from Hacker News

I work with automated machinery and am relatively familiar with sensing and automation technology and the costs of such. I recently purchased a DJI Mavic drone and am absolutely staggered by its capabilities. The fact that they can get so much automation, sensing and (seemingly) quality hardware into such a small package makes my day to day work feel like Neanderthal tech by comparison. I was so impressed I purchased a DJI Osmo 3 gimbal for filming with my phone too.

As part of interacting with their hardware you need to install their apps and I had heard that they exhibited strange behavior. I went back and forth on this in my head and finally decided to install the DJI Go 4 and DJI Mimo apps on a phone I have access to that I don't use for personal stuff.

I figured - "hey, its passed Google Play muster, it must be relatively safe" and "lots of tech-savy people I know install these apps so it can't be that bad".

Recently trying to get footage off said phone and the attached issue shows on my windows laptop [1]

A few seconds of googling and I find this sort of discussion: [2]

So if researchers found glaring security issues in these apps nearly a year ago, and it is obviously messing with the file structure of the device it is installed on (and transfers a ton of data up and down with no obvious reason) how is this still approved on Gplay. It staggers me that such mainstream, otherwise mind-blowing pieces of tech do such obviously sketchy stuff and everyone seems OK with it.

Can someone with more insight than me shed some light?

Apologies for poor app/software understanding - I'm a machinery guy.

[1]: https://imgur.com/a/xn9NTUX [2]: https://bit.ly/3d8LoeB