Preface: I’m not suggesting there is anything wrong with this. Just making a point in general about online / cloud based log analysis.
Users of applications like this need to be aware of what they’re doing in the most basic sense. You’re taking your drone’s highly detailed logs with precise locations and times, along with your detailed personal identifiable information (account data), and sending it off on the internet to someone else, somewhere else, never to come back. You do not know who else has access to it and what they’re planning to do with it. You may have agreed to some fine print you didn’t read. Or there may not have even been something to agree to.
It may just be collecting dust on that server, used only for the advertised purpose of you analyzing your logs. Nobody else looking it at. Nobody else making something out of it. Super.
It may be getting shared or sold to whoever the system owner has agreed to share it with, data mining everything you’ve served up on a golden platter. That could be be for something as generally harmless as targeted advertising. Or something as nefarious as identity theft and espionage. This might be happening unwittingly if the system owner’s servers were exploited and hacked. The owner could have the best intentions, and all your stuff still gets mined. This generally applies to anything and everything you send anyone on the internet. But this is pretty unique case given the highly detailed information you could be providing.
For most people, it may be totally innocuous. Who cares if someone finds out I’m flying circles around my own back yard with a horribly tuned drone. Especially if you’re also blabbing it out on facebook and youtube all day long anyway. Probably nothing overly sensitive to be discovered even if is being mined.
But what if you are running a business? What if you’re doing work for someone covered by an NDA? What if you’re doing work for a local, state, or federal government? What if you have taken steps to minimize your own public presence (do not call lists, unlisted addresses, etc)? What if you’re unwittingly violating some rule or law, and expose yourself to a blackmail risk? What if you just generally prefer your information not be spread across the globe?
OK, that’s my OPSEC rant for the day. Again, this is not a criticism or accusation against this system or any other web/cloud based system out there today. It’s simply a reminder to folks that they need to think before clicking.