ArsTechnica has an interesting article about the security, or lack thereof, in Parrot A.R. drones.
In two separate presentations at Def Con in Las Vegas last weekend, security experts demonstrated vulnerabilities in two consumer drones from Parrot. The simplest of the attacks could make Parrot drones, including the company's Bebop model, fall from the sky with a keystroke.
In a live demonstration at Def Con's Internet of Things Village on August 8, Ryan Satterfield of the security consulting firm Planet Zuda demonstrated a takedown of a Parrot A.R.Drone by exploiting the drone's built-in Wi-Fi and an open telnet port on the drone's implementation of the BusyBox real-time operating system. Connecting to the drone gave him root access to the controller, and he was able to kill the processes controlling flight—causing the drone to drop to the ground.
In a session at DEF CON on August 9, researcher Michael Robinson, a security analyst and adjunct professor at Stevenson University in Maryland and George Mason University in Northern Virginia, dove further into the vulnerabilities of Parrot's drones, discussing his research on the Bebop drone in a session entitled, "Knocking My Neighbor's Kid's Cruddy Drone Offline."
(Score: 3, Interesting) by darkfeline on Sunday August 16 2015, @10:30PM
Uh, a device can be both hackable and secure at the same time. By all means, ship a drone with open hardware specs and flashable ROM, using a secure communication protocol by default and giving the owner access to the auth token/key. That's different from a drone which anyone in the vicinity can hijack and control.
Join the SDF Public Access UNIX System today!