- cross-posted to:
- android@lemdro.id
- databreaches@lemmy.zip
- cross-posted to:
- android@lemdro.id
- databreaches@lemmy.zip
Both Rabbit R1 users should be concerned.
deleted by creator
these keys allow anyone to […] brick all r1s
the rabbit team is aware of this leaking of api keys and have chosen to ignore it.
Assuming that’s true, then just bricking them all sounds like it might even be the ethically correct move.
It will be hard to tell. What’s the difference between a bricked r1 and a non bricked r1? Answer: not much at all.
It’s like the ending of Silicon Valley. Maybe they’re trying to shit their pants so badly that nobody will ever try to make another device like this.
I don’t know if it is worth the effort to brick 3 devices out in the wild.
I’m shocked. Shocked I say!
the most interesting key is for elevenlabs, which gives full privileges. this allows us to:
(…) delete voices (and crash the rabbitOS backend, thus rendering all r1 devices useless)
we have internal confirmation that the rabbit team is aware of this leaking of api keys and have chosen to ignore it. the api keys continue to be valid as of writing.
So there is a chance?
aint that shit a scam?
bu they still harvest the data?
So is this now 2x scam?
we have internal confirmation that the rabbit team is aware of this leaking of api keys and have chosen to ignore it.
Lmao, I guess nobody’s surprised. A scam is a scam.
we will not be publishing any more details out of respect for the users
Kind of lame, I was hoping they’d brick every r1 device just out of spite. Let it be a cautionary tale for whoever was dumb enough to buy one.
If they literally only have a handful of users, so probably don’t see a need to do anything about it 🤣
Some context on what the fuck is rabbit and r1 would have been helpful.
Since no one is explaining and I have only ever heard of Rabbit on Lemmy (again with no context, probably a US thing), here is a Kagi quick answer:
what is rabbit and r1?
Based on the available information, the Rabbit R1 is a new AI-powered device developed by a tech startup called Rabbit Inc. and designed by Teenage Engineering. The key details about the Rabbit R1 are:
- It is a standalone handheld gadget about half the size of an iPhone, with a 2.88-inch touchscreen and a rotating camera for taking photos and videos. 【1】【2】
- The Rabbit R1 is powered by an AI assistant and is intended to help users interact with various apps and services on their smartphone, essentially acting as a remote control. 【3】【4】
- It connects to the internet via 4G LTE and Wi-Fi, allowing it to provide real-time information and assistance. 【5】
- The Rabbit R1 currently supports integration with apps like Uber, Spotify, Midjourney, and DoorDash, allowing users to control these services through the device. 【6】
- Reviews of the Rabbit R1 have been mixed, with some criticizing its unreliable performance, inaccurate answers, and short battery life. 【7】【2】
In summary, the Rabbit R1 is an AI-powered handheld device that aims to provide a more convenient way for users to interact with various apps and services on their smartphones. However, it seems the device still has some issues that need to be addressed.
- The Rabbit R1 is an AI-powered gadget that can use your apps for you
- Rabbit R1 review: an unfinished, unhelpful AI gadget - The Verge
- What are the main functions of the Rabbit R1? Its everyday use?
- What exactly is the Rabbit R1 AI device that confused many people?
- Rabbit R1 hands-on review: Something is iffy about this | Mashable
- Rabbit R1 Explained: What This Tiny AI Gadget Actually Does - CNET
- Rabbit R1 review: Avoid this AI gadget - Tom’s Guide
what the fuck is rabbit and r
It’s basically just a scam
Hahaha, that’s a pretty wild read.
The fucking Gamaverse,
Search engines haven’t gotten that bad, have they?
No fuck you. Just because search engines exist doesn’t mean we should normalize headlines and post titles with so little information that you have to Google shit for 3 minutes to figure out what they are talking about.
lol knock it off with the helplessness.
Open another tab and do one single search. 3 mins? Lol.
It’s not about the capability to find the info. it’s about the normalization of shitty writing that people like you enable. Fuck off with that hurrr durrr you’re so helpless…stfu. People who do this shit are annoying as fuck. It’s bad journalism.
I wouldn’t call this journalism. It’s a jailbreak/hacking project centered around the r1. This is just an article they posted.
I know all of the above because I was capable enough to navigate to their home page and … read it.
Grow up.
I mean, today’s 10,000 and all that, but you’re on a technology forum and haven’t heard of the Rabbit R1?
No them, but even knowing what it is this is hardly a device with iPhone level popularity.
What you don’t know the RG35XX? You’re not down with the Orange Pi? You don’t fuck with marushier stick boxes?
It’s not internet vapoerware obscure, but this shit would be a distantly forgotten afterthought in another 12 months.
Oh aye, I wasn’t suggesting that they have to know ALL of the tech to be able to post on a tech forum, I’m just surprised that they’re completely unaware of it, given it’s ubiquity on the tech forum over the past month or so.
He just means it’s been all over the tech internet lately, and he has a point.
of course not everyone knows everything, but this and the humane AI pin have been featured everywhere as they’re the first companies bringing llm focused AI products to market, and are generating a lot of hype, get a lot of critical articles, and a lot of youtube videos & investigations regarding them.
Not hearing about the Rabbit R1 when you followed tech news the past month was harder than playing whamagheddon during christmas time. So i get his surprise, and i don’t think his reply was mean spirited, it was hard to avoid hearing about it.
It can depend on your particular part of the tech-sphere. I barely saw anything about either of those, because I wasn’t all that interested in AI things, and didn’t really follow the kind of people who would talk about it. At most, it was a quick flash in the pan before it was overshadowed by other news.
It was indeed a very short flash not long ago :).
And i’m not at al interested in those products either, but they were hard to miss when that flash happened >_<.
It all depends on what areas of technology interest you. Some context (e.g. in the body of the lemmy post) for more niche areas is always helpful.
You are aware that “technology” is not limited to shitty apps with a small user base?
Yes, obviously, but that thing has been everywhere over the past month or so. I’m just surprised that they were completely unaware.
Not anywhere I read around, and I’m quite into tech.
That could be hundred of kilobytes of data!
Sounds about right.
Typical security negligence of startups.
Your data is essentially never secure if it’s sitting with a startup. It’s an atrocious world for security out there.
Calling this a startup is being excessively generous. Startups are meant to eventually be viable.
This is a scam. The product just feeds your queries into ChatGPT and spits out the response. The backend tech they’ve described flat out does not exist. It’s all smoke and mirrors.
This kills the rabbit.
Was it ever truly alive
That didn’t take long.
Where do I download these?
Wow so edgy, they don’t use uppercase letters
See, it must have made their passwords easier to guess…
Why the fuck are they using a cloud tts on an Android device??? Can’t they use on device tts?? Seems extremely stupid for no reason
-
It’s expensive. They are paying a fee to the third party tts provider each single time someone needs a response. They boast “no subscriptions” - that means those fees are paid only by new customer purchases. Ponzi 2.0
-
It’s fucking expensive. Elevenlabs tts voices costs thousands of dollars per month plus $0.18 per 1000 characters. Ask the history of a monument and the verbose result that the LLM regurgitated costs them $0.15. Are they banking on the fact that most customers would just shelf the device after a day?
-
It’s slower. Each time the device needs to reply, it needs to stream an audio file instead of a few bytes of compressed text
-
For the more realistic voices it’s only cheaper in the short term. I get it - they don’t like the robotic free voices and licensing a good closed source one costs money. But then you don’t need to pay the “cloud” forever. Did they plan to shut down shortly after the launch? Where the money for running each user in a VM is coming out? (I saw from a YouTube video that it looked like they were using a browser automation tool in a VM)
At this point since everything is run on the cloud (=somebody else’s computer) this could not only be a smartphone app, but a smartwatch app.
I wonder if they will just fold and do a rug pull now blaming the hackers or fix the problem.
Fixing the problem seems difficult for them - need to fully rewrite the app and having everything proxied through their authenticated server, increasing their expenses (and a rushed fix isn’t secure/tested). But their money comes only from new investors and new customers, and at this point I doubt that they can sell more units or scam more investors.
-