Just more talk and that is all it is, talk. It's easy to understand and their view is neutral and that is very refreshing. They did have additional information about DJI that I was not aware of and that is always a plus. I personally like this channel with information regarding China, as anything relevant to China is important to me. This is not a thread about politics but rather just news, keep it that way please.
Report: US Should Sanction Chinese Drone Maker DJI for Sending Data to China.
- Thread starter xunhui
- Start date
Greekislandlover
Well-Known Member
My personal view is that the data issue has got way out of proportion. Plus it's always presented in the manner of "Nasty foreigners spying on us". I would point out that the US is probably worse for spying than anyone.
OK - a government (be it the USA, China or whoever) has all this data. Everybody knows everything about everybody. So how can it be of use - really? I think the claims of what countries can do to other countries are to some extent exaggerated. In the case of the internet, I see that using data to target ads to make you buy stuff is something that works. However, my policy is to NOT buy directly through adverts. If something sparks my interest I'm going to shop around and look at reviews and buy from the source I choose as opposed to click on the ad.
(inappropriate political comment remove)
OK - a government (be it the USA, China or whoever) has all this data. Everybody knows everything about everybody. So how can it be of use - really? I think the claims of what countries can do to other countries are to some extent exaggerated. In the case of the internet, I see that using data to target ads to make you buy stuff is something that works. However, my policy is to NOT buy directly through adverts. If something sparks my interest I'm going to shop around and look at reviews and buy from the source I choose as opposed to click on the ad.
(inappropriate political comment remove)
Last edited by a moderator:
Just seeing the source of that is enough to tell that's it's likely to be just more of the misinformation and conspiracy theories that are what the Epoch Times trades in.
The Epoch Times - Wikipedia
It's a non-issue, being used to generate FUD in a trade spat between two nations by triggering on existing quasi-legit concerns, e.g. drones & privacy invasion or near misses, and using a brand that people might recognise, or why single out DJI, when Autel is also HQ'd in Shenzen? Yes, there are some valid points on both sides of the "discussion", but AFAICT it's mostly just making things more difficult and/or more expensive for people who probably don't really care either way on the politics, and in many cases will have already voluntarily posted most of their personal info to social media platforms already.
DJI is pretty open that they collect logfiles on each flight and that some of that telemetry data can - and will - sometimes get sent back to DJI; how else can they review flight logs, etc. if you have a crash and make a claim? Not sure about DJI Fly, but in DJI Go there are a few options to control this (whether they function or not is another matter) and configure various bits of data to be actively sent to DJI so they can provide stats on your usage, and so on. What isn't so transparent is exactly how much data could be included if DJI pulled everything they are able to get (which may not be currently the case), e.g. imagery, etc.
But guess what? You *don't* need an active Internet (or even cellular) connection to fly - and that includes the WiFi based drones. It's also possible to offload all data you might want from a drone offline, including on a PC that isn't even connected to the Internet if you wanted. If - for whatever reason - you don't trust DJI (or China in general), then it's perfectly possible to manage your flights in such a way that the only way DJI (or anyone else) could eavesdrop would be to deploy an AeroScope type device within range of your flight. If that's not still not secure enough, e.g. you're surveying some very sensitive sites, then sure, look into a different approach - I don't think cost would be an issue if so. That consideration should include telemetry leakage; flying a grid pattern over part of Area 51 (say) could be quite interesting to the right people, for instance.
For everyone else, does it *really* matter if some foreign governments gets some high-res (and hopefully well-composed!) images/video of areas that have almost certainly been done to death already by all the copycat photographers out there, and probably don't contain any more useful and actionable intel than what is already available online through Google Maps, Instagram, etc.? No? Didn't think so.
DJI is pretty open that they collect logfiles on each flight and that some of that telemetry data can - and will - sometimes get sent back to DJI; how else can they review flight logs, etc. if you have a crash and make a claim? Not sure about DJI Fly, but in DJI Go there are a few options to control this (whether they function or not is another matter) and configure various bits of data to be actively sent to DJI so they can provide stats on your usage, and so on. What isn't so transparent is exactly how much data could be included if DJI pulled everything they are able to get (which may not be currently the case), e.g. imagery, etc.
But guess what? You *don't* need an active Internet (or even cellular) connection to fly - and that includes the WiFi based drones. It's also possible to offload all data you might want from a drone offline, including on a PC that isn't even connected to the Internet if you wanted. If - for whatever reason - you don't trust DJI (or China in general), then it's perfectly possible to manage your flights in such a way that the only way DJI (or anyone else) could eavesdrop would be to deploy an AeroScope type device within range of your flight. If that's not still not secure enough, e.g. you're surveying some very sensitive sites, then sure, look into a different approach - I don't think cost would be an issue if so. That consideration should include telemetry leakage; flying a grid pattern over part of Area 51 (say) could be quite interesting to the right people, for instance.
For everyone else, does it *really* matter if some foreign governments gets some high-res (and hopefully well-composed!) images/video of areas that have almost certainly been done to death already by all the copycat photographers out there, and probably don't contain any more useful and actionable intel than what is already available online through Google Maps, Instagram, etc.? No? Didn't think so.
So you want to see sanction? No wonder you took all the hassle to watch The Epoch Times channel considering YouTube is not accessible in China. I reckon it's not anything relevant to China is important to you; perhaps only the bad things if you like that channel. Then my question - why are you still flying a DJI drone? Surely the Chinese government knows your ID and spy on you!
The entire DJI security issue is WAY overblown.
The main fear is that the Chinese gov't can use stored data from our flight records to spy on sensitive areas and infrastructure. For that to be a possibility, there needs to be a massive data dump when we sync our fight logs. And that just doesn't happen. Anyone who's done that knows the time it takes to sync the logs doesn't support uploading of actual photos.
Let's look at is this way. This world is full of amateur (but excellent) hackers looking to make a name for themselves. DJI even offers a bounty program for those finding bugs, flaws, and backdoors in their software.
And in 2017, a hacker (Kevin Finisterre) found a bug, and things didn't go well between him and DJI when he wanted his bounty. He went public and the hacker community wasn't happy. So the community has it out for DJI. That's even more impetus to find this elusive security issue.
With all of these issues public, why hasn't the hacker community found the smoking gun that everyone says exists?
This is the main issue with this perceived security threat. Until this happens, I'm extremely skeptical this is an actual issue.
Nothing in any report I've seen, public or otherwise, supports the fear. If a civilian hacker knew about it, it would be front page news in this industry and the hacker industry, and those who oppose Chinese drones would be using that in the press every time this story grew legs.
And if a gov't agency had this information, we'd have it too. This gov't leaks like a screen door on submarine. And if any of our Congress Critters had this information, it would be leaked by a "confidential source" to every media outlet in the country.
Color me skeptical.
The main fear is that the Chinese gov't can use stored data from our flight records to spy on sensitive areas and infrastructure. For that to be a possibility, there needs to be a massive data dump when we sync our fight logs. And that just doesn't happen. Anyone who's done that knows the time it takes to sync the logs doesn't support uploading of actual photos.
Let's look at is this way. This world is full of amateur (but excellent) hackers looking to make a name for themselves. DJI even offers a bounty program for those finding bugs, flaws, and backdoors in their software.
And in 2017, a hacker (Kevin Finisterre) found a bug, and things didn't go well between him and DJI when he wanted his bounty. He went public and the hacker community wasn't happy. So the community has it out for DJI. That's even more impetus to find this elusive security issue.
With all of these issues public, why hasn't the hacker community found the smoking gun that everyone says exists?
This is the main issue with this perceived security threat. Until this happens, I'm extremely skeptical this is an actual issue.
Nothing in any report I've seen, public or otherwise, supports the fear. If a civilian hacker knew about it, it would be front page news in this industry and the hacker industry, and those who oppose Chinese drones would be using that in the press every time this story grew legs.
And if a gov't agency had this information, we'd have it too. This gov't leaks like a screen door on submarine. And if any of our Congress Critters had this information, it would be leaked by a "confidential source" to every media outlet in the country.
Color me skeptical.
But DJI don't collect your flight data, they don't get to see it unless you choose to upload it to their sensors.
If you ever have a warranty claim, they ask you to synch your data if you haven't already so they will have access to it.
But if you've ever seen what's recorded in flight data, it's pretty clear that it's got no espionage value to anyone anyway.
Users would notice the big data transfers if their images or videos were sent to DJI.
I explained here why the idea that DJI or China collects and looks at your images makes no sense.
Pentagon approves five US drone makers ahead of likely ban on China’s DJI
https://www.flightglobal.com/military-uavs/pentagon-approves-five-us-drone-makers-ahead-of-likely-ban-on-chinas-dji/139864.article
mavicpilots.com
I've always wondered if I'm flying above West Nashville observing our beautiful scenery, how is my Mavic Air going to show China something that can't already see from Google Earth? In my honest opinion, DJI capturing data and sharing with their government is waaaay overblown.
Sure, you absolutely have full control over the data collected as it stands, and can decline to send it to DJI if you wish. That doesn't mean there isn't some hidden functionality that would let DJI pull it remotely given the right trigger and a viable connection as the FUD-spreaders would like us to believe, but my view is that even if there is, SO WHAT? As you say, what it contains is of negligable importance for espionage (or any other practical use other than incident diagnostics, for that matter) in all but corner cases, unless they can also somehow grab the captured imagery. There are also third party tools online that can show you exactly what's in the information before you send it and, as I pointed out, if you are sufficiently paranoid you can absolutely prevent any of that data from being sent to China.
A corner case might be surveying within sensitive areas. If a foreign agency were to detect a drone flying a grid in an area of interest (on a military base say), then that might be enough of a trigger to prompt a futher investigation by other means to see what was going on - an "interesting" new construction, perhaps? Or, if you see a drone operating on a military base or training ground, then it suddenly pops in a conflict zone. Of course, that *still* requires the initial telemetry to be captured, transmitted and analysed, which doesn't seem to be happening either, let alone any of the bulk downloads of the user captured data that are being implied.
Users would notice the big data transfers if their images or videos were sent to DJI.
I explained here why the idea that DJI or China collects and looks at your images makes no sense.
Pentagon approves five US drone makers ahead of likely ban on China’s DJI
https://www.flightglobal.com/military-uavs/pentagon-approves-five-us-drone-makers-ahead-of-likely-ban-on-chinas-dji/139864.article
Yes, if they were looking for it, that would absolutely be noticeable if done in bulk; a trickle of telemetry data maybe not so noticeable for a general user unless they had a *really* expensive data plan or got stung on roaming rates while overseas though. However, people with a clue and interest in such things also deliberately go looking for this kind of stuff (Kevin Finisterre was mentioned above, for instance) and would be screaming blue murder if they had any evidence it was going on even if just for the street cred it would bring in the current political climate. Instead: *crickets* and *tumbleweed*. Lack of evidence doesn't mean it isn't happening, but DJI are being incredibly subtle about it if it is.
It's exactly the same as with Huawei - lots of claims, over many years, absolutely no evidence (or even evidence that evidence exists) made public. OK, it's possible that revealling that information publically might potentially compromise an intelligence asset, but the US has approached multiple countries that it routinely shares classified intel with over Huawei and - AFIAK - while a few have banned or restricted use of Huawei equipment, NONE have come out and said anything along the lines of "we've reviewed the evidence provided by the US, and have decided to ban Huawei from our telecoms networks as a result".
Is there a risk? Yes, sure. Is it large enough that people need to worry about? Maybe, but only if you're in one of those extreme corner cases, and even then there's a good chance it can be managed. Ulimately, this is about almost entirely about money and trade deals, and absolutely zip to do with national security.
Some very good points from both sides. I think it's good for everyone to talk but not get to worked up at this time with irrational and emotional bias, as the real truth is unknown to most of us. If DJI is actively collecting data and I have no way to prevent this. Then all DJI products which do so should be banned, which is something said that does not in any manner make me happy. This goes for any country or company that would do this for political, personal or financial gain.
My concern is to just keep flying my drone and enjoy the fun and excitement, nothing more and quite easy to understand for those that do fly. To keep my personal information private and enjoy my life with my friends, family and the people I care about.
My concern is to just keep flying my drone and enjoy the fun and excitement, nothing more and quite easy to understand for those that do fly. To keep my personal information private and enjoy my life with my friends, family and the people I care about.
CactusJackSlade
Well-Known Member
- Joined
- Oct 17, 2016
- Messages
- 1,087
- Reactions
- 846
Agreed.... everyone should watch the movies: SNOWDEN and THE CREEPY LINE... then pass judgement one other countries "spying" efforts.
Thanks for the post
Having been within the blast radius of a "bug bounty unpaid" issue, this makes sense.
(I was working for a large telcomm at the time, and they offered a "bug bounty." Someone hit up Shodan, found one of "our" IPs with an open port, and tried to claim that it was "our" bug. It wasn't. Customer hadn't updated Wordpress on their own hardware in our rack. It got... messy.)
Covideos19
New Member
I've been wandering for a while when DJI would be brought into the, U.S. + it's 'Allies' cold war with the Chinese. The ONLY reason imo why we have this technology is because obviously the Chinese can prove that they have the know how....... Now don't you think it's about time Silicon Valley or even somewhere in UK! got on to it (that we won't be giving away the latest guidance systems or whatever) and started making UAVs! Maybe even better but again I recon they have such a lead, ONLY sanctions could probably beat them.
Similar threads
DJI Drone Deals
1. Mini 2
2. Mini 3 Pro
3. Mini 4 Pro
4. Air 2s
5. Air 3
6. Avata 2
7. Mavic 3 Pro
8. Mavic 3 Classic
2. Mini 3 Pro
3. Mini 4 Pro
4. Air 2s
5. Air 3
6. Avata 2
7. Mavic 3 Pro
8. Mavic 3 Classic
Forum statistics
