The team behind Rabbitude, the community-formed reverse engineering project for the Rabbit R1, has revealed finding a security issue with the company’s code that leaves users’ sensitive information accessible to everyone. In an update posted on the Rabbitude website, the team said it gained access to the Rabbit codebase on May 16 and found “several critical hardcoded API keys.” Those keys allow anybody to read every single response the R1 AI device has ever given, including those containing the users’ personal information. They could also be used to brick R1 devices, alter R1’s responses and
→ Continue reading at Engadget
