- Rabbit R1 AI box is actually an Android app in a limited $200 box, running on AOSP without Google Play.
- Rabbit Inc. is unhappy about details of its tech stack being public, threatening action against unauthorized emulators.
- AOSP is a logical choice for mobile hardware as it provides essential functionalities without the need for Google Play.
their page to link accounts to it was not a real webapp, it was a novnc page that would connect to an ubuntu vm that runs chrome with no sandboxing and basic password store under fluxbox wm
someone dumped the home directory from it
Holy shit, that’s actually hilarious, I imagine someone would have noticed when their paste/auto type password managers didn’t work
For those confused, this sounds like instead of making a real website, they spin up a vm, embed a remote desktop tool into their website and have you login through chrome running on their VM, this is sooooo sketch it, its unreal anyone would use this in a public product.
Imagine if to sign into facebook from an app, you had to go to someone else’s computer, login and save your credentials on their PC, would that be a good idea?
What I don’t understand is why. This sounds like way more work than spinning up some out-of-the-box framework with oAuth or a Google login and hosting it on Lambda or Azure. What is logging in on a VM box even going to do for the device?
I wish I knew what any of this meant…
It basically implies that they cobbled together some standard technology but they didn’t even put it together very well.
It’s like a solution that’s held in place with chewing gum and Band-Aids.
Well that’s horrific.