this is unrelated to the announcement saying to unlink your rabbithole connections, but you should still do that.
overview
on may 16, 2024, the rabbitude team gained access to the rabbit codebase and found several critical hardcoded api keys in its code. these keys allow anyone to:
- read every response every r1 has ever given, including ones containing personal information
- brick all r1s
- alter the responses of all r1s
- replace every r1’s voice
…and more.
these api keys are for the following services:
- ElevenLabs (for text-to-speech)
- Azure (for an old speech-to-text system)
- Yelp (for review lookups)
- Google Maps (for location lookups)
details
the most interesting key is for elevenlabs, which gives full privileges. this allows us to:
- get a history of all past text-to-speech messages
- change voices
- add custom text replacements (e.g. “r1” to “ar one”)
- delete voices (and crash the rabbitOS backend, thus rendering all r1 devices useless)
rabbit’s response
we have internal confirmation that the rabbit team is aware of this leaking of api keys and have chosen to ignore it. the api keys continue to be valid as of writing.
we believe it is important for consumers to be aware of rabbit’s poor security practices, as it can have devastating consequences for r1 users.
we will not be publishing any more details out of respect for the users, not the company.