this post was submitted on 28 Apr 2024
18 points (100.0% liked)

TechTakes

1401 readers
134 users here now

Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.

This is not debate club. Unless it’s amusing debate.

For actually-good tech, you want our NotAwfulTech community

founded 1 year ago
MODERATORS
 

Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid!

Any awful.systems sub may be subsneered in this subthread, techtakes or no.

If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post, there’s no quota for posting and the bar really isn’t that high

The post Xitter web has spawned soo many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be)
Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them.

you are viewing a single comment's thread
view the rest of the comments
[–] veganes_hack@feddit.de 14 points 6 months ago (3 children)
[–] self@awful.systems 14 points 6 months ago (1 children)

that was quick! the CEO’s denial is very funny for a number of reasons, but the jig’s up — the supposed point of this device (the assistant) just straight up works on an Android phone, and their modifications to AOSP are almost certainly relatively trivial shit (permissions hole-punching for app interoperability… I can’t actually name a second thing they’d need).

but speaking of that denial:

We are aware there are some unofficial rabbit OS app/website emulators out there. We understand the passion that people have to get a taste of our AI and LAM instead of waiting for their r1 to arrive. That being said, to clear any misunderstanding and set the record straight, rabbit OS and LAM run on the cloud with very bespoke AOSP and lower level firmware modifications, therefore a local bootleg APK without the proper OS and Cloud endpoints won’t be able to access our service.

hoo boy, in detail:

  • what unofficial emulator? this is the APK the device runs.
  • what rabbit OS? the fucking thing runs an AOSP fork locally.
  • it seems to access rabbit’s cloud endpoints just fine in the video. they even make an account with the device.
  • is the response here really that it isn’t an Android phone cause all the functionality is in the cloud? cause that really doesn’t sound like something that needs bespoke hardware to me.
[–] pyrex@awful.systems 8 points 6 months ago* (last edited 6 months ago) (1 children)

My opinion is that Jesse Lyu is lying about making any significant changes. (Because otherwise the demo wouldn't have worked)

I don't want bad things for him personally, but I want bad things to happen to people who lie in public.

The code is open source with licensing requirements, so I'm therefore hoping someone Jesse has already made a statement to can write him with these requests:

  • For GPL2 licensed components such as Linux: Give me your changes in source form.
  • For Apache-licensed components such as Android: What files did you change?

I can imagine him responding in three ways:

  • "Sure, here is another lie" -- and then he's locked into an answer which will probably make him look clueless as hell
  • "We don't think we have to do that" -- and now the Open Source Reply Guy Brigade instantly hates him.
  • -- and now, given that a conversation has actually occurred, he looks evasive.
[–] self@awful.systems 4 points 6 months ago (1 children)

oh wow, that’s a good point I hadn’t considered. I looked around and there’s no open source releases or disclosures associated with rabbit at all (unsurprisingly, they don’t even admit the thing runs on AOSP in any material I can find). interestingly, a DuckDuckGo search for a rabbit r1 source disclosure digs up a deleted backend source leak from an account named rabbitscam before anything else (mod note: for obvious reasons, nobody should link the archived contents of that source leak, even though they seem fucking hilarious)

[–] dgerard@awful.systems 5 points 6 months ago (1 children)

HN thread on leak: https://news.ycombinator.com/item?id=40135250

It's an MT6765 (Helios P35). It's got a known BootROM exploit. Won't be long until someone dumps it and cracks it open, though would be hilarious if a part2/part3 dump is just a factory stock ROM.

[–] self@awful.systems 7 points 6 months ago (2 children)

that’s a pretty big hint as to how someone got the APK — they most likely just dumped the device, and I look forward to an analysis of the contents of the full ROM dump.

most of the orange site thread is absolute garbage, but their CTO posted this incoherent crap on discord (of course it’s discord):

If someone spends enough time with the login minions they can extract these code. But these code are locked down and are sanitized. LAM lives elsewhere. This is someone looking at the rabbit hole not understanding how it works. And tries to be smart.

what’s fucking wild is a lot of the orange site posters just take this indecipherable bullshit as fact? like a bunch of the thread just starts criticizing the leak because there’s no LLM model in it but like, that’s the fucking point? according to the leak’s README, the LAM is just a thin and ridiculously insecure way to hook GPT up to a tiny selection of third-party services without even using a proper API. it’s mostly just a ridiculously fragile test automation that won’t scale, triggered by GPT (or, let’s go stupider, it’s probably actually activated by a fuzzy match on the transcript of the user’s voice input). so many orange site posters are trying to talk past the fucking point of the leak, and for fucking what? an overpriced ugly orange cell phone that isn’t actually useful for anything.

and not to talk past the elephant in the room myself: you can extract the fucking node backend source from rabbit’s login “minions” (services?) if you just spend enough time with them? what in the fuck?

[–] pyrex@awful.systems 7 points 6 months ago

Holy fuck! That man does not sound like an engineer. Why is he the CTO of anything?

[–] dgerard@awful.systems 7 points 6 months ago

MVP = Minimum Venture-fundable Prototype

[–] froztbyte@awful.systems 10 points 6 months ago (2 children)

And from the “it’s the same grifters with a new focus” department, an update

[–] dgerard@awful.systems 9 points 6 months ago

my god, make this a post

[–] self@awful.systems 8 points 6 months ago

oh wow, the NFT thing in the source leak’s README that the orange site tried to call bullshit on was true! who could have seen that coming?

[–] slopjockey@awful.systems 5 points 6 months ago (1 children)

The craziest part is that it works as well on a standard phone.

We didn’t bother testing out any other functionality, such as Spotify integration, Vision, etc., but we wouldn’t be surprised if some of them didn’t work.

[–] froztbyte@awful.systems 6 points 6 months ago (1 children)

The craziest part is that it works as well on a standard phone.

I'm not terribly surprised by this - vendors (and especially rapid-integrators rushing to get to market) are often extremely lazy with this sort of thing. sometimes just by downloading an app (from whatever resource) and poking at it for a small amount of time, you can get it to register and be issued tokens and all kinds of shit

a lot of entities spend most of their efforts on surface things, things users will see. very, very few allocate to foundational parts.

[–] froztbyte@awful.systems 5 points 6 months ago

if you want an example of this, set up mitmproxy on your computer, run it in socks5 mode, and set your system's proxy settings to socks everything through the mitmproxy daemon. you might be surprised how many applications Just Work with barely a mention of a changed certificate (nevermind entirely objecting to it)