 Hey, everyone. Thanks very much for coming. God, this talk was fun to make. And I'm glad it follows up the last one. I have a few. Some of the stuff that I present is a little different than the stuff that they talked about. So just to get a few things out of the way, a couple of shout outs to some guys who helped me. Some of them could be here, some of them couldn't. There's a few folks who wanted to be nameless, so their names are printed in black. So we're going to kick it off. My neighbor and his kid are just annoying snot, right? Insert your own four letter word. And God. And the problem is way too much discretionary spending because then all of a sudden one day, this thing showed up. And the kid is following it around all over the neighborhood. And you can tell because he's crashing into every car, every house, every tree, and he's running down the street with it. And at night it's really obvious what he's doing because it just shows up. And it's like really, dude, that's what the internet's for. And my initial response on all that stuff is, hmm, maybe take that, you little bastard. But if you were here in the last presentation, they say shooting down drones is a problem. And that's okay. I don't want someone shooting down mine. But this got me to thinking. What if the following things were to show up? Such as maybe this. Not hard to do. It's actually made the news. Some guys up in New England started mounting semi-automatic pistols to their homemade drone. Interesting. What if this showed up? I can see the first shot being fairly accurate after that. No one's business. What would happen if this showed up? Yet not as cool. So I started looking around online and it turns out that there are a bazillion regulations and everyone is trying to regulate unmanned aircraft systems, UAS, which we call drones or quadcopters. And it turns out most of the regulations that are out there are not to restrict hobbyists. Most of them are there to restrict the government's use of quad helicopters and drones. And there's a lot of attacking going on the commercial space where you have to get certain FAA approval to fly. And it turns out I was flying my DJI Phantom 3 while testing for this presentation over a parking lot and I was watching it and a guy came up right behind me and he goes, hi, I'm actually from DHS's enforcement division for drones in the D.C. area. Like, yeah. He goes, do you know what the rules are? Yeah. He goes, are you doing this for commercial use? And I said, no. He goes, okay, see you. And I followed him and I wouldn't let him be. I'm like, hey, I got questions. He goes, dude, I have so many problems about guys flying those things around. And I said, well what was your last problem? He said a guy flew his quadcopter over national stadium and lost it. And I said, well, how did you ever find the guy? And he said, easy. Most of the guys who lose these things, you see them running over the hill with their controller. Have you seen my drone? Right? And I'm like, really? He goes, yeah, at which point we were waiting for him and we scooped him up. But it turns out that non-commercial use, hobbyist use of drones is largely not regulated. There are a few things that are out there, right? There are no fly zones around Washington, D.C. And it centers around the White House and it goes out 15 miles. There's actually supposed to be a no fly zone of five miles around the airports unless you get permission. Apparently the ceiling is supposed to be graduated as you get closer. The ceiling goes down but FAA tries in some of the literature just say five miles. That's it. It turns out you're not allowed to fly on military bases. That's considered bad. This came up in the last presentation. You are not allowed to launch or land from a national park. However, you are allowed to fly in their airspace. It is not theirs to regulate. However, they can cite you for reckless endangerment if it potentially could crash on someone. And they get people on that and they confiscate the drone there. There was a guy out over the Grand Canyon filming some sunset. People complained. You know, this guy in the smoky the bear hat showed up and took the guy away with his drone. There are temporary flight restrictions that are issued for disaster areas, wildfires, stadiums, large assemblies and whenever there's going to be a presidential visit and they do it several hours before and during the visit. You are not allowed to mount a gun on a UAS because technically it becomes a weapon system. There is a 400 foot ceiling. Amazon is now petitioning to try to get several hundred feet for themselves to deliver packages. And then they want a ban of a hundred feet from everyone. You also have to fly within line of sight. And I have it now counted up to 16 states who have now enacted their own laws. And technically, according to the guys I spoke to at DHS who do enforcement, a lot of that air space is not theirs to restrict. Now, the five mile area around airports essentially knocks out almost all of New York City with the exception of a few parks. You're not allowed to fly above the sidewalks in New York City because of the reckless endangerment and safety issue. And then people get nabbed there. In the hobbyist area, there's a whole bunch of restrictions that come up, right? If you don't do it for commercial use, you're under 55 pounds, right? You're not interfering with any manned aircraft. You can be good to go. But that's nice and all, but most people don't know the rules because everyone and their brother is trying to create them. This is a listing of all the no fly zones on the eastern side of the U.S. And damn, that's a lot of them. If you log into Parrot's website, this is a listing of all of the recordings that got automatically updated to their website that shows everyone who is flying on the eastern side of the U.S. Isn't that interesting? Over 2,000 flights in D.C., which is technically a no fly area, and over 2,000 flights in New York City. If you do a quick overlay of the maps, yeah, turns out people are flying in areas that they don't know about. And if they're smart, you know, I say it's interesting. And that's nice and all, that the rules are all there. But my neighbor's kid is still annoying and I know he doesn't read, right? And he's not getting the appropriate parental guidance. So it brought me up with the bigger question. Is there any way to take that thing down? Graceful or ungraceful? I thought there might be a couple of ways. There's a couple. I can think of a few ways. But maybe something a little more subtle would suit our needs. So maybe the next time he's there, he doesn't capture video. Maybe it knocks it down and it flies away. And if you've ever seen this guy crash, he actually bounces like that. So let's take a quick look. I'm going to take a look at two different drones. Two of the more popular ones on the market. One is going to be the Parat bebop drone, which has a 1080p lens on the front. The other one's going to be looking at the new DJI Phantom 3. And if we start by looking at the Parat drone, we get a rough list, a rough listing of the specs. And it turns out, sure, we got a quad core, we got memory, we got a top horizontal speed of 45 miles an hour. Wow. Right, Linux? But if you look really carefully at the specs, hmm, the thing is its own flying router with DHCP enabled. There's something else I found really interesting if you read the specs. It's got a really interesting GPS chip in there using American GPS and Russian based GPS. So what happens if I muck with that? Right? There's a couple other things that kick in. The free, easy for me to say, the free flight three app is installed on your Android device or your iOS device. You can get updates to that. If an update comes out, you don't have to forcibly install that update, you can ignore it. It doesn't come through the app store, it actually is just sitting there, it checks their website so you can apply the update. A couple other things that are interesting, the return to home function. And I'm sitting here thinking, all right, if he's flying near me and I want to swat it and get it away, maybe I can take advantage of the return to home function and send that thing back home. The height distance thing is very interesting. If the thing is flying above 10 meters, it will fly back to its original return to home point. If it's flying less than 10 meters, the thing will automatically shoot up 30 feet. Turn face home and then fly home in a straight line. So if you have a house where you can pick up GPS and say you're in your living room with a ceiling fan, you may not want to hit the return to home feature because that gets very ugly fast. That's how I lost my first drone. There's something else I wanted to take a look at and I see this in your documentation. If the bebop drone loses connectivity with the controller for 30 seconds, this thing is supposed to fly home. Hmm. Hmm. That makes me want to say, what would happen if I screw with the Wi-Fi signal? Or what happens if I screw with GPS? Or what happens if I introduce a magnetic field around the thing? So let's go through it real quick. This thing actually flies with its own MAC address. It's running DHCP. We can actually scan this with a number of tools. I happen to have a pineapple router around. I didn't use Darren Kitchen's infusion, which is really cool. Actually, I didn't know that infusion existed at the time. But it's neat. There's an underlying Wi-Fi connection that gets established between the two devices and then on top of that, the applications talk to one another. So let's introduce ourselves a little mischief, shall we? What happens if we de-off our original connection for say 30 seconds? It turns out the return to home function did not work correctly for me. And I did this like five times. I lost like six propellers at the time doing this test. Here's what it looks like when all of a sudden this thing gets de-off for 30 seconds. It sits there and flies. Boink. It just landed. All of the rotors stopped at the same time and it went straight down. Maybe it got lost. Maybe you thought that was going to be home. I don't know. But clearly that didn't work. So now I can just walk out into my property and pick the damn thing up. You want a kid come and get it. Maybe there's something else we can do. I got it. Let's give it a quick scan. And it turns out when we scan it with M that, yup, it's a flying FTP server. Just floating around. Oh, that's awesome. I had 10 devices simultaneously connected to this guy all at once. Only one app was talking but the other nine were sitting there waiting. We'll get back to that in a second. It turns out this thing is a flying FTP server. And there are two particular directories I found interesting. One was the media directory where the little monster next door was filming videos. And the other was the thumbnail directory. No authentication was required to connect over FTP. I think that's fantastic. So I was sitting there and thinking while it was in flight, maybe I can grab his pictures and replace him with something like that. That was a fun day. Yeah, well, that was cool. All right, so I'm taking the videos you got of all the neighbors because maybe I want to just see what they look like. But then there's this monstrosity. Telnet wide open while the thing is flying. Which kills me. So I telnet directly into the box. And here's the entire directory structure right there. Now it's running busy box from like three years ago. Right? This thing I purchased just a couple months ago for this presentation and they never update a busy box. There have been something like 10 updates to busy box since this came out but they haven't updated it. But I want you to look really carefully at three things for me. Take a look at those shell scripts sitting right there. So I took drone number two. This gets to be a very expensive research project soon. He was hovering in my kitchen. I telnet directly to the box and all of a sudden I see that. That's pretty cool. So I wonder what happens if I type in this and hit enter. I am suddenly greeted with all of that. I was sitting there working in the kitchen. It was hovering. And then all of a sudden it took out my stove. I was thinking the shutdown feature would gracefully just shut down the rotors and down it would go. This thing there was no graceful shutdown. It literally flew right by and I'm like wow. So if I was one of those cool dudes who got like carbon fiber blades this is what it looks like in the park. It's flying. Hit the command there. And down it goes. There is no restart from that. Right? If you go look at some of the software exploits throughout there it kills a running process and the thing fires back up. This is off. It's done. By the way in case you missed it because it always looks better in slow motion. If it's running near a wall it gets up draft and there's no telling where it's going to go. I was going to do that in here today. I fired this up this morning and six wonderful conference attendees had connected to my open Telnet connection. I'm not bitter but you did steal my thunder. So there's another thought. I mean shutting that thing down. Great. So I had a coworker who looked at this and said you know that's not really epic. You should watch that thing like 400 feet in the air and crash it. And I'm like well give me your drone. So why don't we just take the damn thing? Right? Kid you knocked your ball into my yard. I'm going to take it. So we actually have two simultaneous connections to the same drone at the same time. If I am sitting there and again remember I had like ten devices all connected to it simultaneously. This is what it looks like from the iPad that is currently controlling the bebop drone. It has access. It's hovering at one meter. I ran this inside a hotel lobby. They were not happy. This is what my iPhone sees. Okay. I'm connected to the network but my app is not connecting. This is what we have. Hey wait a second. Why don't I just send a quick de-off. The moment that de-off kicks in the controller automatically says I'm disconnecting. Right away. He is automatically having a bad day. So the question I have for you is in this race condition who's going to win. If he is running an iPad anywhere near indoors he is going to pick up his home network or any other network before he picks up his bebop drone connector. Which I think is great. Which means he is going to sit there and try to reconnect even though his underlying network connection is not there. And it's going to freeze. Meanwhile on my iPhone I've connected. I'm there. And I was sitting there and I connected because I de-offed him. My Wi-Fi connection was good. Note the altitude list though on this. It now thinks that is zero. The thing was three feet in the air. So it didn't get an update for that which means I'm off and running and now I am the guy who is in charge of that drone and he can't do anything about it. If I click the button at the top that says emergency that thing just falls from the sky in a way as it goes. Which I think is great. One of the other things that kicks in with the free flight app that runs on top of the network connection. Again it's going to pair to any other network before it comes back to this particular drone and I think that's fantastic. Now for those little enthusiasts who have more money the bebop drone comes with an optional sky controller that looks like this. It's supposed to be a range extender. It turns out that that is its own wireless access point two. And it's wide open. Which means we can de-off in one of two spots. If we de-off between the iPad which is literally just sitting in the cradle it is not tethered. It's just sitting there connecting wirelessly. If I de-off that and I connect my iPhone or my iPad to it all of a sudden I get these little controller icons sitting right there. Which means I have control of you. If I'm nice I will temporarily send control back to your controller and then I'll steal it away from you. And I can go back and forth. Which means he's going to respond all over the place. Which means he's mine. I don't have to worry about it. I mean I think coding would be great. Writing an exploit would be great. But the app is free. It's already been developed and tell me that's wide open. So what happens if we start looking around at other areas like GPS? Right? And this is interesting because if you pull up the specs there are several very specific frequency ranges used in the U.S. And very several specific ranges used with the Russian GPS system. What if we screw with those signals? Now there's one teeny tiny little problem with that. It's illegal. Like 18 different ways of illegal. Like you are currently fined $16,000 for every day that you do this. Up to $112,000. And if you go to the FCC's website they have a spot where you can report people. They list of all the people that they've sent notices to and fined. So what to do? I talked to the DHS guy. I said hey I was thinking about doing research and his flat answer was are you going to cite my name? And I said of course not. He goes they would never catch you if you do it just once. They can't. Okay. So I spoke to an attorney and the attorney said yeah it's still illegal no matter what. They could still come get you. I'm like you're no fun. I was speaking to a cop and he said you know if you go back and read the specific intention that shows up on the FCC's site they don't want you to put anyone in danger. You can't disrupt anyone else's signal. If you showed up here 20 miles away from everything in the woods and you were being supervised hypothetically you could test and no one would know. I'd like to introduce you to my new friend. Selling and manufacturing and importing and all that good stuff related to GPS jammers is illegal. This is a GPS test generator and hypothetically one could pick this up online for a very reasonable price of $25. He is specifically designed to block these particular frequency ranges. He also has an effective range of about 20 meters which is kind of creepy. So I go out hypothetically with some people to do a test and I'm sitting there observing. We do the test at which point the police officer says I'm going to take your equipment now. I'm like really? He goes yes. There's no way I can let you walk away with that and it's gone so it's been confiscated in history. But if we were to run that type of generator on the bebop drone while he was flying the return to home feature automatically fails instantly. From the point of view of the drone it is currently flying. It has GPS and then all of a sudden everything stops. He automatically goes to hover mode. He doesn't move forward. He doesn't move back. He just freezes. And if he gets GPS signal again he doesn't resume his take home function. He just stands there. Well I lost. And he's just looking around. Which I think is a very interesting thing. Now it doesn't overwrite what the home position is. It just interrupts the flight home. The same thing could be achieved if you flew under a bridge or if you were underneath some dense trees all of a sudden this thing just stops in place which can be a problem. Introducing a magnetic field around the device say magnets from hard drives. Actually had no observable effect on the guy which was a little disappointing for me. Now if you're thinking about taking over someone's drone say at the hotel at six o'clock in the morning you better. There's going to be references on your devices that you've made connections to the device. Very specifically you want to take a look at the free flight three P list file from your iOS devices and delete that because that will have date stamps time stamps and the serial numbers of my drone in your phone. So you might want to smudge them out if you can. And I think that works. So this thing I would never fly it around any of you ever. What if we took a look at something bigger though. Something bigger than the bebop drone. Okay not that big. Maybe if we took a look at the Phantom 3 that just came out this past June. What can we do there? If we look very specifically at these specs this thing is designed to have certain geofencing in place because of the incidents that occurred earlier this year. It can fly up to several hundred meters away without an issue. The top horizontal speed is about 35 miles an hour on that. It uses both GPS systems as well. In some geofenced areas it will give you a notice that says warning you're in a bad spot and the other ones it's supposed to automatically take it down where it uses an automatic landing sequence. This thing is very freaky with respect to magnetic fields though. It requires constant calibration if you're going to take off anywhere near a magnetic field and I find that interesting. Electromagnetic field interference. I think that's pretty cool. DJI Phantom 3 updates. I've heard this from other presenters and I respectfully disagree. Whenever an update comes out by DJI for my Phantom 3 I get a warning message right before I take off and it says sorry dude you cannot take off until you apply that update. And I'm like really? It's like uh-huh. I contacted their tech support on three different occasions to get three different guys and I said hey what's the deal with your updates and they're like sorry man that's the way it is. We have an update you have to apply it to your device. There's no way around it. And I'm like what if I want to roll back. They're like uh-huh. I'm like what if it fails partway through. I'm like they're like dude you're screwed. I'm like that's your answer. He goes pretty much. Insert the micro SD card try again. So let's kick it off. What happens if we disrupt the Wi-Fi signal going to a Phantom 3? Well it turns out it doesn't do anything because the Phantom 3 doesn't operate over Wi-Fi. Which is kind of cool. But it brings up the other question of what happens if we start to disrupt the GPS signal. Now if you look very carefully at the GPS app. I'm not talking about what's installed on the device itself. I'm talking about the app itself. It turns out there's a little teeny tiny database called fly safe places. And it's very interesting. As of July 24 that database had 10,914 entries. It contained the latitude and longitude of all of the no fly places that were listed in it. Contained the country ID, the city, the name of the location. What type of shape was around it? What the radius was? Whether or not it was going to issue a warning to the user? Whether or not it was going to issue a disable and then there was a time stamp as to when it was added to their database. I very easily downloaded this database and started just changing entries. Which I found to be very interesting. So when the DJI Phantom 3 is flying you get something that looks like this in a very nondescript area. At the very top it shows a safe to fly GPS indicator. No problem. There's a map in the lower right corner. Hypothetically if someone were to turn on a GPS signal generator all of a sudden everything goes to this. It automatically loses GPS. If I am flying the device and I start to look at its own diagnostics it comes back and tells me what frequencies it is using to send video signal back. Video signals back to my iPad. When GPS is disrupted all of a sudden things start getting squirrelly. It turns out my video started to become choppy. It had a lot of latency. It also turns out when the return to home feature was working it lost GPS. The thing was flying home could be right here and here it comes and here it goes. Hey there it goes. It missed its home point completely. Flew by it. If you flown a DJI Phantom 3, isn't anyone here flown a DJI Phantom 3? Aren't they awesome? Lots of finesse to it right? Not a whole lot to it. All of the finesse to my Phantom 3 was completely gone. It's like I was flying this thing all over again. So I'm sitting there and controlling it. I was taking it. It turns out it almost hit someone. They got a little upset. So in slightly windy conditions or if you're near a building. Hypothetically there's a downdraft and then all of a sudden he becomes unstable and he crashes. So it's a combination of the windy conditions and where it's flying along with losing GPS if it started with GPS which I think is a very interesting thing. There's something else I also noticed. What happens if we play around with the magnetic field around our DJI Phantom 3? It turns out whenever it launches if it can't get a good magnetic compass reading it's going to say hey dude I can't fly until I get calibrated. So you pick it up you turn it on all three axes it says I'm calibrated you set it back down if it loses that magnetic field guess what happens. Sorry dude I got to recalibrate again and you're like really I just calibrated you. You pick it up you twist it you roll it you're good to go. So if you were to fly and say take a couple hard drives from say some of your old hard drives. Hypothetically you left them in the area this thing is not taking off it'll never get off the ground which I found to be really interesting it is very sensitive in that area. A lot of things going on. D-off on the bebop drones and any of the parrot series very quickly disassociates the controller with the device. Yeah you got to that bottom line did you? GPS interference definitely screws up the return to home function it causes the device to stop and the other one it misses its home sequence. If you take a look at the magnetic field you can't launch with the DJI Phantom 3 it has a lot of performance issues and then lastly sure there's physical objects we can always throw at the things instead of shooting it down just to kind of mess with our people. There are tons of references in this space on looking up what people are doing what regulations are there they are constantly changing. People are passing laws regulations and all sorts of jurisdictions based just on personal opinion. Well I just don't want them in my space because it'll annoy my quiet time at the beach. Okay well you're screaming kid annoys me at the beach all right I'm not disbanding him and sending him away leave my drone alone right but there's all sorts of rules you can also go through and take a look to see which type of frequencies are allowed in different regions and which ones aren't so it's going to vary from country to country. It was a fun research project I knocked my neighbor's kid and his drone offline thanks I'm almost afraid to do this. Do you have any questions? Yes sir you in the front. Yes. Anyone have any questions? I'm going to go see my friend over there I'll be right back. So you mentioned interfering with the GPS signal how about modifying or sending it a GPS signal with different coordinates? Theoretically you can do that since GPS L1 is not encrypted you could send the signal provided your signal is stronger than that of say the official signal you could very easily tell it somewhere else without any problem I mean no problem easy to do that. All right if you have questions come up here in queue up so I don't have to walk my fat ass around the room. Cool thanks very much. I think Stevenson's in New Jersey right you're here or is it Maryland? You're where you teach is that in New Jersey or Maryland? Maryland. Oh I'm sorry yeah I thought it was in New Jersey but anyway the New York University not the institute. Oh okay there you go anyway the New York area past couple of weeks there's been a couple of drones buzzing commercial aircrafts are coming in and that's like four thousand feet but what happened to the you know the geo fencing and the four hundred foot ceiling and everything? Right so when the DJI Phantom 3 you can actually turn off that ceiling limit and it will prompt the pilot to say hey dude the FAA says four hundred feet and you can be like yeah whatever the thing can go up to about fifteen hundred meters there is a video of a guy in Sweden who decided it would be a great idea to take his Phantom drone fly it up one thousand meters above the clouds to sit there to get some views and then all of a sudden oh crap I lost control of it I can't bring it down it'll come down eventually and it crashed five hundred meters away and he said oh I was safe he got ridiculed online he's like well well well I was good they're like no dude you're an idiot so you can turn off that feature you can also go into a mode autonomous mode and just fly technically right so he wants to know is it possible why is that even possible and the idea is you can very easily turn that off theoretically you could get permission from FAA in the air traffic control tower to fly in an area provided you register with them for commercial reasons so you could have a reason to fly that high so you could turn it off it's up to the flyer to take control at least right now probably not how's it going Michael in your research you mentioned that that the Phantom 3 controller was not using Wi-Fi were you ever able to figure out how that controller worked right I was looking and I know it's doing communication over some RC channels traditional RC channels and I just haven't had time to go intercept that traffic like a light bridge on the okay something other than the 2.4 to 2.5 gigahertz range so typical RC controllers I couldn't get that the video comes back have you played around the 3d or solo at all I have not played around with that yet okay yet so you mentioned that you were able to pull down the database and look around inside it for the no fly zones did you experiment at all with making your house a no fly zone technically there are certain websites where you can register your property as a no fly zone I added a database entry real quick but I hadn't had a chance to finish everything I took out several entries and went back and forth so is there any authorization required to connect to that and downloaded or were you able to openly connect to that and downloaded like would you be able to do that to your kids DJI Phantom 3 the DJI Phantom 3 app and the bebop parrot drone app are all free for anyone to download so you can download it specifically to your iOS device and then pop out the database and start messing with it looking around but what I'm thinking is your neighbor's drone can you connect to that download the database and then send it back to his drone so he doesn't know why but all of a sudden he can't fly around your backyard I like your thinking but the database is stored on his controller not on the drone itself yeah so question about the I guess the database in the GPS relation to the regulatory structure for drones so my understanding is that the FA has a regulation around no fly zones that's predicated on the database in the GPS being accurate so is there anything that you know of either that the FA is doing to require stronger authentication or inhibit GPS jamming in that regard no I'm not familiar with what the FA is trying to do in playing that space and then the follow-up is so if I go in and I spoof GPS not turn it off or if I spoof the database would I be able to technically fly the device in a no fly zone well technically right now if you went in the bebop drone I could fly anywhere the Phantom 3 drone I can put it in autonomous mode instead of P mode P mode uses GPS a mode doesn't technically I could fly that anywhere which is kind of crazy right and people are doing DJI drones wouldn't have any of that stuff and they can fly their stuff anywhere so crazy stuff one common one question I fly model planes they also may hang lighter pilot so very familiar with the FA and what they like what they don't like so one comment would be number one it needs an organization privately for somebody to say hey listen we don't like the regulations that you're running so there's the United States hang ladder paraglider association of course the AMA is an association for RC modelers so I would think that's one area we need to go in and if we don't like what everybody else is going to come up and write for us number two I love the way that tell that was on there that was awesome what I was curious about this was we will tell that into a while that other person was still in control the yes does that so my next step was well why don't you just like going to the little kids app could you the idea is the app is on his device right but were you able to then traverse back down to him possibly I didn't bother I just stayed on the device itself and I just knocked it down so while someone was flying that bebop drone someone else I tell net it directly into that bebop drone while it was running I had three other devices acquired DHCP addresses and then with the telnet connection I just issued the shutdown script and boom down he went how about r and minus are I could theoretically I can play in there all day you said that you were able to disrupt the flight by jamming the GPS signal or well jamming would be illegal okay well messing with the GPS signal were you able to regain control of it just by switching it to attitude mode in that case in on the bebop drone once a GPS signal that was being interfered with went away he eventually reclaimed his own GPS and then the return to home feature worked again okay on the other one the moment that that signal was disrupted when it reclaimed GPS and it was much faster than it was fine and then away it goes and finesse came back the interesting thing on the Phantom 3 is if you also take a 2 inch by 2 inch square of aluminum foil and put it directly over the top of the DJI Phantom 3 completely interferes with all of the GPS signal reception all of it just like that thanks sure thanks Patrick Tucker with defense one so some of thanks for a great presentation a few of the issues that you mentioned aren't entirely new many of them are did you approach the either manufacturer with any of these things that you found and follow-up to that if you were to make a recommendation to policymakers or FAA people about how to deal with some of these vulnerabilities what would that recommendation be my recommendation quickly back to parrot would be dude would you please shut down the services while the damn thing is in flight please at least for mine right the other ones I mean it would be nice if there was some database that was reliable and I couldn't get to and muck with and that sort of thing I don't think they can fix anything about GPS interference fly under a bridge and all of a sudden you have interference sitting right there with respect to policymakers yeah I'd like to see policymakers get informed before they start making decisions that's a nice way to go and did you did you approach the manufacturers with any of this you're gonna have to repeat that one more time did you approach the manufacturers with any of the vulnerabilities you find you know I spoke to several people who are who wouldn't speak to me officially from parrot and they're like we were designed to be open so people can do development both products came out on the market saying we have waypoint capability where you can program it for the phantom 3 and for the bebop no you don't actually it turns out it's not there they market it that they had it and I'm like this is gonna be awesome I get it wait a second it's not there I can't find it I go to their forums and people have been complaining for months that parrot says yeah we're gonna get to it we're gonna rely on third-party vendors to help us solve this problem and like well that's disappointing phantom the phantom 2 has waypoints that you can program the phantom 3 does not so it would be nice if they got that moving along which would be helpful I haven't talked to anyone at DJI I did speak to someone who gave a presentation maybe an hour ago I said I kind of disagree with your statement that I don't have to accept to an update to a DJI phantom 3 and he goes oh really I'll have to check on that bad answer dude suppose you get access with the FTP and then download the images and it turns out he actually has been taking pictures of your daughter in the shower where do you go with that thank God I don't have a daughter say what okay suppose you did so he's taking a picture of me okay well I don't care he takes it but you've downloaded the picture it's obviously an inappropriate photograph that he's taken of a family member invasion of privacy you take that picture to somebody what what are your options legally etc what are my options legally it so one I'm not an attorney legally if someone were to peeping Tom rules would apply at this point certain states are issuing privacy laws on drones it depends from jurisdiction to jurisdiction as to what's happening so the ideas at that point you go to the police and say hey dude my neighbor took a picture of me in the shower through his drone and then you let them handle it and what do they say to you that the fact that you were absolutely you got the picture or do they care about that or they made it open anyway so you I'm not in a very nice respectful way of our law enforcement brethren usually when I tell them something like that they never get to that question got it thank you they're all following the kid they they've never come back to me and say well how have you gotten that picture well it was right there and I just took it here thanks I noticed that a lot of the new manufacturers have embedded the app in the controller they're running on Android have you checked any of that out do you have any future plans to see what vulnerabilities are in I'd love to play with Android right now I was focusing on the drone itself not necessarily the controller I just happened to peek into my iPad and my iPhone just to see it was there I have to think Android is going to be very similar similar but then again when he's flying I'm not looking to disrupt his controller I want to take a look at the drone itself okay yeah just curious thanks cool I'd like the idea I just haven't gotten to it yet and it's become a very expensive research project crashing drones my own drones they found it quite interesting that with both the bebop and the DJI you were able to connect another thing in flight I could not do that to the DJI final three I could do that to the parrot drone okay that that is actually pretty good I've noticed that a lot of drones have kind of favorite availability of connecting and flying over security this is true with you know the bebop there and you know even with some of the open source stuff if you're not using an AES encrypted radio what do you think are the next steps for manufacturers to take in terms of securing their drones so that they can't be taken over mid-flight it depends on what it's being used for right if you're going to do hobbyist work and you're flying indoors I mean I think it would be great if we hung a couple nets here and did drone races I mean that would be fantastic everyone show up with your own you know do it yourself drone we'll zip around see who takes out the wall takes out the goons right and in that situation I'm not really concerned outside but I mean you can apply the same logic to other things in our society right oh my god someone has a gun he could use the gun to do anything right what are the gun manufacturers going to do to prevent some guy using it irresponsibly right so we the same sort of thing here now if we're not careful and if the community doesn't put in the appropriate self guidance right you know Congress is going to legislate the hell out of it if it moves Congress will attack it if it makes the press so I think there's a limit as to how far we should go otherwise we'll completely kill the market it won't be fun anymore all right thank you for the talk thank you I was wondering I seen that your presentation was very focused on vulnerability is an exploitation as far as the Wi-Fi based devices have you researched anything to do with securing your own personal drone you know I have my first thing to do was to see what I can do to knock it down the next thing I'll do to see what I can do to shut down particular services while it flies to make it a little more bulletproof bulletproof I just haven't gotten to that yet to add on to that would you be interested in finding out by chance afterwards sure man I'll email address on the end of the last slide in the presentation drop me a line thank you very much the presentation drop me a line cool thank you very much I just had one more question regarding have you played around at all with ADSB okay I have not are you familiar with that and not not so I can speak intelligently on it okay what happens if you fly the the phantom through a magnetic field instead of having one you know around it so it can't take off if it flies through a strong magnetic field what happens I haven't tried it yet but if interference to GPS is similar to the magnetic field I imagine it loses a lot of its finesse the DJI phantom 3 has a lot going for it I mean it is not a lightweight product I mean it has a ground sensor it has a ground facing camera it has a barometer it has a man magnetometer magnet in there it's got GPS so if I take out just one of them I assume that whole thing is still going to be flyable without any issue or with minor issues the problem is what happens when you get close to another object or a wall and then you have the extra air and then you lose that stability that's when I think you're going to run into problems I just haven't found a way to take a magnetic field and project it this thing while it's in flight I'll get to it right after I do my DeLorean and get it up to 88 miles an hour I'm going to find a way to project a magnetic field into a particular spot like right around his head and take care of that I I would prefer you don't project a magnetic field on my head but thank you alright so if anyone else any questions we will take Michael out to the chaos that is the hallway I want to thank you that was awesome thank you and actually on behalf of speaker operations I want to present you at that badge