Comment by malermeister

That's not a theory as much as it is an acknowledged fact, and why DJI are banned from many 5-Eyes facilities.

no even that - DJI are potentially collecting thousands if not millions of hours of telemetry about how small drones are used in real-life combat. This is absolutely invaluable to developing countermeasures or optimising their own offensive platforms.

DJI's app wasn't on the Play Store for years before Russia invaded Ukraine, so that's somewhat unlikely.

I very much assume, involved militaries are aware of this possibility and are not blindly trusting Chinese consumer drones right off the shelves, have soldiers in every unit install random sideloaded apps. Lol.

They likely flash verified firmware and use a verified app version, not the latest one from DJI's website... Maybe they have their own code, by now. Especially with reconnaissance drones. The Ukrainians probably need to do this, not just because of the obvious possibility of a "backdoor", but RF adaptability in the EM warfare situation.

I would worry more about contractor John Doe bringing a compromised private phone to a government or industrial facility. Not sure a highres video feed from a drone could be easily exfiltrated unnoticed, anyway, since they usually don't come with WWAN hardware built-in. But the phone itself would be able do all sorts of reconnaissance and become an attack vector in a sensitive context. Then again, this is not specific to drone (software), but all untrusted software people install.

Are you suggesting we should ban Starlink because it is used in warfare both in Ukraine and in the middle east?

No conspiracy here, just hard cold truth.