New at Skysafe.io:
The SkySafe system can take control of a rogue drone over the air and safely land it.
With detailed event history and real-time notifications, SkySafe offers an unprecedented level of airspace security.
- Real-time detection and notification
- Uninterrupted protection
- Does not rely on radio jamming
- Does not interfere with legitimate drone operation
- Searchable event history
- Enterprise management
Comments
You might take a look at Thieves Emporium. It delves into the issue of hacking and the state in some very scary ways. 4.6 rating on Amazon, book #B00CWWWRK0.
In many jurisdictions this (the demonstrated ability to crash another persons aerial vehicle at will) would be considered a criminal act (wilful damage/destruction of property). I also cannot see how one would easily modify existing legislation to permit this to occur (even only by law enforcement agencies) without opening up a huge can of worms with regards to other vehicles or property.
As an IT/Computing academic I also see this as highly unethical development and behaviour and I'm appalled that it has arisen from institutions such as MIT and the US Airforce lab. Just because you can do something, doesn't mean you should do it (or tell others that they should do it).
@JB wow you're probably right on the money.
how safe is my Iris first version?
no wifi !!!
Just watched the video again... because there is both options to FLY or DISABLE the UAV on the phone UI I'm betting they are gaining network access and hacking into whatever the OS is.
Also the manufacturers website states "Does not rely on radio jamming"
and
"Launching in the second half of 2016 to qualified public safety customers."
Interesting, hadn't thought of that @stew.
If the UAV exposes a WEP wifi network a laptop can crack the hash fairly quickly and gain access to the wifi network. If it's WPA, they could leverage the cloud to crack the password via brute force (if it's less than 8 characters) to also gain network access. I'm guessing that once the attacker is on the UAV network, breaking stuff is trivial and could be easily automated.
Another attack surface within Wifii is a deauth attack - which happens instantly as the video shows . It doesn't gain the attacker access onto the network but will force the clients to 'reconnect'.
Maybe it's as easy as:
http://lifehacker.com/5305094/how-to-crack-a-wi-fi-networks-wep-pas...
or
http://lifehacker.com/5873407/how-to-crack-a-wi-fi-networks-wpa-pas...
I don't know which is used on DJI or Solo systems...but maybe this is the start of their attack on the wifi link. Then they can probably identify the type of craft from the name of the comms.....
I'm not geeky enough to say that this would be plausible method of attack. Maybe somebody here can either support or destroy my theory.
Hey Rob
Wasn't my intention to instigate conspiracy...but I did take the opportunity to provide some insight on "why we do/don't need this". I didn't say that Chris was using it to increase sales...I would of thought the opposite might be the case. In fact I'm not 100% sure Chris is involved in this project, even though he's promoted the idea several times before.
In my last post above I did try to explain how I think it works technically and link to further information I found. It would seem that under the FCC regs this would be an illegal act and subject to litigation from them, as well as be wide open claims for damages from drone owners due to how airspace use is currently regulated. It's also likely that the exploit won't be useful for very long before it's patched. The easiest way for all manufactures to make it safer is to limit the size and weight of their aircraft.
Regards JB
I mean basic stuff like attacking the protocol, scrambling the signals, fooling the sensors etc. There's only that many options how this can be achieved (that I can think of). Maybe by understanding the limitations of the tech, people will fly more safely. That's my experience, anyway.
Seriously guys, the conspiracy theories (Chris posted this to affect sales? Really?) are a bit much. Foxzilla, maybe if anybody had any info, it would be shared. We have nothing other than this flimsy sales video from this manufacturer.
@ armen
Do you mean very loud RF noise? Or audible/ultrasonic noise?
(like this one: http://www.gizmag.com/anti-uav-defense-system-radio-beam-drones/39778/ or this: http://www.gizmag.com/battelles-dronedefender-beam-gun-uavs/39885/)
If the complete system is shown in the video then it looks like nothing more than a PC/Rack case with three wifi antennas attached to the back. The case looks nearly empty by the way the person handles it and you can see through it. Also on the phone screen you can see that the phone is connected to a internet-less AP (exclamation mark on the wifi reception icon), which is likely the rack box shown or possibly the drone itself. So I'd assume it's wifi based. By the looks of it just a modified/glorified PC connected to a router or maybe not even that, it could all just be a dummy and just run directly off the app and mobile wifi. There are no sonic "disruptors" to interfere with gyros/acc on the FC that I can tell, unless it's off the side of the video. So unlike other drone blasters above this does not seem to operate like that and is just wifi based.
It would seem that the "exploit" is already well documented DJI wifi security issue where it is possible to SSH into the drone. Google it or see here:
https://github.com/noahwilliamsson/dji-phantom-vision
I would imagine they simply pre-coded the app so that it SSH in and issues some dis-arm commands to the drone. I'd give it 6 months before it's patched, or if the skynet ahem skyunsafe goes ahead, look forward to it being implemented permanently in the next forcefully distributed firmware to protect us from ourselves. ;-)
Regardless, it's just a publicity ploy and of no actual safety value IMHO.