Slashdot Mirror
UAV Operator Blames Hacking For Malfunction That Injured Triathlete
jaa101 (627731) writes "The owner of a drone which fell and reportedly hit an athlete competing in a triathlon in Western Australia's Mid West has said he believes the device was 'hacked' into."
From the article: "Mr Abrams said an initial investigation had indicted that someone nearby "channel hopped" the device, taking control away from the operator. ... Mr Abrams said it was a deliberate act and it would be difficult to determine who was responsible as something as common as a mobile phone could be used to perform a channel hop. The videographer added that there had been a similar incident when the drone was flown earlier in the day."
This is why, as a professional athlete, I always make sure I'm fielding my own anti-drone drone to take out drones that get close to me.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
If only it were possible to do challenge/response! Using a pre-arranged CERT, so that the drone sends a challenge for each command that has to be encrypted with the shared secret before the drone would accept it!
Oh... wait... it's completely possible.
If it's subject to interference caused by someone broadcasting on the same channel and it can't compensate for it by switching channels or in some way authenticate it's control traffic, then it's a poorly designed toy and shouldn't be used commercially.
Reading the article:
"Operators of all unmanned drones used in a commercial capacity are required to be certified.
Neither Mr Abrams nor his business appear on the list of the 92 operators certified nationally."
So it sounds like he should be charged with some form of negligence if that is applicable to Australia. In the US the FAA would also probably be fining him.
"honest sir I didn't crash it, someone took control away from me", firstly Bullshit. secondly it is your drone, you are responsible for it, if you can't secure it then you should not be using it around people.
http://hak5.org/episodes/hak5-...
Even if you can't issue commands, you can knock out the control chanel.
If you want to be seen, stand up. If you want to be heard, speak up. If you want to be respected, sit down and shut up.
The person that chose to use a "drone" that could be taken over by a mobile phone, and had already experienced "a similar incident" earlier that day.
I like microcars
You say that like people playing with UAVs have any real experience w/ software engineering at that level - most of them are hobbyists or researchers coming from other fields (such as surveillance, mapping, aviation, control theory/practice, etc) - most of them wouldn't even be familiar with any real cryptography.
Modern 2.4GHz RC gear requires a significant level of tech-expertise to "hijack" in the manner suggested.
Occam's Razor has the answer...
Simple mechanical, electrical or operator failure -- nothing more, nothing less.
Too many would-be "drone" operators have scant understanding of the need for a maintenance schedule and proper planning before deploying even the smallest and most lightweight of craft.
The problem is that far to many people buy these things and then treat them as if they'll just keep working forever -- simply charge the battery and fly!
Unfortunately, props fatigue, motor bearings wear, ESCs can overheat and flight controllers can fail.
There's a hell of a lot more to safely deploying one of these craft than flipping a few switches and wiggling some sticks.
I'm not a commercial operator -- I fly for fun but even *I* am very much aware of the importance of good housekeeping and planning when it comes to using these things safely.
He's in business, he has some liability exposure, a "reasonable person" could foresee the possibility of a UAV failure resulting in injury to a participant. Yep, he's in a world of hurt.
I don't buy that excuse for a second. But let's say, for the sake of argument, that he's right. That means he was using cheeseball home entertainment mall kiosk grade equipment. Nobody doing for-real media coverage of a sporting event and intending to fly over people's heads is going to be using anything that could possibly be so easily "taken over." If nothing else, the drone should have a good enough flight controller to allow it to realize that something is swamping the RF control side, and have it climb to a previously identified altitude, and maneuver back over the spot from which it took off, then to make a nice gentle decent and landing. This is vanilla COTS stuff, now, with even inexpensive FCs. The good ones - which any pro should be using, and which cost more like $1k - are really good at high speed frequency hopping and only paying attention to the controller to which they're bound.
Basically, this clown sounds completely negligent.
Don't disappoint your bird dog. Go to the range.
In the US, properly designed 2.4 GHz RC radios, at least for model aircraft,
do in fact authenticate control signals. The best of the lot use a
channel hopping technique that is effectively all but totally imune to interference.
I assume that such equipment is available in Australia, and should have been
used.
Reminds me of a student, many years ago, who told me very seriously that hackers regularly broke into his home computer to mess with him. The evidence? Visual Studio (IIRC) kept changing between "inserting characters" and "overwriting characters" when he typed.
I asked if he might be accidentally hitting the Insert key. He had no idea what the Insert key did.
To his credit, when I explained, he acknowledged that this might have been the cause and perhaps there weren't any hackers in his computer after all.
Multicopter pilot here. In short, it looks like the pilot was a hobbyist out of his depth and was performing dangerous maneuvers before any so-called hacking with equipment not meant for the job.
I don't know a lot about the specifics of the accident, but the multicopter that was involved in the accident was using a very outmoded form of technology to control the multicopter (wifi) rather than the far more reliable multichannel failsafe 2.4GHz DSMX systems that are in common use with bigger multicopters. While it may be possible to "hack" the signals controlling the 'copter, it's more likely that the control loss was due to RF interference, either by purpose or accident. I would imagine that a sporting event such as the one where the incident occurred would be awash in wifi signals from dozens if not hundreds of sources.
Secondly, the multicopter pilot was doing something that experienced pilots / cinematographers strongly avoid: flying directly over people. Even the best control systems and multicopters can malfunction, and hovering over a crowd is obviously a bad place for that to happen.
The type of multicopter also gives away the apparent lack of skills or experience of the pilot. Parrot AR 'copters are not professional-grade equipment and they are not devices that someone who earns a good bit of money from aerial filming would use.
No, Mr. Abrams, the investigation hasn't indicted anything. It indicated that somebody might have taken control of the drone away from you. I don't know if that's actually the word you used or if whoever wrote the story is to blame, but in either case, the Slashdot editors would have caught this if they were actually doing their job of editing the submissions. Why they haven't been replaced by people who know the difference between using a spelling checker and doing proper proof reading to catch misused words is something that only the PHBs at Dice can answer.
Good, inexpensive web hosting
I have been flying model airplanes for 50ish years now, and in that time, I have never ever heard of any RC pilot crashing due to pilot error. In every single case, it was "radio failure"
Multicopter pilot here. In short, it looks like the pilot was a hobbyist out of his depth and was performing dangerous maneuvers before any so-called hacking with equipment not meant for the job.
I don't know a lot about the specifics of the accident, but the multicopter that was involved in the accident was using a very outmoded form of technology to control the multicopter (wifi) rather than the far more reliable multichannel failsafe 2.4GHz DSMX systems that are in common use with bigger multicopters. While it may be possible to "hack" the signals controlling the 'copter, it's more likely that the control loss was due to RF interference, either by purpose or accident. I would imagine that a sporting event such as the one where the incident occurred would be awash in wifi signals from dozens if not hundreds of sources.
Secondly, the multicopter pilot was doing something that experienced pilots / cinematographers strongly avoid: flying directly over people. Even the best control systems and multicopters can malfunction, and hovering over a crowd is obviously a bad place for that to happen.
The type of multicopter also gives away the apparent lack of skills or experience of the pilot. Parrot AR 'copters are not professional-grade equipment and they are not devices that someone who earns a good bit of money from aerial filming would use.
(note: apologies for a double post, I forgot to log in to post this reply.)
Even most wireless mice these days don't channel hop and they cost like $20 tops. Channel hopping isn't even hacking. I'm pretty sure it's extremely analog in most cases. And if he built a device with no authorization codes or encryption, he's an idiot...except he's obviously just lying out his ass about it all.
Everyone in the RC community knows that you don't fly over people. You simply don't do it. It's dangerous and things fail all the time. These fucktards that persist to do so should not be allowed anywhere near this equipment.
Also why is this called a UAV, if it was an Unmanned Aerial Vehicle it wouldn't have fallen out of the sky.
The guy was an idiot. Any drone worth its money will not just "fall out of the sky" when it loses signal. It will return to home or do some other pre-programmed action.
Multicopter pilot here.
You seriously call yourself that?
the multicopter that was involved in the accident was using a very outmoded form of technology to control the multicopter (wifi) rather than the far more reliable multichannel failsafe 2.4GHz DSMX systems that are in common use with bigger multicopters.
It's all wi-fi. Fancy wi-fi may more reliable than crap wi-fi, but it's still all wi-fi, and it all has a range which when you go past, you still lose control.
(note: apologies for a double post, I forgot to log in to post this reply.)
Deja vu...
While learning to fly full scale airplanes it was drilled into me over and over, it is *always* the pilot/operators responsibility.
You either screwed up, or failed to ensure you were using reliable equipment, or failed to account for uncertainties in how you operate it.
Running what is essentially hobby hardware (radios, speed controls, batteries etc.) over top of people is just plain irresponsible.
"Oh, but I haven't crashed before."
Yeah, until you do.
I don't think it's a Parrot AR, doesn't look much like one in this shot:
http://au.news.yahoo.com/thewest/wa/a/22435997/triathlete-injured-in-drone-incident/
Wifi is very much different from the 2.4GHz radios typical RC flyers use these days.
Wifi can trivially be knocked out accidentally by a cell phone's mobile hotspot. The interfering signal doesn't even have to be stronger than the normal control signal to cause problems.
A FHSS based 2.4GHz cannot fail in this way. It doesn't stay on one frequency long enough for interference on that frequency to matter. The amount of power required to take out the entire band makes it an impractical way to take the drone out. You'd have better luck if you deliberately hit either the aircraft or the transmitter with a strong enough signal to overwhelm the antenna. The equipment required to do that isn't generally sold. It'd have to be custom built.
So if he really was using a wifi based remote, he had no business operating it near people.
Even if he was using the interference resistant FHSS remote, you never fly it close enough to people for a failure to allow it to fall into them. Those things have a lot of fairly fragile parts and almost no redundancy. If you aren't really thorough on your preflight check, you will eventually have a catastrophic failure (either in the form of a fly away or sudden uncontrolled descent).
Frequency hopping RC radios are pretty much the standard today among model plane enthusiasts. My dad happens to fly them and IIRC the freq hopping technology went into mainstream a good decade ago, as far as I know you can't even get "old school", fixed-channel controls anymore. It's also low-tech-person compatible technology (my dad most definitely is one), you simply press a button on both sender and receiver to "attune" them and you're set.
The technology is also quite tamper proof. Short of full frequency spectrum static flooding, there is very little you can do to disable communication between sender and receiver, let alone "take over" control of such a plane.
Of course, I don't know what the current tech standard for drones is like. I would have thought, though, that the standard would be higher than it is for toys.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Another possibility that I just thought of now... Perhaps his video transmitter was also 2.4GHz. If you put those two antennas a couple inches away, that'd easily have enough power to desensitize the control antenna. If the video transmitter were enabled in the air, rather than continuously running, he'd immediately lose control as soon as it switched on.
So apparently when I switched the channel on my walkie talkie I was hacking, damn I am such a bad ass.
"It looks like you're trying to maim an athlete. Move Left to proceed, Right to cancel"
Wait - my left or its left?
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Depending on the model of drone, NO IT IS NOT
The parrot AR drone in particular has no security, and you can't add any ontop of it (We've tried, and it wants to be a black box, and me trying is why posting as AC)
Many of the drones out there are NOT meant to be tinkered with, and I haven't yet seen one (non military) that has any level of encryption at all or really even authentication...
The first good drone that runs something like the Google Android that is going to be for ultra low energy use for smart watches, etc that is suppose to be coming out this summer... or something similar will probably be the first reasonably priced drone with any decent encryption, let alone tinkering
Thats the same kind of person who blaems typos on there keyboard.
I see what you did their!
What are you talking about? 2.4GHz DSMX model control gear is NOT WiFi!
Who's the idiot then?
Hi All
Australia does not have any unlicensed spectrum, at least not between 9 KHz and almost to daylight. 2.4 GHz is a licensed frequency, covered by what is called a Class License. This provides the ability for equipment that meets the technical requirements to be automatically licensed. One of the requirements of the Class License, as noted by the ACMA (www.acma.gov.au), is that you must accept any interference from other parties.
What this means is that you cannot require anyone to not operate on the same frequency as you. They can use their own transmitters, and you cannot stop them. If they want to use a wireless video sender on the same frequency, wiping you out, this is not an issue.
This is why major sporting events stay away from unlicensed frequencies as much as possible. During the Sydney Olympics, I had six helicopters for TV coverage. Video signals were all on licensed frequencies in the 2.5 and 5 GHz ranges, and GPS tracking, telemetry and communications was in the 520 MHz range. Cell phone devices were not used, and are still mostly not used due to frequency congestion. As an aside, during a test, we used telemetry frequency a few MHz lower, but found the GPS was not working well. Turns out 3 x frequency + IF frequency was slap bang in the middle of the GPS transmissions.
Darryl
The operator of the device was aware of the vulnerability, and has observed a similar accident earlier. He is responsible for flying something he knows he cannot control.
Apparently the drone was operated by "New Era Photography and Film" which does not appear to have an AOC (Air Operators Certificate) which is required by CASA to perform commercial UAV operations. This, combined with the fact they failed to follow the 30m separation rule, means this operators is pretty well fucked regardless of what caused it.
arducopter + android otg.
pretty cheap and you can build anything you want to it, security etc.
but most importantly have the failsafe mode to not crash down straight like a rock.
world was created 5 seconds before this post as it is.
What a moron.
For a start, it appears he was flying a DJI F550 probably with a DJI Naza flight controller... do a search for "naze fly-aways" and you'll come up with a impressive number of hits.. DJI Naza are known for suddenly going out of control ie "developing a mind of their own", they have a reputation for it within the UAV/multi-rotor community.
Secondly, someone "channel hopped" him? What a moron! Way to spread FUD of "hacking drones" amongst the public. Chances are he'd never tried flying it anywhere near high powered TV transmission equipment before, probably using a overpriced Spektrum DX7 or 8 or similar RC remote that has no telemetry feedback such as link health (RSSI).
Anyway, he already got far more attention that he should have and morons like that are already doing enough damage to the multi-rotor/uav community.
Warren can also fly but admits he’ll never be able to manipulate the controls as well as a younger person.
http://www.sciencewa.net.au/to...
It's a DJI F550 Flamewheel... hence most like a DJI Naza Flight Controller... and I'd put money on it using a Spetrum DSM2 or DSMX control link (no telemetry, no RSSI feedback).
That sounds like overkill. Why not just send signed commands?
But what kind of person is going to research all the information needed to fly and operate a drone safely. Mostly, they'll buy the cheapest unit that the retailer sells them.
The fact that he crashed it, is likely to put him into trouble, especially since he was using it for commercial purposes. In Australia, a license is required to operate a UAV commercially, with adequate certification of the pilots.
From the Civil Aviation Safety Authority (CASA).
1. It's Illegal to fly Remotely Piloted Aircraft for money or economic reasons...
2. You must not fly closer than 30 meters to vehicles, boats, buildings or people
3. FPV flying is illegal without an Advanced Amateur Radio License
....
I guess he's in a lot of trouble.
1. [...] without a license
The Drone owner was too stupid to understand 2.4ghz and there is a strong signal source nearby. If you fly big drones and dont have a WiSpy and a laptop to check the area for heavy 2.4ghz interference (that is what RC plane controls operate on now) then you need to be liable for all damages due to being stupid.
Do not look at laser with remaining good eye.
Occam's Razor has the answer...
The better option is that there are a huge amount of wireless gear that will disturb your carrier signal/channel and make you loose control when you get too close.
These 10000$ drone operators do not use professional 5000$ multi-frequency transmitters.
I actually experienced this at an Oil refinery, fully regulated airspace, 100's of meters from any celltower or building, but one of the refinery's control units has a wireless backup that sends a signal every five minutes, with the same frequency/channel. Even with a digital channel hopping controller we lost control for 10 seconds. We brought in a spectrum analyzer and found a different frequency to operate at.
This drones default configuration software is to "hover", apparently this idiot set the default behavior on comm-loss to "landing" (or did not calibrate his sensors).
Having been hit several times by drone blades (catching the 3kg drone), I cannot imagine it causing the head injury unless the athlete was very unlucky.
Triathletes are not people. They are organisms with a single-celled brain that collect en masse and do stupid things together.
I'm guessing excessive lens flare was the real culprit here...
Worst. Signature. Ever.
It's all wi-fi. Fancy wi-fi may more reliable than crap wi-fi, but it's still all wi-fi, and it all has a range which when you go past, you still lose control.
This is factually incorrect. If you're out of range, the bird falls back on another kind of control that you exerted before you even took off (a GPS-based return-to-home waypoint and associated climb/travel/descend procedures - all things the operator controls). Never mind that the pro-level RF gear one would use with a "real" bird for RCAP isn't WiFi at all, and doesn't resemble WiFi in any way that matters.
Don't disappoint your bird dog. Go to the range.
Anyone know where Edward Wong Hau Pepelu Tivrusky IV was during this? Pretty sure they enjoy hanging out in deserts and hacking into aircraft.
You don't have to knock out all that many to get a "glitch". Total loss of control is more difficult.
Overwhelming the front end isn't too hard, all you need is a microwave oven magnetron, horn antenna, and power supply.
People are calling this thing a "drone", but I'm wondering if it's really more of a standard model R/C aircraft under real-time control from the pilot and without any sort of autopiloting capabilities. With those, if the control signal is lost, they won't hover and certainly won't return home, they will generally cut throttle and return control surfaces to neutral, dropping out of the sky.
They're replayable.
The videographer added that there had been a similar incident when the drone was flown earlier in the day."
You knew the drone could be interfered with or "hacked" but you went ahead and flew it again endangering people and in fact injuring someone.
Congrats you're going to get sued.
"If any question why we died, Tell them because our fathers lied."
This only shows that UAV's should only be used by licensed people with certified/licenced UAV's.. Some people think UAV's aren't the same as RC planes/helicopters, but they are wrong, in most countries they fall under the same law's as RC planes/helicopters (because that's exactly what they are).. So this UAV shouldn't have been near/over any person at all.. This moron should stop blaming other people, he decided to use the UAV and therefore he's responsible.. Epecially if the consumer UAV is so easily taken over by just channelhopping of a mobilephone...
If you suspect that your communications are compromised and have prior experienced interference that leads to a loss of control, then WTF are you doing flying this thing over people?
"I wasn't speeding, officer. Someone must have hacked my vehicle. This has happened before. Just yesterday I was late for work because someone hacked my alarm clock. Also the computer forgot my password."
Proverbs 21:19
He probably won a shitload of money betting against her, and seeing her winning, his only option was to crash his damn drone into her....
The Parrot is a heck of a lot of fun in an appropriate environment. Fly it in a gym with a slalom course set up? Loads of fun. Sure, try to fly it down the hallway in your house with the cat running around underneath, and you're doomed. Fly it outside in any wind at all, and you're doomed. Fly it at work where the hallways are wide between the cubes? Great fun.
And, you learn very quickly what the limitations of an inexpensive system are, which is valuable in itself.
This, truly, is the problem with the commercial drone push. The RC airplane hobbyists have as a community been very professional in all aspects of design and operation. The drone enthusiasts, however, want to bypass all aircraft design and regulation, but fly their cheap toys commercially over people's houses and children. As hostile as the FAA is to aviation, there's a reason that aircraft design, certification and operations are done rigorously and expensively. All of those lessons are learned in blood.
In Australia it's illegal to fly a UAV within 30 meters of a human. This donkey was using an iPad to fly it 10 meters above the track. Even if quality radios are available here (of course they are) it sounds like he's a 'creative' type with little regard for anything without a brand name he reckognizes, physical reality or the law.
I don't therefore I'm not.
Clearly you don't know what you're talking about. "channel hopping" doesn't protect from interference. From TFA:
Channel hopping is a form of hacking which can render the drone uncontrollable to the original operator.
</lol>
Just a convenient way to try and deflect blame in case the athlete sues.
Bugs are not hackers.
Twice the same day tells me something bugged.
Drones do not drop out of the sky because they get hacked. They can - or should - balance themselves stationary even if the control is lost or taken over.
It would have to be A) hacked and B) driven into the ground by the hacker...?
Regardless, the drone operator - or the insurance of the drone operator - should pay up. If they want to find someone else to pay up, that's their problem.
That 30 meter rule sounds pretty wise. Not too long ago in New York, a rc helicopter enthusiast managed to chop part of his own head off while trying to do stunts.
A pilot here as well. This article and incident has so much fail in it. There's NO information about the incident aside from the person being injured.
Wifi flying? Only the AR.Drone has it.
All the photos show a DJI flaming wheel 550 hex. It likely runs a NAZA or ACE system. Likely a NAZAv2 as the camera looks like a GoPro and every article mentions iPhone(!). NAZAs only use WiFi for camera and ground station supervisory, not actual flying. It's is a man in the loop system. The pilot still has control via a 2.4Ghz narrowband radio (like a spektrum, FrSky, etc...). NAZA allows you to hit a button (goto waypoint) on the iphone, and it autonomously flies BUT allows user override with the r/c sticks. And the wifi portion only allows 2-3 functions: Land, goto Home, or goto waypoint aside from live video.
When it comes to hacking, there's so much fail here. The guy's obviously is a aerial photographer, NOT a drone user. You can't hack the 2.4 narrowband--it's binded, the iPhone wifi? sure you can hack that, but it's for live video and a couple of 'safe' commands. This pilot clearly lost control.
Now look at the reality of the situation: you're 25 feet above a crowd (w/cellphones at 2.4 or 868Mhz), Urban canyon WiFi access points, TV crew wireless mics (400, 5.8 & 2.4), and running a system that has a iphone (2.4 and 868), narrowband radio (2.4), and bluetooth running. All basically in the palm of your hand. You're asking for RF interference... and that's likely the cause. Of course, the pilot likely did not set up failsafe features--cause it's usually off by default and ignored by users (much like turning on your firewall or javascript...). FAIL for a professional.
Folks, let this story brew--likely the truth will come out as currently everyone is calling the 'OMG the sky if falling', literally. Since the pilot does not have a CAA permit/license shows the lack of knowledge of his tools. As well as the event host for hiring him.
https://www.youtube.com/watch?... -- enjoy
The new right fascists are bilingual. They speak English and Bullshit.
Clearly you don't know what you're talking about. "channel hopping" doesn't protect from interference. From TFA:
Channel hopping is a form of hacking which can render the drone uncontrollable to the original operator.
</lol>
One acronym for you DSMX2
The new right fascists are bilingual. They speak English and Bullshit.
The hopping sequence is not very hard to track. It is not using a very good PRNG. A broad-band 2.4GHz SDF and a little bit of channel monitoring is all that is needed to determine the hopping sequence and then predict it. Once you have a hop prediction it is easy to either jam it or take control of the receiver. In fact, if one already has one of these radio systems, it would not take very long to map out all possible seeds for the sequencer. Then it just takes monitoring a few channels in the band until you see enough of the sequence to guess the seed.
That being said; I don't think that is what happened in TFA. I am fairly confident that the operator screwed up and is attempting to deflect responsibility.
UAV/RC aircraft need to be using far better authentication and semi-autonomous recovery when used in areas where public safety is a critical issue. Consumer/hobby grade RC systems are simply not safe enough.