Slashdot Mirror
Ask Slashdot: Are My Drone Apps Phoning Home?
Slashdot reader bitwraith noticed something suspicious after flying "a few cheap, ready-to-fly quadcopters" with their smartphone apps, including drones from Odyssey and Eachine.
I often turn off my phone's Wi-Fi support before plugging it in to charge at night, only to discover it has mysteriously turned on in the morning. After checking the Wi-Fi Control History on my S7, it appears as though the various cookie-cutter apps for these drones wake up to phone home in the night after they are opened, while the phone is charging. I tried contacting the publisher of the Odyssey VR app, with no reply.
I would uninstall the app, but then how would I fly my drone? Why did Google grant permission to control Wi-Fi state implicitly to all apps, including these abusers? Are the apps phoning home to report my flight history?
The original submission asks about similar experiences from other drone-owning Slashdot users -- so leave your best answers in the comments. What's making this phone wake up in the night?
Are the drone apps phoning home?
I would uninstall the app, but then how would I fly my drone? Why did Google grant permission to control Wi-Fi state implicitly to all apps, including these abusers? Are the apps phoning home to report my flight history?
The original submission asks about similar experiences from other drone-owning Slashdot users -- so leave your best answers in the comments. What's making this phone wake up in the night?
Are the drone apps phoning home?
Christ, it was even on Slashdot and they still downvote you.
US Army Calls Halt On Use of Chinese-Made Drones By DJI
Posted by BeauHD on Friday August 04, 2017 @05:40PM from the new-guidance dept.
Due to "an increased awareness of cyber vulnerabilities with DJI products," the U.S. Army is asking all units to discontinue the use of DJI drones. The news comes from an internal memo obtained by the editor of SUAS News. It notes that the Army had issued over 300 separate releases authorizing the use of DJI products for Army missions, meaning a lot of hardware may have been in active use prior to the memo, which is dated August 2nd, 2017. The Verge reports:
SUAS News published a piece back in May of this year that made a number of serious accusations about data gathered by DJI drones. Author Kevin Pomaski starts out writing, "Using a simple Google search the data mined by DJI from your provided flights (imagery, position and flight logs) and your audio can be accessed without your knowing consent." However, he never follows up with evidence to demonstrate how this data becomes public or can be found through a Google search. Pomaski also point out, correctly, that when DJI users elect to upload data to their SkyPixel accounts through the DJI app, this data can be stored on servers in the U.S., Hong Kong, and China. This data can include videos, photos, and audio recorded by your phone's microphone, and telemetry data detailing the height, distance, and position of your recent flights.
DJI provided the following statement to The Verge: "People, businesses and governments around the world rely on DJI's products and technology for a variety of uses including sensitive and mission critical operations. The Department of the Army memo even reports that they have 'issued over 300 separate Airworthiness Releases for DJI products in support of multiple organizations with a variety of mission sets.' We are surprised and disappointed to read reports of the U.S. Army's unprompted restriction on DJI drones as we were not consulted during their decision. We are happy to work directly with any organization, including the U.S. Army, that has concerns about our management of cyber issues. We'll be reaching out to the U.S. Army to confirm the memo and to understand what is specifically meant by 'cyber vulnerabilities.' Until then, we ask everyone to refrain from undue speculation."
I had a drone with iPhone app that called home too so its not just an android issue at all.