back

WTF DJI, UAV CTF?!

A hacker's view at commercial drone security

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:43:14
Language
English
Abstract
We'll take a look at how DJI - dominating player for commercial and recreational drones - builds their software, specifically from a security angle.

This talk will discuss DJI drones, most specifically the DJI Mini-series; looking at the hardware, discussing attack angles, up to a full compromise of a current drone for custom firmware purposes.

Along the way, we'll look at a lot of security WTFs that allow to pwn these devices. The amount and quality of bugs sometimes feel like you're trapped in a very cool hardware CTF.

We'll go from sniffing hardware busses, making fun of incorrect usage of SoC security features over to how DJI consistently and knowingly violates the GPL, into executing custom code on the flight controller and Linux system.

No description available.

Talk ID
camp2023-57063
Event:
camp2023
Day
4
Room
Milliways
Start
4 p.m.
Duration
00:45:00
Track
Milliways
Type of
Talk
Speaker
Felix Domke
Talk Slug & media link
camp2023-57063-wtf_dji_uav_ctf
English
0.0% Checking done0.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
100.0% Nothing done yet100.0%
  

Work on this video on Amara!

English: Transcribed until

Last revision: 9 months, 2 weeks ago