Joe Maring / Digital Trends
After it was set in motion in previous April 2024 , theRabbit R1got a miscellaneous bag of brushup , with many reviewers describing it as an unhelpful widget or only barely more utilitarian thanHumane ’s AI Pin . Digital Trends ’ Joe Maring rated it a unmarried star , writing , “ The Rabbit R1 was hypothesize to be one of the hottest AI gadgets of the year . rather , it ’s a buggy , flawed , and stillborn flock in every fashion conceivable . ”
As if launching a product flop was n’t defective enough , Rabbit is now look reports of a data breach that may have revealed sore exploiter data . Rabbitude , a reverse engineering project for the Rabbit R1 , is account it was capable to arrive at access to the Rabbit codebase and establish several hardcoded API keys in its codes .
Joe Maring / Digital Trends
The below is n’t an exhaustive list , but it allows anyone to do any of the pursuit :
The following services also had their API key exposed :
Rabbitude notes that the API describe for Elevenlabs give full prerogative . These include getting a account of all retiring text - to - speech messages , changing voices , adding custom text alternate , deleting voices , and crashing the rabbitOS backend , basically bricking all Rabbit R1 twist . hare did , however , revoke the Elevenlabs API winder , which also broke Rabbit machine for a period of time .
This is a somewhat disturbing set of license to allow on any equipment , but it ’s extra perturbing when it ’s for an always - on vox - activated AI gadget loaded with photographic camera . Rabbitude says itreached out to the Rabbit Team , which is mindful of the leaked API keys , but they “ have chosen to ignore it , ” and the API key preserve to be valid as of this writing .
all rabbit r1 reply could be understand by us for the past calendar month and rabbit know about it and did nothing to posit it.https://t.co/r6NmhZJY5W
& mdash ; xyzeva ( @xyz3va)June 25 , 2024
Endgadgetsimilarly reached out to the society and get confirmation that Rabbit is aware of the “ so-called ” data point rift as of June 25 . “ Our security team straightaway began investigating it , ” the company said . “ As of right now , we are not aware of any client data being leaked or any via media to our systems . If we learn of any other relevant information , we will put up an update once we have more details . ”
As far as security failures go , this seems to be a fairly serious one . While the Rabbit R1 is a groovy gimmick , it ’s also heavily flawed , and the security system issues are sufficient enough that we advocate that you stop using it , at least for now . After all , there ’s nothing your $ 199 Rabbit R1 ( freestanding data point plan take ) can do that yoursmartphonecan’t .
