Friday, November 22, 2024

AI Helps Hacker Uncover mates Id in Leaked DJI Buyer DataPrivacy Nightmare – sUAS Information – The Enterprise of Drones

One thing we’ve needed to do for years is share the censored ID’s and Passport pictures (leaked from prospects, and employees alike) that got here off DJI AWS leak, however it’s SOOO arduous to do manually, and I’m simply now getting sufficient compute energy to censor massive chunks, it’s simply so time consuming. As soon as achieved all of them should be spot checked once more anyway. Additionally AI is terrible with brown people faces… simply gonna put that on the market.

Um… additionally I simply ran throughout somebody I personally know, that I missed earlier than!

This story from final night time is wild! I made a decision to let NVIDIA AI course of among the ID’s and Passports collected throughout the 2017 DJI AWS dump. Day by day people ask me for “proof”, or “proof” of incorrect doing, or “privateness”, and “safety” points. I assumed I’d take one final stab at proliferating info by sharing censored ID’s and Passports because it was U.S. Home of Representatives CCP Drone Act / NDAA eve, and all.

I used to be NOT ready to search out David Kovar‘s younger face staring again at me as I checked an error in my code. (The purple is what my code missed in censoring). There was a bit “C Kovar” peeking out between black field redactions. I used to be like “HOLY CRAP! There’s solely ONE C Kovar on this earth that might be on this”.
Shortly checking the uncooked picture revealed a good friend smiling again at me. I instantly picked up the telephone.

Me: <texts David> (no reply)
Me: <calls David>
Me: “uhh sorry that is actually vital”… “the place did you reside from 2009 – 2013” (actually hoping you’d say ‘small city USA’)
David: “small city USA”
Me: “Are you able to inform me the precise avenue you lived on” (actually hoping you’d say ‘<route><avenue title>’
David: “<route><avenue title>”
Me: Jaw hits flooring

Proper now we are attempting to find out if David Kovar ever obtained the breach notification in any respect. I’ve emailed help.privateness@dji.com to ask how one can verify, and Jason Cao has graciously supplied to do his greatest to place us (actually David!) in contact with the suitable individuals.

For David particularly, this may occasionally additionally require contacting Illinois Lawyer Common’s Workplace to see if they’ve file of DJI informing them of a seaside to their residents knowledge. https://lnkd.in/gvTTBsVQ

Likewise When you have any suspicion of being compromised within the 2017 leak, however by no means received a letter, I counsel you instantly attain out to DJI help employees, or your native Lawyer Common’s workplace.

Be secure on the market!

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles