I would like to share in-browser drone log analyser tool, DroneePLOTTER which makes log analysing and sharing very easy and faster . It is completely free too use . https://plot.dron.ee/
I have also made small video how to use video
Your feedbacks are very welcome. we would like to make make it more usefull for the ardupilot comunity.
Preface: I’m not suggesting there is anything wrong with this. Just making a point in general about online / cloud based log analysis.
Users of applications like this need to be aware of what they’re doing in the most basic sense. You’re taking your drone’s highly detailed logs with precise locations and times, along with your detailed personal identifiable information (account data), and sending it off on the internet to someone else, somewhere else, never to come back. You do not know who else has access to it and what they’re planning to do with it. You may have agreed to some fine print you didn’t read. Or there may not have even been something to agree to.
It may just be collecting dust on that server, used only for the advertised purpose of you analyzing your logs. Nobody else looking it at. Nobody else making something out of it. Super.
It may be getting shared or sold to whoever the system owner has agreed to share it with, data mining everything you’ve served up on a golden platter. That could be be for something as generally harmless as targeted advertising. Or something as nefarious as identity theft and espionage. This might be happening unwittingly if the system owner’s servers were exploited and hacked. The owner could have the best intentions, and all your stuff still gets mined. This generally applies to anything and everything you send anyone on the internet. But this is pretty unique case given the highly detailed information you could be providing.
For most people, it may be totally innocuous. Who cares if someone finds out I’m flying circles around my own back yard with a horribly tuned drone. Especially if you’re also blabbing it out on facebook and youtube all day long anyway. Probably nothing overly sensitive to be discovered even if is being mined.
But what if you are running a business? What if you’re doing work for someone covered by an NDA? What if you’re doing work for a local, state, or federal government? What if you have taken steps to minimize your own public presence (do not call lists, unlisted addresses, etc)? What if you’re unwittingly violating some rule or law, and expose yourself to a blackmail risk? What if you just generally prefer your information not be spread across the globe?
OK, that’s my OPSEC rant for the day. Again, this is not a criticism or accusation against this system or any other web/cloud based system out there today. It’s simply a reminder to folks that they need to think before clicking.
Wow. exactly my thoughts. I’m in cybersecurity and would definately caution against this. Mr Skorsky is probably a wonderful upstanding citizen and hobbyist, but uploading to an Estonian domain (.ee) will likely mean your data will be viewed by…anyone who wants it really.
If I’m a home hobbyist, maybe I don’t care, but you should because of the intimate location details in the log, but if I’m a commercial developer, I DEFINITELY care because I might be uploading my proprietary IP to my competitor.
Totally agree with this. I have made a small attempt to ‘anonymise’ data uploaded to the Maverick analysis tool although @peterbarker has pointed out problems with this too.
But, are you sure this tool is actually uploading anything to a server? My understanding is that this tool is totally in the browser - you’re uploading the file into your browser rather than on to the server. This all-in-the-client approach has a bunch of downsides, but this is potentially one of it’s major upsides.
DroneePlotter works in browser. no server/cloud involved . it parses data inside Chrome/safari/mozilla etc browser and your data stays in your local computer . if you want to upload to internet you can press upload button to share whole analysis with others. otherwise you can just share the picture from specific graph.
Proving that would require some packet analysis whilst using it which isn’t going to be very fruitful, because it is over https. So you won’t know what is going back to the server. Your only chance is to try to look throug the client side source and try to figure it out from there. I may be being paranoid…but in my business I’ve seen things …
But that is not something that the end user really has any assurance of. Just because you say it is now, doesn’t mean that it stays that way forever. In an hour, you can alter the application to mine the data, and the user would be none the wiser. Or the application can be compromised by a third party to mine the data, leaving both you and the user none the wiser. The same caution must apply regardless of the application’s design and intent today.
Again, not accusing you or anyone else of this. It’s simply an OPSEC scenario that everyone needs to keep in mind for any web or browser based application.
I think props have been given, and you know that since you’ve read this far. I’ve made it quite clear this isn’t an accusation towards his product.
As I said, You personally may not care at all, or may feel the risk is of no real consequence. That is not and will not be the case for everyone. Especially those working with NDAs or other scenarios where confidentiality or privacy is a legitimate concern.
If the term OPSEC sounds too official and scary to you, despite being the actual proper word for the situation, feel free to substitute “privacy and security” in it’s place. It doesn’t change the reality no matter what wording you use. It’s a real concern, whether it applies to you or not.