That $200, dazzling orange, minimalism AI doohickey called Rabbit R1 Promise it will be your go-to AI companion. On the contrary, it proves that it is a A misshapen and half-baked machine This fails to deliver on any of its lofty promises. Now, according to a group of white hat hackers, it’s even worse than that. The team calls itself rabbit claim that they have had access to all Rabbit R1 code base API keys for more than a month, which allows them to grasp all Rabbit responses, including any sensitive information provided to the AI.
That said, if you’re one of those little rabbits who still jumps at the chance to use a Rabbit R1, you should stop doing so immediately.
Rabbitude claims it gained access to the Rabbit code base as early as May 16. The team also said it has access to Lab Eleven Key, which is Rabbit’s system for text-to-speech. This last item is particularly important for day-to-day operations of Rabbit, as it could allow a hacker to obtain a history of all past text-to-speech messages and even compromise the device by deleting the voice entirely.
After the hacker group released its findings on Tuesday night, a member who goes by the screen name Eva said that ElevenLabs temporarily revoked the ElevenLabs API key, which also caused all Rabbit devices to be temporarily shut down before being brought back online. “The rabbits knew about it but did nothing to fix it,” they said.
Gizmodo reached out to Rabbit for comment early Wednesday morning, but we did not immediately receive a response. The company told enjet It’s aware of the alleged breach but “is not aware of any customer data being compromised or any compromise of our systems.” Gizmodo also asked Rabbit if it has revoked any API keys, but we’ll update this if we hear more. Article.
Rabbit R1 was already prone to failure because it relied so heavily on cloud services that were not directly controlled by the Rabbit team. Last month, ChatGPT was temporarily out of service render the device completely useless. Gizmodo was unable to independently confirm whether Rabbit was taken offline due to interference with the ElevenLabs API. We’ve reached out to the Hacking Team for evidence and comment, and we’ll update this story if we hear more.
Technology blogger Ed Zitron has detailed The company shifted from working on crypto-metaverse projects to developing artificial intelligence devices. YouTuber Coffee Zilla A review of Rabbit’s codebase also detailed some of the more concerning aspects of the device, including some “serious data privacy issues.” He mentioned that “a malicious actor could use these things to get all the responses R1 ever gave.”
On the Rabbitude Discord, the team claims that they have been working with CoffeeZilla since accessing the repository over a month ago. The team further stated, “It’s real. The rabbit can dance around it all they want, but it’s real and it happened. They had a month to change the keys and they didn’t. That’s their business.”
