Slashdot Mirror

← Back to Stories (view on slashdot.org)

UAV Operator Blames Hacking For Malfunction That Injured Triathlete

Posted by timothy on from the convenient-line dept.

jaa101 (627731) writes "The owner of a drone which fell and reportedly hit an athlete competing in a triathlon in Western Australia's Mid West has said he believes the device was 'hacked' into." From the article: "Mr Abrams said an initial investigation had indicted that someone nearby "channel hopped" the device, taking control away from the operator. ... Mr Abrams said it was a deliberate act and it would be difficult to determine who was responsible as something as common as a mobile phone could be used to perform a channel hop. The videographer added that there had been a similar incident when the drone was flown earlier in the day."

21 of 178 comments (clear)

  1. Evolution by SuperKendall · · Score: 4, Funny

    This is why, as a professional athlete, I always make sure I'm fielding my own anti-drone drone to take out drones that get close to me.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re:Evolution by davester666 · · Score: 5, Insightful

      This is the funny part "The videographer added that there had been a similar incident when the drone was flown earlier in the day."

      If he drove a car, and he noticed that the brakes had failed earlier, but instead of getting it repaired, he started a new trip, eventually plowing into a group of people, he would be in jail...

      I guess it's different if you are piloting a toy plane over a crowd.

      --
      Sleep your way to a whiter smile...date a dentist!
    2. Re:Evolution by Architect_sasyr · · Score: 5, Insightful

      Reads like bullshit anyway. Something went wrong, he throws up the "it wasn't me it must be those evil hackers" defence rather than accepting the blame for putting his device together poorly or letting it go out of range. There would be no way of knowing for sure if another device took control during the incident (because who would build that in to a home made UAV), so he *may* be telling the truth, but if it happened twice in one day either someone is out there deliberately hashing the channels to mess with everybody, or he just went out of range/did something wrong/etc.

      --
      Me failed English...
      FreeBSD over Linux. If my comments seem odd, this may explain...
    3. Re:Evolution by ShanghaiBill · · Score: 4, Informative

      This article has a much better photo, including the "drone" right after it smacked into the guy's head.

    4. Re:Evolution by niftydude · · Score: 4, Informative

      Reads like bullshit anyway..

      \ This is correct. According to the drone operator: "She looks over her shoulder and gets frightened, falling to the ground and bumping her head, but the drone didn't actually strike her"

      But according to the triathlete: "I have lacerations on my head from the drone and the ambulance crew took a piece of propeller from my head"

      I reckon the drone operator is full of shit and just making up whatever comes to mind. In the same breath he claims that the drone didn't hit her, that she fell on her own, and that anyway the drone was hacked so it isn't his fault. Typical blame everyone but himself personality disorder.

      --
      You can never know everything, and part of what you do know will always be wrong. Perhaps even the most important part.
    5. Re:Evolution by ozmanjusri · · Score: 4, Interesting

      Something went wrong, he throws up the "it wasn't me it must be those evil hackers" defence rather than accepting the blame for putting his device together poorly or letting it go out of range.

      The drone looks like a DJI Flamewheel F550, and I'm guessing by his comments he was using the DJI iPad Ground Station (or equivalent) to bluetooth to his iDevice.

      That gives any hacker two vectors of opportunity, but also the operator two transmitters to get out of range from, with the Bluetooth connection being the shortest range and most likely culprit. And if it was really a bad guy taking control or disrupting the connection, I suspect the iPad's Bluetooth is again the one any opportunistic villain would be more likely to be familiar with.

      --
      "I've got more toys than Teruhisa Kitahara."
    6. Re:Evolution by NoKaOi · · Score: 5, Insightful

      Mobile phone 'could have been used to channel hop'

      Um, so pretty much doesn't that mean the drone was running on WiFi? So it was most likely simply interference, another device was trying to use the same channel has his device. Lesson 1: If you're going to operate a UAV over WiFi, check to make sure nothing else is on the channel. Lesson 2: If you're going to operate a UAV over WiFi, don't fly it where it could crash into somebody because you never know when another device is going to interfere with the channel you're using. Lesson 3: If something in the area interfered with it in the morning, don't fly it over humans without figuring out the interference.

      He said a full check was conducted and the device was taken elsewhere for a test flight, but he said no issues were detected.

      Which means whatever it was interfering with was in the area you were operating it in when it crashed, not the area where you tested it.

      Mr Abrams said an initial investigation had indicted that someone nearby "channel hopped" the device, taking control away from the operator.

      So somebody switched on their mobile hotspot and it was on the same channel as your UAV.

      The videographer added that there had been a similar incident when the drone was flown earlier in the day.

      Wow. Had this not happened I'd say the guy doesn't understand technical stuff (he's a photographer, not an IT guy) and that this was an unfortunate accident, but considering it happened earlier, he didn't consult with a technical person, and he still flew it over humans that's downright negligence and he should be responsible for the competitor's medical expenses, entry fee and any travel expenses. Perhaps even prosecuted for endangerment (either reckless endangerment or public endangerment, I think Australia has those laws similar to most US states).

  2. If only it were possible to do challenge/response! by tlambert · · Score: 4, Insightful

    If only it were possible to do challenge/response! Using a pre-arranged CERT, so that the drone sends a challenge for each command that has to be encrypted with the shared secret before the drone would accept it!

    Oh... wait... it's completely possible.

  3. Sounds like a RC plane not a drone by whois · · Score: 5, Informative

    If it's subject to interference caused by someone broadcasting on the same channel and it can't compensate for it by switching channels or in some way authenticate it's control traffic, then it's a poorly designed toy and shouldn't be used commercially.

    Reading the article:

    "Operators of all unmanned drones used in a commercial capacity are required to be certified.
    Neither Mr Abrams nor his business appear on the list of the 92 operators certified nationally."

    So it sounds like he should be charged with some form of negligence if that is applicable to Australia. In the US the FAA would also probably be fining him.

    1. Re:Sounds like a RC plane not a drone by ScentCone · · Score: 5, Interesting

      In the US the FAA would also probably be fining him.

      Well, that's not entirely clear just this moment. In the now-headed-into-appeals area of Huerta v Pirker, it kinda looks like the FAA doesn't actually have any formal, properly constructed rules in place. Guidance only. Their distinction between recreational and commercial use of the very same RC machines used by the same people in the same place at the very same time is pretty ridiculous - and the administrative law judge handling round one of that case agreed. But the case is still baking.

      So, if you dropped your camera drone on someone's head in the US right now, and weren't flying next to an airport or beyond line of site or over 400' ... then the trouble you're in is roughly the same as if you'd hit the same person in the head with a lawn dart or a football. Good ol' fashioned reckless endangerment, having nothing to do with the FAA pe se.

      --
      Don't disappoint your bird dog. Go to the range.
  4. I saw this on HAK5. by jeek · · Score: 4, Informative

    http://hak5.org/episodes/hak5-...

    Even if you can't issue commands, you can knock out the control chanel.

    --
    If you want to be seen, stand up. If you want to be heard, speak up. If you want to be respected, sit down and shut up.
  5. What BS by NewtonsLaw · · Score: 4, Insightful

    Modern 2.4GHz RC gear requires a significant level of tech-expertise to "hijack" in the manner suggested.

    Occam's Razor has the answer...

    Simple mechanical, electrical or operator failure -- nothing more, nothing less.

    Too many would-be "drone" operators have scant understanding of the need for a maintenance schedule and proper planning before deploying even the smallest and most lightweight of craft.

    The problem is that far to many people buy these things and then treat them as if they'll just keep working forever -- simply charge the battery and fly!

    Unfortunately, props fatigue, motor bearings wear, ESCs can overheat and flight controllers can fail.

    There's a hell of a lot more to safely deploying one of these craft than flipping a few switches and wiggling some sticks.

    I'm not a commercial operator -- I fly for fun but even *I* am very much aware of the importance of good housekeeping and planning when it comes to using these things safely.

  6. Re:If only it were possible to do challenge/respon by Anonymous Coward · · Score: 4, Informative

    In the US, properly designed 2.4 GHz RC radios, at least for model aircraft,
    do in fact authenticate control signals. The best of the lot use a
    channel hopping technique that is effectively all but totally imune to interference.
    I assume that such equipment is available in Australia, and should have been
    used.

  7. He probably believes it; he's probably wrong by harryjohnston · · Score: 5, Funny

    Reminds me of a student, many years ago, who told me very seriously that hackers regularly broke into his home computer to mess with him. The evidence? Visual Studio (IIRC) kept changing between "inserting characters" and "overwriting characters" when he typed.

    I asked if he might be accidentally hitting the Insert key. He had no idea what the Insert key did.

    To his credit, when I explained, he acknowledged that this might have been the cause and perhaps there weren't any hackers in his computer after all.

    1. Re:He probably believes it; he's probably wrong by I'm+New+Around+Here · · Score: 4, Funny

      After that, you erased all traces of your invasion, and left his computer alone?

      --
      If you think I voted for Trump because of this post, you're wrong. I voted for Dr. Jill Stein of the Green Party. Again.
  8. A likely story by Brett+Buck · · Score: 5, Insightful

    I have been flying model airplanes for 50ish years now, and in that time, I have never ever heard of any RC pilot crashing due to pilot error. In every single case, it was "radio failure"

  9. Pilot Made Multiple Errors, "Hacking" Claim Is BS by ausoleil · · Score: 5, Insightful

    Multicopter pilot here. In short, it looks like the pilot was a hobbyist out of his depth and was performing dangerous maneuvers before any so-called hacking with equipment not meant for the job.

    I don't know a lot about the specifics of the accident, but the multicopter that was involved in the accident was using a very outmoded form of technology to control the multicopter (wifi) rather than the far more reliable multichannel failsafe 2.4GHz DSMX systems that are in common use with bigger multicopters. While it may be possible to "hack" the signals controlling the 'copter, it's more likely that the control loss was due to RF interference, either by purpose or accident. I would imagine that a sporting event such as the one where the incident occurred would be awash in wifi signals from dozens if not hundreds of sources.

    Secondly, the multicopter pilot was doing something that experienced pilots / cinematographers strongly avoid: flying directly over people. Even the best control systems and multicopters can malfunction, and hovering over a crowd is obviously a bad place for that to happen.

    The type of multicopter also gives away the apparent lack of skills or experience of the pilot. Parrot AR 'copters are not professional-grade equipment and they are not devices that someone who earns a good bit of money from aerial filming would use.

    (note: apologies for a double post, I forgot to log in to post this reply.)

  10. Re:yeah right! by exomondo · · Score: 4, Informative

    secondly it is your drone, you are responsible for it, if you can't secure it then you should not be using it around people.

    thirdly, it should not have been flown within 30 meters of another person.
    fourth (ly?), as it was used in a commercial capacity it should have been certified but neither Mr Abrams nor his business appear on the list of the 92 operators certified nationally.

  11. As a pilot, you are ALWAYS responsible by Jinker · · Score: 5, Insightful

    While learning to fly full scale airplanes it was drilled into me over and over, it is *always* the pilot/operators responsibility.

    You either screwed up, or failed to ensure you were using reliable equipment, or failed to account for uncertainties in how you operate it.

    Running what is essentially hobby hardware (radios, speed controls, batteries etc.) over top of people is just plain irresponsible.

    "Oh, but I haven't crashed before."

    Yeah, until you do.

  12. Re:If only it were possible to do challenge/respon by Opportunist · · Score: 5, Interesting

    Frequency hopping RC radios are pretty much the standard today among model plane enthusiasts. My dad happens to fly them and IIRC the freq hopping technology went into mainstream a good decade ago, as far as I know you can't even get "old school", fixed-channel controls anymore. It's also low-tech-person compatible technology (my dad most definitely is one), you simply press a button on both sender and receiver to "attune" them and you're set.

    The technology is also quite tamper proof. Short of full frequency spectrum static flooding, there is very little you can do to disable communication between sender and receiver, let alone "take over" control of such a plane.

    Of course, I don't know what the current tech standard for drones is like. I would have thought, though, that the standard would be higher than it is for toys.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  13. Re:If only it were possible to do challenge/respon by Anonymous Coward · · Score: 5, Interesting

    Depending on the model of drone, NO IT IS NOT
    The parrot AR drone in particular has no security, and you can't add any ontop of it (We've tried, and it wants to be a black box, and me trying is why posting as AC)

    Many of the drones out there are NOT meant to be tinkered with, and I haven't yet seen one (non military) that has any level of encryption at all or really even authentication...

    The first good drone that runs something like the Google Android that is going to be for ultra low energy use for smart watches, etc that is suppose to be coming out this summer... or something similar will probably be the first reasonably priced drone with any decent encryption, let alone tinkering