The US Army will stop using DJI drones for fear of information leaks

Unmanned aerial vehicles do not surprise anyone. Not only geeks, but also ordinary people use drones for solving various tasks. Someone needs to record a beautiful video for YouTube, and someone wants to inspect the roof of his house in order to understand how much of the roof needs repairs. In addition, they work with copters and the military of various countries, including the United States.



The army of this country is one of the most technologically advanced in the world. It uses thousands and thousands of drones, both proprietary and procured from third-party companies. For example, at DJI. The US military has used drones from this manufacturer for a long time, since such devices are very convenient. But now they will have to stop this practice.



The problem is that the drones of this company collect a large amount of information, including geolocation, audio and video. Some users and information specialists have already complained about “eavesdropping”. Nevertheless, the management denies everything. Last year, in an effort to protect themselves from the charges, company representatives said: “DJI cannot, and we believe that it should not be able to connect to your live feed from the memory card or phone that is connected to the drone. And since we do not have access to this data, we cannot transfer them to anyone else. ”



All right, but not quite. The fact is that DJI installed a special software in its drones, which determines the location of the device, referring to the coordinates of the no fly zone ( No Fly Zone ). The developers believe that the function No Fly Zone (NFZ) allows you to save your customers from trouble. But customers prefer to worry about their own security. The no-fly zones include airports, stadiums, military bases, national parks and other places.



And just this information collected by special software is sent to the company's servers. One of the points in the DJI's policy states: “We reserve the right to save this data and provide it to third parties if the law requires it or there is a reasonable suspicion that these actions violate the laws. Data is provided at the request of the court and other government agencies. " All this information is stored on servers located in the USA and in China.



It is likely that the military is not too pleased that someone might know exactly where the drone is located, which performs an important task. In addition, telemetry transmitted by the drone can be intercepted by attackers nearby. Protection by developers is provided, but DJI drone data transfer protocols are too well known, an attacker, having the necessary experience, can easily access this information, and intercepting video and audio stream is also not too difficult task for a professional.







In any case, senior US military ordered to remove all DJI drones, remove all applications from this company, remove batteries and storage devices from devices.



The DJI management has already managed to say the following about this: "We are surprised and upset by the information that the US military will not use DJI drones, although we will not argue with this decision." “We are pleased to work with various organizations directly, including the US Army, which has concerns about cyber security. We will try to contact the US Army in order to clarify this situation and find out what is meant when the military speak of "cyber vulnerabilities." Up to this point, we ask everyone to refrain from speculation and rumors. "



It is unknown whether the copters of this company are used by the Russian military. But ordinary users who want to fly wherever they see fit turn off the No Fly Zone safety system. This is done with the help of specialized software, which is produced by the domestic company, Coptersafe. Now this company is making money on the creation of various crater models of decks, while the device versions are offered a variety of software and hardware.