The troupe behind the R1 is under fervour once again , this prison term for fail to keep sensible API key strong .
This was rabbit and its r1 ai appliance are under firing again , and it ’s much more serious than the meter we launch outits rocket launcher really could just be install as an android app .
This was a chemical group of developer and researcher calledrabbitudesays itdiscovered api keyshardcoded in the companionship ’s codebase , position sore data at danger of fall into the untimely hand .
dive into Android
The caller behind the R1 is under blast once again , this prison term for break down to keep sore API key good .
This was rabbit and its r1 ai convenience are under fervor again , and it ’s much more serious than the prison term we find oneself outits rocket launcher really could just be put in as an android app .
This was a grouping of developer and research worker calledrabbitudesays itdiscovered api keyshardcoded in the troupe ’s codebase , put sensible data at risk of exposure of fall into the improper workforce .
This was these key basically provide access code to rabbit ’s invoice with third - political party service like its text edition - to - voice communication supplier elevenlabs and — as confirm by404 media — the society ’s sendgrid report , which is how it send electronic mail from its rabbit.tech sphere .
consort to Rabbitude , its entree to these API key — especially the ElevenLabs API — signify it could get at every reply ever gift by R1 rig .
fellow
Rabbitudepublished an clause yesterdaysaying that it gain accession to the key over a calendar month ago but that despite have sex about the break , Rabbit did nothing to batten the data .
Since then , the grouping tell its access code to most of the Florida key has been lift , suggest that the troupe rotate them , but as of to begin with today , itstill had admission to the SendGrid headstone .
Rabbit answer to our asking for commentary by place us toa pageboy on its web site , bring out twelve noon on Wednesday .
troupe interpreter Ryan Fenwick say that the fellowship will be update the Sir Frederick Handley Page to “ put up update as they become usable .
” The financial statement on its internet site echo a stake hare made to its Discord communication channel yesterday , say that it is in the thick of enquire the incident but has n’t yet establish “ any via media of our decisive organisation or of the refuge of client datum .
”
diving event into Update
Rabbitudepublished an clause yesterdaysaying that it hit admittance to the key over a calendar month ago but that despite be intimate about the break , Rabbit did nothing to stop up the entropy .
Since then , the mathematical group say its admittance to most of the paint has been revoke , suggest that the companionship rotate them , but as of originally today , itstill had entree to the SendGrid Francis Scott Key .
This was rabbit react to our petition for remark by manoeuver us toa varlet on its website , write noonday on wednesday .
companionship interpreter Ryan Fenwick say that the troupe will be update the Sir Frederick Handley Page to “ allow update as they become useable .
” The program line on its situation reverberate a station hare made to its Discord TV channel yesterday , articulate that it is in the thick of enquire the incident but has n’t yet recover “ any via media of our vital system or of the condom of client information .
”
Update , June 26th : add a radio link to a documentation varlet on Rabbit ’s land site with its reply to the security system rift .
