Three months after its release, the Rabbit R1 already has security flaws

The I’m starting Californian Rabbit created a small sensation last January in Las Vegas, during the Consumer Electronics Show (THOSE). She was there introduced its small R1 box, featuring an operating system designed around a natural language interface. The size of a stack of Post-its and ultra-light weight (115 grams), this small device was presented by its developers as moving towards “an intuitive app-free experience thanks to the power of AI”. So no need to download and use applications : Rabbit OS is loading.

Read and modify answers, replace votes, and more.

Priced at $200, the box has sold more than 10,000 units in just a few days. Rabbit shipped its first batch of pre-orders for the R1 in late March for late April deliveries. However, security vulnerabilities are already emerging: On May 16, a team of researchers and developers called Rabbitude accessed the box’s codebase and obtained several hardcoded critical API keys.

This is a major drawback because access to these API keys allows anyone to read all responses given by R1, including those containing personal data, to change the answers to all the boxes or even replace their votes. In its report published on June 25, Rabbitude specifies that these API keys refer to tools developed by ElevenLabs for its speech synthesis technology, Azure for its old text-to-speech system, Yelp for reviewing research and Google Maps to search for locations.

The ElevenLabs key provides access to administrator privileges

At the end of March, Rabbit really had announced its partnership with New York startup ElevenLabs. The goal was to build voice-powered AI audio tools powered by ElevenLabs that respond to voice commands performed by users. Problem: ElevenLabs API key gives full privileges to people with access to it. Then it would be possible for anyone to get the history of all text messages, change voices, replace text with another if the words or sentences have the same pronunciation… and even delete voices, which would DO OS hors-service.

The group of researchers and developers say that most, but not all, of the keys have been revoked: in an article published on June 26, Rabbitude revealed the existence of a fifth hardcoded API key that is still active, regarding SendGrid. This key provides access to a complete history of sent emails for R1’s spreadsheet editing features, including user data. It also allows you to send emails from “rabbit.tech” email addresses.

No customer data has been stolen yet, according to Rabbit

The startup, for its part, confirmed on its site that it has taken inventory of all the “secrets” currently in use and has begun removing them. “We review the audit logs of our platforms SaaS to check for customer data theftexplains the Los Angeles-based company. Since the release of this update (June 28 at 3 a.m.), we have not seen any compromises in our critical systems or the security of customer data.”

Leave a Comment