Retaining Control of our Models & Our Privacy - Mike Mas

Mike:
I 100% agree with you! I saw this coming a while back and have not updated my GO App, Inspire 1 and Phantom 3P, so I am not subject to any restrictions.

I feel that it is up to the pilot to follow all safety guidelines and DJI should not be in the business of controlling or monitoring where people fly.

By the way, I have always admired your work on advancing RC Helicopters during the early stages of the hobby. I think without folks like you, the hobby will not be where it is today.

Thanks!

Hello Pilots,

In the past year or so, the overall reliability of flying a DJI drone has changed for the worst. With the implementation of new revisions of “bloated” firmware with “No Fly Zones” massive Geo restrictions and logging of our private data, day to day dependability of our models has vanished. Recent imposed updates have resulted in numerous flying errors, erratic control and has even grounded many pilots.

If you wish to fly a DJI product, you must log in to their servers and agree with DJI’s binding electronic contract. This contract gives them rights to manipulate the flight software in “our privately owned drones” and further allows them to collect and accumulate our flying data which could disclose; where we live, or even worse, who we might fly for and our clients exact location.

For security reasons, I fly two categories of drones. For more important clients, I use both single and quad rotor equipment with communication on propriety military frequencies. For more conventional work, I was using DJI drones, however for past 2 months, all my DJI equipment (P3P’s & Inspire’s) are grounded with the infamous “No Image Transmission” problem. What’s even more strange about this failure is; all three drones developed the same exact problem on the same exact day. The odds of this happening with hardware failure, is like a million to one, which leads me to believe this would have to be generated either through firmware or the App. After numerous post on the DJI site and their tech's this problem has not been answered or resolved.


There is really nothing complicated about controlling a model from the ground. For the past 40 years, the 53-72 mHz link between the pilot and model worked fine for general sport flying and limited aerial applications. In the 80’s, using slow scan amateur frequencies (436 MHz.) for video, I designed the first drone with a 12 foot rotor-span for military use which down-linked two live video signals, one for FPV and a second camera for front line surveillance. As time progressed, I moved to GPS & Application technology, however within a few years, I was forced to stop using DJI equipment on military contracts since their Go App was collecting private data that could be shared to third parties, which would be a violation of my contracts.

Very few Pro pilots will disclose who they fly for, or share client information, however this data is easily accessible from their device which “may” be shared to others. For myself, I would be in breach of “Need To Know” contracts if I flew DJI equipment since collected data “could” provide pin-point locations of where and when I fly, complete with thumbnail images and google data. Aside from DJI having access to this data, our devices could easily be hacked to disclose this information to other parties.

I assure you guys this collected “Data Problem” is the real deal. By the very fact, the military took action to discontinue using all DJI equipment speaks for itself. I’m hearing from my contacts at Martin Marietta / Lockheed there was information and imaging released to third parties on some tests on a laser range which began the investigation.

US Army calls for units to discontinue use of DJI equipment - sUAS News - The Business of Drones

In retrospect, all these imposed data problems and NFZ’s are self-inflicted by the barrage of new owners who fail to follow safety guidelines. On the other hand, pilots who fly safe and responsible, are now being treated like criminals with their flying privileges limited or revoked by App’s, as the result of a few idiots who buy drones and have to do a 5 mile range check or fly 5,000-10,000 feet high, take images of stadiums, metropolitan areas, cruise ships, trains or even take pretty pictures of commercial jets in flight.

Where this whole thing went south is when DJI a private company in China, decided to take it upon themselves to police U.S. airways, not for the sole purpose of safety, but to help secure a place in the US to continue to sell their aircraft. While I understand these “business” motivations, DJI does not have a legal right to police the airways in the US, nor instruct us as pilots where we fly, or how we fly. Nor do they have the right to force us to agree to electronic contracts that “demand" we give up control of our models and our rights to privacy.

If things were not bad enough - recent firmware revisions have all but deteriorated the dependability and safety of our drones. With the massive implementations of NFZ’s, logging of flights and private data, these now “Bloated” App's have reached our personal devices “operating” limitations. Our phones & pads were not designed for this workload which is evident by the App’s garbled operation, loss of video and the devices processor overheating to a point some shut down.

Regretfully, as they keep adding more code, the Apps cannot keep up. DJI’s implication of firmware is unique. Unlike other companies where a team of experts would fly new firmware before it was released to the modelers - DJI’s firmware tech’s have a different plan - they use us to see if it works! They modify current firmware by adding more restrictions, then simply post it on their support site, then force us “Crash Dummies” to use our own equipment at or own expense to refine it. Next thing that happens is; after “xxx” amount of machines hit the ground or fly away, they deny it’s the firmware, then start changing the code again to hopefully fix the problem which may take months.

Recently, some options to downgrade on the support page have vanished to make way for a new crusade which forces users to upgrade to new firmware which offers DJI more control of our drones with less options for pilots to retain control of their model and our privacy. Making matters worse, in the near future we’ll lose our ability to even choose our own device. Future drones will contain DJI’s own proprietary devices with their own software. These new “Locked Systems” are now surfacing on the Phantom 4 Pro + models. The new Crystal-sky Monitor / App device will be DJI’s answer to their total control of our models.

Limiting our control of our drones is not the answer to prevent unsafe flying. The only way to reduce improper use of drones, is for modelers themselves to work together with social media as a team to police our own airways. This combined US agency guidelines and enforcement is our only hope.

While I’ll be the first to congratulate DJI on their sophisticated platforms which has placed them first in the drone industry, they continue to be in last place when it comes to customer relations and service after the sale. Regardless of DJI’s massive revenue, they continue to refuse to spend the funds needed to support their products. For DJI to survive, these problems will have to be addressed. In addition, they will need to re-think their App policies to restore the pilots ability to fly his own machine, and forfeit binding contracts that may jeopardize our privacy.

In Closing - We’re all presently in a transition period, floating around in this “Firmware Bubble” as the DJI’s Tech’s attempt to figure how to align the codes “Zero’s and Ones” so their firmware will take piloting out of our hands and in theirs!

Best Regards - Mike Mas

www.rotory.com


Mike
 
In the past year or so, the overall reliability of flying a DJI drone has changed for the worst. With the implementation of new revisions of “bloated” firmware
Couldn't agree more, see P4 general discussion with 10's of thousands of views on the matter of firmware, and STILL going strong. DJI's response to this - almost nil.

"If you wish to fly a DJI product, you must log in to their servers and agree with DJI’s binding electronic contract.........."
I don't think I'd loose too much sleep over that, but I don't work fo the Military.

"There is really nothing complicated about controlling a model from the ground. For the past 40 years, the 53-72 mHz link between the pilot and model worked fine for general sport flying and limited aerial applications. In the 80’s........."
Absolutely, many of us have flown big models on lower frequencies in the past, with superbly reliable radios. I used a Minicopter Maxi Joker for several years (2m rotor span) It was reliable, but the video downlink was very difficult and abysmal quality. We now have incredible downlink quality, amazing versitility from the Go ap, 25 mins flight time and so on, and on, all for the price of a couple of sets of rotor blades 10 years ago.

"In retrospect, all these imposed data problems and NFZ’s are self-inflicted by the barrage of new owners who fail to follow safety guidelines..........."
I don't understand the issue (I'm UK based) - aren't these NFZs in existance and just being implemented by DJI in Go 4?

"......recent firmware revisions have all but deteriorated the dependability and safety of our drones..."
Certainly, and it's deplorable that DJI are almost totally failing (in public, at least) to address these problems. But is it bloated firmware, or possibly the vast permutation of tablets, phones, operating systems, drones etc. that one single ap is trying to address? You allude to this point in your next paragraph.
Possibly a better solution would be to restrict the permutations - 2 or 3 tablets on one version of one system as certified. We have seen similar problems in the past with video edit systems and the solution has usually been tighter system specs..

I agree totally with your concluding paragraphs.

Lastly, thanks for a very interesting thread!
 
Very respectfully, I believe he has more knowledge on this subject than all the staff on this forum put together.
Yep...I'm with you...the military know more than we......I'm still having problems with mine....anybody have a link to and older, stable firmware? P3S?........
 
  • Like
Reactions: WV. Rootman
In order to stay in business when 1000's buy the next generation of low price / high function drones, DJI needs some way to assure their drones are flown in a safe way. I strongly feel that anyone who does not want to take the time and effort to go through the testing and get a license (we all get tested to be able to drive a car) should have an electronic fence on their drone. When a person gets certified or licensed, they should be able to enter a code to release the fence boundaries. At that time, the software should only report back when a drone goes over 400', flies over a populated area, or flies beyond a distance when VLOS becomes impractical (say greater than 2000'). This forum is testimony to the fact that users can't self-police other users. We are all vulnerable to an industry shutdown by over regulation if the basic rules are not respected.
 
Yep...I'm with you...the military know more than we......I'm still having problems with mine....anybody have a link to and older, stable firmware? P3S?........
It's funny. I was having problems with video lag since my last up date. Lag was so bad, I flew it into a tree and landed in the water. This evening, my p3s ran perfect. I was very happy with everything. I flew 396 ft. elevation and over 5000 ft. away. Of course it was always insight. That white drone shows up good against those grey clouds.
 
If you wish to fly a DJI product, you must log in to their servers and agree with DJI’s binding electronic contract. This contract gives them rights to manipulate the flight software in “our privately owned drones” and further allows them to collect and accumulate our flying data which could disclose; where we live, or even worse, who we might fly for and our clients exact location.

Hi Michael.

That was a well written article indeed. I wanted to share with you some additional data on this topic...

You raised concerns about DJI capturing data during flight. The youtube video below shows some analysis of what DJI GO talks to during power up. You'll need to watch it in full screen to get the details. Some obvious questions. Why would DJI GO want to talk to the likes of qq.com (a chinese instant messaging application), alibaba (a chinese online shopping service), taobao (Another chinese online shopping service), flurry (a tracking service owned by Yahoo) during power up. In addition to the multitude of DJI addresses?

To view this content we will need your consent to set third party cookies.
For more detailed information, see our cookies page.

But let me share one other problem. Even the simplest of support activities is worrying. When pilots post on the DJI forum, our posts all show the world our DJI sales history in the form of an icon for each product purchased. We have no way of disabling the leakage of our sales history with DJI. It also discloses how many kilometres we've flown. Again, we can't turn that off. But if we want to ask for help on official DJI forums, the loss of privacy is the price we pay.

The concerns of the community have been documented in the link below. I hope DJI can understand that their clients love their hardware products, but we have lost trust in the software systems. Now is the time for DJI to work with its clients to restore trust by taking these legitimate concerns into account in future software releases.

about:start [dji.retroroms.info]
 
Thanks for the post Mike.

Our aviation regulator here in Australia (CASA) has just posted a survey asking the industry if they think CASA should MANDATE geo fencing (No fly Zone). This would be a bit of a first as I believe the FAA does not mandate a geo fencing system at the moment either.
I have pointed CASA towards the "Old Gangsters"
start [dji.retroroms.info]

I won't say too much more here now because DJI have been deleting some of my posts in this area.

As you are aware of the JS Patch and Tinker, have a read on what the "OG" have found on a file called "Cake"

The Cake file is the one containing the personal info sent via a hot patch.

Interesting times. I wonder how long this post will stay here???

J:)
 
  • Like
Reactions: PsychoBob
Thanks for the post Mike.

Our aviation regulator here in Australia (CASA) has just posted a survey asking the industry if they think CASA should MANDATE geo fencing (No fly Zone). This would be a bit of a first as I believe the FAA does not mandate a geo fencing system at the moment either.
I have pointed CASA towards the "Old Gangsters"
start [dji.retroroms.info]

I won't say too much more here now because DJI have been deleting some of my posts in this area.

As you are aware of the JS Patch and Tinker, have a read on what the "OG" have found on a file called "Cake"

The Cake file is the one containing the personal info sent via a hot patch.

Interesting times. I wonder how long this post will stay here???

J:)
Thanks Jammer. I be watching to see how long it stays.
 
Mr Rootman, thankyou for your very respectful opinion.
I still stick with what I said in post #4 above.

What he's suggesting is very appealing to the crowd that are always looking for something negative about DJI but I can't see how it's possible.
It doesn't make any sense from two perspectives.
How can DJI get hold of your flight data unless you give it to them?
Why would they go to all the trouble of doing that? What's in it for them?

If you don't care about the data collection, then look at it from another angle. The more 'social media' / flight syncing crap they jammed into Go 3, the worse it performed, and with Go 4 the situation has not improved. Go is an app you're trusting your $2,000 - $15,000+ investment with. It does not need to have any of this crap in it. Even apps like Litchi, while "3rd Party", can only do what Daddy DJI says they're allowed through the SDK, which can and does still crash on modern, more - than - capable devices.

DJI would do well to suck it up and split the two apps, One bare-bones app that only controls the drone / camera. One bloatware - filled monstrosity with all the network chatter they could ever want where the flight syncing, editing and skypixel crap happens. If we had an actual professional grade app / SDK to match the drone I think they would earn a bit of trust back from the community.
 
As you are aware of the JS Patch and Tinker, have a read on what the "OG" have found on a file called "Cake"

The Cake file is the one containing the personal info sent via a hot patch.

Hi Jammer.

There has been a bit of research on JSPatch and Tinker so far. The cake file you talk of though... That has been discovered, and the contents of it decrypted. Indeed it does contain new code in it, but it was not confirmed to be personal information in the one cake that has been found so far.

That is not to say DJI could not "bake another cake" to cause personal privacy to be breached any more than they have already. But the good news is that DJI have already owned up to the fact that they had installed these hot patch capabilities (against Apple and Google store policies). They have stated that this hot patch capability will be removed in a future version.

In summary: The current DJI GO software has more data leakage concerns in it that anyone here would be comfortable with. Lets hope future releases of their apps address some of the problems that have been uncovered.
 
Last edited:

Members online

No members online now.

Forum statistics

Threads
143,066
Messages
1,467,358
Members
104,936
Latest member
hirehackers