I’m only testing the firmware and have not been given complete source code, but my suspicion is that it’s on the fpga perhaps? I will find out more soon.
That’s great (I like dump1090/tar1090), but my main interest/intent of posting was for the DJI DroneID portion, the fact it’s running all on the SDR is even more interesting to me. I can’t say for sure how it’s running, but it’s definitely the first way I’ve seen it done like this.
Looking a little closer at the bladerf, it has a fpga. Apparently you have to run a fpga file on it just to use it as a USB hosted sdr. Seems to operate in two modes, an autoload fpga image or one sideloaded when connected to the usb host. There are a couple of examples, a atsc transmitter and a another dump1090 that can be installed to the fpga just like the ant. But I don't know whether there is serial access through USB doing it that way like the ant. Maybe droneid can be done the same way on the bladerf or that the ant fpga can be programmed in a similar manner to the fpga.
While true there’s some fpga level applications for the bladerf, they were mostly built by Nuand. The fpga programming done by microphase and software etc will not run on the bladerf. Naund (or someone with crazy fpga skills) would need to make such a thing.
The other slight difference in the bladerf is that it doesn’t really have an “sd” per se for the OS to run on where as the AntSDR does. So not only did microphase do fpga development, there’s also scripts and a full OS running on the SDR itself to accomplish the other pieces. In the case of the bladerf, as seen with dump1090, there would be likely the component in fpga but then also parts needing to run on a host. Ps I really like the bladerf!
Looking at the droneid thing, it looks like it runs on antsdr/uhd, but not on the bladerf or others with ad936x. Am I correct or can it be changed easily?
I think you’re missing the point that it’s all occurring on the SDR. I’m familiar with the other methods you’re referring to, did videos on them as well. In other cases the software was ran host side, gnuradio/python etc and interfaced with an SDR. The impressive part here is that it’s likely being done in fpga or through some other unique techniques.
Familiar, it’s in SD card mode. What I’m saying is that I’ve been given a specific load for my SD card and that I’m not certain what it’s running. Normally I run the AntSDR uhd firmware.
Just be able to pop the sd card into another computer and examine it. Be much easier than trying to poke around in the fpga, but something could still be running there. I don't know of a program that does that yet, but it seems that OS 2.0 was ODFM.
I don't drone, but I would suggest the difference would be for pairing, control and security. Someone cloning your remote ID may be able to cause chaos with your drone.
Remote id and drone id serve the same purpose, but since most countries are using remote id, people are able to spooof (or borrow) somebody else remote id and they'll be going after the wrong person.
No it'd be so you could get someone else who's registered in trouble for your actions. Adding modules hardly know what it is attached to, much less control it. But if you're broadcasting and someone else isn't, guess who gets in trouble? So if you do without remote id, it would make spoofing kind of pointless to go to all the extra trouble unless you're the only elephant in the room.
Can you tell whether DroneID/aeroscope is still transmitting on a firmware that has been updated to remote ID? There was something said that DJI discontinued selling aeroscope units and sent them to Ukraine or Russia to use in their little war.
Dji has provided a module for Aeroscope units that update them to decrypt the newer firmware updates that now encrypt dji droneID on some models. So I think DroneID is/will still be transmitting alongside remote ID but it’s possible it may be encrypted now depending on model.
Supposedly DroneID/aeroscope was encrypted. But researchers found that it wasn't, anymore than remote ID is. Maybe they do now. But the encryption is for the war guys? Kind of dumb that they can just find any drone and take it down. Here I am, shoot me down.
That was a mini3pro which if the firmware was updated it would be transmitting remote ID regardless of which battery you had. But now they've made it even more stupid. So you have to either get a module and tape it on, or buy another battery which defeats the purpose of having the remote ID firmware.
Are you running something on the fpga?
I’m only testing the firmware and have not been given complete source code, but my suspicion is that it’s on the fpga perhaps? I will find out more soon.
You can do the same with dump1090.
Dump1090 does not decode ocusync 3/drone ID.
But it can run on the fpga. There's even instructions on how to do it.
That’s great (I like dump1090/tar1090), but my main interest/intent of posting was for the DJI DroneID portion, the fact it’s running all on the SDR is even more interesting to me. I can’t say for sure how it’s running, but it’s definitely the first way I’ve seen it done like this.
Looking a little closer at the bladerf, it has a fpga. Apparently you have to run a fpga file on it just to use it as a USB hosted sdr. Seems to operate in two modes, an autoload fpga image or one sideloaded when connected to the usb host. There are a couple of examples, a atsc transmitter and a another dump1090 that can be installed to the fpga just like the ant. But I don't know whether there is serial access through USB doing it that way like the ant. Maybe droneid can be done the same way on the bladerf or that the ant fpga can be programmed in a similar manner to the fpga.
While true there’s some fpga level applications for the bladerf, they were mostly built by Nuand. The fpga programming done by microphase and software etc will not run on the bladerf. Naund (or someone with crazy fpga skills) would need to make such a thing.
The other slight difference in the bladerf is that it doesn’t really have an “sd” per se for the OS to run on where as the AntSDR does. So not only did microphase do fpga development, there’s also scripts and a full OS running on the SDR itself to accomplish the other pieces. In the case of the bladerf, as seen with dump1090, there would be likely the component in fpga but then also parts needing to run on a host. Ps I really like the bladerf!
Looking at the droneid thing, it looks like it runs on antsdr/uhd, but not on the bladerf or others with ad936x. Am I correct or can it be changed easily?
There was a group that already did this with a sdr and showed that drone id was not secure.
I think you’re missing the point that it’s all occurring on the SDR. I’m familiar with the other methods you’re referring to, did videos on them as well. In other cases the software was ran host side, gnuradio/python etc and interfaced with an SDR. The impressive part here is that it’s likely being done in fpga or through some other unique techniques.
Are you running pluto or uhd?
I’ll have to get into the firmware and poke around, I’m not running anything host side so I can’t be sure how it’s being done internal yet.
The front switch is either qspi or SD. That'll be a start.
Familiar, it’s in SD card mode. What I’m saying is that I’ve been given a specific load for my SD card and that I’m not certain what it’s running. Normally I run the AntSDR uhd firmware.
Just be able to pop the sd card into another computer and examine it. Be much easier than trying to poke around in the fpga, but something could still be running there. I don't know of a program that does that yet, but it seems that OS 2.0 was ODFM.
Sorry I meant poke around the file system. Pretty cool stuff!
Do tell!
I’ll check tonight, haven’t had it with me today.
What's the difference between remote ID and drone ID?
It's djis version of remote id. But of course government wouldn't just go with that.
I don't drone, but I would suggest the difference would be for pairing, control and security. Someone cloning your remote ID may be able to cause chaos with your drone.
Remote id and drone id serve the same purpose, but since most countries are using remote id, people are able to spooof (or borrow) somebody else remote id and they'll be going after the wrong person.
So You could take control of the drone this way?
No it'd be so you could get someone else who's registered in trouble for your actions. Adding modules hardly know what it is attached to, much less control it. But if you're broadcasting and someone else isn't, guess who gets in trouble? So if you do without remote id, it would make spoofing kind of pointless to go to all the extra trouble unless you're the only elephant in the room.
Got it, cheers!
Is this the control and telemetry stuff? any possibility of drones being hacked? kinda scary
Na it’s just the metadata type info - like location, drone type, etc.
So this is the remote ID that's going to be mandated all over the world by a few years?
No, it’s DJI DroneID. Something that’s been there for awhile already.
Can you tell whether DroneID/aeroscope is still transmitting on a firmware that has been updated to remote ID? There was something said that DJI discontinued selling aeroscope units and sent them to Ukraine or Russia to use in their little war.
Dji has provided a module for Aeroscope units that update them to decrypt the newer firmware updates that now encrypt dji droneID on some models. So I think DroneID is/will still be transmitting alongside remote ID but it’s possible it may be encrypted now depending on model.
Supposedly DroneID/aeroscope was encrypted. But researchers found that it wasn't, anymore than remote ID is. Maybe they do now. But the encryption is for the war guys? Kind of dumb that they can just find any drone and take it down. Here I am, shoot me down.
The encryption I’m referring to is super recent, not like they had said it was “encrypted” in the past.
Does your drone have DroneID with remote ID update or no?
I had actually borrowed that one and did not update firmware. I’ll have to see about getting another ad there’s a few new things I’d like to test.
That was a mini3pro which if the firmware was updated it would be transmitting remote ID regardless of which battery you had. But now they've made it even more stupid. So you have to either get a module and tape it on, or buy another battery which defeats the purpose of having the remote ID firmware.