Tech

DJI Is Locking Down Its Drones Against a Growing Army of DIY Hackers

The tension between drone pilots who want complete control over their aircraft that they bought and DJI, the world’s biggest consumer grade drone maker, has come to a head. An arms race between hackers and the company is earnestly underway.

On YouTube, Facebook, drone forums, and Slack groups around the internet, hackers have published instructions for altering the firmware on DJI’s drones, leading to a rising number of drone pilots who have circumvented flight restrictions imposed by DJI on its products. In recent days the company has updated its software to render these hacks moot, and has started removing vulnerable versions of its firmware from its servers in an attempt to regain control of its drones.

Videos by VICE

DJI told me on Friday it will continue to investigate cases of unauthorized modification and that it will “issue software updates to address them without further announcement.”

“Unauthorized modification of a DJI drone is not recommended, as it can cause unstable flight behavior that could make operating the drone unsafe,” Victor Wang, DJI’s technology security director, told me in a statement. “DJI is not responsible for the performance of a modified drone and we strongly condemn any user who attempts to modify their drone for illegal or unsafe use.”

“This is the beginning of the fight for DJI to retain control of these aircraft,” consumer drone expert Kevin Finisterre, who this week developed and released his own DJI exploit, told me in an email. “End users are more invigorated than ever with the desire to emancipate their drone.”

Drone hacks go DIY

In June, I reported about a Russian company called Coptersafe that’s dedicated to helping pilots alter their drone firmware to evade DJI’s no-fly zone, altitude, and speed limits, restrictions that the company says inform pilots who want to fly according to regulations. Coptersafe was selling its hacks for more than $200 per device, but in recent weeks, DIY hackers have reverse-engineered the Coptersafe software and have released it for free, leading to its proliferation around the internet.

Though DJI says its no-fly zones are voluntary guidelines that can be circumvented with approval from the company, pilots see them as an infringement of their ownership rights. The company removed versions of its firmware that are vulnerable to hacking from its servers, and if DJI drones that already had vulnerable firmware installed connected to the internet, the drones would auto-update to a less vulnerable version of the software.

A screengrab from a DJI ‘reverse engineering’ channel.

“A recent firmware update issued for all DJI drones fixes reported issues and ensures DJI’s products continue to provide information and features supporting safe flight,” the company told me in a statement. “DJI will continue to investigate additional reports of unauthorized modifications and issue software updates to address them without further announcement.”

“DJI continually monitors reports of modifications to its drones that might make their operations incompatible with drone safety best practices,” the company added.

The steps DJI took to prevent the hacking of its drones sparked further criticism from a vocal portion of the consumer drone community determined to win full control of how and where they fly their drones. Hackers, meanwhile, have started all-out assault on DJI’s flight software. Online modification communities have taken to private Facebook groups and Slack channels dedicated to “unlocking” DJI’s products.

On Github, Finisterre publicly released his own DJI exploit. With this exploit, Finisterre is documenting the details behind one of the first mentions of a DJI jailbreak back in 2016 by a user known as P0V. P0V never completely revealed how to modify DJI’s firmware, but an update to their rcgroups.com post congratulated Finisterre on “figuring out” what P0V was trying to hide in their clues. A few days after Finisterre posted his exploit, he told me that it was “more powerful” than he had first thought, and that it can now be extended to DJI’s entire product line.

“Right-to-repair-style chop shops for drones will be a thing moving forward. John Deere isn’t alone, they are now in good company with DJI,” Finisterre said. “Even though they don’t want to be there, the digital arms race is thick!”

I spoke to a creator of one Facebook group dedicated to modding DJI’s products, who says he used a USB sniffer to capture the data when downloading a Coptersafe mod to analyse how exactly to implement the hack on DJI’s software, then released it for free himself.

“Our group and movement was created to teach DJI a lesson. How they think they can get away with any of this beats me…and it was only a matter of time before the owners fought back.” ThatDumbDronie, the group’s creator, told me in a Facebook message. “And we will continue to fight in this digital war against DJI for the foreseeable future.”

Customers believe that, because it has made allegedly vulnerable firmware unavailable to download, DJI was attempting to coerce them into using harder-to-hack software that is unaffected by Coptersafe and other mods. In response, forum members have begun archiving older firmware onto virtual machines.

An email from Coptersafe sent to customers told customers to “avoid using” newer forms of DJI’s software: “Don’t update anything,” the company said. Coptersafe has not yet responded to my requests for comment.

The email from Coptersafe posted onto a Facebook group.

Long threads on drone forums like Hak5, RC Groups, and Mavic Pilots have been dedicated to modifying drone software; the tenor of the conversations have gotten heated and at times hysterical after pilots felt that DJI was trying to shut them down. In one Slack group, a user publicly claimed he received a cease-and-desist order from DJI; the user could not produce the cease-and-desist order for Motherboard, and DJI told us unequivocally that “no cease-and-desists have been sent.”

Many pilots argue DJI’s restrictions are overbearing, and indiscriminate no-fly zones are stopping commercial pilots—who use DJI’s products for mapping, video work, or 3D imaging purposes—from working. Pilots can apply for no-fly zone restrictions to be lifted, but some say this is a long and sometimes unsuccessful process. DJI itself has told Motherboard that sometimes the process of getting a waiver can take several days. Online forums, meanwhile, are littered with instances of DJI pilots claiming they are unable to fly in areas that technically should not be no-fly zones.

ThatDumbDronie’s Facebook group, a now-secret forum called ‘MyDJI – Drone Development,’ has grown by more than 400 members in the past week, and now wields a 600-strong member base, with many members sharing images of high-altitude flights with drones unshackled from DJI’s limitations.

“Maybe DJI should pay attention to what only a small group of 500 people have achieved in less than a week,” he told me.

Is drone hacking legal?

In the United States, people jailbreaking their drones are operating in something of a legal grey area concerning a federal copyright law called the Digital Millennium Copyright Act. The Librarian of Congress, which administers specific exemptions to the law, has given wide latitude to tinkerers seeking to break through software locks for the sake of repair or restoring factory settings—it is currently legal to hack into tractors, cars, and cellphones, but it’s not legal to jailbreak video game consoles. There is currently no specific exemption for drones, but DJI would have to bring a suit against its consumers to test this for sure (it has not indicated that it will do so).

Even if DJI did try to sue one of its customers, digital liberty experts say that such use of the DMCA (which has been threatened by manufacturers in other sectors) doesn’t fit with the intent of the law, which was written to prevent copyright abuse.

A user-created meme from ThatDumbDronie’s Facebook group.

“The DMCA is meant to address instances of piracy,” Ferras Vinh, policy counsel for the Open Internet Project at the Center for Democracy & Technology told Motherboard. “When we look at it in this context, it’s a broad misapplication of the way the DMCA was supposed to be implemented. When we’re talking about individuals who are tinkering, who want to see what’s under the hood of their software, it’s a piece of legislation in serious need of reform.”

Vinh said there are many legitimate reasons to hack a drone, and that the US copyright office doesn’t recognize a general exemption to the DMCA based on public safety concerns. If someone were to use a hacked drone to fly illegally, they would run afoul of Federal Aviation Administration regulations, not copyright law. For instance, many researchers hack cars and internet of things devices to discover code that may infringe on a consumer’s privacy or software vulnerabilities that could be remotely exploited by nefarious hackers.

“I want to make this clear—I think there’s a legitimate safety interest in ensuring these drones do not fly near airports or potentially sensitive areas,” he said. “I understand legitimate need to do so. When you try to enforce this through copyright law, it produces a chilling effect toward tinkerers and security researchers. I think we’re talking about infringing on consumer safety and protection.”

Read more: Why Is Drone Manufacturer DJI Trying to Fight ISIS?

The drone hacking community does not advocate flying illegally or in an unsafe manner. ThatDumbDronie, like many other pilots, is critical of anyone who wants to break the law when they fly. Sharing a news report in the Facebook group regarding drones causing flight disruptions at London’s Gatwick airport in early July, he said, “Cannot stress enough…stay the fuck away from airports. I pray the drone pilot wasn’t from this group because if you are you’re completely abusing our mods.”

As for DJI, the company appears to be damned if it does, damned if it doesn’t: Regulators expect the company to use geofencing technology to prevent potentially lethal incidents involving its drones, but by implementing them, it risks upsetting customers who believe that they should have complete control over the devices they own. DJI also uses its geofences in an attempt to prevent ISIS from using its drones in Iraq and Syria.

“We believe the overwhelming majority of our customers want to fly safely and we think this is a fair compromise between safety, property rights, and the security of public airspace,” the company told us in May.

Jason Koebler contributed reporting to this piece.

Get six of our favorite Motherboard stories every day by signing up for our newsletter.