keeping track of them, they are a fool.
Or unemployed with no job history, no diploma, no social security number, and homeless. It is what it is.
 
Hey, @ac0j and @Divebomber, this is exactly the conversation I wanted,as the OP, to hear! You’re both 100% on-topic. Divebomber’s narrative parallels my brother’s: modern military intelligence is not blurred photos of Area 51. “Big Data” is real. Your flight data, combined with thousands of other flights, could easily generate a detailed map of the information it’s known to be logging, not to mention information about our targets.
“Whaddya talking about?” Well, bridge construction is an obvious data point. I could think of hundreds of similar data points, ranging from gas production fields to the activity of shrimpers, whose routines are defined by a few specific parameters.
Civilians have, until very recently, been largely excluded from the spy business. Big Data changes that. Like it or not, the data you emit will be used, and not necessarily in your interests.
It’s not just in the movies. Russian interests have been found injecting false and misleading information into the current firestorm surrounding the Parkland students.
Big Data is real, and it’s time to pay attention.
 
I understand where OP is going with this ... But really what are we going to do, stop flying our drones and just stay grounded? The trick to survive is to inform the masses of their privacy rights and play the game safely... Also I see a flaw in your logic OP as at least in Canada the laws are strict as hell for pilots... And other countries too we can't fly near anything, especially anything of key strategic interest. There is a very good chance that the data we give is going to be restricted anyways because we can't fly many places... Only if we flew near military airspace which is not allowed at all, nobody in their right mind (unless already military) would do something like that... So really we are only giving the data we want to or are able to give by choosing to fly where we want to fly... It's not like DJI are saying we must fly near the most secure airbase so they can gather Intel... It also just so happens most of our tech comes from China anyways, we can't avoid that... We fly where we want really or where we can and they can take the data or leave it... The only other way is to have a third party software running on our drones instead or to take it apart and physically hack it...
or ditch DJI and build a "stupid" safe drone from the ground up... Like the Syma X5C... Also to a certain degree the US are paranoid as hell with over preparedness to a degree where it is just counter productive and a waste of energy and resources... If anyone wanted to attack, our drone data would be a tiny fraction of the Intel... Most key assets are underground anyways where drones can't go... In terms of Google and Apple / iPhone etc I would be more worried about them... And their 'always on" monitoring and how you need a Google ID to access the internet nowdays...
 
Last edited:
Lycus Tech Mavic Air 3 Case

DJI Drone Deals

New Threads

Forum statistics

Threads
132,203
Messages
1,570,820
Members
160,955
Latest member
VKTrendz