wooden fences define path through sand dune

The first tale seems to be business as usual. The second tale could change everything.

DJI drones gain geo-fencing safety feature opt-out

In a nutshell, DJI has made it possible (easier) for owners to override the “no fly” zone restrictions imposed by it’s GEO geo-fencing software. Ostensibly the purpose is to “make it easier for authorised personnel to carry out inspections and other sanctioned activities in controlled areas.”
A thoughtful article in the BBC News includes excerpts from an interview with Brendan Schulman, DJI’s VP of Policy and Legal Affairs. Schulman puts the burden on the user saying that:

“We don’t have the ability to verify if someone has authorisation,” Brendan Schulman, DJI’s legal affairs chief told the BBC.

“Essentially, the principle here is operator responsibility and accountability. Just like driving a car, it is up to the operator to be licensed, to have the car registered and insured – the manufacturer of an automobile doesn’t decide who gets to drive or not.

Someone who is going to misuse a drone will purchase another brand or try to disable the systems [anyway],” added Mr Schulman.

All fine and good and certain areas, notably Washington D.C cannot be deactivated. Here come the fine points:

To make use of the override, a user must have given DJI their credit card details or a mobile number to act as an ID. This means the firm can help the authorities track down those who misuse it.

“Our policy is to provide information about our customers only in response to a valid legal request,” Mr Schulman said. “So, in the US it would be a subpoena or a warrant or a court order.”

And then this:

The Chinese firm says it will keep a record of those who use the feature.

So why do I bring this to your attention? Because it provides a natural segue to the second tale.

Dept. of Interior Bans use of DJI products due to national security concerns

Yes, you read this correctly.
Here’s the deal as reported Friday morning (7/8/16) on Integriography: A Journal of Broken Locks, Ethics, and Computer Forensics. This blog is written by David Kovar, a long time reader who I first met when he was with Ernst & Young. He is a sober, thoughtful guy and if you read the post you will see that he went to some pains to verify this.

To summarize, the Department of the Interior is banning any internal use of DJI products due to concerns about the product’s automatic uploading of telemetry and other information to DJI servers during firmware updates.

Last year I developed a presentation on cyber security and consumer/commercial UAVs. In that presentation I noted that we are self selecting areas of interest – test crops, critical infrastructure, disaster sites, … – and sending highly detailed information about these sites to often poorly understood cloud infrastructure.

Apparently, according to this post, the Department of the Interior has also identified this risk. Worse, it appears that DJI products are automatically sending sensitive telemetry information to their own servers. As the following announcement notes, DJI is a Chinese firm and some conclusions must be considered.

OAM – Office of Acquisition Management
DOI – Department of the Interior
“All,
OAM had a telecom this morning with the aviation manager at DOI.
During that conversation we learned that they have banned the use of DJI products (which include the popular Phantom and Inspire aircraft) as they discovered that their products record telemetry information, to include routes flown, altitudes, etc., and send that recorded information to DJI each time the aircraft is plugged into a computer to perform a software/firmware update. As DJI is a Chinese company the security issue is readily apparent.

Please distribute this information as widely as possible.

Dennis Bosak SSA
Department of the Interior
Office of Law Enforcement and Security
1849 C Street NW
Washington DC 20240
202 208-5836

So should you be concerned and what might this mean?
Without knowing all of the technical details, conceptually this means that every DJI Px and Inspire running GEO is gathering and storing the data necessary for the type of usage-based insurance policies (telematics) being introduced by Unmanned Risk and more recently, Acend.
What is mind boggling is to realize that they could be collecting this data for every flight a DJI flies everywhere in the world. During a video interview at CES 2016, Shulman estimated that amounted to 3,000,000 hours a month.
One would hope that like Tesla, they are gathering performance data that can be used to improve their products…
As for concerned. A number of things come to mind.
First I suppose it depends on whether one is planning to do bad or stupid things with their drone. For instance, if someone is caught obstructing firefighters at a wildfire, and the DA knew to subpoena it, the data from a DJI could enable the prosecutor to prove where, when and how high the drone was at the scene.
Any situation where a geo-fence was overridden would go a long way to proving intent. Beyond prosecutors, one could reasonably expect insurance attornies to subpoena such data in the event of an accident. Given that DJI would also have to hand over the owners identity it would make for a tough defense.

Schulman has signaled that DJI will play ball. Don’t expect some kind of Apple defense of privacy from them.

There is also the question of data security. This is a cyber risk writ large. For instance Company X might like to know where Company Y was flying and what they were doing…
Finally, I am not much of a conspiracy theorist but it is hard to argue with the conclusion that both David and the Department of Interior came to. If you combine the SEC 2209 provision in FESSA for sites to declare themselves “no fly zones,” and follow DJI’s recommendations for a national database they can use to drive their geo-fencing application; you are basically providing a detailed map of every high-value target in the United States to anyone with access to the database. In fact, DJI’s aspirations extend to the EU as well.

Any notion that such sites will be secure is purely wishful thinking.

This afternoon the fur started flying around this. I have inserted the post forwarded to me so that you can decide for yourself. Peter Sachs is certainly an impeccable source. That said, what I am reading here is semantics about the use of the word “banned” by the original poster. I accept that it is very likely that “banned” is not a concept expressed in federal purchasing policy.
So perhaps (OK it is very likely) that the word “banned” was chosen to attract attention. Who would want to read “DJI not selected in DOI evaluation”? What is implied is that DJI was not considered for one or more unstated reasons. No effort was made to address the security issue. .

Tweet

 

Of the two posters, I have no idea who trumps who within the ranks but it is hard to miss that the post is addressed to “Hoot” Gibson at the FAA.
We have the rest of it in public statements over time from senior DJI spokespeople. Are they spies? No. Is their intention benign? No. It is profit oriented. Is all technology inherently good? No. Such data cannot be considered secure and would be valuable to evil doers. It is also a necessary evil. Let me know what you think.

Read more at BBC.com

Read more at Integriography