Pentagon Puts DJI on Blacklist(aljazeera.com) |
Pentagon Puts DJI on Blacklist(aljazeera.com) |
DJI's application (Mimo) has been banned from the Android Play Store for some time, with no explanation given by DJI. They offer an APK to side load, which is completely unsupervised, and requires access to your phone's accurate location and other invasive permissions no matter which of their products you are using.
This is an important detail. Your phone location might be helpful when using drones (though GPS should be on the drone, not your phone) but there is absolutely no reason to use it for something like a phone stabilizer, which it absolutely requires and will not let you continue unless you turn it on.
I did not reverse engineer their application but I will be surprised if there isn't a copious amount of data being sent to the back office.
You might not care as an individual, but then maybe ten years from now you will visit China, and they might know about you more than you're comfortable sharing.
As a side note, Aljazeera is comically ridiculous: https://imgur.com/a/HnbLy4O
>Remote ID helps the FAA, law enforcement, and other federal agencies find the control station when a drone appears to be flying in an unsafe manner...
To be clear, I don't support this implementation of RemoteID proposed by the FAA, and I don't like that the DJI app doesn't allow granular control over permissions. I fully support the Feds' efforts in sanctioning DJI. However, I think it's important that we level reasonable criticisms at DJI for behavior that they're capable of changing.
It’s for the flight restriction system. Won’t let you fly near schools, power plants, airports etc.
Either way when using a drone they will know your location, but there's no reason to let DJI access this information when using every single product they make.
I'm not saying DJI isn't spying on everything but that's probably the reason. This is hilarious in hindsight because for years, you had to give an app call access so they could monitor if a call was incoming (for pausing a game for example)
Edit: It also looks to be a GDPR ban.
it's the opposite - anything that can read a signal that has been broadcast by another deivce requires location permission. which makes sense, because if you can poll for nearby wifi networks or bluetooth beacons you can determine location, even without using the GPS hardware.
Actually, for the new EU regulations, you need to broadcast both the position of the drone and of the operator, at least for everything above class C1 ("remote ID", see [1]).
And in any case, drones without working GPS are not fun to fly. DJI's Mini 3 Pro (and its larger friends) can do by using the collision-avoidance stereo cameras, but others I wouldn't dare risk running indoors.
Wondering if GPS on the drone would dramatically affect battery life as well?
In case of emergency, drones just land where they are, or they could try to go back to the point of origin. Depending on the emergency, the drone might lose connection with the operator, in which case your own location is not very useful. I didn't run into emergencies lately but usually as far as I know the operator sets out to retrieve the drone.
> Wondering if GPS on the drone would dramatically affect battery life as well?
The vast majority of consumer drones already have GPS (on the device) today.
> have also used a drone to follow me while on a bicycle or in a car
It's more likely the drone follows you with computer vision although GPS could potentially help if the drone completely loses you. I imagine your phone location will be more helpful in pointing out the general direction than actually getting you in the center of the shot. It's not that accurate, and there are more variables at play like the vertical angle.
Two GPS signals, two clocks, wireless signals being transmitted. You might be able to do a time differential offset/ correction to get a much higher accuracy relative position (drone and phone are very confident in their relative positions).
Wouldn't the app need GPS permissions just to show you where the drone is on a map, etc.?
How so? The drone can send its own location. The app might show you your location on the map, but that's not mandatory for operating a drone. It is a good user experience, I admit, but you can operate drones without this.
And it doesn't explain why phone stabilizers require location access. Tried it myself with the OM 5.
Thankfully Firefox on Android has the "reader mode" available right next to the url.
You were not kidding. Wow.
Aljazeera is a model of journalism excellence and integrity!
Is this about their cookie warning? They’re obligated to say something.
If you don’t take their journalism seriously, you deceive yourself!
There are really two versions of Aljazeera. The Western-facing one is pretty good (although it sometimes has Russia Today vibes on certain topics). The non-Western version is tabloid nonsense.
I might have been able to respond to this proclamation if I could find their damn website under all the popups and consent modals.
I'd imagine it would be important for "come back home" like functionality in case drone loses signal or whatever
> but there is absolutely no reason to use it for something like a phone stabilizer, which it absolutely requires and will not let you continue unless you turn it on
App making photos or movies using GPS to tag location of the photo is kinda common. Refusing to work without it would be sketchy tho, but "developer is kinda incompetent" is common enough...
Not saying it isn't malicious but those are easier explanations.
Hell, it could require permissions and not send the data now, just add that tracking in update...
The #2 used to be GoPro with its Karma drone which is one hell of a beast of a drone, but they exited the market when it became clear that neither the US nor EU had any idea what they were doing regarding drone regulations (to this day the EU hasn't managed to publish the licenseable Standard Scenarios, there is exactly one drone model on the market that is classified under the new EU schema that will become mandatory Q1/23, obtaining permissions by individual restricted zones such as fire departments is a hot mess because no one there knows what to do, countries like Croatia theoretically ban camera drones without a completely intransparent special permit process...).
Now, in the EU you're pretty much stuck with DJI if you want to fly in residential areas, hobby built drones and cheap China-made knockoffs that fall under the toy directive. For stuff such as gimbals, there are again virtually only DJI's Ronin series and cheap China-made knockoffs.
Seriously the EU and US need to step up and establish or at least fund companies that can compete with DJI and other sanctioned entities. It's ridiculous that people have to choose between funding CCP associated organizations or cheap knockoffs that are riddled with quality issues, software bugs and license issues.
For instance, I recently started investing in an excitingly expensive hobby, night vision. The tubes in those things are so heavily restricted that I cannot even let a foreign national touch them, technically. Which makes it interesting considering my girlfriend is a Tunisian foreign national here on a work visa, so technically I cannot show her my cool new toys I spent thousands of dollars on.
My partner would be happy if I could not tell her or show her the cool stuff I work on :P.
They can't ban the hardware, of course. While in the US finding a Chinese part in military hardware is a reason to stop the line, they rely extensively on US parts.
(*PX4 on Hawk and Cube FCs is the best experience I've had.)
Honest question: is there any competent alternative to DJI drones? Better to be more hackable. DIY a drone with open source flight control boards is not hard (for me), but optimizing for battery life and having a good video downlink seems hard.
anyone know if DJI drone use prolific within China? How does China regulate their own drones?
Or I guess to put it another way, if you're dragnetting basically all possible user data from your citizens and non-citizens, wouldn't you assume "competing" countries are doing the same thing?
I mean, I get it, "poor put-upon China!", but let's be honest here: China needs to stop fucking around, lest they find out.
As another poster recommends, I'd suggest looking at Skydio.
With that said - yes, my drone is registered.
Doing business in China ain't as independent as you think, am afraid.
If someone goes to china and they get disappeared the Chinese government isn't going to tell anyone that they were taken let alone that it was because of data they got by surveillance of their mobile device.
But nothing lasts forever.
Establishing legible regulations, yes - but why should taxpayers fund drone companies? What is the public benefit in doing so?
At the moment, DJI's R&D is likely heavily subsidized by Chinese military funds. The result of that is that DJI can offer its products vastly cheaper than domestic (or allied nations') companies can.
Therefore, the public benefit of subsidies, tariffs and sanctions would be:
- not assisting China's military development by providing funds (from drone sales) and operational data from the drones. Even the flight logs provide immense amounts of real world data about the environment and the behavior - e.g. the Mini 3 Pro's camera based object tracking. That's crazy good AI at work there, gotta admit that.
- providing domestic and allied nations' companies with the opportunity to do business without being subject to Chinese price dumping, thus keeping wealth inside the allied space and outside of the CCPs cash reserves
- consumers have their privacy rights respected
In reality it will just end up funding a contractor with good lobbyists.
For some reason the EU is not seeking level playing field with China.
Opening tax payer funding for corporations willing to manufacture in the EU is an open season for corruption and display of hypocrisy.
The latter is actually a requirement in the EU starting Q1/23, simply because there have been way too many people without any clue about drone regulations causing danger to general and emergency aviation. It's a good idea when manufacturers step up to prevent their products from causing harm to others.
Not to be so cynical/dark, but I'm surprised to have not yet heard of a targeted assassination done by an amateur with an off-the-shelf drone. I have to admit the idea is frightening.
though yeah i think we should repeal that law, there is nothing wrong with civilians owning assault rifles. the federal government is literally not allowed to pass or enforce laws against this because it clearly infringes the individual right to keep and bear arms. we can only hope some time in the next few years the NFA, GCA and FOPA are struck down, along with all the asinine regulation that has forced so many small gun manufacturers out of business, increased gun prices for American consumers and retarded innovation in civilian small arms.
Drones in warfare are not new at all. Even the use of commercial drones is not new.
<< I can think of a few modifications to drones, I've yet to see in Ukraine, that could increase their lethality 10x.
I don't know this, but I suspect we are only seeing some rather selective footage ( as with most warfare propaganda ). Just thinking what one could do with coordinating drones makes me shiver a little.
Still, as a species we are oddly adaptable. Here is to hope permanent drone sky will not become our new normal.
I'm just pointing out why the DJI app may need the capabilities that it does, but you're right, for many users who will never own a >250g DJI drone, that permission will never, ever be necessary.
The default setting on connection loss is "return to home" with hover or land where you are as options. "Home" is a constantly updated location (sent from the controller to the drone) if you move, which, as another person mentioned, is absolutely critical in some scenarios like being on a boat where your position updates constantly.
As another person also mentioned, EU and FCC regulations will also require Remote ID, which broadcasts the drone's and operator's GPS positions. The latter is used if you did something bad and need to be spoken to.
Drone usage is somewhere where location is absolutely needed, especially for critical situations where you want your drone to not be lost forever (and so the government can slap you on the hand in person if you did something bad).
Great idea you if origin was on the boat.
I don't know why you all on the fence here, even I, who never used those drones, understand what first and foremost it is for the ability for the drone to return to the current/last known position of operator.
Yes, it could be used to send your location directly to CCP's secret service, but you can't have the GPS and eat^W don't have it too.
Touche on the computer vision point!
[0]: https://skydiopilots.com/threads/no-wifi-ssid-connection-for...
Haha, no.
It's not like the battlefield will have reliable wi-fi/4g coverage anyway.
Sure they can. In the 1940s they did it to several million people (a large part Jews). Up until the mid-20th century they stole resources and took advantage of human capital directly in occupied lands ("colonies"). Now they do it through outsourcing work to sweatshops, child mines, and such, in Asia, Africa, and so on. They also do whatever they can to keep those "unregulated mines" and cheap resources flowing, by by the traditional way of meddling in their ex-colonies, toppling governments, and so on.
Little-known fact: cluster munitions (essentially, hot-water-heater-size cylinders packed with hundreds of small devices) were originally developed for the dispersal of chemical and biological warfare munitions over wide areas.
"This app only needs wifi network list, it isn't spying on me" would be easy mistake to make
I doubt the phone GPS would be accurate enough to keep you in frame - remember, if you were only using GPS for tracking like that, then you're getting both the error of the phone GPS as well as the error in the drone GPS.
I've only really seen it in action on a DJI mini 3 pro.
I believe you can do follow me from the controller without a phone involved at all.
You know. Capitalism.
Not sure if grenades are as available to the public as bullets and if I remember correctly bombs are illegal to make.
Tell that to Ted Kaczynski, Timothy McVeigh, the Tsarnaev brothers and that guy that brought pipe bombs to the January 6th insurrection.
They do sell a tool to police and governments that allow them to track drone operators. The Ukraine military uses drones extensively to monitor the Russians from the air and assist with artillery accuracy but any time they would launch a dji drone Russia had access to that software and would send an artillery shell to the pilots location.
During WWII the already had radars enough to detect periscopes sticking out of sea surface from tens of miles.
They were also able to triangulate subs by their short transmits anywhere on the Atlantic with pinpoint precision.
People very much underestimate technical military capabilities.
The issues with militaries are of a different kind -- sifting through deluge of information, prioritising, making right inferences, etc., not the ability to spot and triangulate the enemy.
For a drone, I understand the requirement. If you are using a drone, giving up your personal GPS location isn’t a big ask. You must be within sight line of your drone and the FAA may have a legitimate reason for knowing your personal location. (For most uses)
It's hard to find any information about how Remote-ID is supposed to work, but in theory the ID packets are sent by WiFi NAN and Bluetooth so that they can be received by anyone in the radio range (which is quite important for authorities to track down violators, e.g. people flying around hospital helipads). Unfortunately, current phones seem to lack support hardware-wise (see [1], page 6).
[1] https://www.cencenelec.eu/media/CEN-CENELEC/Events/Webinars/...
The FAA hasn't specified an implementation. It's on the manufacturer to come up with a means of compliance, and then get the FAA to sign off on it. There is a standard put out by the ASTM, which is heavily based on an open source project, OpenDroneID.
The standard moved away from NAN in the draft phase, in favor of vendor elements in 802.11 beacon frames. You can choose 802.11 or Bluetooth Low Energy. If you choose 802.11, 2.4ghz is required and 5ghz is recommended. If you choose BLE, v4 is required, and doing v5 as well is recommended.
no, it is not. it is yet another power grab by the FAA and federal authorities to increase the surveillance state.
I should not be required to broadcast my signal to the federal government to prove I am not going to commit a crime, that is the exact backwards of how the legal system is suppose to work
You're participating in airspace, and if you want to participate in airspace you have to comply with the rules for participation to not endanger others.
In ye olde times, you had to do a pilot exam, and planes and choppers were/are expensive and had to transmit ADS-B information both for air traffic security and for keeping track of abuse. If you were caught abusing your privileges, you lost your license.
Why should drones be exempt of these rules, particularly as they are mass-market things (unlike airplanes) and thus the chance of them getting abused is far higher?
Been meaning to research how to independently flash the drone's firmware offline to wipe collected data, but haven't delved into that yet. Any suggestions welcomed!
Nothing ridiculous about it (except the GDPR law itself). Many news websites do it even bigger, or hide the whole screen with a modal white overlay.
Given that DJI has 76% of the market, the largest competitor (shockingly Intel - no idea they made drones?!) has 4% and the rest barely hits ~3%, it's safe to assume that no competitor comes even close to DJI [1].
[1] https://www.statista.com/statistics/1254982/global-market-sh...
Further this assume that I agreed with the "ye olde times" regulations, I dont. I largely disagree with all federal regulations for a multitude of reasons even going to the very basic that no where in the US Constitution is the FAA an authorized role of the federal government, at most it should be a state law not a federal law
https://gcaptain.com/us-navy-ships-stay-home-nato-flexes-bla...
I just see what I see on the news out of the US with headlines such as:
"Student arrested in Texas after walking to school with assault rifle just one day after tragic Uvalde shooting"
So it's understandable the world believes that Assault Rifles are purchasable by civilians in the US.
We should be able to draw a clear and logical line between the kinds of guns the people who wrote the constitution envisioned the American people owning and the kinds of guns we have today, but obviously not everyone agrees with that. They all agree there is a difference and that lines exist, but feel that they should just be ignored.
As technology advances, either we have to be comfortable with more and more destructive devices being in the hands of everyday people, or we have to be comfortable with restricting access to more and more devices that qualify as “arms.”
[1] https://dronedj.com/2022/07/06/intel-drone-light-show-musk/
The opportunity to detect periscopes was exploited in early radar experiments that prompted the development of the AN/APS-116 radar manufactured by Texas Instruments in the 1970s. The AN/APS-116 is an Xband, high-resolution, fast scanning system developed specifically to provide a periscope detection capability on the carrier-based S-3 aircraft. The AN/APS-137 is an upgrade of this radar used primarily on the S-3; a limited number are also used on the land-based P-3 aircraft.
"During the early months of the Battle of the Atlantic in World War II, British ships using the radar set Model 271 were able to detect the periscope of a submerged submarine at a distance of 800 m (0.50 mi) during tests in 1940."
Also, any data information collected by a US company also has 'a nonzero chance of being handed over to the American authorities for any reason whatsoever'.
The only real solution is data protection laws that can be enforced not just by governmental authorities, but also by individual and class-action lawsuits against companies that violate those laws.
I don't know how iOS works, but on Android location data permissions are requested for anything involving networking (including Bluetooth, WiFi). Why? Because access to those could be used to estimate where the user is physically located, so gating it behind the location permission is a good way to ensure nobody exploits that. It's not necessarily obvious when you're presented with the permission screen though.
I used a few apps that utilize Bluetooth without asking for location, even when they aren't the obvious use case (like headphones), although admittedly it's been a while since then.
Afair, I don't recall the Mimo app asking me to turn on wifi for the stabilizer. But maybe yes and I just turned it off after connecting to the device. The operation of the stabilizer is through Bluetooth.
Permission greed is definitely an issue but it's still the choice of every developer, and there are still plenty of apps that do not do this. You were right to refuse using the app if you don't trust it.
> Handed over to the American authorities
At least on paper they need to have a reason, unless the corporation is very accommodating which also happens. But some companies are more strict about this and at least in theory accessing private information is not as easy in western countries. Or so I'd like to believe. I'm not sure in China you can tell the government official to come back when they have a warrant in a meaningful way.
> The only real solution is data protection laws
Sign me up! Unfortunately, the current state of things makes a lot of money for some parties, and legislators don't really have an incentive to do anything about this. However, it sends a very clear message when the Pentagon closes the door on some companies or when certain vendors like Huawei or ZTE are banned altogether.
No they don't.
They need a reason to get a warrant. But if they simply buy the data from a broker, they don't need any reason at all, and there is utterly no oversight.
In fact, at least for Apple, their app store guidelines have, for a long time, prohibited apps from refusing to work without permissions. The app is supposed to gracefully degrade if the user does not consent to any particular permission. Their language seems to have softened[1] a bit since I last looked at it, but the intent is pretty clear: The developer can't just kill the app or prevent it from being used just because someone denied a permission.
In order to use bluetooth or internet access through wireless means you must request location access because it's assumed that you can match a person's location with the access points and bluetooth devices around them (BL beacons). It sucks but Android is semi-right on it. Something that doesn't use wireless means of communication doesn't need location access.
You're confused: Their primary business is data marketing. LAN analysis or anything useful the apps might do are a side business at best.
In late 2021 Android changed it to a separate "ACCESS_FINE_LOCATION" permission, while Apple still keeps it under the general bluetooth permission (while the popup mentions it can be used to track your location).
Stores don't need your permission or even their own app to be installed on your phone in order to use bluetooth to track people as they move around their stores. If you have bluetooth enabled on your device at all it can be used to track you.
The store just needs to place inexpensive low powered beacons around their store and they will record and log every device that passes within range.
They even have a patent for that exact thing: https://www.wired.co.uk/article/facebook-phone-tracking-pate...
https://techcrunch.com/2017/09/20/target-rolls-out-bluetooth...
For example the McDonald's app doesn't allow you to use coupons unless you enable the precise location permission.
I do think that's exploiting the ecosystem and I have a feeling one well placed complaint with Apple would cause a stern message to McDonald's... does the app tell you it's because of your location accuracy?
For reference, you can click any deal and get a 6 letter code to use in-store at the counter or on their touchscreen ordering booths. But you can't see the code unless you give them precise location.
https://techcrunch.com/2017/09/20/target-rolls-out-bluetooth...