DJI drone maker DJI has become entangled in a conflict with a security vulnerability report. Security researcher Kevin Finisterre found that Amazon Web Services servers used by DJI exposed encryption keys, unencrypted flight logs, plus scans of passports, ID cards and driver’s licenses. DJI launched its own bug bounty program in late August, which it calls the Threat Identification Reward Program. The company says it requires security researchers to agree to “standard terms” designed to protect confidential information and allow enough time to patch.”]
Source: https://www.govinfosecurity.com/researcher-spars-drone-maker-dji-over-security-flaws-a-10461