We have been alerted to a fun tool, a DJI DroneID spoofer software for ESP8266/ESP32 and some other popular MCUs. Last year, we’ve told you about DJI DroneID — a technology DJI added to their drones, which broadcasts data including the drone operator’s GPS position, which, in turn, appears to have resulted in Ukrainian casualties in the Ukraine war. The announcement tweet states that DJI has added mechanisms from downgrading firmware. Hence, the spoofer.

There’s no other hardware needed, well other than an ESP8266 or ESP32 devboard, anyway. After the break you can find a video tutorial from [Joshua Bardwell] that shows you how to upload the code using Arduino IDE, and even going through coordinate tweaks. If you ever reminisced about the concept of throwies and were wondering what kind of useful, well, there’s your answer: clone the Git repo, compile it, program some interesting coordinates in, and witness the imaginary drones fly.

All in all, we get a lovely addition to our shenanigan toolkits. Surely, someone could use a neural network to distinguish real drones from fake ones, but it’s nothing that can’t be solved with a bit of code. Looking for a less daring hack? Well, you can always add some automation to your DJI drone by poking at the RGB LED signals.

Continue reading “Can’t Disable DJI Drone ID? Spoof It With An ESP!” →

Back when commercial quadcopters started appearing in the news on the regular, public safety was a talking point. How, for example, do we keep them away from airports? Well, large drone companies didn’t want the negative PR, so some voluntarily added geofencing and tracking mechanisms to their own drones.

When it comes to DJI, one such mechanism is DroneID: a beacon on the drone itself, sending out a trove of data, including its operator’s GPS location. DJI also, of course, sells the Aeroscope device that receives and decodes DroneID data, declared to be for government use. As it often is with privacy-compromising technology, turns out it’s been a bigger compromise than we expected.

Questions started popping up last year, as off-the-shelf quadcopters (including those made by DJI) started to play a part in the Russo-Ukrainian War. It didn’t take long for Ukrainian forces to notice that launching a DJI drone led to its operators being swiftly attacked, and intel was that Russia got some Aeroscopes from Syria. DJI’s response was that their products were not meant to be used this way, and shortly thereafter cut sales to both Russia and Ukraine.

But security researchers have recently discovered the situation was actually worse than we expected. Back in 2022, DJI claimed that the DroneID data was encrypted, but [Kevin Finisterre]’s research proved that to be a lie — with the company finally admitting to it after Verge pushed them on the question. It wouldn’t even be hard to implement a worse-than-nothing encryption that holds up mathematically. However, it seems, DroneID doesn’t even try: here’s a GitHub repository with a DroneID decoder you can use if you have an SDR dongle.

Sadly, the days of companies like DJI standing up against the anti-copter talking points seem to be over, Now they’re setting an example on how devices can subvert their owners’ privacy without reservation. Looks like it’s up to hackers on the frontlines to learn how to excise DroneID, just like we’ve done with the un-nuanced RF power limitations, or the DJI battery DRM, or transplanting firmware between hardware-identical DJI flight controller models.

Continue reading “Loudmouth DJI Drones Tell Everyone Where You Are” →