An interesting article was posted on The Hill yesterday that points out that domestic drones (Blue sUAS) can be hacked, and foreign drones, such as the ones from DJI, can be secure.
Former Congressman Jeff Denham and Bill Shuster, also a former Congressman who served as chairman of the U.S. House Transportation and Infrastructure Committee from 2013 to 2019 that dealt with drones, published a very interesting op-ed on Morning Consult explaining how the current drone security concerns can be solved by looking at past Congressional successes.
Washington needs to reconsider drone-banning proposals, argues Carrick Detweiler, CEO of Drone Amplified. He explains in an open letter why drones play such a crucial rule in monitoring, preventing, and fighting wildfires. Detweiler also argues for the U.S. government to create data security standards for drones instead of simply looking at the country of origin. You can read the entire letter below. I recommend reading it as it gives an important perspective on how drones can help to keep us safe in a saver and less expensive way compared to traditional methods.
Over the last couple of years, various U.S. government officials and lawmakers have expressed concerns about DJI and the data security of DJI drones and possibly stored on DJI servers in China. DJI has always maintained that the drone operator is in charge of the data and can decide to use their DJI drones offline without risk of any data being transmitted overseas. Various studies some of which were paid for by DJI have not shown any evidence of data being transmitted to China. The Australian government recently conducted their own cyber vulnerability review on the usage of DJI drones for their Defense Department and concluded that it was comfortable with using the unmanned aircraft in non-classified situations.
DroneXL already covered the main part of this news yesterday, but I think it is important to highlight the findings from FTI. The cybersecurity firm FTI Consulting analyzed DJI’s data sharing, or more accurately the lack thereof, and concluded that not only does the Chinese drone maker employs security best practices, but that ‘when DJI’s Local Data Mode (LDM) is enabled, no data that was generated by the application was sent externally to infrastructure operated by any third party, including DJI.
According to an internal memo, the U.S. Department of the Interior’s decision not to buy more drones with Chinese parts has made it more difficult to fight wildfires. The memo exposes one consequence of the Trump administration’s crackdown on Chinese tech, which includes Chinese-made drone parts.
Today turns out to be quite the drone news day, and I don’t mean that in a good way, unfortunately. Earlier today a long-established aviation news publication reported that the United States is nearing legislation that would ban all Chinese-made drones, including DJI drones for government use.
Yesterday, we saw the report from French security research firmSynacktiv claiming that the DJI Pilot app for Google’s Android platform would have similar security flaws as the DJI Go 4 app. We had reached out to DJI for a response and we heard back from them early Wednesday morning. You can read DJI’s response to Synacktiv’s ‘inaccuracies and misleading statements’ about the security flaws in the DJI Pilot app below.
About ten days ago, this story was published in the NY Times highlighting the security flaws found in the DJI Go 4 app for the Android platform by security researchers from the French company Synacktiv. Today, the company releases a new statement claiming that the DJI Pilot app for commercial and enterprise customers has the same security concerns (more…)
Parrot’s co-founder and CEO, Henri Seydouxdeclares the end of Parrot’s consumer drones in an interview that was published earlier this month in Le Parisien. In the same article, Seydoux also offers to show that Parrot’s audited software applications do stand up to scrutiny.
Now, what I’d be interested to know is, did the French security researchers from Synacktiv, who we know worked for DJI’s competitors, work with Parrot directly or indirectly to scrutinizing DJI’s software? And will Parrot, as offered by Seydoux, have their software application reviewed as well by a security researcher to share the findings with the general public, similarly to what DJI did with the KIVU report more than two years ago? I’ll extend this invitation to Autel Robotics as well btw.
As regular readers of DroneXL.co will know, I am not a fan of Parrot’s anti-DJI marketing campaign to promote their new ANAFI USA. And if their CEO, Henri Seydoux is going to make bold claims like he has been doing, then I think he should back them up.
I am curious to hear your thoughts on this. Feel free to share them in the comments below.
My French is a bit rusty but with help from Google, I’ve tried to translate the interview with Parrot’s CEO, Henri Seydoux as best as I could. See below for all the details.
Surveillance drones made by Chinese drone maker DJI are at risk of having their data intercepted, warns the Department of Homeland Security to U.S. police departments.
On Thursday there will be a webinar hosted by NetChoice that will cover drone data security. Among other people, DJI’s vice president of policy and legal affairs, Brendan Schulman will be participating in this ‘Frank Conversation About Drone Data Security.’ Register today for the webinar on Thursday, June 11, 2020, at 1 p.m. EDT.
A study from Booz Allen Hamilton in partnership with PrecisionHawk concludes there has not been any unauthorized data transfer from DJI drones, that were previously used by the US government, to the Chinese drone maker or government. You can download the executive summary of the report here.