Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday August 23 2017, @12:47PM   Printer-friendly
from the and-you-thought-you-owned-it dept.

DJI Spark drones will not fly after September 1 until users have applied a mandatory software update:

DJI Spark drones will not fly after 1 September unless owners apply a mandatory software update, the device's maker has warned. DJI said the update to the small drone's core software fixes some flight control issues suffered by the gadget.

The drone maker said it had warned owners about the deadline so they could avoid having their craft grounded. But the mandatory update has caused some owners to question the control DJI retains over their devices.

In a statement, DJI said the update would improve how the Spark manages power. It also helps it work with smart spectacles that give owners an immersive view of what the drone films. It added: "If the firmware of either the aircraft or the battery is not updated by September 1, Spark will not be able to take off."

Also at The Verge and Quartz.


Original Submission

Related Stories

DJI Will Create No-Fly Zones Around Olympic Venues in South Korea 18 comments

Days ago, South Korean authorities announced that they'd capture any drone that got too close to Olympics event facilities. If you have a DJI-made craft, you won't even be able to get close. The UAV maker is releasing a software patch that creates a no-fly zone around Olympic areas.

For the duration of the games, DJI drones won't be able to fly through areas in the South Korean cities of Pyeongchang, Gangneung, Bongpyeong and Jeongseon.

"Safety is DJI's top priority and we've always taken proactive steps to educate our customers to operate within the law and where appropriate, implement temporary no-fly zones during major events," the company said in a statement, according to TechCrunch. "We believe this feature will reduce the potential for drone operations that could inadvertently create safety or security concerns."

Source: Engadget

Related: DJI introduced new software to stop its drones from flying in restricted airspace.
DJI Will Ground Drones If They Don't Apply a Software Update


Original Submission

GitHub Rejects Drone-Maker DJI's DMCA Takedown After Encryption Keys Get Forked 19 comments

Drone hackers/researchers can modify the firmware for DJI drones, thanks to rogue DJI developers and a fork of a public Github repo:

Github rejected a DMCA takedown request from Chinese drone-maker DJI after someone forked source code left in the open by a naughty DJI developer, The Register can reveal.

This included AES keys permitting decryption of flight control firmware, which could allow drone fliers with technical skills to remove geofencing from the flight control software: this software prevents DJI drones from flying in certain areas such as the approach paths for airports, or near government buildings deemed to be sensitive.

Though the released key is not for the latest firmware version, The Register has seen evidence (detailed below) that drone hackers are already incorporating it in modified firmware available for anyone to download and flash to their drones.

[...] In fact the people who posted the keys to DJI's kingdom, as well as source code for various projects, were DJI devs. The company said in a later statement that they were sacked.

The code was forked by drone researcher Kevin Finisterre, who submitted a successful rebuttal to the takedown request on the grounds that Github's terms and conditions explicitly permit forking of public repos.

[...] Drone hackers have already begun distributing modded firmware for DJI's popular Phantom drones, as we can see on – where else? – Github

Previously: Man Gets Threats-Not Bug Bounty-After Finding DJI Customer Data in Public View

Related: DJI introduced new software to stop its drones from flying in restricted airspace.
Skip the Complex Tracking Software, DJI Says, and Give Drones an "Invisible" License Plate
$500 DJI Spark Drone can Take Off and Land from Your Palm
DJI Will Ground Drones If They Don't Apply a Software Update


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 5, Insightful) by FakeBeldin on Wednesday August 23 2017, @01:12PM (16 children)

    by FakeBeldin (3360) on Wednesday August 23 2017, @01:12PM (#557969) Journal

    Sonos will brick its speakers if you don't accept the new privacy policy [zdnet.com]. After you already paid for it.

    (I thought I saw this already on SN but couldn't find it quickly).
    This is a worrying trend. It does not seem okay to sell hardware without any clear restrictions and then later impose additional restrictions on the user to continue using that hardware. It seems somewhat reminiscent of the Sony playstation "other os" bricking, except that in that case, the hardware still should provide its core functionality. Both Sonos and DJI seem to have no problem selling you expensive hardware and then later, unilaterally, deciding to brick it unless you do what they say.

    I have yet to hear about any refunds offered to owners who do not wish to update. That ought to be legally required.

    • (Score: 0) by Anonymous Coward on Wednesday August 23 2017, @01:18PM (7 children)

      by Anonymous Coward on Wednesday August 23 2017, @01:18PM (#557973)

      Manufactures don't want you to own anything because they're sick of making stuff when they can rent stuff. That way they don't have to compete as much in the engineering department, a very expensive department. They can also try to reduce customer support by remotely pushing fixes before customers complain. So you get stuck with throw away trash connected to the cloud which you pay the privilege of $19.99/month to keep active. Don't like it? Too bad.

      • (Score: 5, Informative) by Grishnakh on Wednesday August 23 2017, @01:29PM (6 children)

        by Grishnakh (2831) on Wednesday August 23 2017, @01:29PM (#557983)

        No, it's not "too bad". Don't like it? Don't buy it. This is the second time in two days I think we've seen a story here about some device requiring a mandatory software update. This should be a good lesson about why not to buy cloud-connected shit.

        • (Score: 0) by Anonymous Coward on Wednesday August 23 2017, @02:13PM (2 children)

          by Anonymous Coward on Wednesday August 23 2017, @02:13PM (#558009)

          No, it's not "too bad". Don't like it? Don't buy it.

          It is "too bad" for the people who already bought it and hopefully a lesson in why not to buy it. But hey, people are stupid so....

          • (Score: 2) by hemocyanin on Wednesday August 23 2017, @04:14PM (1 child)

            by hemocyanin (186) Subscriber Badge on Wednesday August 23 2017, @04:14PM (#558057)

            When I'm looking for a small speaker to play music, I don't go reading audio magazines or tech sites. I would only know about this by pure random luck, and when you Look at their website: http://www.sonos.com/en-us/products/wireless-speakers [sonos.com] -- there isn't really anything about it. Personally, I would wonder about how the streaming is set up and the fact that it requires an phone/tablet app would make me immediately suspicious, but most people would simply think of it is a speaker, and not the mediating software platform in the middle of all this that makes it only seem like a simple speaker.

            Anyway, most future buyers aren't stupid, they're just victims of deceptive advertising.

            • (Score: -1, Troll) by Anonymous Coward on Wednesday August 23 2017, @05:51PM

              by Anonymous Coward on Wednesday August 23 2017, @05:51PM (#558086)

              they're ignorant and lazy. they just buy whatever closed shit gets put on the shelves then whinge like little babies when they are treated like the victims they allowed themselves to be because it was more convenient. They also fund these scumbags who are trying to victimize them, while people making open products routinely go out of business or practically starve to death. They also go around making excuses and shilling for their masters. Kind of like how you're making excuses for their lack of responsibility for their own actions. It's all very disgusting.

        • (Score: 5, Informative) by RamiK on Wednesday August 23 2017, @02:53PM

          by RamiK (1813) on Wednesday August 23 2017, @02:53PM (#558024)

          Yup. There's plenty of FOSS offers in the market: https://dronegarageblog.wordpress.com/2016/12/12/best-quadcopters-with-open-source-firmware/ [wordpress.com]

          And not just toys. With 20kg payload and over an hour air-time, the AWuAV 3015E is getting ready for a crowd-funding campaign right about now( http://awuav.world/awuav-3015e/ [awuav.world] ) and should hopefully come-out with only one or two blobs for the LTE and wifi.

          Really, if people are buying these closed-sourced turds they have it coming.

          --
          compiling...
        • (Score: 1) by JustNiz on Thursday August 24 2017, @12:40AM (1 child)

          by JustNiz (1573) on Thursday August 24 2017, @12:40AM (#558250)

          Trouble is, you only find out which suppliers are doing it after you bought the damn thing.

          • (Score: 2) by Grishnakh on Thursday August 24 2017, @01:36AM

            by Grishnakh (2831) on Thursday August 24 2017, @01:36AM (#558269)

            Two points:

            1) I haven't looked too closely into this particular product, but I'm fairly sure that it's quite apparent before you buy it that it's internet-connected, uses a phone app to control, etc.

            2) You can usually return things for a short time after buying them. That's certainly the case with any big-box retailer, plus Amazon. When you open the box and find out it's like this, put it all back and take it back to the store for a refund. You can even cost the manufacturer money by telling them it doesn't work, so they'll process it as defective and send it back to the mfgr. Now the mfgr doesn't get your money at all, plus they pay for return shipping, plus they have to test it out to find it's not really defective (per their definition, not ours), and then they have to sell it as "refurbished" for a lower price to try to not take a complete loss on it.

    • (Score: 3, Offtopic) by Knowledge Troll on Wednesday August 23 2017, @01:34PM (6 children)

      by Knowledge Troll (5948) on Wednesday August 23 2017, @01:34PM (#557988) Journal

      I'm just wondering if you see the situation with the speaker and the aircraft as being equivalent because one change is for spying on you and one is to stop something from falling out of the sky.

      • (Score: 2) by FakeBeldin on Wednesday August 23 2017, @02:53PM (4 children)

        by FakeBeldin (3360) on Wednesday August 23 2017, @02:53PM (#558025) Journal

        The equivalence I see is that both companies have promised in the news that folks who have bought their devices will not be able to use them unless they accept the updates the company is planning to roll out.
        I.e.: both companies seem to think it's okay for them to decide that the hardware you bought no longer should function.
        That is a problem. Irrespective of the reasons for them to decide so.

        Now, one company *claims* that this is for safety concerns. However, this is the same company that earlier pushed a mandatory update that decides where you get to fly [gizmodo.com]:

        In May, DJI also announced users would be locked out of flight capabilities if they failed to register their devices in its database—ensuring software updates would allow users to comply with regional regulations.

        It's easy to come up with an example where someone who bought a drone finds that after the update, he can't use it for his normal use any more. I don't think it's okay for any company to unilaterally require updates that fundamentally change parameters of how you get to use the hardware you bought, or brick your hardware alternatively. At the very least, DJI and Sonos both should be offering to buy back the hardware - at full retail price.

        • (Score: 3, Insightful) by vux984 on Wednesday August 23 2017, @06:45PM (3 children)

          by vux984 (5045) on Wednesday August 23 2017, @06:45PM (#558120)

          However, this is the same company that earlier pushed a mandatory update that decides where you get to fly

          To be fair, that was ALSO a regulatory compliance issue that was primarily tied back to safety. Do-not-fly zones for drones are primarily determined by safety concerns.

          It's easy to come up with an example where someone who bought a drone finds that after the update, he can't use it for his normal use any more

          It's harder to come up with an example where that 'normal use' was actually LEGAL though; given the geo-fencing was regulatory.

          Not that I agree with DJI here. I think its complete bullshit. But it is also the reality of the IoT. EVERY single product that is IoT enabled, that runs via an app or via a vendor controlled server is susceptible to this. That is the nature of the beast. You always require the vendors approval and support to use your device. As long as customers WANT app enabled devices, this is what they will get. Its sad, but it does seem to be what the majority of people want.

          Our only real hope for a better future is to embrace it, and regulate it with a new "first sale doctrine" regulation that puts specific consumer friendly obligations on manufacturers that provide internet enabled devices. I can see Europe doing it... I have little hope for the USA.

          • (Score: 2) by Grishnakh on Thursday August 24 2017, @01:42AM

            by Grishnakh (2831) on Thursday August 24 2017, @01:42AM (#558272)

            Our only real hope for a better future is to embrace it, and regulate it with a new "first sale doctrine" regulation that puts specific consumer friendly obligations on manufacturers that provide internet enabled devices. I can see Europe doing it... I have little hope for the USA.

            We do have a workaround here in the USA: liberal return policies. It's a limited workaround though: you can usually only return stuff to the store for a pretty limited time, like 30 days, and up to 90 if they're really generous, though depending on where you go you might be able to return it afterwards if you kept all the packing materials, and go without a receipt and just get store credit. Anyway, when you buy something and find out it's like that, return it! If everyone did this, the mfgr would go out of business with all the costs the retailers put on them for returned merchandise.

            Of course, what's going to happen is stupid Americans are going to buy this crap, throw away the boxes, use it for a little while, then a few months later things are going to go bad and then they'll be fucked, and go out and buy something else just like it with the same problems.

            "Nobody ever went broke underestimating the taste of the American public." - H. L. Mencken

          • (Score: 3, Interesting) by Mykl on Thursday August 24 2017, @01:44AM (1 child)

            by Mykl (1112) on Thursday August 24 2017, @01:44AM (#558273)

            I have to agree with parent here. The motivations behind DJI and Sonos respectively are completely different. One is ensuring safety and compliance with regulatory requirements (due to the fact that there are so many jerks who deliberately fly their drones in dangerous places like airports), while the other is just a bag of dicks wanting to own you.

            A poor analogy, but you could say that this is like a mandatory car recall (these exist in other countries, not sure about USA), without the need to actually recall the device.

            • (Score: 2) by FakeBeldin on Thursday August 24 2017, @01:17PM

              by FakeBeldin (3360) on Thursday August 24 2017, @01:17PM (#558429) Journal

              If I trusted the companies to be completely forthwith about their motivations, then you'd be correct.
              Without diving into the update itself, I have to trust their word that this is the equivalent of a recall. Which would be much easier to swallow if this wasn't an update from a company who had previously forced updates enabling geofencing onto products no longer in their ownership.
              So now, I'm not so sure. All I know is that they require you to update the product you already "own" or else it'll be an expensive light-weight paperweight.

              (I'm not saying geofencing is bad. I am saying that taking my money and then crippling core functionality of the stuff I bought is very shady - even if it is for legal reasons or state-mandated. At the very least, offer me a choice between full refund or the update.)

      • (Score: 2) by hemocyanin on Wednesday August 23 2017, @04:15PM

        by hemocyanin (186) Subscriber Badge on Wednesday August 23 2017, @04:15PM (#558059)

        Unfettered power to do good is unfettered power to do evil.

    • (Score: 2) by bob_super on Wednesday August 23 2017, @05:25PM

      by bob_super (1357) on Wednesday August 23 2017, @05:25PM (#558080)

      > I have yet to hear about any refunds offered to owners who do not wish to update. That ought to be legally required.

      Many people won't have heard about this. The toy will refuse to fly. A lawsuit will happen. Lawyers will make lots of money. Companies will react with more EULAs.
      Europeans will strike down abusive clauses. Americans will sue again. Lawyers will make lots of money.
      Eventually, the fad will take a hit, since most of those drones are boring to fly, unless they are for racing or have nerf guns attached.

  • (Score: 3, Insightful) by Knowledge Troll on Wednesday August 23 2017, @01:17PM

    by Knowledge Troll (5948) on Wednesday August 23 2017, @01:17PM (#557972) Journal

    This is the price you pay for having equipment that is dead simple to operate. Don't want to spend an entire summer learning how to fly a multicopter? Just use your phone. Grumble grumble grumble - none of my DJI gear can even possibly do this, it has no way to receive communication from DJI. None of my DJI gear was intended for use by people who didn't want to invest a lot of time into learning.

    People don't want to take the time to learn how to fly? Take their stuff away because they aren't worrying about safety themselves. I don't have a problem with this.

  • (Score: 1) by Virindi on Wednesday August 23 2017, @01:22PM (4 children)

    by Virindi (3484) on Wednesday August 23 2017, @01:22PM (#557975)

    What is the real story here? Is there some bug which they want to make sure customers do not encounter? Did they add phone home anti-features and want to force people to report that data? Something else more sneaky?

    • (Score: 5, Informative) by Knowledge Troll on Wednesday August 23 2017, @01:23PM (2 children)

      by Knowledge Troll (5948) on Wednesday August 23 2017, @01:23PM (#557978) Journal

      ... because of an electrical issue. This is essentially an involuntary recall performed through software update.

      • (Score: 2) by DeathMonkey on Wednesday August 23 2017, @06:28PM (1 child)

        by DeathMonkey (1380) on Wednesday August 23 2017, @06:28PM (#558109) Journal

        This is essentially an involuntary recall performed through software update.

        There's a bit of precedence in the auto industry. [nytimes.com]

        If a manufacturer knows their product is hazardous it does seem they should be under some duty to protect the public. Whether this is going to far, or not, is another question.

        • (Score: 0) by Anonymous Coward on Wednesday August 23 2017, @07:35PM

          by Anonymous Coward on Wednesday August 23 2017, @07:35PM (#558141)

          That example is a bit different, since it just used the law. These drones are defective by design if they allow someone else to disable their functionality, since that shows the user is not truly in control.

    • (Score: 4, Interesting) by nobu_the_bard on Wednesday August 23 2017, @07:47PM

      by nobu_the_bard (6373) on Wednesday August 23 2017, @07:47PM (#558145)

      It seems under certain circumstances the battery reaches an unsafe situation and shuts off; or perhaps, the drone simply thinks it is unsafe.

      They seem to say not only does the drone's firmware requires an update, but also that the battery's firmware needs an update, and that it is an either/or situation to use the thing. I would interpret this to mean the problem is with the batteries, and they want a situation where either the drone firmware is able to compensate or the battery doesn't have the bugged version.

      Also there's a lot of talk about the app that controls it. Maybe the drone doesn't call home - maybe its control app does, and it can't operate if the app doesn't greenlight it?

(1)