Let me just state that I respect Daren his work and contribution to hack and IT community and that this comment isn't directed in any way against him or his work.
Just a month ago while watching one of the Daren's videos I noticed DJI Phantom sitting on his desk and I couldn't wait to see how its going to be used. Than last week I got a chance to see what was cooking in his kitchen.
While drone hacking was mentioned few times here I founded Daren's approach very simplistic and easy to understand. Like always his lingo is easy to follow and his proof of concepts are easy to replicate. He is using WiFi device from his own sore but it can be achieved with almost any WiFi enabled smart phone and telnet app. People at Parrot didn't bother protecting WiFi link and they made it easy to access flight computer on board their parrot drone. As this can inspire some comments and ideas about security I would like to point out to two moments on his videos, first at 07:25 on his first video and second one at 15:17 on second video. While WiFi hijacking and hacking on board computer is quite interesting I founded amazing that nobody didn't get hurt during filming this episode. They could just simply cut "embarrassing" parts in post production but they decided to keep it and in video comments Daren stated "I was flying irresponsibly for fun and hit a wall. No damage. Not recommended." It seems that we are learning from our mistakes but unfortunately this is after the fact that we damage something or hurt someone.
I think that we as community, and as responsible drone operators have obligation to point out to all potential hazards that can arise from operating such remote controlled vehicles. I strongly believe that showing graphic images in warning section is the way to go. As we have more and more ready to fly drones available we will have more and more people using them and we will most likely have more and more accidents. Usually people see nice online videos made by seasoned pro's and think I'll get one and do the same thing. Little they know that its not that easy and most important that isn't that safe. Best case scenario they crash in to the wall or drop from 12 stories high on to the pavement brake their new toy and loose interest.
But if they have to see pictures of potential danger and injuries before they can make a purchase instead of just reading (flying thru) safety warnings they would take it more seriously?
Some of the pictures that by my opinion should be included in every safety warning, printed or online. Look at it as warning on pack of cigarettes just more graphic. Would that cut into sales? probably, would that help us as community in long run? most definitely yes. It all comes to personal perception of safety and responsibility but we are just making a little extra effort to explain to the future users to take safety more serious.
Comments
Ok Guys , cool down. Bit of language Civility gets the message/view across.
thanx dusan...
its just not time for it here I feel.. but I WONT be called a troll by a troll
I'm afraid that this conversation is taking wrong turn. I'll ask moderators to close it.
TROLL... nuff said
BTW I have shoes older than you are...
HZL..
ps you should take a look at ALL the quarrels and fights you have gotten into on this board.. its NOT just me Oliver.. its almost EVERY discussion you get into.. I did read your entire comment history... you show up as a user NOT a developer of this technology and a rather trollish one at that.. to the point where people fear to post knowing you might be their troll.. must really suck to have to be you every day...thats MY .02 cent.. you attacked personally first.. I WONT release the names or sites doing this research because of idiots like you.. but hint its NOT samy..
it has been presented at foreign security conferences I came across recently... your name calling and claims WONT change that fact.. as to illegal frequency usage as a LICENSED radio amateur I see this going on all the time both in this field and in sports like hang gliding... hint a 20.00 SDR and gnuradio based spectrum software are all you need to observe same..
and both 2.4 GHZ rc controls 5.8 rc controls as well as the 900 telemetry are ISM bands which means wide open for experimentation by properly licensed folks. I suggest you check fcc.gov for the actual regs
and finally NO one threatened you Oliver, however its quite evident that you do feel quite threatened by others knowledge and the presentation of ideas/thoughts that might conflict with yours.
I DONT release my name precisely because of trolls like you and past experience. And as far as debating you?? dont make me laugh.. you dont have the slightest idea of what an actual debate is... child...
@HZL
This "youngster" has been on-line since 1980 and knows a thing or two about trolls and internet fear-mongers. Your original posts were clearly contrived to stir up fear and anxiety, you even started one with "at risk of causing a shit storm." So don't get all outraged when posts like that are labeled trolls.
You and your buddies can contrive all the clever hacks you want, the fact stands that under existing law you'll go to jail if you deploy any such things in the US. As for the threatening and bullying tone in the final two paragraphs, you claim special knowledge of UAV operating systems but provide zero credentials. You claim things are happening in "universities" and "private industry" and "security conferences" and you claim people are using frequencies illegally, all without providing a single specific citation or other shred of evidence. You provided nothing specific to actually debate or discuss. All of these things are hallmarks of a troll.
If you are not intentionally trolling then I suggest that you step way back and take a look at the picture you're presenting - a mass of irrational and purely theoretical fear-producing rhetoric that has zero, or only the most miniscule, relevance to the real world.
The only reason I'm responding at all to this is because there are new people hereabouts who don't need to be frightened away from our hobby by this sort of gibberish. There are legitimate things to be frightened of, but getting your UAV hijacked by Chicken Little isn't one of them.
Hi Dusan,
I for one appreciate that the subject has been opened, I checked on some of the sources of vitriol and it seems the individuals who like to name call dont really contribute that much to technical discussions and in fact are the trolls on the board themselves.. almost every other interaction for the above culprit.
For RC control links using Spektrum brand radios a good protocol description is http://www.rcgroups.com/forums/showthread.php?t=1331053 and in the face of SDR, 3760 channels is NOT enough to stop deliberate jamming with the way WirelessUSB(tm)/DSM2 works.
Similar 2.4 Ghz and 5.8Ghz protocols will always have some manufacturers protocol chip set buried within and can be interfered with in a similar fashion.. ie the OEM protocols ALWAYS have wideopen bugs.. given the era of their development(middle to late 1990s) and the lack of checking by their inventors/implementors against being actively attacked or attacked via their software stacks.
ZIgbee has its killerBee tool set and others...
lets keep having this conversation in spite of the trolls
HZL
Gary Mortimer, you were right.
This wasn't my intention. I wanted to start conversation on technical issues and resolution of potential problems that we can experience down the road. But as you said some people are just full of venom.
first of all youngster.. dont be labelling people trolls you dont know.. second... this research IS going on whether folks like it or not ,
Researchers from university and private industryA RE looking at this problem. And if you use OLD BROKEN WIFI and Bluetooth protocols vulnerable to disassociation attacks for controlling drones then you can expect interference...deliberate or accidental.
Same for All you NON hams illegally using 433 MHZ or 50 MHZ systems in the US.
Now add to that a 1-5 kg drone dropping out of the sky at 9.8 m/s2 and we have a new class of tort lawsuit happening.
The troll in this case is the increasingly llawsuit happy environment and the fact that folks who DONT know what the current research are trying to comment and label other folks trolls(hint PERSONAL attacks are not allowed on DIYDRONES.. I suggest you read the AUP for this site..)
FORMALIZED SQA to discover fatal weakness in tlemetry and control protocols is NOT trolling by any means.. its what a prudent and careful manufacturer in the US does to avoid legal issues. And given current corporate regs in the US pretty much mandatory(hint Toyota lawsuit on embedded software(braking issues), And many people are caught doing / attempting such things.. you just are not in the loop enough to hear about these issues Oliver(or you are simply IGNORANT of the actual state of affairs.)
Hope you have a good lawyer for the first time one of your personal drone(s) injures a bystander.. Due to you using protocols that were easilly interfered with(and this fact was known to you ahead of time) . and this conversation which is a matter of record comes to light.(Hello google cache)
btw my personal distance record for WIFI on 2.4 GHZ is 20KM between islands in the carribean.. hardly a 150ft range protocol, Bluetooth is regularly intercepted at a range of 2km plus at the security conferences I attend(and these are just kids playing.not real engineers or hams)
just saying
HZL
ps generally when folks out of the blue try to belittle or demean another by calling names instead of using an intellectual argument instead they are very scared of something., mostly this behaviour comes from fear or an attempt to bully others to boost ones sense of self.
So what makes you so insecure, Oliver that the the first time I see a post from you its a personal attack on moi?
@ the troll HZL:
1. "Hacking" an open WiFi system running a toy with a 150 ft range does not deserve a pixel's worth of data on the Internet, it is as interesting and threatening as a baby burping.
2. Lots of things can be done, but lots of things have consequences. Catching anyone hacking into a real UAV in real-time will likely be easier and cheaper than the hacking itself. Who is willing to spend time in a Federal prison for the satisfaction and/or profit of hijacking or crashing a UAV here or there? The same boogeymen who jam cell phones, traffic signals, speed cameras, police radios? All things that can be done, for years now, and that are no doubt the subjects of many beer-fueled blatherings around juvenile Friday night campfires. But who actually goes out and does these things? Nobody.
3. The troll is staying under the bridge, folks, I guarantee it. Sleep well and fly happy.
and less people forget who pioneered this rather simple stunt... samy - samy.pl of "evercookie" fame published tools and scripts for doing this with a raspberry PI a couple of weeks ago complete with a prior disassociation attack
https://github.com/samyk/skyjack
hotel zulu lima