DJI drones transmit location data unencrypted; ‘open source AeroScope’ in the making

Contrary to previous claims by the world’s largest drone maker, DJI drones transmit their location and ID data unencrypted. This means that anyone with knowledge of the facts can receive and read this information. DJI has since confirmed that the AeroScope signal emitted by every DJI drone is unencrypted. It is now rumored that an ‘open source AeroScope’ will soon be on the market.
What is AeroScope?
AeroScope was introduced by DJI in November 2017 in response to growing government concerns about drone flights near airports and critical infrastructure. The system consists of a receiver on the ground that can detect, track and identify nearby DJI drones. To this end, all drones that DJI has launched on the market since 2017 send a signal that includes data relating to the current position of the drone, the position of the drone pilot, and the serial number of the flight controller of the drone.
Since the introduction of AeroScope, the system has been installed in many places, from airports to prisons and port areas. The system is also used in the Netherlands. For example, all drone flights in the Rotterdam region were monitored for some time and the municipalities of Enschede and Amsterdam also experimented with the ‘drone radar’ to get an idea of the (illegal) use of drones over these cities.
The DJI AeroScope drone detection system entered the spotlight after Russia invaded Ukraine. Both the Russians and the Ukrainians make full use of DJI drones during the battle. But the use of AeroScope made it possible to detect enemy drone movements early, which entails the necessary dangers for the drone pilots. At one point, DJI was accused of remotely disabling the DJI Aeroscope drone detection systems on the Ukrainian side, but this was strongly denied by DJI.
DJI Aeroscope signal not encrypted
But now DJI has once again become discredited. According to DJI, the AeroScope signal was encrypted. But as it turns out, that wasn’t the case at all. This is shown by research by cybersecurity expert Kevin Finnisterre, who proved conclusively on March 31 that the DroneID packets that the drones transmit are not encrypted at all:
DJI spokesman Adam Lisberg tells The Verge himself that he has been misinformed all along about how AeroScope works by his Chinese R&D colleagues. It was only after senior executives sprang into action that his assumption that the data was encrypted was disproved. Former VP of Policy and Legal Affairs Brendan Schulman says he is not surprised and emphasizes that the mandatory Remote ID functionality in the future will also work based on unencrypted location data.
Implications of unencrypted DJI Aeroscope data
The fact that the AeroScope signal is not protected means that anyone with expert knowledge of software-defined radio (SDR) can make a receiver that can detect DJI drones in the area. According to Gary Mortimer of sUASnews, an open source version of AeroScope will be available soon, based on cheap hardware.
It goes without saying that the wide availability of such receivers has quite a few consequences. Not only can everyone with such a receiver see where drones are flying in the immediate vicinity, but also the location of the drone pilot or take-off location is revealed. It is not a very comforting thought that folks with an aversion to drones can access this information as well. For example, the deployment of emergency services drones with such a receiver in the area could also be tracked.

Cyber security risk
The fact that DJI drones transmit their location data unencrypted has now been identified as a security risk by the American cybersecurity organization CVE.
This article first appeared on Dronewatch and is written by Wiebe de Jager who is also a DroneXL contributor.

Get your Part 107 Certificate
Pass the test and take to the skies with the Pilot Institute. We have helped thousands of people become airplane and commercial drone pilots. Our courses are designed by industry experts to help you pass FAA tests and achieve your dreams.
FTC: DroneXL.co uses affiliate links that generate income.* We do not sell, share, rent out or spam your email, ever. Our email goes out on weekdays around 5:30 p.m.
Stay in touch!
If you’d like to stay up to date with all the latest drone news, scoops, rumors, and reviews follow us on Twitter, Facebook, YouTube, Instagram, or… Subscribe to our Daily Drone News email.*
Discover more from DroneXL.co
Subscribe to get the latest posts sent to your email.
MAKE YOUR VOICE HEARD
Proposed legislation threatens your ability to use drones for fun, work, and safety. The Drone Advocacy Alliance is fighting to ensure your voice is heard in these critical policy discussions.Join us and tell your elected officials to protect your right to fly.
Get your Part 107 Certificate
Pass the Part 107 test and take to the skies with the Pilot Institute. We have helped thousands of people become airplane and commercial drone pilots. Our courses are designed by industry experts to help you pass FAA tests and achieve your dreams.

Copyright © DroneXL.co 2025. All rights reserved. The content, images, and intellectual property on this website are protected by copyright law. Reproduction or distribution of any material without prior written permission from DroneXL.co is strictly prohibited. For permissions and inquiries, please contact us first. DroneXL.co is a proud partner of the Drone Advocacy Alliance. Be sure to check out DroneXL's sister site, EVXL.co, for all the latest news on electric vehicles.
FTC: DroneXL.co is an Amazon Associate and uses affiliate links that can generate income from qualifying purchases. We do not sell, share, rent out, or spam your email.
As a U.S. recreational pilot I can’t imagine any situation where I would even care if location data was broadcasted unencrypted. But I can see why transmitting it would be a concern. Hopefully the pressure of bad media / black eye will force a firmware update with a change, until Remote ID is ratified or enforced to what I believe is sometime in 2023.
As a U.S. recreational pilot I can’t imagine any situation where I would even care if location data was broadcasted unencrypted. But I can see why transmitting it would be a concern. Hopefully the pressure of bad media / black eye will force a firmware update with a change, until Remote ID is ratified.
The thing that drives me crazy is that if it were actually encrypted then the Americans would demand access. Anyone that is not American cannot win.
Ah well. DJI has 80% of the international drone market. Yet they’re still pushing to get their tech accepted by the west and their militaries.
The “fatshark” HD digital goggles go to show this.