Hi,can anyone confirm, that P2V drones with most recent FW are or are not vulnerable to Skyjack hijacking or Maldrone attacks?
Thank you.

vtmarvin

Yes they are highly vulnerable to hijacking since they run on an unprotected Wifi connection out of the box. Especially vulnerable if someone can get close enough to your wifi extender to connect and they won't even need Skyjack or Maldrone to do it ;)

Yes, they theoretically can be but in practice; it would be difficult to do.

Yes, the WIFI is unprotected but you have to be close and with the right equipment.  Additionally, only the 1st connection can access the Phantom, other connections connect to nowhere so while it is possible to hijack nearly any Wi-Fi device, in my opinion, the chances of your Phantom being hijacked is about as near to 0 as you can get.  

Note: if you think setting a password will help; it won't and is a false promise feeding on the fear that the Phantom is easily hacked into and the thinking a password will somehow stop it.  Neither is true if someone truly wanted to hack it.

All these things are being VERY blown out of proportion and not based on any facts of reality or practicality.

kenargo Posted at 2015-2-4 01:18
Yes, they theoretically can be but in practice; it would be difficult to do.

Yes, the WIFI is unpro ...

Ken, not that difficult really, Extender SSID is easily renamed even while the app is connected which drops the original app connection and gives full App access to someone else while the other one is trying to figure out what happened.  Mind you I tested that a few versions ago but I think it is still the same today.

swomilan.email Posted at 2015-2-4 01:40
Ken, not that difficult really, Extender SSID is easily renamed even while the app is connected whi ...

If I see you selling a couple of BNF Phantoms on ebay, I'll know why

markus2015 Posted at 2015-2-4 02:24
If I see you selling a couple of BNF Phantoms on ebay, I'll know why

Pssst !!!!!

Hmm... that does not sound good. So is there any let`s say not protection but patterns of safe behavior how to not get hacked?
And is there any way on technology level how to prevent this in the future - something like pairing extender and drone via USB etc. probably with some FW support...?

Honestly its nothing to worry about.

kenargo Posted at 2015-2-4 01:18
Yes, they theoretically can be but in practice; it would be difficult to do.

Yes, the WIFI is unpro ...

Please can you explain this to me?

I thought, that there are two different connections ... (I dunno where I got this feeling from ...)
- First one connects controller to Phantom - kind of one way channel to channel control commands (stick positions) - this is that stick like antenna on my transmitter. This runs on 2.4G
- Second one (amplified by WiFi range extender) connects app on your phone to Phantom, sends camera and gimbal settings and receives telemetry data etc. This antenna is hidden in extended upper side. This runs on 5.8G

Am I wrong completely?

vtmarvin Posted at 2015-2-4 02:58
Please can you explain this to me?

I thought, that there are two different connections ... (I dun ...

That is correct, you have to physically bind the transmitter to your Phantom.  You also have to bind the range extender to the camera with the SSID.  

swomilan.email Posted at 2015-2-4 01:40
Ken, not that difficult really, Extender SSID is easily renamed even while the app is connected whi ...

In theory they can change the ssid range extender name and connect to the camera, but that accomplishes absolutely nothing except they can see what you were seeing.  It won't give them physical control so they can fly it to where they want.  That is accomplished by binding the transmitter to the Phantom and to do that, they would have to have (hands on) the Phantom and push the red reset button on the bottom.

not trying to start a flame contest here but let's not confuse severity of an event with the likelihood of that event.  

IF someone attempts to hack your drone then YES it is DEFN not that hard and DEFN has major risks associated with the event.  WHETHER someone attempts to hack your drone is an entirely different story.

similar to Ebola, IF you are exposed to ebola then YES it is DEFN something that you can contract and DEFN has major impacts.  WHETHER you are exposed to ebola or not is an entirely different matter.

my point in this not perfect analogy, is that if something is VERY UNLIKELY to occur, then you should not let the SEVERITY alone drive your worries.  my opinion, but the likelihood someone actually attempts to hack your drone (and is close enough and has the right tools) is pretty small.  

when i walk around outside every day, i dont worry about a plane crashing on my  head.  however, IF a plane were to crash on my head, the consequences would be very dramatic, but i still dont worry about it because of the low likelihood.

not telling everyone to totally ignore this aspect of your experience, just stating some counter points to give a bit of balance.

Gerry1124 Posted at 2015-2-4 03:09
In theory they can change the ssid range extender name and connect to the camera, but that accompl ...

If your Phantom wifi suddenly drops and thereafter you see your phantom take of at light speed in one direction look around you and you may see me running away with a big smile on face since I plotted a waypoint  in groundstation far away at high speed hoping that you'll be flabbergasted enough to forget flipping the S1 switch to interrupt the GS flight with your TX before it is out of TX range while you are trying to reconnect your Wifi ( you may see SSID ByeByePhantom. Where there is a will there is a way and although highly unlikely to happen these Phantoms are getting very popular and with that increase of popularity there also comes a higher risk of the not so law abiding citizens to take notice and take advantage.

swomilan.email Posted at 2015-2-4 03:27
If your Phantom wifi suddenly drops and thereafter you see your phantom take of at light speed in  ...

Your transmitter needs to be physically linked to my Phantom.  If I drop wifi, you will need to link your transmitter to mine,  how will you do that when I am in the air?  You cannot reach that high to push the red light on the bottom.  If you manage to change the SSID when I lose connection, all you have succeeded doing is connection to my camera and my range extender.  The range extender does NOT control the Phantom..

Gerry1124 Posted at 2015-2-4 05:23
Your transmitter needs to be physically linked to my Phantom.  If I drop wifi, you will need to li ...

Read my prev. post again very slowly.
I can drop your app connection, connect with my app and plot a Groundstation WP out of range for your TX, for that I do not need another TX bound to your unit and once the Groundstation flight is initiated you'd have to cancel it via the S1 switch on your transmitter before it has gotten out of range, if you're too slow on that it's gone bye bye  ;)

swomilan.email Posted at 2015-2-4 05:29
Read my prev. post again very slowly.
I can drop your app connection, connect with my app and plot ...

Then why are you NOT doing that?  Have you done it already, or is this just a theory of yours and no actual facts?  Theories add nothing to this knowledge base, and therefore not worth anything.

swomilan.email Posted at 2015-2-4 05:29
Read my prev. post again very slowly.
I can drop your app connection, connect with my app and plot ...

What would you do to drop my app connection?

Gerry, If you'd read one of my earlier posts  you'd know

swomilan.email Posted at 2015-2-4 05:45
Gerry, If you'd read one of my earlier posts  you'd know

Have you succeeded in doing what you say is possible, or is it just a theory of yours?  The proof is in the pudding!  Show some proof.  I'm not going to get into a pissing match over a theory.

Good day sir

Gerry1124 Posted at 2015-2-4 05:54
Have you succeeded in doing what you say is possible, or is it just a theory of yours?  The proof  ...

In my second post in this topic I gave an answer to your question.

And a beautiful day to you too

Theory is just theory until proven.

But as I said theoretically yes, anything can be hacked but I'm going to lose as much sleep over my Phantom being hacked into as I would losing sleep worrying about being hit by a meteor.  I expect the chances are about the same.

I put the chances of someone with the ability and desire to hijack my Phantom being around when I am flying the same as the chances of a proton decaying which is once every 6,000,000,000,000,000,000,000,000,000,000,000 years

If you are worried about someone hacking your Wifi, you can password protect it using the FPV Range Extender app (I got mine on iTunes). It will also allow you to change channels which I have found to increase my range.  Just a thought.  To Gerry's point, hacking the Wifi does absolutely nothing to the control of the Phantom, so they will not be able to get control via a Wifi break. If they can hack your TX, then it's out of your hands anyway!    Barney

Capt. Bill Posted at 2015-2-4 05:45
What would you do to drop my app connection?

Just double checked if it still possible with the latest and greatest versions and yep it is still as simple as it had been back at 3.04 when I checked last.
You can check for yourself if you have two mobile devices with the Vision App,  anybody can do it with no need for any hacking tools or programming know how. You just will need one little app which is readily available to complete the job.
Connect the DJI Vision App with one mobile device like normal,  then connect with the other mobile device to Wifi extender as well and launch the DJI app, you won't be able to see the video,  see telemetry or use the Groundstation on the second device you connected with but you'll be able to go to the settings --->  Rename SSID of Range Extender,  put another new name there and once you try to save it you'll be asked about entering something that can easily be determine remotely with a small app while connected to the extender.  Once done the first device will drop the connection and not auto reconnect since the SSID changed and you'll have time to connect again with the second device and get full use of the Vision App including Groundstation

swomilan.email Posted at 2015-2-4 09:53
Just double checked if it still possible with the latest and greatest versions and yep it is still  ...

I repeat

I put the chances of someone with the ability and desire to hijack my Phantom being around when I am flying the same as the chances of a proton decaying which is once every 6,000,000,000,000,000,000,000,000,000,000,000 years

Barney Rubbel Posted at 2015-2-4 08:23
If you are worried about someone hacking your Wifi, you can password protect it using the FPV Range  ...

Barney
I wouldn't lose any sleep over it.  A theory is just that a theory and unproven.

Capt. Bill Posted at 2015-2-4 10:11
I repeat

I put the chances of someone with the ability and desire to hijack my Phantom being arou ...

Good if it can't happen to you but not everyone might be as fortunate as you.  The OP was about if the Phantom would be vulnerable and hell yes it is. If someone with no in depth knowledge can gain access to your Wifi extender and gain access to your Phantom then someone with more knowledge may also gain direct access to your hidden phantom network which broadcasts at a much larger range and is not anymore protected by the extender Password and if a backdoor is found it might be possible to lock out your TX controls completely.  It takes only one to develop such a script that can easily be distributed to many everywhere in this world.  Don't underestimate the power of the geeks and crooks {:3_41:}

IF you click your heels together three times, you will be in the "Land of OZ"

Refusal to believe until proof is given is a rational position; denial of all outside of our own limited experience is absurd.

http://garage4hackers.com/entry.php?b=3105

Come on up here and show me you can steal my Phantom.  Don't forget to click your heels three times first.
Otherwise, end of discussion

vtmarvin Posted at 2015-2-4 02:58
Please can you explain this to me?

I thought, that there are two different connections ... (I dun ...

Has your question been answered or do you need more info vtmarvin?
You are the one that started this topic and you're the one that ends it when you are satisfied and not someone that thinks he can boss others around!

Gerry1124 Posted at 2015-2-4 10:15
Barney
I wouldn't lose any sleep over it.  A theory is just that a theory and unproven.

I ain't worried. If people don't have better things to worry about in this world than someone trying to hack their drone while they're flying it, there are probably bigger issues at hand.

swomilan.email Posted at 2015-2-4 11:21
Has your question been answered or do you need more info vtmarvin?
You are the one that started th ...

I am always amazed at how many people don't live in the real world and understand what really goes on. They refused to believe something because they think it cants happen, or won't happen to them or anyone else or maybe they just don't understand how some things really works so they right it off as wild theory. I've seen enough "wild theories" in action that I don't take stuff lightly anymore. But to each his own.

JATO Posted at 2015-2-4 15:45
I am always amazed at how many people don't live in the real world and understand what really goe ...

what a bizarre thread!  I'm off to get my ruby slippers and join Gerry in OZ (no that won't work I'm in New Zealand! ) Oh well I'll just go to bed then!
Cheers!
Rod

Nighty night!

TSA and the FBI have been called in to do an investigation. It has been determined that these fly aways were the work of some people hijacking the Phantoms.  More news will be released later.  Be afraid, ,,,,,, Be VERY AFRAID!

JATO Posted at 2015-2-4 15:45
I am always amazed at how many people don't live in the real world and understand what really goe ...

and i am similarly amazed how people ignore statistical probability and counter it with statements like 'not living in the real world'.  no offense, but the real world is about probability not fear.  you can worry about something that is unlikely to happen and that wont change the REAL WORLD probability.  conversely, you can not worry about something that is likely to happen, and that wont either.  the only difference between two people is where they draw the line on that spectrum.  ever heard the phrase "every person who drives slower than you is a moron and every person who drives faster than you is a maniac"?  that sort of applies here, just because someone draws a line farther along or farther back on the spectrum doesnt mean they arent living in the real world man.

i live in the real world, and evaluate probabilities to determine what to worrying about in my daily life.  statistically speaking, the odds of someone actually hacking my drone are not that different from a ton of other things that, if i really worried about them, have much more impact on me than losing a material object.  if i didnt use REAL WORLD rationale and evaluate likelihood not just impact, id end up living in a metal box underground..
.
edit:  and i mean no offense to you jato, just sharing my disagreement.  i dont mind when people choose to draw their line differently than me, it just bothers me when someone oversimplifies where i draw my line just because it isnt congruent with theirs.  but not flaming you here or anything.

JATO Posted at 2015-2-4 15:45
I am always amazed at how many people don't live in the real world and understand what really goe ...

There will always be different opinions out there and that's fine. The sad part however is that within this forum there seems so be a tendency nowadays trying to belittle and/or surpress others that are not of equal opinion.  Well every forum has their howlers,  best to ignore.   

gnixon2015,  what had been the statistical probability for a Phantom crashing on the Whitehouse Lawn?    

probably about the same probability as the last person that won the lottery.... and how many people buy the ticket and doubt they will win or even bet they wont    in fact, lottery is a pretty good comoarison.  if i told you HURRY GO BUY A LOTTERY TICKET because IF YOU WIN THE GAIN IS HUGE.  and you said that you didnt think you'd win.  and my response was:  IT IS POSSIBLE YOU COULD WIN, GOD I CANT BELIEVE PEOPLE THESE DAYS THAT DONT BELIEVE THEY ARE GOING TO WIN THE LOTTERY WHEN IT IS ABSOLUTELY POSSIBLE.  MROFL  .
.
make you a deal, when the SECOND drone lands on the white house lawn, ill post that i think there is a strong chance that drones are going to start getting hijacked LOLOLOL  ten thousand bucks says i never have to make that post, NO MATTER HOW POSSIBLE you think it is...

gnixon2015 Posted at 2015-2-5 00:03
probably about the same probability as the last person that won the lottery.... and how many people  ...

I don't play the lottery but I'll take you up on your offer just for the heck of it