User Tools

Site Tools

Translations of this page:

cn:about:start

关于

本翻译由Lin(DV15)提供,技术内容由原开发者(OG)提供。自2017/12/26以后更新的内容,中文版本会比英文版本稍迟提供。由于在下精力有限,无法提供本站内容100%的翻译,但是那些没有中文的部分,要么是仍旧处于开发过程中要么就是已经有更好的替代者,对于飞行器的破解操作不产生影响。本站提供的Github链接在中国境内可能需要使用VPN来访问。

如果你来到了这个网站,那么你应该是对大疆DJI的飞行器,及其可能的系统自定义和更改选项感兴趣的。这个网站存在的目的就是为了探讨这些话题。但在开始探讨技术细节之前,我们有必要讲清楚我们是谁。

先讲讲我们的宗旨吧。 “我们将以可靠的数据和可重复的操作结果为手段,去传播具有破坏和撼动性的信息”. 但是为什么一群极客要聚集起来做这件事情呢?读完本页内容你就会知晓答案。

首先,我们来介绍一下DJI大疆。

关于DJI的一些事实

  • 大疆是民用无人机业内的龙头公司,大幅度领先竞争对手并且占据了全球范围内多数和最大的市场份额—截至2015年6月,FAA收到的无人机注册近一半为大疆产品。其无人机产品以高质量和可靠度而闻名全球,产品线涵盖了从消费级业余航拍机到工商业专业应用在内的诸多细分市场。1).

但是

由于包括但不限于已下列表内的诸多原因,DJI大疆的客户已经开始对其产品产生不信任

对用户的限制和控制

  • 强制禁飞区。大疆以安全为由在其无人机内采用了电子围栏系统,在没有政府授权的情况下划设了禁飞区。这导致那些有合法许可的操作员无法在大疆私自划设的禁飞区内进行任务。 2)
  • 禁飞区的解锁过程及其耗时且麻烦。在许多国家,解锁请求必须提前于飞行任务数周用电子邮件提交。有些解锁请求甚至没有得到大疆的答复。3)
  • DJI大疆曾拒绝过一些商业飞行员提出的关于禁飞区的更好的解决方案。4)
  • 这个麻烦的解锁过程已经对商业飞手造成了影响。5)
  • 很多用户对于DJI在固件更新中带来的一些变更感到厌恶。当中部分用户对DJI大疆产品进行了逆向工程以解除这些限制并修改DJI大疆的客户端软件

剽窃行为

  • DJI使用开源软件组件而不承认作者的贡献,并且不遵守GPL许可条件。除了不合法之外,使用别人的工作而不相信它,或遵守他们的许可条件是不道德的。更新:25- 8 -2017 - DJI提供了一个链接到一个开源下载页面。目前还不知道这是不是所有的开源代码,但这是DJI的一个非常积极的步骤。我们正在寻求DJI的官方声明,如果他们愿意发表一些关于这个话题的东西。*

到目前为止,根据分析,已经确定比先前披露的更多的信息正在对外传播。7)DJI已经同意创建一个离线的mode.8,但是DJI并没有公开在离线模式下发送的数据。离线模式被认为是非常积极的一步。DJI在非脱机模式下对通信的进一步评论将极大地帮助DJI客户恢复信任。DJI已经删除了iOS和Tinker的热补丁插件jsPatch,并将检查DJI GO和DJI GO 4的其他第三方插件和服务,并承诺在采取这些插件之前对任何新的第三方插件进行彻底的调查,以应对这里提出的安全问题。

Data Leakage

  • Based on analysis so far, it has been determined that more information than has been previously disclosed is being transmitted externally. 6) 7)
  • DJI have agreed to create an offline mode.8) However, DJI have not disclosed what data is sent when not in offline mode.
  • Offline mode is seen as a very positive step. Further comments by DJI on communications in flight when not in offline mode would greatly help to restore trust by DJI clients.
  • DJI have removed “hot-patching” plugins jsPatch for iOS and Tinker for Android, and will examine other third-party plugins and services in DJI GO and DJI GO 4, and is committed to thoroughly investigating any new third-party plugins before adopting them in response to security concerns raised here.到目前为止,根据分析,已经确定比先前披露的更多的信息正在对外传播。7)DJI已经同意创建一个离线的mode.8,但是DJI并没有公开在离线模式下发送的数据。离线模式被认为是非常积极的一步。DJI在非脱机模式下对通信的进一步评论将极大地帮助DJI客户恢复信任。DJI已经删除了iOS和Tinker的热补丁插件jsPatch,并将检查DJI GO和DJI GO 4的其他第三方插件和服务,并承诺在采取这些插件之前对任何新的第三方插件进行彻底的调查,以应对这里提出的安全问题。

Back Doors

  • It has been found that the DJI GO application for both Android and IOS have back-doors allowing DJI to “hot patch” applications in a manner that breaches the rules imposed on DJI by both Google and Apple. 9)
  • The practice of hot patching essentially allows DJI to totally change the functionality of the DJI go application without the knowledge or consent of a pilot.
  • Putting this into a different context, hot patching is the equivalent of the avionics software of an aircraft being totally replaced mid flight.
  • DJI have held true to their word on this point. Analysis so far confirms the removal of JSPatch and Tinker from recent DJI GO updates.
  • While not technically a back-door, being forced into firmware changes is a concern. An alternate approach might be to guarantee that there are at least two firmware versions available for all products, so that in the event of concerns that are believed to be firmware related, that a pilot will at least have the chance to eliminate firmware as the root cause by downgrading to a different firmware level.
  • From a change management and risk mitigation perspective, providing no downgrade options at all is a safety hazard.
  • 人们已经发现,收去申请Android和IOS后门让收热补丁应用程序的方式违反了规则对谷歌和苹果都收。9)热修补的实践本质上允许收完全改变收的功能应用程序没有一个试点的知识或同意。将其置于不同的背景下,热补丁就相当于一架飞机的航空电子软件完全取代了中段飞行。在这一点上,DJI一直信守诺言。到目前为止,分析确认了从最近的DJI更新中移除JSPatch和Tinker。虽然从技术上讲不是后门,但被强制转换成固件是令人担忧的。另一种方法可能是保证至少有两个固件版本的所有产品,所以在担心被认为是固件相关,飞行员将至少有机会消除根源的固件降级到不同的固件级别。从变更管理和风险缓解的角度来看,不提供降级选项是一种安全隐患。

Censorship

  • In DJI forums, it is against the rules to criticise DJI, or to talk about reverse engineering of DJI software. 10)
  • In third party forums sponsored by DJI, similar censorship is taking place for those that discuss topics that are not endorsed by DJI.
  • DJI have recently removed their “NO UNAUTH MODIFICATIONS” warning in the forums. However, the policy has not changed. Lets hope DJI can continue in this direction, and review their forum rules to encourage a user community, instead of oppressing it.
  • 在DJI论坛中,批评DJI或讨论DJI软件的逆向工程是违反规则的。10)在DJI赞助的第三方论坛中,类似的审查正在为那些讨论不被DJI认可的话题进行。DJI最近在论坛上删除了他们的NO UNAUTH修改警告。然而,该政策并未改变。让我们希望DJI能够继续这个方向,并回顾他们的论坛规则,鼓励用户社区,而不是压迫它。

Safety

  • DJI has recently rushing out multiple updates and patches to prevent reverse engineering.
  • These botched changes have caused unstable flight for many pilots. 11) 12)
  • Mobile phone manufacturers have failed to win a “war of attrition” with the jailbreak community.
  • Safety will be the loser in the war between DJI and the community.
  • DJI最近已经推出了多个更新和补丁,以防止逆向工程。这些拙劣的改变给许多飞行员造成了不稳定的飞行。12)手机制造商未能赢得与越狱社区的磨擦之战。在DJI和社区之间的战争中,安全将是输家。

Position

  • Control: We believe that DJI does not have jurisdiction to decide where and how pilots fly their aircraft. Local regulators have authority through their laws. DJI systems should not impose mandatory lockouts of aircraft, unless doing so is mandated by the laws of a country where DJI products are being used.
  • Plagarism: We believe that the use of open source code without attributing that code and complying with license conditions is unethical.
  • Data leakage: We believe that aircraft control systems need to be dedicated to the process of flying an aircraft, with external connectivity being minimised to allow the application to be free of potential security, privacy, and stability problems. Any remaining network traffic should be publicly documented to help restore community trust.
  • Back Doors: We believe that aircraft control systems should be free of any back-doors that allow modification of the functionality of those systems without the knowledge or consent of the pilot, including forced updates.
  • Censorship: We believe that censorship in DJI forums and other DJI sponsored forums is ultimately harmful to DJI and the community. Listening and responding to customer grievances and concerns can only result in a better product that meet the needs of DJI customers.
  • Safety: We believe that the loser in the arms race with rapidly released patches will be safety. We believe that the best approach is to be collaborative and open in future development, which will allow the community to peer review proposed changes and find problems before they cause safety issues.
  • 控制:我们认为DJI没有管辖权来决定飞行员驾驶飞机的地点和方式。地方监管机构通过法律拥有权威。DJI系统不应该强制强制关闭飞机,除非在使用DJI产品的国家的法律强制执行。plag:我们认为使用开源代码而不使用代码并遵守许可条件是不道德的。数据泄漏:我们认为飞机控制系统需要专注于飞行器的飞行过程,外部连通性被最小化,使得应用程序没有潜在的安全、隐私和稳定性问题。任何剩余的网络流量应该公开记录,以帮助恢复社区信任。后门:我们认为飞机控制系统应该没有任何后门,允许在没有驾驶员知情或同意的情况下修改这些系统的功能,包括强制更新。审查:我们认为DJI论坛和其他DJI赞助论坛的审查最终对DJI和社区是有害的。倾听和回应客户的不满和担忧只会导致更好的产品满足DJI客户的需求。安全:我们相信,在军备竞赛中,那些迅速发布补丁的失败者将是安全的。我们认为,最好的方法是在未来的开发中进行协作和开放,这将使社区能够在产生安全问题之前,对所提出的更改进行同行评审并发现问题。

Conclusion

It is fair to say that this whole community started as a result of a lack of trust in DJI. We have stated our position. It is our hope that DJI will listen to the community, and respond in a way that will benefit DJI and its clients. At the start of this page, it talks about who we are. It also said that the question of why will be answered at the bottom of the page. Lets keep that promise now.

The why is ultimately a lack of trust. There were already individual researchers that were interested in DJI products. The decisions by DJI that are documented above are what has brought a larger community of people together, with a goal to state a communal case, and hope that DJI will respond to our plea for change in a positive manner.

Long Live the Original Gangsters

公平地说,这整个社区是由于缺乏对DJI的信任而开始的。我们已经声明了我们的立场。我们希望DJI能够倾听社区的意见,并以一种有利于DJI和它的客户的方式做出回应。在这一页的开头,它谈到了我们是谁。它还说,为什么要在页面底部回答这个问题。现在让我们信守诺言。这就是为什么最终会缺乏信任。已经有个别研究人员对DJI产品感兴趣。DJI所做的决定,是把一个更大的群体聚集在一起的,他们的目标是陈述一个共同的案例,希望DJI能够以积极的态度回应我们的请求。原匪徒万岁!

The OG's (Original Gangsters)

We came up with the title “The Original Gangsters” to represent the early contributors to this self organising project. The people that have contributed here have a common philosophy of collaboration through open source code to support our interests which in this case are DJI Aircraft.

For reference, our assorted repositories are listed below

Wiki You have already found your way here. The wiki is designed to bring together all of the various components to a single hub.
dji_rev This repository contains tools for reverse engineering DJI product firmware images.
deejayeye-modder APK “tweaks” for settings & “mods” for additional / altered functionality
pyduml PyDUML allows you to send firmware to your DJI aircraft without using DJI assistant, or get root access using fireworks.tar
RedHerring RedHerring was the initial July 4th Independence Day exploit to get root access to DJI aircraft.
dji_system.bin Archive of bin files for to allow you to upgrade/downgrade using other tools provided here
firm_cache Individual module components from within bin files for analysis, or to allow creating custom packages using individual components
DUMLrub Ruby port of PyDUML, and firmware cherry picking tool. Make your own custom firmware images.
DUMLdore Windows version of the DUML firmware tools. Archive, and flash bin from windows
DJI_ftpd_aes_unscrambleDJI has modified the GPL Busybox ftpd on Mavic, Spark, & Inspire 2 to include AES scrambling of downloaded files… this tool will reverse the scrambling
jdjitoolsJava DJI Tools, a collection of various tools/snippets tied in one CLI shell-like application.
2)
DJI launches Geo DJI Announcement
3)
我给flysafe@dji.com 发了一封邮件,几周过去了仍旧没有答复。(论坛原帖为英文) DJI Forum Post
4)
Brendan Schulman,大疆法律部门的副总管和电子围栏系统的管理员,曾收到来自商业飞行员的提议,要求在操作员提供了DJI认为必要的证件和政府许可后,提供一年期或者永久地解锁无人机上的禁飞区。而到目前为止,他拒绝了这个提议。并且一直以来他也拒绝解释为什么他认为在这件事上大疆中国应该有最终决定权。Inspire Pilots
5)
One pilot advises they are “Losing too much business” Phantom Pilots forum post
6)
A video of network chatter from just opening DJI GO 4 is published here
7)
Details of network traffic displayed visually when opening DJI GO here Youtube
8)
China drone maker steps up security after U.S. Army ban Reuters
9)
Drone-maker DJI's Go app contains naughty Javascript hot-patching frameworkTheregister
10)
Threads and posts arguing about company policies are not allowed, No content promoting the unauthorized modification.Forum Rules
11)
Flight instability (bucking and drifting) Youtube
12)
shaking, aggressive, wobbly, unstable behavior of the drone when hovers or in flight. DJI Forum
cn/about/start.txt · Last modified: 2018/05/15 00:44 by chinger1313