This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
cn:about:start [2018/05/15 00:36] chinger1313 [剽窃行为] |
cn:about:start [2018/05/15 00:44] (current) chinger1313 [Conclusion] |
||
---|---|---|---|
Line 25: | Line 25: | ||
* | * | ||
* DJI使用开源软件组件而不承认作者的贡献,并且不遵守GPL许可条件。除了不合法之外,使用别人的工作而不相信它,或遵守他们的许可条件是不道德的。更新: | * DJI使用开源软件组件而不承认作者的贡献,并且不遵守GPL许可条件。除了不合法之外,使用别人的工作而不相信它,或遵守他们的许可条件是不道德的。更新: | ||
+ | 到目前为止,根据分析,已经确定比先前披露的更多的信息正在对外传播。7)DJI已经同意创建一个离线的mode.8,但是DJI并没有公开在离线模式下发送的数据。离线模式被认为是非常积极的一步。DJI在非脱机模式下对通信的进一步评论将极大地帮助DJI客户恢复信任。DJI已经删除了iOS和Tinker的热补丁插件jsPatch,并将检查DJI GO和DJI GO 4的其他第三方插件和服务,并承诺在采取这些插件之前对任何新的第三方插件进行彻底的调查,以应对这里提出的安全问题。 | ||
+ | |||
===== Data Leakage ===== | ===== Data Leakage ===== | ||
* Based on analysis so far, it has been determined that more information than has been previously disclosed is being transmitted externally. ((A video of network chatter from just opening DJI GO 4 is published | * Based on analysis so far, it has been determined that more information than has been previously disclosed is being transmitted externally. ((A video of network chatter from just opening DJI GO 4 is published | ||
* DJI have agreed to create an offline mode.((China drone maker steps up security after U.S. Army ban [[https:// | * DJI have agreed to create an offline mode.((China drone maker steps up security after U.S. Army ban [[https:// | ||
* **Offline mode is seen as a very positive step. Further comments by DJI on communications in flight when not in offline mode would greatly help to restore trust by DJI clients.** | * **Offline mode is seen as a very positive step. Further comments by DJI on communications in flight when not in offline mode would greatly help to restore trust by DJI clients.** | ||
- | * **DJI have [[http:// | + | * **DJI have [[http:// |
===== Back Doors ===== | ===== Back Doors ===== | ||
* It has been found that the DJI GO application for both Android and IOS have back-doors allowing DJI to "hot patch" applications in a manner that breaches the rules imposed on DJI by both Google and Apple. ((Drone-maker DJI's Go app contains naughty Javascript hot-patching framework[[http:// | * It has been found that the DJI GO application for both Android and IOS have back-doors allowing DJI to "hot patch" applications in a manner that breaches the rules imposed on DJI by both Google and Apple. ((Drone-maker DJI's Go app contains naughty Javascript hot-patching framework[[http:// | ||
Line 37: | Line 39: | ||
* While not technically a back-door, being forced into firmware changes is a concern. An alternate approach might be to guarantee that there are at least two firmware versions available for all products, so that in the event of concerns that are believed to be firmware related, that a pilot will at least have the chance to eliminate firmware as the root cause by downgrading to a different firmware level. | * While not technically a back-door, being forced into firmware changes is a concern. An alternate approach might be to guarantee that there are at least two firmware versions available for all products, so that in the event of concerns that are believed to be firmware related, that a pilot will at least have the chance to eliminate firmware as the root cause by downgrading to a different firmware level. | ||
* From a change management and risk mitigation perspective, | * From a change management and risk mitigation perspective, | ||
+ | * 人们已经发现, | ||
===== Censorship ===== | ===== Censorship ===== | ||
* In DJI forums, it is against the rules to criticise DJI, or to talk about reverse engineering of DJI software. ((Threads | * In DJI forums, it is against the rules to criticise DJI, or to talk about reverse engineering of DJI software. ((Threads | ||
* In third party forums sponsored by DJI, similar censorship is taking place for those that discuss topics that are not endorsed by DJI. | * In third party forums sponsored by DJI, similar censorship is taking place for those that discuss topics that are not endorsed by DJI. | ||
* **DJI have recently removed their "NO UNAUTH MODIFICATIONS" | * **DJI have recently removed their "NO UNAUTH MODIFICATIONS" | ||
+ | * 在DJI论坛中,批评DJI或讨论DJI软件的逆向工程是违反规则的。10)在DJI赞助的第三方论坛中,类似的审查正在为那些讨论不被DJI认可的话题进行。DJI最近在论坛上删除了他们的NO UNAUTH修改警告。然而,该政策并未改变。让我们希望DJI能够继续这个方向,并回顾他们的论坛规则,鼓励用户社区,而不是压迫它。 | ||
===== Safety ===== | ===== Safety ===== | ||
* DJI has recently rushing out multiple updates and patches to prevent reverse engineering. | * DJI has recently rushing out multiple updates and patches to prevent reverse engineering. | ||
Line 46: | Line 50: | ||
* Mobile phone manufacturers have failed to win a "war of attrition" | * Mobile phone manufacturers have failed to win a "war of attrition" | ||
* Safety will be the loser in the war between DJI and the community. | * Safety will be the loser in the war between DJI and the community. | ||
+ | * DJI最近已经推出了多个更新和补丁,以防止逆向工程。这些拙劣的改变给许多飞行员造成了不稳定的飞行。12)手机制造商未能赢得与越狱社区的磨擦之战。在DJI和社区之间的战争中,安全将是输家。 | ||
====== Position ====== | ====== Position ====== | ||
* **Control**: | * **Control**: | ||
Line 53: | Line 58: | ||
* **Censorship**: | * **Censorship**: | ||
* **Safety**: We believe that the loser in the arms race with rapidly released patches will be safety. We believe that the best approach is to be collaborative and open in future development, | * **Safety**: We believe that the loser in the arms race with rapidly released patches will be safety. We believe that the best approach is to be collaborative and open in future development, | ||
+ | * 控制: | ||
====== Conclusion ====== | ====== Conclusion ====== | ||
Line 61: | Line 67: | ||
Long Live the Original Gangsters | Long Live the Original Gangsters | ||
+ | 公平地说,这整个社区是由于缺乏对DJI的信任而开始的。我们已经声明了我们的立场。我们希望DJI能够倾听社区的意见,并以一种有利于DJI和它的客户的方式做出回应。在这一页的开头,它谈到了我们是谁。它还说,为什么要在页面底部回答这个问题。现在让我们信守诺言。这就是为什么最终会缺乏信任。已经有个别研究人员对DJI产品感兴趣。DJI所做的决定,是把一个更大的群体聚集在一起的,他们的目标是陈述一个共同的案例,希望DJI能够以积极的态度回应我们的请求。原匪徒万岁! | ||
====== The OG's (Original Gangsters) ====== | ====== The OG's (Original Gangsters) ====== | ||