Rabbit R1 Vulnerability Could Leave User Data Exposed - Lowy...

The Rabbit R1 was unveiled earlier in the year during the CES season, with the company making a lot of bold claims for its US$199 (~RM939) smart device alternative. Across the internet, reports have been sprouting that paint the device in unflattering colours, especially when it comes to the true nature of its supposed Large Action Model (LAM). More recently, a report has claimed that it also poses a security risk in addition to not being what it was touted to be. Rabbitude, a reverse engineering community surrounding the Rabbit R1, has claimed that the company's code can leave users' sensitive data "accessible to anyone". More specifically, the report claims that "several critical hardcoded API keys" can allow anyone to "read every response every R1 has ever given, including ones containing personal information". Beyond seeing user information, the vulnerability can also allow the voic...