June 16, 2021

Go Drones Blog

Go Drones Blog is a drones technology news blog

DJI Drones Collecting User Data

DJI Drones Collecting User Data
DJI Drones Collecting User Data

Cyber security researchers have informed that DJI, a drone organization used by British police, may be compiling unnecessary  amounts of information from users’ phones, presenting a potential security anxiety.

French and North american researchers at Synacktiv and GRIMM also found,   in a couple separate reports ,   that  the Android app used to vitality DJI drones was also able to bypass the Google Play store, where vets apps and updates to ensure that they are safe to use on phones.     This  behaviour, the people said, is sometimes seen in malicious software systems.

The app compiled information including unique phone  identifiers, which are not needed for flying drones and can be used to track, identify to eavesdrop on phone owners.

Adam Nichols, an expert regarding discovering software vulnerabilities and apoderado researcher at GRIMM, said that typically strange data collection could be right down to “slightly odd implementations for proper behaviour”, but added that they “could also be used in a much more nefarious way”.

In the worst case scenario, DJI could  enough information to accurately recognize users and could target them, e-mailing them malicious updates or practices to snoop on their phone plus hop from there to the phone’s Wi fi network, Mr Nichols said. No matter the intention, “they have created an effective pores and skin system, ” he added.

The researchers pointed out that there would be no evidence that any information was collected and sent to Beijing, nor that the glitch was an intentional backdoor, however the existence of the being exposed will give more ammo to California officials, who have been hurling  espionage allegations at Chinese technology companies recently.

A DJI public spokesperson said that the issues were “typical applications concerns, with no evidence they have lots of people exploited”, adding that there was on the “no evidence of unexpected data diffusion connections from DJI’s apps created for government and professional customers”. Yahoo and bing said it was looking into the issue. It again said that the bugs were entirely on apps that operate DJI GO4 devices, which are not sold for govt . use.

Click here to read the full story at The Telegraph .

%d bloggers like this: