国产三级大片在线观看-国产三级电影-国产三级电影经典在线看-国产三级电影久久久-国产三级电影免费-国产三级电影免费观看

Set as Homepage - Add to Favorites

【??? ?? ????】Rabbit R1 has a major security flaw in its code

Source:Feature Flash Editor:hotspot Time:2025-07-03 04:34:09

"All [Rabbit] R1 responses ever given can ??? ?? ????be downloaded," according to an R1 research group called Rabbitude.

Rabbit and its R1 AI device has already been dunked on for being nothing more than an Android app wrapped up in a hardware gadget, but something much more alarming is afoot.

SEE ALSO: I tested Rabbit R1 vs. Meta AI: The winning AI assistant will surprise you

The report (via The Verge) said Rabbitude gained access to the codebase and discovered API keys were hardwired into its code. That means anyone with these keys could "read every response every r1 has ever given, including ones containing personal information, brick all r1s, alter the responses of all r1s [and] replace every r1’s voice." The investigation discovered that these API keys are what provided access to ElevenLabs and Azure for text-to-speech generation, Yelp for reviews, and Google Maps for location data.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!
You May Also Like

What's worse, Rabbitude said it identified the security flaw on May 16 and that Rabbit was aware of the issue. But "the API keys continue to be valid as of writing," on June 25. Continued access to the API keys means bad actors could potentially access sensitive data, crash the entire rabbitOS system, and add custom text.

The following day (June 26) Rabbit issued a statement on its Discord server saying that the four API keys Rabbitude identified have been revoked. "As of right now, we are not aware of any customer data being leaked or any compromise to our systems," said the company.

But the plot thickens. Rabbitude also found a fifth API key that was hardwired in the code, but not publicly disclosed in its investigation. This one is called sendgrid, which provides access to all emails to the r1.rabbit.tech subdomain. At the time Rabbitude published its follow-up report, the sendgrid API key was still active. Access to this API key meant Rabbitude could access additional user information within the R1's spreadsheet functions and even send emails from rabbit.tech email addresses.

If you were already skeptical of the R1's half-baked capabilities that Mashable Tech Editor Kimberly Gedeon blamed on "rushed innovation, disillusionment, and impetuousness" in her review, this might be your sign that Rabbit is at best, not worth the money, and at worst, incapable of keeping your data private.

Topics Artificial Intelligence Privacy

0.1675s , 9827.234375 kb

Copyright © 2025 Powered by 【??? ?? ????】Rabbit R1 has a major security flaw in its code,Feature Flash  

Sitemap

Top 主站蜘蛛池模板: 丁香色狠狠色综合久久小说 | 无码人妻一区二区久久 | 国产精品成人免费综合 | 超爽一级毛色大片 | 狠狠色噜噜狠狠狠 | 波多野结衣办公室双飞 | 免费又粗又黄又爽又免费A片 | 国产亚洲成AV人片在线观黄桃 | 日本一级片在线观看 | 国产91亚洲国模持一区 | 成人无码在线免费 | 不卡无码h在线观看 | 丰满人妻中文久久 | 中文字幕一区二区精品区 | 亚洲国产成人久久综合 | 亚洲美日韩av中文字幕无码 | 久久精品亚洲中文字幕无码网站 | 高清二区| 精品国产一区二区三区成人 | 欧美视频日韩专区午夜 | 日韩精品无码熟人妻我不卡 | 欧美日韩国产一区二 | 久久精品国产亚洲av无码四区 | 51视频精选全部免费的意义在哪里 | 欧美69另类精品久久不卡 | 国产精品无码一区二区无 | 国产精品无码mv在线观看 | 亚洲成av人片在线观看wv | 国产巨作麻豆欧美亚洲综合久久 | 91视频一区二区三区 | 精品人妻人人做人人爽 | 久久视频这有精品63在线国产 | 欧美乱妇15p图| 国产成人无码aⅴ片在线观看 | 亚洲 图片 另类 综合 小说 | 日本一卡二卡三四卡在线观看免费视频 | 国产精品密播放国产免费看 | 伊人久久精品无码麻豆一区 | 亚洲一卡2卡3卡4卡国产 | 四虎精品成人影院在线观看 | 亚洲成年人免费网站 |