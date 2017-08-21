DJI Spark Owners Must Update Firmware By September, Or Their Machines Will Be Bricked (suasnews.com) 158
garymortimer shares a report from sUAS News: News has arrived of a mandatory firmware update from DJI. Owners of DJI's latest and smallest quadcopter must update their firmware by September the 1st or their machines will automatically ground themselves. The Firmware update apparently is to stop in flight shutdowns that have been occurring. So no bad thing to fix, a safety issue. Perhaps questionable is DJI's ability to brick other peoples property if required. The "Kill Switch" option is already causing consternation in user groups.
They're just begging to get hacked and have their firmware code leaked.
Come on, man. You bought it so, what? You think you own it? That's totally 90s thinking. You just rented it until we decided you can't use it anymore.
I have that Stallman manifesto around here somewhere...
Sadly, you may be joking but these companies now seem to think just like that.
SaaS is a super dangerous concept that he majority of computer users have no idea of what's going to happen.
1 - Consolidation of services from standard capitalism. (I'm not arguing against capitalism.) As far as I can tell in my reading of history and experiences in life, all economies eventually end up as monopolies because users prefer simplicity.
2 - You don't own your products.
3 - What happens when the company goes out of business? We're basically banking our entire ownership of media on one thing. Either the owners of our current products will NEVER GO OUT OF BUSINESS (yeah, we're all using AOL--the last big tech company--right?) . Or 2), that somehow, through the "goodness of their hearts" all businesses will magically assume they might go out of business and have in their contract that your content must be transfered over. Except when they declare bankrupcy... what happens then? And what happens if people don't want to RUN the servers anymore? (Think of 90% of great FPS games from the 90's and 2000's that need dedicated, proprietary servers that were shut down.)
The ONLY thing that can save us is either moving away from SaaS, or, a law (good luck!) that stipulates that user content must be storable on the user's machine if no equivalent service is instantiated by the next company. And what if the next company has your stuff... but doesn't give a shit about your privacy and dumps adware into the old products? It's not like any company took someone else's products and bundled adware with it...
::cough::sourceforge::cough::
We are heading for a disaster and nobody even realizes it. What happens when we hit the next major recession / tech bubble burst? It's not like we're living in an era of super-hyper-valuation of unicorn startups with no viable income strategy yet.
.. Oh... shit.
We are heading for a disaster and nobody even realizes it.
Plenty of us in the tech community realize it. Unfortunately, most people outside the tech community don't understand the implications, and there are a lot more of them than us.
What happens when the company goes out of business? We're basically banking our entire ownership of media on one thing. Either the owners of our current products will NEVER GO OUT OF BUSINESS (yeah, we're all using AOL--the last big tech company--right?)
Nobody goes out of business. AOL is a failure, but Time is still alive, owning the remnants of AOL. AMC never went out of business. They are still trading, owned by Fiat. You can retire a brand, but nothing dies. Enron died because with the legal liability, there was nothing left of value, but AC, that was going down with them, changed names and still exists. Despite the felonies. Pets.com is still around, sort of, with the parts and pieces sold off. So when MCI Worldcom declares bankruptcy, the ser
Nobody goes out of business.
... So when MCI Worldcom declares bankruptcy, the services people buy from them aren't interrupted.
Tell that to the people who bought a Zeno smart drone. They now own a paperweight that at one stage could fly (albeit badly),
Talk to gamers that have been around for more than a decade or so. I think you'll find that companies do actually go out of business, and when that happens, their customers suffer a direct loss.
Anybody tried to use the app store on their wii lately?
When Netflix updates there codex Netflix will no longer work because there is no way to update on the wii.
Sure purchased games still work but the device has certainly lost some of it's functionality, including the ability of most games to network. That is a company that didn't even go out of business. Just stopped supporting their own product.
1 - Consolidation of services from standard capitalism. (I'm not arguing against capitalism.) As far as I can tell in my reading of history and experiences in life, all economies eventually end up as monopolies because users prefer simplicity.
Hardly. But there are strong incentives for profit-seeking companies to corner markets and extract profit. Capitalism loves competition, the companies in a capitalistic society hate it. And because consumers are individuals we tend to grab our personal short term gain to the deteriment of the long term market.
2 - You don't own your products.
No, but most people figure that if something turns to shit they can find something else. They can't control what Microsoft is doing with Windows but they can get a Mac. Sure in a perfect world but...
3 - What happens when the company goes out of business?
Big
I have literally had different CEO's from different companies in different States say "I don't want to be held hostage by a developers" as a reason not to hire on site programmers. No irony there.....
So shoving your life blood into something that looks like the "internet" that always
We are heading for a disaster and nobody even realizes it.
Plenty of us do realize it, but you're right -- plenty don't. Even here, when I express my concern about and mitigation measures against these sorts of things, people sometimes accuse me of paranoia.
Only if the damages were a direct result of those updates. That would be true whether or not the updates were forced.
Good reason to kill that contract.
Re:And the Army is really buying these things? (Score:4, Informative)
What is the alternative? The DJI drones are a generation ahead of anything else on the market
... and with an 85-90% market share, they have enough revenue to extend their lead.
Disclaimer: I have a DJI Mavic Pro. It is very nice.
Being the military, they can build (or contract out) their own.
The F-35 took 26 years to go from contract to production, and will cost a trillion dollars. But drones are props rather than jets, so maybe the V-22 Osprey is a better comparison. It took 32 years, and cost $36 billion.
Unless they have an unlimited budget and are building it for their great grandchildren, they need to go COTS.
> The F-35 took 26 years to go from contract to production, and will cost a trillion dollars.
Has there been a single use of an F-35 aircraft in any military missions whatsoever? So far, I'm only seeing test flights and many reports of faked tests.
Re: (Score:3)
Lockheed has desperately tried to get it combat ready with a list of caveats as
Re: (Score:3)
The F-35 has been in constant development for a quarter of a century and there is no sign whatsoever that it will ever be fully combat ready in any way shape or form. Certainly not in a way that meets its requirements. We're now into territory where you're looking at it being cancelled if some serious progress is not shown within a very short period of time.
For real? What government has the balls to back out of the F-35 now? Australia has pretty much decided not to buy anything else, so the existing fleet is getting older and older. The US (from what I can see) has gone the same way: if it's not F-35 then it's obsolete. Heck; look at the stink when the A-10's where being considered for mothballing.
In my personal, armchair general view of the fighters, the F-35 program is so far into escalation-of-commitment group-think territory the only way out is to can
Re:And the Army is really buying these things? (Score:5, Insightful)
The army already builds (contracts out the building of) their own drones.
The micro-UAVs, the ones closest to a DJI ~(4.5 lbs), cost the Army [strategypage.com] (These are the inexpensive ones) $35,000 each for a Raven RQ-11B. A complete system (controller, spare parts, and three UAVs) costs $250,000 for the Raven and over $400,000 for Puma (6 lbs, heavier battery, flies longer).
So yeah, for the price of one Raven, you could only afford to buy 25 DJI Phantom 4 Pro drones. The Raven can go farther faster, the Phantom has a better camera and can avoid obstacles on it's own and circle/follow a target on its own, so they have complementary uses, but one is obviously way cheaper than the other.
What is the alternative?
Best drone ever [youtube.com]... single motor, caged prop so you can safely bump into things, spherical shape so it can upright itself or even roll along the ground. Unfortunately the market has spoken, so there are very few of them.
Interesting. That thing should be more or less indestructible. Why aren't these popular? Patented all to hell?
It needs to be covered in a light grey mesh material, with a large circular feature somewhere on the upper hemisphere.
Make that thing an RC Death Star and you won't be able to keep it on store shelves.
The DJI drones are a generation ahead of anything else on the market
It seems like "a generation" doesn't really matter that a much in a field where it's year-sized or so. Not to mention that in this booming field, DJI could easily become the IBM of multicopters.
What is the alternative? The DJI drones are a generation ahead of anything else on the market
... and with an 85-90% market share, they have enough revenue to extend their lead.
Disclaimer: I have a DJI Mavic Pro. It is very nice.
DJI sucks. They're like a crappy Chinese GoPro knock off. You can buy kits from just about anywhere and get a much better copter for the same amount of money.
I'll buy the Chinese knock off.
The Chinese drones are not "knock offs". They are way ahead of anything made in America.
Racing isn't the only use for quads. Unfortunately for the industry DJI IS a couple of years ahead in small, cheap, general purpose quadcopters that have a metric shitton of add on software for them. No, they don't do 10 bit RAW video (but the Inspire x5 RAW does), but most people don't NEED that kind of quality.
The big guys are shooting off $50,000+ rigs, they've left DJI in the dust. But there are what, maybe a couple thousand pro video UAVs in the world. DJI sells that many in a week.
Horses for cou
A Delta Fan isn't a quad. It's a fucking jet turbine masquerading as a computer cooling fan.
So what is the kill mechanism? (Score:3)
Regardless of implementation, this is a fine testament to the advantages of products that spend their entire lives phoning home to the vendor; but some implementations are even worse than others.
Re:So what is the kill mechanism? (Score:5, Informative)
Anyone know how the kill is implemented?
I have DJI Mavic, not a Spark. Mine uses a smartphone as the controller GUI. When I connect my phone to the drone controller, the app will sometimes, but not always, check for updates. If an update is available, it is downloaded and installed, without any opportunity for opting out. Some of the downloads may be legally required, such as data for restricted airspace. Others, as in this case, are safety issues, so I don't see why anyone would want to opt out, or why anyone should be allowed to, since they may be endangering other people.
Nitpick: The headlines use of the work "brick" is misleading. The drone cannot be flown until it is updated, but it is not "bricked". As any true nerd knows, when something is "bricked" it is permanently and irrevocably disabled, which is not what this is.
You also realise it's a Kill Switch right? (Score:1)
If you want to actually own one you'll have to build it. DJI just sells you the right to fly it but it's not really yours.
Re: (Score:2)
Generally, bricking is when the actions necessary to recover are beyond typical end user procedures. For example, soldering connections in and using JTAG.
If recovery is simply a matter of using the documented end user interface to upload new firmware, it's not bricked.
Re: (Score:2)
Perhaps not. Just worthless.
Re: (Score:2)
Yes, if and when the documented end-user procedure no longer works, it will be bricked. That time is not this year.
I have DJI Mavic, not a Spark. Mine uses a smartphone as the controller GUI. When I connect my phone to the drone controller, the app will sometimes, but not always, check for updates. If an update is available, it is downloaded and installed, without any opportunity for opting out. Some of the downloads may be legally required, such as data for restricted airspace. Others, as in this case, are safety issues, so I don't see why anyone would want to opt out, or why anyone should be allowed to, since they may be endangering other people.
Huh? Are you talking about NFZ map updates? Firmware updates are announced but can be skipped, and app updates are entirely managed by the user.
Re: (Score:2)
I wonder what happens if you firewall that app so it can't check for updates. If you are on Android and want to try there are loads of free firewall apps.
Re: (Score:2)
It works just fine. That's what most advanced users that are annoyed with DJI do.
Don't talk to momma.
If you are on Android and want to try there are loads of free firewall apps.
Some are better than others, but yes. This is what I do -- for all apps. By default, every app is firewalled off so that it can't talk through the WiFi or cell network at all. I selectively allow a few specific apps net access, but mostly -- nobody gets to talk.
This is for two reasons: so that I don't have to worry as much about what data apps are sending home, and so I can minimize the number of apps that auto-update.
As any true nerd knows, when something is "bricked" it is permanently and irrevocably disabled, which is not what this is.
Disagreed. In the first place, a device which even a 'true nerd' considers bricked, may be repairable by someone with greater knowledge, more skill, or access to special parts, documentation, or software. So the definition of 'bricked' is situational. Secondly, if the owner doesn't consent to the update, (and ANY reason for not consenting is perfectly valid, from the standpoint of a true owner), then the craft is bricked, unless and until there is a third-party workaround. So the definition of 'bricked' is
Re: (Score:2)
Re: (Score:3)
And the easy way to get around the problem is the same way the Army could get around the lets-send-everything-China issue. You don't connect the thing to the Internet. Ever.
The headlines use of the work "brick" is misleading. The drone cannot be flown until it is updated, but it is not "bricked". As any true nerd knows, when something is "bricked" it is permanently and irrevocably disabled, which is not what this is.
The headlines use of the work "brick" is misleading. The drone cannot be flown until it is updated, but it is not "bricked".
If one doesn't want the update (for whatever reason) his/her drone is bricked. Your nitpick is pointless.
I don't see why anyone would want to opt out, or why anyone should be allowed to
Why they'd want to is unimportant. The important issue is -- do they own the thing or not? If so, then it makes zero sense to force any change to the product on them, no matter how desirable it may be. If it's that desirable, then people will voluntarily make the change.
Re: (Score:3)
I bet the time can be changed to allow longer use of the old firmware...
It uses a smartphone as the GUI for the controller, so it can pull the time from the cellular network.
The drone also has a GPS receiver, and can get a timestamp from the GPS satellites, accurate to within 40 nanoseconds.
Any mechanism based on a certain date will require the flight controller to keep track of time. If it can keep track of time, I bet the time can be changed to allow longer use of the old firmware... Not that you would want to in this case.
Except that the time may be determined from GPS, and a lot of the functionality of the DJI is derived from knowing its location (from GPS/GNSS).
It probably gets the time from the GPS receiver. Most GPS receivers still use RS232 signalling (at 3.3V level), and most use the simple NMEA protocol. It would not be at all difficult to program a microcontroller to man-in-the-middle the data and change the date. The main difficulty would be physically installing it.
Re: (Score:2)
MOST users of the DJI consumer quads have problems following the 4 step directions to update the firmware. Hacking the GPS data stream would be well beyond the vast majority of them and DJI couldn't give a rat's ass about the hundred or so folks so inclined.
We;re in consumerville here.
>> this is a fine testament to the advantages of products that spend their entire lives phoning home to the vendor
I think you mean disadvantages
Serious question (Score:2)
Where are the FOSS firmwares for these things, from the likes of which routers have benefited for many years?
Re:Serious question (Score:4, Informative)
Getting root on DJI drones seems trivial usually having SSH open with a default password, unfortunately the firmware is signed so full modification of firmware is problematic without the key, though I have an idea about that. Unfortunately I don't have a DJI drone accessible to test my theory at the moment.
Pretty much everywhere, honestly. Except for DJI, nearly all drones are flown with open-source controllers. ArduPilot was one of the earlier successful ones. There are dozens of drone platforms to choose from, some of which are very capable.
None of them are as slick and polished as DJI's project, though.
That's a good point, NEVER BUY FROM DJI (Score:3)
Personally I have never been into ANYTHING that can connect to a cell phone in this manor for a lot of reasons.. But the very fact that the maker of your product can now KILL IT via remote software? How is this NOT a major strike against this company? I mean, of all the ways you could have done this you just flat out remote kill it?
Well I tell you what DJI. You just earned yourself a permanent 'no sale' from me on any product you make. But hey, to be honest you got a hard no sale on the drone from the get go. Now you've killed all potential trust I can have in your company.
Re:That's a good point, NEVER BUY FROM DJI (Score:4, Funny)
Personally I have never been into ANYTHING that can connect to a cell phone in this manor for a lot of reasons.. But the very fact that the maker of your product can now KILL IT via remote software?
Is it really remote software? Maybe the firmware simply has a built in expiration date so you have to keep it up to date to keep the product flying.
Re: (Score:3)
But the very fact that the maker of your product can now KILL IT via remote software? How is this NOT a major strike against this company?
Probably because it's not true and media reporting is going down the shitter making everyone angry for no reason.
The DJI drones frequently need to check for updates to the no-fly zones or they don't take off. Updates are mandatory and this will be pushed like every other one. Aside that it is in the media this is just situation normal for owners of DJI drones (which need mobile phones to fly anyway).
Toe-may-toe, toe-mah-toe.
Well thanks for the outstanding retort Anonymous Coward. You get a good start a merit barge for basic web stalking.
Well thanks for the outstanding retort Anonymous Coward. You get a good start a merit barge for basic web stalking.

But hey, to honesty answer you question is because even though I'm abrasive prick with a negative attitude towards these products is because not only do I love these technology in general but I want these products to suck less.. Pretty much everyone one of these technologies I enjoy, but also have serious problems how most of the underlying tech ins implemented in products. Well maybe not F
Re: (Score:2)
but I want these products to suck less.
Also, it's important to push back against this sort of nonsense even if it involves products that you don't personally use.
If companies get away with this stuff without resistance, more and more companies will start doing it. Eventually, it becomes normal and expected.
That is the end result that I think we need to avoid at all costs.
LOL, bricked (Score:2)
There is a good Defcon talk about this. The software keeps track with a database file and you can edit the file on your phone and override any no fly settings.
This will cause a TON of bricked DJI Fraud Sales.. (Score:1)
no more DJI (Score:2)
Guess they forgot to mention (Score:2)
that you don't really own it. . . . it's more of a subscription plan type thing
:D
They allow you to play with their shiny new toy ( for a fee of course ) but you'll play with it as you're told. If you don't, we'll take it away.
And - there - is - nothing - you - can - do - about - it ( except not buy the damn thing in the first place )
I just love that feeling. . . . don't you ?
( It's like Microsoft. . . . or Adobe. . . or Autodesk . . . or Cable TV . . . or . . . damn this is pretty common these days huh ?
DJI is a Communist co in a Communist... (Score:2)
"Bricked"?!? (Score:2)
So it won't fly if you don't upgrade the firmware. That isn't the same as "bricked."
Bricked is when it won't do anything. As in, it's a brick. Won't boot / communicate / etc... Usually recovering something that's bricked involves re-flashing firmware offline somehow, or running some sort of emergency recovery utility and spoon-feeding it a bootloader over USB/serial/I2C/whatever.
DJI set up the app so it won't let the drone take off.
It's as if there's one person who writes how characters talk about computers
Think drone == aircraft (Score:1)
Imagine you had bought a full-fledged aircraft. If the manufacturer finds a dangerous flaw, the FAA can ground the entire fleet; no recourse. I am not pleased with society's over-reaction to drones (getting hard to find places to fly them), but I do believe in making them safer (and limiting the ability of idiots to give drones an even worse reputation).
As for the "bricking" headline, I suggest the original poster stop hyperventilating. Requiring you to update the firmware before flying again is nothing
That's still legal grounding, not technical. I can still take off with that plane if I so please, provided I'm willing to risk my license and very likely freedom.
But I fuckin' CAN!
So walk the software back a couple of versions. DJI even keeps the old version in around in case the upgrade screws up. You can download all sorts of firmware versions on the DJI website. Of course, it's a cat and mouse game to some extent. DJI has recently only allowed you to go back on version instead of to an arbitrary set.
Progress?
Brick it, how, exactly? (Score:2)
Does it get bricked remotely, or is there an expiry date built into the existing firmware?
They're controlled/flown by a smartphone app. The app checks the firmware's software hash against a hash the app gets from DJI using your phone. If the hashes don't match, the controller-app won't let the drone take off.
Not entirely clear on whether or not the app will let the drone fly if there's no cell/'net service to be able to check current authorized hashes. Likely there's a 'window' of time (24 hours? 72 hours?) where no cell/'net service is not an issue and the app will allow takeoff, because if it
Who the hell buys this crap? (Score:2)
Why, please tell me, would I want to buy something where the maker and not me gets to decide what lifespan the product gets to have? We're back at the garage openers that are under 100% control of the company making them, why the hell would I willingly hand over control over my product to the maker? At the very least I'd want the option to wipe their software and install my own.
People who buy DJI are idiots (Score:2)
When I bought my drone I looked into various manufacturers and types including DJI and saw that buying a DJI was a recipe for disaster. You don't want to become slaved to the manufacturer with forced updates and requiring Internet connection and other silly stuff. This can seriously hinder your usage of the drone just when you need to use it, not to mention what will happen when the company goes broke. Bye bye drone.
So I bought a chinese drone instead with no "no-fly zone" garbage and no forced updates of a
Just the tip of the iceberg. (Score:4, Interesting)
Second thoughts (Score:2)
While my first response to this situation was outrage, sober second thoughts have prevailed, and I now see some sense in DJI's actions. They have a moral obligation to the public, (and a fiduciary obligation to their shareholders - I don't give a shit about that, but some people do), to ensure that the products they sell remain both safe, and compliant with changing regulations. The problem here is not in their ability to enforce updates that correct safety shortcomings and allow for changes in legal requir
Re: (Score:2)
The problem here is not in their ability to enforce updates that correct safety shortcomings and allow for changes in legal requirements, no-fly zones, etc.
I disagree. I think that is exactly the problem.
They could also correct the problem by making it clear that you don't actually own the device you're paying money for. You're leasing it.
Get over yourselves (Score:2)
Your drone should be able to fall out of the sky and kill anyone that it wants whenever it wants because you want the choice to be able to fix it at your convenience.
Fuck right on off.
How're they able to self-brick but not self-update (Score:2)
The update situation is a joke (Score:2)
On the one hand, we have people who routinely don't do updates because they can't be bothered, or don't feel they bear any responsibility to the upkeep of their equipment.
On the other hand, you have companies like Microsoft who have done an excellent job of fucking up so many updates so badly, that people are now *afraid* to update for fear of having their machines get hosed.
So we're stuck taking everything at a case-by-case basis. If DJI doesn't have a history of botching their updates, there is no excuse
You think? (Score:2)
The "Kill Switch" option is already causing consternation in user groups.
Who could have expected that people would be upset that it turns out they don't own a device that they thought they owned?
You say that like it's a bad thing. See also: Rule 34.
But that aside, it's easy to understand a manufacturer erring on the side of caution in today's litigious world. One kid in the US loses an eye and it's not the drone operator that'll get sued for failing to update their firmware, it's the large global company with lots of resources.
At an individual level the risk is miniscule. For DJI the risk needs to be assessed at a corporate level, in terms of financial exposure, any criminal liability, the PR aspec
See also: Rule 34.
Note to self: DONT use Google to confirm the obvious.
Must clear cache. Delete cookies. Replace PC.
Some of the DJI hardware is frankly lovely. It comes with excellent software too.
You may want more manual control and some people are writing software that allows greater autonomy but there aren't many options that include the usability and capability of the DJI drones, let alone at that price point.
Just because something is accessible to beginners doesn't preclude its use by professionals.