Skip to main content
  1. Home
  2. Mobile
  3. News

You may want to stop using the Rabbit R1

By
Someone holding the Rabbit R1 outside.
Joe Maring / Digital Trends

After it was launched in late April 2024, the Rabbit R1 got a mixed bag of reviews, with many reviewers describing it as an unhelpful gadget or only scarcely more useful than Humane’s AI Pin. Digital Trends’ Joe Maring rated it a single star, writing, “The Rabbit R1 was supposed to be one of the hottest AI gadgets of the year. Instead, it’s a buggy, flawed, and unsuccessful mess in every way imaginable.”

As if launching a product flop wasn’t bad enough, Rabbit is now facing reports of a data breach that may have revealed sensitive user data. Rabbitude, a reverse engineering project for the Rabbit R1, is reporting it was able to gain access to the Rabbit codebase and found several hardcoded API keys in its codes.

Recommended Videos

The below isn’t an exhaustive list, but it allows anyone to do any of the following:

  • Read every response every R1 has ever given, including ones containing personal information
  • Brick all R1s
  • Alter the responses of all R1s
  • Replace every R1’s voice
Please enable Javascript to view this content

The following services also had their API keys exposed:

  • ElevenLabs (for text-to-speech)
  • Azure (for an old speech-to-text system)
  • Yelp (for review lookups)
  • Google Maps (for location lookups)
The Settings page on the Rabbit R1.
Joe Maring / Digital Trends

Rabbitude notes that the API keys for Elevenlabs give full privileges. These include getting a history of all past text-to-speech messages, changing voices, adding custom text replacements, deleting voices, and crashing the rabbitOS backend, essentially bricking all Rabbit R1 devices. Rabbit did, however, revoke the Elevenlabs API key, which also broke Rabbit devices for a period of time.

This is a fairly worrying set of permissions to allow on any device, but it’s extra troubling when it’s for an always-on voice-activated AI gadget loaded with cameras. Rabbitude says it reached out to the Rabbit Team, which is aware of the leaked API keys, but they “have chosen to ignore it,” and the API keys continue to be valid as of this writing.

all rabbit r1 responses could be read by us for the past month and rabbit knew about it and did nothing to fix it.https://t.co/r6NmhZJY5W

— xyzeva (@xyz3va) June 25, 2024

Endgadget similarly reached out to the company and received confirmation that Rabbit is aware of the “alleged” data breach as of June 25. “Our security team immediately began investigating it,” the company said. “As of right now, we are not aware of any customer data being leaked or any compromise to our systems. If we learn of any other relevant information, we will provide an update once we have more details.”

As far as security failures go, this seems to be a fairly serious one. While the Rabbit R1 is a neat device, it’s also heavily flawed, and the security issues are sufficient enough that we recommend that you stop using it, at least for now. After all, there’s nothing your $199 Rabbit R1 (separate data plan required) can do that your smartphone can’t.

Editors’ Recommendations

Topics
Ajay Kumar
Ajay Kumar
Former Digital Trends Contributor
Ajay has worked in tech journalism for more than a decade as a reporter, analyst, and editor.
The Samsung Galaxy S25 Ultra may get a big performance boost
A person holding the Samsung Galaxy S24 Ultra.

It looks like Samsung is making some major changes, inside and out, for the next Galaxy S flagship. So far, leaked renders have imagined a sharper-looking Galaxy S25 Ultra with slimmer bezels, cleaner lines, and a more boxy design.

Now, according to reliable leakster UniverseIce, the Galaxy S25 Ultra will come fitted with 16GB RAM. For comparison, the Galaxy S24 Ultra offers 12GB of RAM, while the entire iPhone 16 lineup has 8GB of memory.

Read more
The Plaud NotePin may be one of 2024’s most practical AI gadgets
Plaud NotePin as necklace and wristband,

There’s a new AI hardware gadget on the block. It doesn’t want to ambitiously replace your phone and fail miserably at it. It doesn’t want to put a dystopian AI companion around your neck. It also doesn't want to complicate the concept of apps with useless AI inside an orange box.

It's called the Plaud NotePin, and it is simply there to record stuff when you command it to with a button press. It's a very simple pitch, and the product itself looks pretty straightforward and versatile.

Read more
Every Apple Intelligence feature that is (and isn’t) in the iOS 18.1 beta
Apple Intelligence update on iPhone 15 Pro Max.

Apple has released the first developer beta for iOS 18.1, and it’s crucial for one key reason: Apple Intelligence. The suite of artificial intelligence features that Apple introduced at the WWDC a few weeks ago is finally making its way to iPhones. Well, at least a select few of those features.

Right now, Apple Intelligence is only available for the iPhone 15 Pro and iPhone 15 Pro Max. Also, make sure your device location is set to the United States and Siri’s language is set to English (U.S.) to get the best of Apple Intelligence. Right now, there’s a waitlist to enable Apple Intelligence on an iPhone, but as per a healthy few reports we’ve seen online, the waitlist clears in about 10 to 20 minutes. I managed to get the same done on iPadOS 18 in roughly five minutes.

Read more