Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
WMGroomAK

US DHS: DJI drones being used to spy by China

Recommended Posts

Posted · Original PosterOP

In a memo from August this year that has been released and is being reported on, the US Immigration and Customs Enforcement (ICE) is stating that DJI drones are being used as data collection tools for the Chinese Government.  

https://www.engadget.com/2017/11/30/homeland-security-claims-dji-drones-spying-china/

Quote

... The memo, which was apparently issued in August, says that the officials assess "with moderate confidence that Chinese-based company DJI Science and Technology is providing US critical infrastructure and law enforcement data to the Chinese government." The LA ICE office also says that the information is based on, "open source reporting and a reliable source within the unmanned aerial systems industry with first and secondhand access."

 

Part of the memo focuses on targets that the LA ICE office believes to be of interest to DJI. "DJI's criteria for selecting accounts to target appears to focus on the account holder's ability to disrupt critical infrastructure," it said. The memo goes on to say that DJI is particularly interested in infrastructure like railroads and utilities, companies that provide drinking water as well as weapon storage facilities. The LA ICE office concludes that it, "assesses with high confidence the critical infrastructure and law enforcement entities using DJI systems are collecting sensitive intelligence that the Chinese government could use to conduct physical or cyber attacks against the United States and its population."

...

But this isn't the first time that the US government has butted heads with DJI. In August, a US Army memo directed its members to immediately stop using all DJI products due to cybersecurity concerns -- something that the Australian Defense Force also did temporarily. Shortly thereafter, DJI released its Local Data Mode, which allows users to cut off drones from all internet activity. And there have been some legitimate security vulnerabilities brought up in regards to DJI's systems. But the idea that one of DJI's main goals is to spy on the US seems pretty absurd.

 

In a statement to the New York Times regarding the ICE memo, DJI said, "The allegations in the bulletin are so profoundly wrong as a factual matter that ICE should consider withdrawing it, or at least correcting its unsupportable assertions."

ICE Memo: https://info.publicintelligence.net/ICE-DJI-China.pdf

 

The memo itself provides a fairly interesting read although I'm doubtful to the extent that this is being used for data collection and espionage purposes...  It is worth contemplating though since DJI has stated (at least according to the memo) that they comply with requests from the Chinese Government to hand over data collected in China.  Another section of the memo alleges that purchases of vineyards in an area of California by Chinese companies following a large family-owned wine producer acquiring and using DJI drones was due to the companies being able to use the data collected by DJI for their own benefit.  How much of these claims do you all believe and if so, are you going to put up any DJI products that you own?  I would be more cautious myself about purchasing a DJI drone, however am unsure how much difference that would truly make... Anybody know a good Canadian or US drone manufacturer so my data is only going to the NSA?

Link to post
Share on other sites
Posted · Original PosterOP
51 minutes ago, VegetableStu said:

so what's being sent again? o_o

 

if it's GPS data, I can imagine either selective remote video recording or even remote drone kamikaze ._.

According to the ICE Memo:

 

Quote

DJI sells group one category (under five pounds) UAS intended for consumer and professional use. The UAS operate on two Android smartphone applications called DJI GO and Sky Pixels that automatically tag GPS imagery and locations, register facial recognition data even when the system is off, and access users' phone data. Additionally, the applications capture user identification, e-mail addresses, full names, phone numbers, images, videos, and computer credentials. Much of the information collected includes proprietary and sensitive critical infrastructure data, such as detailed imagery of power control panels, security measures for critical infrastructure sites, or materials used in bridge construction. According to the source of information (SOI), DJI automatically uploads this information into cloud storage systems located in Taiwan, China, and Hong Kong, to which the Chinese government most likely has access.2 SIP Los Angeles assesses with high confidence a foreign government with access to this information could easily coordinate physical or cyber attacks against critical sites.

Again, this is from the ICE memo and not from DJI so not really sure how much is true, but if so, seems like some fairly sensitive data may be getting uploaded to the cloud storage systems...

Link to post
Share on other sites
11 minutes ago, WMGroomAK said:

According to the ICE Memo:

 

Again, this is from the ICE memo and not from DJI so not really sure how much is true, but if so, seems like some fairly sensitive data may be getting uploaded to the cloud storage systems...

This is most likely Law Enforcement Sensitive data which is cut down from higher classified information. I wouldn't hesitate to believe that this is at all possible and have no doubts this actually occurs.

 

Personally, do I believe this? Yes absolutely.

Link to post
Share on other sites

Wow... I really doubt this is true but if so that's bad. Someone should datamine DJI Go and look for the "hidden facial recognition".

 

The spark is the only DJI product w/ face recognition, so if anyone finds data relating to a Phantom and face recognition that could be a red flag.


import shittyTechAdvice as RollTime

 

Link to post
Share on other sites

Or you know they could just block connection to telemetry servers at the isp level, or Google taking down the app until its made without internet access. But no they will just make a big fuss about it cuz its finger pointing politics.


Awareness is key. Never enough, even in the face of futility. Speak the truth as if you may never get to say it again. This world is full of ugly. Change it they say. The only way is to reveal the ugly. To change the truth you must first acknowledge it. Never pretend it isn't there. Never bend the knee.

 

Please quote my post in your reply, so that I will be notified and can respond to it. Thanks.

Link to post
Share on other sites

Well DJI lost any respect I had for them with the whole "we threatened a guy who found critical security flaws for us because he found them" 


I spent $2500 on building my PC and all i do with it is play no games atm & watch anime at 1080p(finally)...

Builds:

The Toaster Project! Northern Bee!

 

The original LAN PC build log! (Old, dead and replaced by The Toaster Project & 5.0)

Spoiler

"Here is some advice that might have gotten lost somewhere along the way in your life. 

 

#1. Treat others as you would like to be treated.

#2. It's best to keep your mouth shut; and appear to be stupid, rather than open it and remove all doubt.

#3. There is nothing "wrong" with being wrong. Learning from a mistake can be more valuable than not making one in the first place.

 

Follow these simple rules in life, and I promise you, things magically get easier. " - MageTank 31-10-2016

 

 

Link to post
Share on other sites
4 hours ago, RollTime said:

Wow... I really doubt this is true but if so that's bad. Someone should datamine DJI Go and look for the "hidden facial recognition".

 

The spark is the only DJI product w/ face recognition, so if anyone finds data relating to a Phantom and face recognition that could be a red flag.

nevermind that. I just thought of the possibility of them taking photos of stuff to reverse engineer and selling that info via a shell company ._.

man I love my new tin foil hat I've just gotten, LOL

 

EDIT: I JUST HAD A REVELATION. The Apple Park building construction aerial log is shot on a DJI Inspire 1 pro. I'm already taking it as I would now, LOL

Link to post
Share on other sites

At least they are using consumer drones, so probably the tech will continue to evolve quicker that way.

Link to post
Share on other sites
14 hours ago, WMGroomAK said:

 Anybody know a good Canadian or US drone manufacturer so my data is only going to the NSA?

I believe Parrot is. I was also going to say Yuneec but I think they might also be from the east. Maybe I should have bought that Typhoon instead pf the Phantom 3... Oh well


"Put as much effort into your question as you'd expect someone to give in an answer"- @Princess Luna

Make sure to Quote posts or tag the person with @[username] so they know you responded to them!

Purple Build Post ---  Blue Build Post --- Blue Build Post 2018 --- RGB Build Post 2019 --- Project ITNOS --- P600S VS Define R6/S2

CPU i7-4790k    Motherboard Gigabyte Z97N-WIFI    RAM G.Skill Sniper DDR3 1866mhz    GPU EVGA GTX1080Ti FTW3    Case Corsair 380T   

Storage 1x Samsung EVO 250GB, WD Black 3TB, WD Black 5TB    PSU Corsair CX550M    Cooling Cryorig H7 with NF-A12x25

Link to post
Share on other sites
9 hours ago, Bananasplit_00 said:

Well DJI lost any respect I had for them with the whole "we threatened a guy who found critical security flaws for us because he found them" 

Is that not enough proof of them being up to something.


Main PC:  Motherboard: Asus Crosshair V Formula Z | RAM: Amd R9 Gamer 32gb 2400mhz | Case: Cooler Master HAF X Case | Storage: Amd R7 480gb, 2x Crucial M500 240gb, Toshiba 5TB | PSU: Antec True Power Quattro 1200 | CPU: Amd FX-9590 | GPU: Asus Amd Fury X | Keyboard: Logitech G710+ | Mouse: Logitech G502 | Sound: Razer Leviathan | OS: Windows 10 Pro | Display: Dell u3415w | Cooling: Apogee XL, Heatkiller Fury X w/ Back Plate, 720mm Rad

Link to post
Share on other sites
1 minute ago, goodtofufriday said:

Is that not enough proof of them being up to something.

not really, that was mostly just being total dicks because they could and then it blew up in their face


I spent $2500 on building my PC and all i do with it is play no games atm & watch anime at 1080p(finally)...

Builds:

The Toaster Project! Northern Bee!

 

The original LAN PC build log! (Old, dead and replaced by The Toaster Project & 5.0)

Spoiler

"Here is some advice that might have gotten lost somewhere along the way in your life. 

 

#1. Treat others as you would like to be treated.

#2. It's best to keep your mouth shut; and appear to be stupid, rather than open it and remove all doubt.

#3. There is nothing "wrong" with being wrong. Learning from a mistake can be more valuable than not making one in the first place.

 

Follow these simple rules in life, and I promise you, things magically get easier. " - MageTank 31-10-2016

 

 

Link to post
Share on other sites
19 hours ago, Bananasplit_00 said:

Well DJI lost any respect I had for them with the whole "we threatened a guy who found critical security flaws for us because he found them" 

Well it also started out as a NDA before it escalated to threats, which yah, makes this report of them providing information far more valid so I have no doubts that they were working with their government... :S


Behold my signature!

Spoiler

Quick Links

Specs

Spoiler

Laptop (Main Workstation):

CPU: i7-8750HQ

GPU: GTX 1050 Ti 4GB

RAM: 32GB DDR4 2666Mhz CL15 (Dual Channel/SoDIMMs)

Storage: 1TB SSD (m.2 SATA), 2TB SSHD (2.5in 5400RPM + 8GB Cache)

Notes: Dell G5 15 5590, Intel 9560 wNIC, and currently running openSUSE Tumbleweed

 

Desktop (Secondary, mostly for the occasional remote VMs now):

CPU: FX-6300 (3.9GHz, 1.205v)

GPU: RX 480 (1350MHz, 1.050v)

RAM: 16GB DDR3 1600Mhz (4 Corsair Vengeance DIMMs)

Storage: 256GB SSD (2.5in SATA), 1TB HDD (3.5in 7200RPM)

Motherboard: Gigabyte GA-970A-UD3 Rev 1

Cooler: Cooler Master Hyper 212 Evo (2 Fans, Push Pull)

PSU: SeaSonic G-550 (Efficiency ftw I guess)
 

Other Equipment:

Router: Synology RT2600ac (Loving that 4x4 MU-MIMO, especially when all devices are 2x2 MU-MIMO)

Console: Xbox One S (Best device for 4k Blu-ray and streaming?), Nintendo Switch (128GB microSD card)

TV: Vizio E50-E3 (4k 60Hz (240Hz upscaling, but who are we kidding :P), built-in Chromecast)

Phone: Essential Phone (PH-1, LineageOS 16), Google (LG) Nexus 5x (Lineage OS 15.1)

Headphones: Monoprice Retros, Sades 902 (7.1 Virtual Surround, USB)

Mouse: 2x Logitech G602 (Awesome wireless mouse ;)), 1x MX Master 2s (Even better wireless mouse)

Keyboard: Logitech G610 (White backlight & Brown Switches)

Brought to you by your local linux user

Signature v0.32nz

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×