Consumer drones were originally just expensive toys, but now they have become swords on the battlefield. They can be turned into high-altitude monitoring platforms that can search and detect battlefields, and can throw weapons. The operator can hide in the distance to ensure safety. . However, hackers have now found a loophole in DJI drones that can locate the operator and leave him nowhere to hide.
In fact, the drone has been broadcasting the operator's location information. Only cheap radio hardware and software tools are needed to eavesdrop on the radio signal and obtain the operator's coordinates after decoding it. .
Not long ago, at the NDSS (Network and Distributed System Security Symposium) in San Diego, the United States, researchers from Ruhr-Universität Bochum in Germany and the Helmholtz Center for Information Security in Germany (CISPA) Prove to the public that they can crack DJI drone radio signals and decode a radio protocol used by DJI called DroneID. After cracking it, researchers found that the DroneID of each DJI drone not only transmitted the machine's own GPS location and unique drone identity information, it also transmitted the operator's GPS coordinate information.
Researchers found 16 vulnerabilities and they have notified DJI. The drones tested included Mini 2, Air 2, and Mavic 2.
The reason why the DroneID system was originally designed was mainly to facilitate the government, regulatory agencies, and law enforcement departments to monitor drones and prevent drones from being abused. But hackers and security researchers warn that DroneID is not encrypted and is open to anyone who can receive the radio signal. German researchers have proven that radio signals can be completely deciphered and hackers can easily obtain the coordinates of the operator.
If this is the case, using consumer drones to fight on the battlefield will become very dangerous. In September this year, the U.S. FAA will implement new regulations that require all consumer drones to be equipped with a system similar to DroneID. This regulation may make safety risks more serious.
Moritz Schloegel, a researcher at Ruhr-University Bochum, said: "This problem is serious, isn't it? You think that the drone only transmits the machine's own position, but it also transmits the operator's position. If you If you value privacy or are in a conflict zone, you will definitely be uneasy."
In fact, there is nothing new in determining the operator's coordinates. DJI sells a device called Aeroscope to government regulators and law enforcement agencies. A device that can receive and decode DroneID data to determine the drone's location and determine where the operator is, up to 30 miles (48 kilometers) away. Aeroscope can protect airport runways from interference and can protect public venues.
German researchers dug deeper. They analyzed DJI drone firmware and drone radio communication mechanisms, reverse engineered DroneID, and developed a new set of tools that can receive DroneID transmission signals. The components used in the tool are very simple, including Ettus software-defined radio equipment and the cheaper HackRF. Most Ettus equipment sells for just over $1,000, and HackRF is even cheaper, only a few hundred dollars. By assembling cheap equipment together and using software developed by researchers, it is possible to completely decipher the signal and determine the operator's position, which is similar to an Aeroscope.
Although the German researchers only eavesdropped on DJI drones within a range of 15-25 feet (4.6 meters-7.6 meters), they believe that with a little engineering effort they can expand the coverage. Last summer hacker Conner Bender published an article in which he discovered that DroneID data could be obtained from hundreds or even thousands of feet away using a HackRF-based system paired with a custom antenna.
The U.S. government once issued an order that it needed a drone monitoring system. In response, Brendan Schulman, former vice president of policy and legal affairs at DJI, participated in the development of DroneID in 2017. He said that the requirement at that time was that the signal could not be encryption. The FAA and the U.S. Congress believe that from a public safety perspective, anyone should be able to determine the location of a drone and its operator without the need for hacking tools or DJI-specific tools. It can be easily monitored using a mobile phone or tablet.
Schulmany said: “During lengthy FAA advisory committee discussions in 2017, we were told that operator location should be an important component of remote identification for U.S. government security purposes. The United States wants location to be available to the public. The information, like a car license plate, can be seen by everyone, so if people are concerned about drone interference, they can report it to regulatory agencies."
The United States wants drones to broadcast the operator's location, and it also wants Drones can be connected to surveillance service networks that record detailed flight trajectories of each operator, and government agencies can access the database at any time. Schulman believes that the U.S. request is too "intrusive." Schulman also said that the DroneID problem is not unique to DJI. After the new FAA regulations are implemented this year, all consumer drones on the market will have a DroneID-like system. (Knife)
The above is the detailed content of What? Hackers can pinpoint DJI drone operator's location. For more information, please follow other related articles on the PHP Chinese website!