@chriscrumley and
@CameronD:
It's funny you mention the erroneous GeoFencing issues ("Nanny state" - perfect description). My entire hacking journey has been to circumvent these issues. Funny, but as DJI works harder and harder to infiltrate my drones, I have to come up with new and creative ways of hacking them. Apparently, DJI and myself are in an arms race. The good news is that I'm winning.
Just yesterday I did some testing with some pretty amazing results. First, a little background...
One of my clients of many years is a construction contractor. I have been shooting construction progress videos for them for at least 4 years. I use my Inspire 1 with the X3 camera for these shoots.
Two of the construction sites have been in Class C airspace, with the latest one being right on the outside bleeding edge. Because I generally fly pretty low on these flights (140-230' AGL), I'm often below or barely above adjoining skyscrapers. I have hacked my drone so that it is not GeoLocked in these spaces. If one reads through this forum other users have been GeoFenced despite having their LAANC permissions in order. So I have no regrets that my drone is immune to these erroneous limitations. That said...
Starting November of last year I started shooting a construction site well outside our local Class C and Class D airports - over 10 miles away from them. About a month ago, using third-party software, I went to launch my drone as I always have, but this time was met with this message (don't have the correct third-party software screenshot, so here's a DJI screenshot with the same message):
View attachment 32699
I was at least 12 miles from the military base. Somehow, DJI had not only infiltrated my hack, but had GeoFenced a zone I had been flying for months? Naturally, I got online and rechecked NOTAM's for the area and there was nothing about this area or any military operations in my city. I picked up my Inspire 1, left the job site and successfully launched and flew my Inspire 1 at my house. Hmmmm.... So that day I decided I would conduct some experiments....
So I had a theory. In order for DJI to ground my drone, there had to be a chain of data that started with my iPad and ended at my drone. Because DJI shares absolutely zero information regarding HOW they GeoFence, I decided I would conduct my own R&D to figure how DJI was grounding my drone.
My normal work flow is to clear my MicroSD on site and check WiFi interference. These tasks have to be done via the DJI app. (My third-party app does neither). It was after clearing my card that my drone was grounded. So what if I cleared my MicroSD card and set the RC channel OFF site? This way I could fly my drone on-site without having to open any DJI software. So after successfully flying my drone at my house, I went back to the jobsite. Wouldn't you know it, I was able to launch my third-party software and fly the mission. After the mission was done, I opened the DJI Go App. My Inspire 1 was immediately grounded.
So then I wanted to know WHERE is the data bit located that's telling my drone not to fly? Is it in the App? Or the RC? Or the AC. I disconnected the iPad from RC and restarted it. Drone still grounded. So I shut down the RC and the AC and restarted the AC. The red flashing light on my Inspire 1 told me that it was still grounded. Clearly the "Do not fly logic bit" was in the drone itself, probably imbedded in the firmware. CLEARLY, I could no longer
So yesterday I conducted another experiment. As you're aware one must connect to the Internet to download maps for any drone software. Ergo, before every mission I download mapping data at my house before heading off to the jobsite. I have an older Air 1 iPad that has pretty much become useless. It still runs the Go and Go 4 Apps without a problem, but is not powerful enough for any other drone software. So I decided to isolate this iPad from the Internet. I turned off WiFi and have left it off for the past month.
So yesterday I flew my mission as usual. After flying I opened the Go App. Immediately my drone was grounded. So then I shut everything off, connected my Air 1 iPad to my RC, started the RC FIRST, opened the Go App second, and fired up the Inspire THIRD. Sure enough, the GeoFencing was cleared. I successfully started and flew my drone. For the first time in my entire droning career I had successfully CLEARED a GeoFence OUT of my Inspire 1. To me, this is a HUGE discovery.
So now what?
My P4P and Mavic Pro are hacked. They have been impervious to DJI GeoFencing. However, my SPARE P4P is NOT hacked. I received this message on a jobsite a gazillion miles from airports:
View attachment 32700
I love the ChinEnglish "...will ACROSS the no fly zone." For this mission I simply put away the spare, pulled my primary, hacked P4P and flew the mission. It will be interesting to see if this "reset" works on my P4P.
What will be even more interesting would be to see if this hack works on drones I do NOT own like the
Inspire 2. All it's going to take is some intrepid
Inspire 2 owner who has an extra iPad. This would be REALLY good information for the drone community.
D