Set as Homepage - Add to Favorites

【2006 Archives】

Source:Miracle Information Network Editor:Entertainment Time:2025-06-27 08:08:41

"All [Rabbit] R1 responses ever given006 Archivesbe downloaded," according to an R1 research group called Rabbitude.

Rabbit and its R1 AI device has already been dunked on for being nothing more than an Android app wrapped up in a hardware gadget, but something much more alarming is afoot.

SEE ALSO: I tested Rabbit R1 vs. Meta AI: The winning AI assistant will surprise you

The report (via The Verge) said Rabbitude gained access to the codebase and discovered API keys were hardwired into its code. That means anyone with these keys could "read every response every r1 has ever given, including ones containing personal information, brick all r1s, alter the responses of all r1s [and] replace every r1’s voice." The investigation discovered that these API keys are what provided access to ElevenLabs and Azure for text-to-speech generation, Yelp for reviews, and Google Maps for location data.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!
You May Also Like

What's worse, Rabbitude said it identified the security flaw on May 16 and that Rabbit was aware of the issue. But "the API keys continue to be valid as of writing," on June 25. Continued access to the API keys means bad actors could potentially access sensitive data, crash the entire rabbitOS system, and add custom text.

The following day (June 26) Rabbit issued a statement on its Discord server saying that the four API keys Rabbitude identified have been revoked. "As of right now, we are not aware of any customer data being leaked or any compromise to our systems," said the company.

But the plot thickens. Rabbitude also found a fifth API key that was hardwired in the code, but not publicly disclosed in its investigation. This one is called sendgrid, which provides access to all emails to the r1.rabbit.tech subdomain. At the time Rabbitude published its follow-up report, the sendgrid API key was still active. Access to this API key meant Rabbitude could access additional user information within the R1's spreadsheet functions and even send emails from rabbit.tech email addresses.

If you were already skeptical of the R1's half-baked capabilities that Mashable Tech Editor Kimberly Gedeon blamed on "rushed innovation, disillusionment, and impetuousness" in her review, this might be your sign that Rabbit is at best, not worth the money, and at worst, incapable of keeping your data private.

Topics Artificial Intelligence Privacy

Previous:Fritz vs. Monfils 2025 livestream: Watch Australian Open for free

Next:Blockchain Explained: How It Works, Who Cares and What Its Future May Hold

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

The Joys of DancingThe Morning News Roundup for May 29, 2014Ottessa Moshfegh and Susan Stewart Win Pushcart PrizesOttessa Moshfegh and Susan Stewart Win Pushcart PrizesAndroid devices could get AppleCoaching, Portuguese StyleMarcus Rashford pens heartfelt letter following racist abuse after Euro finalX (aka Twitter) pays users now. Expect engagement bait to rise.Maya Angelou, 1928–2014 by Dan PiepenbringThe Morning News Roundup for June 5, 2014The Morning News Roundup for June 6, 2014Announcing Issue 209!Announcing Issue 209!The Apple Watch is likely getting a major redesign in 2024How to connect your AirPods to a PelotonThe Morning News Roundup for May 23, 2014How to help victims of the Maui wildfires: where to donateScore a $150 or $200 Amazon gift card with a new Samsung Galaxy Z Flip5 or Z Fold512 fun facts about space that will rock your worldThe Poetry of Menu Descriptions 'Star Wars: The Last Jedi': John Boyega's family on the red carpet The best TV episodes of the year 'The Simpsons' has finally addressed why Maggie is still a baby after 27 years Photos and video show ongoing severity of California wildfires Seth Rogen, Jonah Hill crash James Franco's 'SNL' monologue 'Stranger Things' Season 3 might not come back until 2019 Saoirse Ronan isn't having the backlash around that Aer Lingus sketch on 'SNL' A fake Ethereum wallet lurks in Apple's App Store Apple is now shipping iPhone X orders in two to four business days Train station will stay open on Christmas Day to host a meal for 200 homeless people Twitter makes tweetstorms and long threads an official part of its app What to do if Jimmy Kimmel's baby has made you cry Global warming is pushing the Arctic into 'unprecedented' era Facebook opens AR studio, updates Messenger with world effects 2018 Golden Globe nominations: See full list Synaptics Incorporated puts a fingerprint scanner under a touchscreen Researchers to listen for signs of life from interstellar asteroid San Francisco's tech community reflects on mayor Ed Lee's support after his death Airbnb developing virtual and augmented reality for your next vacation Apple to launch the iMac Pro on December 14

1.8885s , 8207.2578125 kb

Copyright © 2025 Powered by 【2006 Archives】,Miracle Information Network  

Sitemap

Top

Quick Links