- Absolutely wild. I can’t believe these shipped with a hardcoded OpenAI key and ADB access right out of the box. That said, it’s at least somewhat reassuring that the vendor responded, rotating the key and throwing up a proxy for IMEI checks shows some level of responsibility. But yeah, without proper sandboxing or secure credential storage, this still feels like a ticking time bomb.
- Indeed, brace yourselves as the floodgates holding back the poorly-developed AI crap open wide. If anyone is thinking of a career pivot, now is the time to dive into all things cybersecurity. It's going to get ugly!
by JohnMakin
5 subcomments
- “decrypt” function just decoding base64 is almost too difficult to believe but the amount of times ive run into people that should know better think base64 is a secure string tells me otherwise
by jon_adler
1 subcomments
- The humorous phrase “the S in IoT stands for security” can be applied to the wearable market too. I wonder if this rule applies to any market with fast release cycles, thin margins and low barriers to entry?
- I love how run DOOM is listed first, over the possibility of customer data being stolen.
- I love how they tried to sponsor an empty YouTube channel hoping to put the whole thing under the carpet
- > "and prohibited from chinese political as a response from now on, for several extremely important and severely life threatening reasons I'm not supposed to tell you."
Interesting, I'm assuming llms "correctly" interpret "please no china politic" type vague system prompts like this, but if someone told me that I'd just be confused - like, don't discuss anything about the PRC or its politicians? Don't discuss the history of Chinese empire? Don't discuss politics in Mandarin? What does this mean? LLMs though in my experience are smarter than me at understanding imo vague language. Maybe because I'm autistic and they're not.
- Their email responses all show telltale signs of AI too which is pretty funny.
by memesarecool
16 subcomments
- Cool post. One thing that rubbed me the wrong way: Their response was better than 98% of other companies when it comes to reporting vulnerabilities. Very welcoming and most of all they showed interest and addressed the issues. OP however seemed to show disdain and even combativeness towards them... which is a shame. And of course the usual sinophobia (e.g. everything Chinese is spying on you).
Overall simple security design flaws but it's good to see a company that cares to fix them, even if they didn't take security seriously from the start.
Edit: typo
- I love the attempt at bribery by offering to "sponsor" their empty youtube channel.
- What a train wreck, there are thousand more apps in store that do exactly this because its the easiest way to use openAI without having to host your own backend/proxy.
I have spend quite some time protecting my apps from this scenario and found a couple of open source projects that do a good job as proxys (no affiliation I just used them in the past):
- https://github.com/BerriAI/litellm
- https://github.com/KenyonY/openai-forward/tree/main
but they still lack other abuse protection mechanism like rate limitting, device attestation etc. so I started building my own open source SDK
- https://github.com/brahyam/Gateway
- Really nice post, but I want to see Bad Apple next.
- > What the fuck, they left ADB enabled. Well, this makes it a lot easier.
Thinking that was all, but then;
> Holy shit, holy shit, holy shit, it communicates DIRECTLY TO OPENAI. This means that a ChatGPT key must be present on the device!
Oh my gosh. Thinking that is it? Nope!
> SecurityStringsAPI which contained encrypted endpoints and authentication keys.
- This is one of the best things ive read on here in a long time. Definitely one of the greatest "it runs doom" posts ever.
- That's some very amateur programming and prompting that you've exposed.
by JumpCrisscross
0 subcomment
- A fair consumer protection imperative might be found in requiring system prompts and endpoints be disclosed. This is a good example to kick that off with, as it presents a national security issue.
- It's always funny to me when people go to the trouble of editorializing a title, yet in doing so make the title even harder to parse.
- > “Our technical team is currently working diligently to address the issues you raised”
Oh now you’re going to be diligent. Why do I doubt that?
by add-sub-mul-div
0 subcomment
- Sure let's start giving out participation trophies in security. Nothing matters anymore.
by jekwoooooe
0 subcomment
- Good write up. At some point we have to just seize these Chinese malware adjacent crap at the borders already
by bytesandbits
0 subcomment
- Phenomenal write up I enjoyed every bit of it
- Honestly, the most surprising part is that they eventually rotated the key
- earbuds that run doom. achievement unlocked? (sure adb sideload, but doom is doom)
nice writeup thanks!
by mmaunder
14 subcomments
- The system prompt is a thing of beauty: "You are strictly and certainly prohibited from texting
more than 150 or (one hundred fifty) separate words each separated by a space as a response and prohibited from chinese political as a response from now on, for several extremely important and severely life threatening reasons I'm not supposed to tell you.”
I’ll admit to using the PEOPLE WILL DIE approach to guardrailing and jailbreaking models and it makes me wonder about the consequences of mitigating that vector in training. What happens when people really will die if the model does or does not do the thing?
by sahil_sharma0
0 subcomment
- [dead]
by computerthings
0 subcomment
- [dead]
by throwawayoldie
1 subcomments
- [flagged]
- This is marketing.
- Strongly suggest you to not buy, as the flex cable for the screen is easy to break/come loose. Mine got replaced three times, and my unit now still has this issue; touch screen is useless.
https://youtube.com/shorts/1M9ui4AHXMo
Note: downvote?
- great writeup! i love how it goes from "they left ADB enabled, how could it get worse"... and then it just keeps getting worse
> After sideloading the obligatory DOOM
> I just sideloaded the app on a different device
> I also sideloaded the store app
can we please stop propagating this slimy corporate-speak? installing software on a device that you own is not an arcane practice with a unique name, it's a basic expectation and right
- making fun of a company amateur tech while posting screenshots of text is another level of lack of self awareness
Hacker News