Video Meta Data: DJI Drones, (Sun, Jun 16th)

Many years ago, I wrote about the EXIF data in pictures taken with Smartphones. Smartphones often record extensive meta data including GPS and accelerometer data.

So I wondered how much similar data can be found in footage collected with a drone. As an example, I am using a DJI Mini Pro 4 drone. This is a very common and popular drone, and I just happened to have footage available.

The drone has the ability to record video as well as still photos. For the still photos, typically saves in JPG format, the data looks a bit like what you expect from a smartphone. It includes camera parameters, date, time, and GPS coordinates (oddly, the height was VERY wrong in my sample if I used the “exists” tools, but inspecting it with a homemade tool, it looks better. Likely just an encoding issue)

Here is the complete EXIF data from a sample image

Tag	Value
exiftags	invalid field offset (Make)
exiftags	maker note not supported
Camera-Specific Properties
Camera Model	FC8482
Camera Software	10.08.04.08
Maximum Lens Aperture	f/1.7
Focal Length (35mm Equiv)	24 mm
Image-Specific Properties
Image Orientation	Top, Left-Hand
Horizontal Resolution	72 dpi
Vertical Resolution	72 dpi
Image Created	2024:03:20 11:43:03
Exposure Time	1/2500 sec
F-Number	f/1.7
Exposure Program	Normal Program
ISO Speed Rating	100
Lens Aperture	f/1.7
Exposure Bias	0 EV
Subject Distance	0.00 m
Metering Mode	Average
Light Source	Daylight
Flash	No Flash
Focal Length	6.72 mm
Color Space Information	sRGB
Image Width	4032
Image Height	2268
Rendering	Normal
Exposure Mode	Auto
White Balance	Auto
Scene Capture Type	Standard
Gain Control	None
Contrast	Normal
Saturation	Normal
Sharpness	Normal
Latitude	N (redacted)
Longitude	W (redcated)
Altitude	4294927.26 m
GPS Status	Measurement In Progress
Geodetic Survey Data	WGS-84

The coordinates are the coordinates of the drone, not the coordinates of the operator. The serial number of the drone is not displayed. Note that the serial number uses an “Unknown” exif tag and is only displayed with the -u option in exiftags

“Unkown Tags”

Attribute	Value
Title	default
GPS Info IFD Pointer	746
Unknown	972
Unknown	1100
Unknown	2
Manufacturer Notes	890
Supported FlashPix Version	808464688
Interoperability IFD Pointer	860
Device Settings	0
Unknown	6TVQL(redacted serial number)
Unknown	24
Unknown	DJI FC8482
Unknown	R98
Unknown	808464688

Some of the “Unknown” data may be sensitive, but I have not redacted it so far. Let me know if I should 🙂

The video data is a bit more complex. DJI saves 3 different files:

• MP4 File: This is the main, full resolution video file
• LRF File: Lower resolution video file
• SRT File: A file with GPS coordinates in “Subtitle” format (more below)

Users sharing a file are most likely going to share the MP4 file. Like the JPEG, some metadata is embedded in the MP4 data stream. It is less verbose than the JPEG data, but it does include the drone’s serial number. I did not find GPS data in the MP4 metadata. Just information about the camera and firmware.

The SRT file contains some basic GPS data for each “time slice”. In this format, it can easily be overlayed to the video file.

00:00:00,033 --> 00:00:00,066
<font size="28">FrameCnt: 2, DiffTime: 33ms
2024-03-20 12:59:17.852
(iso: 400) (shutter: 1/320.0) (fnum: 1.7) (ev: 2.0) (color_md: default) (focal_len: 36.30) (latitude: 30.xxxxxx) (longitude: -81.xxxxxx) (rel_alt: 6.500 abs_\
alt: -32.309) (ct: 5695) </font>

Again, only the drone’s GPS data is saved, not the operator’s location. It has been well documented that DJI includes the operator (or better controller) location in the datastream sent to the drone, in part to comply with regulations in some locales (1). An image file doesn’t necessarily give it away.

(1) https://www.wired.com/story/dji-droneid-operator-location-hacker-tool/

—
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|