ExpressLRS control links lack crypto authentication, making military FPV drones spoofable

ExpressLRS, the dominant open-source control link protocol for FPV drones, uses a shared binding phrase for authentication but has no cryptographic handshake or encrypted command channel. An adversary with a $20 SDR can sniff the binding phrase from a single packet and inject control commands to crash or redirect the drone. For hobby use this is acceptable, but for military operations it means any drone within RF range can be hijacked. This persists because ExpressLRS was designed for racing drone latency optimization (sub-1ms) and adding crypto handshakes would add 5-10ms latency that the racing community won't accept, so the military use case is bolted onto a protocol that was never designed for contested environments.