"A code audit carried out by FTI Consulting was said to have revealed no causes for concern, with DJI posting the exec summary (but not the full audit) on its website as a PDF. It had access to 20 million lines of source code, according to the summary, with analysis focusing on code concerned with “communication protocols and network activity with host infrastructure”."
1) 20m lines? So FTI Consulting read through (approximately) 2000 books' worth of code? Sure they checked every single last bit of it.
2) And how (unless it's open source, and that was not mentioned in the article) does the end user know that the compiled version of the code on their drone is that audited by FTI?
3) And who thinks that any number of code audits will actually make a difference?