36 replies
23h46m
At least it'll look nice on a shelf thanks to Teenage Engineering's good work :)
23 replies
23h35m
Please upload source in an unzipped format. If the concern is about GitHub taking it down, use an alternative. There's plenty and many other ways to distribute source in an uncompressed manner.
Otherwise this is indistinguishable from a hack. How do I know these zips are secure? The mega and pixeldrain report different sizes. Rabbit is entirely about hype and a scam, how are we supposed to know this isn't the same nefarious ploy?
I appreciate what's being done and think it's good to call out these scams (I've done so myself) but help by building some trust. We understand the need for anonymity but a nefarious actor could just as easily mascaraed as the same repo. And if you do need files downloaded, provide hashes.
(Fwiw, xz, despite recent events, is great at compression and can help you reduce your bandwidth if needed)
8 replies
23h27m
What is the reason for it to be uncompressed?
4 replies
23h3m
1. I can read it on my phone or in my browser.
2. Why should I have to download text to __read text__?
3. We don't want to normalize unnecessary behavior that is something scammers and bad actors can easily take advantage of.
While I don't believe the leak is nefarious or contains an exploit, normalizing a requirement to download files that can issue exploits -- when there are easy alternatives that make this unnecessary -- just helps create the exact type of environment that scammers thrive in. 3 is incredibly important. If we're going to call out scammers we shouldn't do it in a manner where we're enabling an environment for more scammers to thrive in. Doing what's done here just created a rich opportunity for hackers who can now post a "rabbit source code leak" and just provide people with a different link. Makes for easy picking. Uncompressed and readable code just makes this harder and easier for people to determine if something nefarious is going on.
3 replies
22h47m
It's not a single file unless it's tar'd or compressed or whatever. It's completely normal to distribute software projects as some form of archive. This is doubly true for a "leak" like this where you want the single file to spread around.
I agree that it would be nice to have it browsable online, like in a github repo or whatever, but that's a separate issue.
2 replies
22h40m
It's completely normal to distribute software projects as some form of archive
Again, I think you're missing my point
> normalizing a requirement to download files that can issue exploits -- when there are easy alternatives that make this unnecessary -- just helps create the exact type of environment that scammers thrive in
Yes, it is "normal" and that is exactly the problem.
Ask yourself this
Is there a reasonable alternative?
Is downloading necessary?
So you don't need to explain to me that this stuff is normal because I already understand that (and am actively demonstrating a knowledge of this). I realize communication isn't always obvious, but if someone is telling you that you're missing the point of what they're saying, please consider that you might actually be missing the point rather than doubling down. Even if you aren't, someone telling you that indicates that somewhere there's a miscommunication, and that needs to be resolved.
1 replies
22h27m
I would prefer that it is distributed as a zip. It allows me to easily get the entire file, and hash it to make sure it's the same file as other people are getting, and have an archive of it.
I would also like to be able to browse it online, but this is a usability issue for strictly when I'm intending to read it in a browser alone.
As to your final paragraphs referring to communication and me "explainig to you that this stuff is normal", you specifically said that "We don't want to normalize unnecessary behavior" which implies that you do not think it is already normalized. You're also implying that I should have altered my interpretation of your words when you said that I was missing your point, even though you didn't say I was missing your point until the same reply.
In any case, I think I understand your POV regarding archives, and I disagree.
0 replies
20h40m
I would prefer that it is distributed as a zip. It allows me to easily get the entire file, and hash it to make sure it's the same file as other people are getting, and have an archive of it.
I mean hosting it on any GitHub alternative makes this possible too. We also get better archival because when things change, we can see. Considering this says "Part 1" I expect things to change. History tracking is better for archival.
you specifically said that "We don't want to normalize unnecessary behavior" which implies that you do not think it is already normalized.
That's not accurate. Here's a counter example "We don't want to normalize clickbait headlines." Clickbait headlines are already normalized, that does not mean we want them to be nor does it mean we should accept them and not fight against them. I'm sure you can find many other similar examples.
1 replies
20h47m
To me the question is, why would you put source code on github if you're not going to make it uncompressed? What's the point of using a source code hosting website if your payload is a link to an upload site? Pastebin sites have been around for years.
0 replies
20h21m
Exactly. Similar questions
Why does a user need to download a file to achieve the goals? Does doing so provide added utility?
Does obscurification provide some benefit?
Does distribution in this manner help normalize environments which scammers take advantage of?
- Don't make users download things they don't have to.
- Serving in plain text gives higher utility as users can view it on any device (e.g. mobile. Am I the only one that reads repos on mobile?)
- A GitHub alternative also provides the capacity to download an archived zip, thus achieving any benefits that aren't obscurification related
- Git helps for better archiving as we can have a track record of commits and changes (this is labeled "Part 1"!)
- Did no one else notice that there are ".github" directories with workflows? But there is no ".git" folder? I'd honestly like that...
- While a zip itself is not an executable and not generally dangerous in of itself, scammers (hackers) do take advantage of such environments. Because you can... change a file extension. Or because a user may double click the zip to extract, but this will cause execution. Or idk, hackers are fucking smart and people are dumb.
0 replies
23h9m
I suppose the risk of a 0-day in the compression format, given we’re in the post-xz-era. Publishing the source code in clear text would alleviate such risk for the consumer
5 replies
23h20m
I've nothing to do with the leak itself, so can't help you there. But did check - both archives are identical, and contain a Node project that seems to match what is claimed. (Run it at your own risk.)
$ md5sum lam.zip
3a78b14e1379ac5c059dbbe5660fca8a lam.zip4 replies
23h8m
Thanks! I don't actually assume that the person is being nefarious, but I think it is also important to make sure that they understand these things. Especially if we're talking about scams.
Scams take advantage of what is normalized, it is how they fly under the radar and bypass people's bullshit detectors. It's why a safety vest, hardhat, and a clipboard is the most covert disguise around. So one of the best ways to prevent scams is to normalize behavior that is harder to take advantage of! (same reason people fall for fake voice scams, because we're so used to distortion in calls anyways. A glitch poor voice can be difficult to distinguish from poor cell reception)
As for the filesizes, I assume it is just the websites reporting incorrectly. Pixeldrain reports 188 MB compressed and 510 MB uncompressed. Mega reports 179.r MB. Pixeldrain at least shows all the files, which look to not have been cleaned up since they have things like .DS_Store. But at least the files are individually downloadable.
3 replies
23h3m
179 MB if a megabyte is 1024^2 bytes, 188MB if it's 1000^2.
Zip files aren't evil, just unzip them and look inside.
2 replies
22h57m
I think you're missing the point of my comment.
The point of the comment and request is about not requiring technical knowledge and minimizing amount of necessary thinking. The point is about helping stop scammers in the first place!
179 MB if a megabyte is 1024^2 bytes, 188MB if it's 1000^2.
This is not entirely correct though because MB != MiB. Us on HN will probably know this but proper labeling helps prevent mistakes. The improper labeling requires us to think more when considering security, which is bad security (not that you shouldn't think, but I'm saying "don't set off alarms when you don't need to set off alarms")
1 replies
20h19m
This is not entirely correct though because MB != MiB.
The point the parent was making is that the file is 188026773 bytes long. One site represents that as 179 MB (base 1024) and the other one as 188 MB (base 1000). Your complaint is therefore with one of the websites and not with the uploader.
0 replies
18h13m
Your complaint is therefore with one of the websites and not with the uploader.
That particular issue, yes. But that wasn't the main issue. I guess you're right, I could have clarified that I'm aware that the uploader is not in charge of the label and it was naive of me to presume that this was obvious. I should have explicitly stated such rather than let it be implicitly said.
1 replies
21h19m
Bro, it's a zip file. It won't set your computer on fire.
0 replies
20h39m
Bro, no one claimed this.
1 replies
22h55m
uncompressed and compressed have nothing to do with what you said. you can choose to run the code or not, but it doesn't have to do with the uncompressed thing.
0 replies
22h44m
You're missing the point. The point is to make it harder for scammers. Yes, I can safely extract files but on many systems if you double click a zip instead then there you go. Either way, it is always best to not download when you don't have to.
The question here is "is there a reasonable alternative that doesn't require the user to download." The answer is unambiguously "yes" and unambiguously has higher utility.
1 replies
22h42m
a zip archive is not executable unless something has gone very wrong.
0 replies
22h33m
You're missing the point. As I've been explaining in other comments which have expressed the same thing as you have (please read to reduce noise and repetition), the point is about not normalizing environments which scammers can easily take advantage of. And clearly, the request has higher utility, so in either way, it is an advantage.
0 replies
23h32m
(Fwiw, xz, despite recent events, is great at compression and can help you reduce your bandwidth if needed)
zstd level 22 is even better in my experience
0 replies
20h18m
At the very least, here's a scan from Jotti.
16 replies
23h47m
Not surprised at all. This and the Humane Pin both seemed like a quick cash grab before phones integrated all the new AI goodness. I'm expecting we'll see that window close by the time I/O and WWDC wrap up this year, so they had to move fast.
7 replies
23h23m
Their "keynote" just screams shenanigans. It's the most blatantly fake product demo I have ever seen.
To take one example, at 14m30s, the CEO is shown using the device to book a trip to London. This is presented as a live demo, but it's clearly simulated.
2 replies
23h1m
Playing devil's advocate, tech demos are often faked. From the famous "Hello" Mac introduction in 1984[1], to Google with their Gemini demo a few months ago.
A certain degree of smoke and mirrors to generate hype around ground-breaking tech is the norm, not the exception. This doesn't necessarily mean that the product itself is a scam.
1 replies
17h2m
From the famous "Hello" Mac introduction in 1984
I feel like that's a little different. The Macintosh demo was obviously a "sizzle reel", not an example of how the machine would normally behave in use. No one would have watched the demo and expected the computer to talk to the user when turned on.
A more interesting reference point might be the iPhone intro, which wasn't "fake", but did rely on a carefully orchestrated sequence of events to avoid known bugs.
0 replies
8h35m
The 1984 Macintosh demo also wasn't running on a stock Macintosh, but rather an expanded version of the hardware. So, as well as being a slideshow of sorts it was slightly disingenuous as to what the hardware was capable of.
1 replies
22h57m
To be fair, he doesn't "book" a trip to London in the presentation, he gets flight, hotel, and car rental information, which isn't that out there.
But, he does imply that you can book from the device, which is completely insane. How do you deal with flight selection with multiple layovers? Seat choices? DOBs? KTNs? Phone numbers? Frequent flyer number? Payment? Travel insurance? Disability accommodations?
What could possibly be the overlap of people who travel enough that this is all worth setting up, who don’t already have their own personal assistant?
0 replies
22h31m
just the payment part is it’s own universe of issues, friction, fraud, security etc etc etc
0 replies
17h2m
I remember the CEO of Nokia showing off their latest phone on stage at Mobile World one year, live in front of the world's assembled press.
Little did he know two developers were sweating their nuts off as everything on his screen was coming from an old PC stuffed in a closet in a bedroom thousands of miles away, fed down a ratty cable modem.
0 replies
4h44m
Fun tidbit: There's a point in the tech demo where he asks the rabbit device to "filter job candidates to ones that are LA-based"
When the r1 address replies to him, it attaches a new spreadsheet, and he opens it on-stage. But the spreadsheet it sent, that they then show on screen, has not filtered any candidates to LA-only. (The column next to their names shows labels on screen like "NYC", "Austin", "Miami", "Seattle", etc)
https://youtu.be/22wlLy7hKP4?si=tBt9szqE_AbJPRqW&t=1169 (exact timestamp)
3 replies
22h27m
I don't think this is a fair characterization of Humane. I don't and haven't worked at Humane, but I did interview there and have some friends who work there now. They are notoriously secretive about their product (founders are ex-Apple, and they try to keep an Apple like secrecy culture) but I do know a bit about the evolution of the product.
Humane was founded in 2018, well before ChatGPT was released in November 2022. If you look online you can find some articles about patent applications they made well before ChatGPT was released that give you an idea about their idea for the product at the time, e.g. https://9to5google.com/2022/01/07/humane-android-ar-wearable...
Developing the hand tracking, laser projection system, voice recognition, etc. is very hard, especially considering the power constraints on the device. They spent years working on this and when LLMs hit the scene they realized that the original product idea was going to be severely lacking if they didn't integrate this technology. This caused a big internal pivot to more closely integrate with these LLMs. I'm not sure which they're using, presumably they're paying for GPT-4 access or something like that. It's understandable why they felt like they had to do this, and why it feels like a rushed integration. The bottom line is that they were way too optimistic with the hardware capabilities when they started working on the product, and the last minute rush to integrate with LLMs to at least improve the software capabilities to kind of close the gap is what we're left with. It's not a great situation, but I also think it's unfair to characterize it as a "cash grab".
0 replies
19h53m
Cash grab from their VCs is probably more accurate... I have zero doubt some incredible engineering has gone into the product.
However, from what I can tell they were searching for a problem to solve instead of coming with a distinct, compelling, articulable vision of what they wanted to build
0 replies
21h11m
Secretiveness in a startup at that stage is not a good sign. See e.g. Theranos or Magic Leap.
0 replies
19h46m
the hardware is phenomenal, but it's tied down by bad software
1 replies
23h25m
A company founded in 2018 that raised over $200m is a "quick cash grab"?
0 replies
23h16m
"Quick" as in being quick to exploit LLM hype.
"Cash grab" as in Elizabeth Holmes grabbing $700m from Theranos investors.
1 replies
17h14m
This is really troubling to me.
I feel like all these companies are really hamstrung by the fact that they don't have enough access to our phone's features. There's no way to build a Siri competitor if you're not Apple or Google, the APIs to send and read texts, make calls, control music apps etc just don't exist.
Chat GPT integrated with your phone's operating system is a lot more useful than pure Chat GPT. I wouldn't be surprised if Open AI gets dethroned by Apple and Google because of that fact alone. It doesn't matter how good your model is if you're not allowed to use it due to anticompetitive practices.
If anything deserves antitrust scrutiny, it's the locking down of private APIs, not some petty disputes about App Store fees.
0 replies
12h32m
This is why we need change to open it up. We can’t allow a platform to just forever swallow the next layer of tech up forever and ever
12 replies
23h39m
Meh. I don't think they ever hid the fact that the device is basically a ChatGPT wrapper. As long as it can achieve what it advertises, who cares how the backend looks? At least it has the decency to charge a reasonably price ($200, rather than $700 + subscription like the Ai Pin).
9 replies
23h31m
As long as it can achieve what it advertises, who cares how the backend looks?
so if I pump out enough advertising, you're going to give me the usernames, passwords, and active sessions for your accounts to me?
I need to log out of this thread asap. I thought the defenses of Ai Pin were going to drive me nuts, I need to preserve some sanity. Has everyone lost their minds? Are tons of people here working for equally scummy, shoddy, if not scammy, startups? Seriously, what the hell.
5 replies
23h30m
you're going to give me the usernames, passwords, and active sessions for your accounts to me?
You give all of those to every smartphone maker. Why is this any different? Is there evidence that their handling is insecure?
2 replies
23h26m
If I found out that Android was eavesdropping my Spotify credentials, I'd be just as stupified, yes.
If I found that Android built in some Spotify integration that worked by stealing my active session cookies to do some backdoor integration with it, and billed it as some future AI smart service, I'd find it equally g-d absurd, yes.
Do I think that me logging into the Spotify app, in Android, and it exchanging those credentials for an app-internal access token is the same as a server hijacking my session? No, not really, I don't.
That's what's so damn brazen and shoddy about this. SPOTIFY HAS OAUTH.
1 replies
23h22m
I have no idea what you are trying to say. The device works by running apps for Spotify, Uber etc. in a VM and logging you into it. They say it right on their homepage. If you don't trust it, sure don't buy it. That's your own decision, but doesn't make them any more right or wrong.
0 replies
23h21m
I'm saying it's shoddy, and scammy, and I can't believe anyone would lift a finger to defend this type of product, engineering, or actively training people to get phished. Hope that clarifies.
0 replies
23h24m
Well, I actually don't. I only use hardware from companies that I have a semblance of trust in, and I certainly don't run around entering my Spotify or Uber password into other services.
0 replies
23h26m
Yeah, I have a lot more faith that Google and Apple will properly secure my private data vs a random startup.
1 replies
22h1m
Haven't you done that already?
I mean this in all seriousness, have you used Oauth with google/facebook or the like to login and register with online services? Why not? Have you put passwords into a password manager? Why?
Did you give Uber or Lift your credit card number? What if they were a scam?
I say this also thinking rabbit R1 is a pointless product that based on hype that nobody should buy. However, I can see why people might think it reasonable to give their AI assistant a bunch of personal information. For the same reason people have trusted google with health data.
0 replies
21h41m
have you used Oauth with google/facebook or the like to login and register with online services?
No, I don't use federated login anywhere. I can show you my Google account. The only place I've compromised is Tailscale, and I plan to replace that imminently. And frankly I consider it lazy of them to not support email, especially since google.com accounts are single-tenant anyway. And tailscale never sees my password, never has raw access to my entire damn account, etc, etc.
Also, besides, federated login or delegated access, sure, OAuth is great, I wouldn't have commented in this thread if they were using it. Typing my raw creds into a [redacted] VNC session is not comparable.
Did you give Uber or Lift your credit card number? What if they were a scam?
I call my credit card company. They reverse the charge, and ding the merchant. My life goes on. Takes a shockingly small amount of time.
0 replies
23h15m
This is probably what it felt like to be alive during the peak of the "dotcom" craze I read about in historical literature.
0 replies
23h17m
It can't achieve what it advertises, though. I mean, what even did it advertise? Voice transcription? Playlist management? Phones do these already. "Order me a pizza, whatever the most popular option is"? That's laughable. No one actually wants that.
0 replies
23h31m
I don't think they ever hid the fact that the device is basically a ChatGPT wrapper.
"Large Action Model"
12 replies
23h7m
I'm really into AI stuff but both the AI Pin and Rabbit R1 underwhelm. They are products that don't need to exist if the problem they're solving was truly solvable right now, because the best place for that problem to be solved is already in our hands: our phones. But we're not all talking to AI assistants in our phones all day. Why? Because the technology isn't good enough to do it yet? Because people don't want to talk to digital assistants? Once the tech is good enough that it can motivate ordinary people to look silly talking to their phones outloud, it'll be on our phones and easy to use, and there will be no need for kitschy little handheld devices. No one wants to carry around another device.
That said, smart glasses sound like a great idea to me, but I wear glasses all ay long, so I am extremely biased. I don't think most people want to voluntarily wear glasses to just put a computer on their face, so I wouldn't bet on glasses, either. Sorry, Zuck.
7 replies
22h31m
It wasn't that long ago that it wasn't socially acceptable to have phone conversations in public wearing Bluetooth ear pieces, whereas now we don't think twice about it. A few decades before that, the same thing with portable music players and headphones.
Society adapts quickly to technology, but, as you say, the tech needs to be good first.
I think we've reached that point with voice recognition and AI assistants. It's now a matter of time until someone connects the pieces into a functional and accessible product.
The reason smartphones are not the devices to get us there is because they're not a good fit for this use case. Pulling out a rectangular slab with a huge screen out of your pocket every time you want to interact with a voice assistant is enough of a UX hurdle that most people won't do it, even if it would be socially acceptable. Even if this was in a watch form factor, which we'll surely see as well, just bringing your arm close to your face would get slightly annoying over time.
So a light pebble device you can pin on your shirt or wear as a necklace seems like a good form factor for this. The Limitless Pendant is another recent contender, and seems like a better thought out product compared to the Humane Pin. These devices aim to be unobtrusive, and disappear into the background, yet still remain deeply integrated into our lives. This is what technology is trending towards. I reckon the smartphones of today will seem primitive in a few decades, replaced by seamless VR/AR in glasses and primarily voice-driven wearable tech. We're currently in this transitional period where companies are investing in high-risk products to see what sticks, but eventually someone will launch something that resonates. Just like Apple did for smartphones in 2007.
5 replies
19h52m
Why wouldn't the device just be your ear buds connected to your phone?
I already use siri all the time as I usually have my AirPods in and it works great. That seems like a much more likely device to access our digital assistance than some necklace or pin. Better yet, you could just pair it with your smartwatch and not even need the phone.
I'm still deeply skeptical on voice driven tech as we have had that available and easy to use from various devices for over a decade now and it hasn't taken off for tons of reasons. I just am not going to have a conversation with my computer with others around.
2 replies
12h17m
Why wouldn't the device just be your ear buds connected to your phone?
Because nobody will realistically wear ear buds for long periods of time. This tech needs to be entirely unobtrusive if the goal is to blend in with our lives 24/7, and we're heading in that direction, for better or worse.
I'm still deeply skeptical on voice driven tech as we have had that available and easy to use from various devices for over a decade now and it hasn't taken off for tons of reasons.
Voice recognition has only gotten _really_ good in the past couple of years, with the advent of LLMs. E.g. Whisper, etc. This is enough of a generational leap to transform how much we rely on the tech.
I just am not going to have a conversation with my computer with others around.
Honestly, I can't imagine myself doing that either. But if you think of a scenario where the tech is so good that it understands your intent from short commands, with 100% accuracy, in every type of environment, then it's not so farfetched. Especially once everyone else starts doing it, it will seem as normal as people interacting with screens is today.
I don't think we'll hold long conversations with AI in public, or around others. Just as some people avoid doing that with humans today. But for short interactions like "record this moment", or "remind me to ...", it certainly seems plausible. The device doesn't even need to respond back. It should be reliable enough that you're always sure it understood you.
But we'll certainly hold long conversations with AI in private. For collaboration, companionship, etc. In either scenario, a smartphone or smartwatch are just not the devices that will deliver that experience.
1 replies
12h0m
People already wear earbuds all day. Go to any college campus and tons of those kids never take them out, even when taking with each other. Lots of people at work keep them in most of the day. I am pretty sure I wear my AirPods Pro more than I wear my glasses.
Voice recognition is already really good but people barely use what their devices can already do. For these short interactions you are talking about, our phones can already do this and people rarely use it. Our home assistants can already do much of what you are talking about and uptake has been abysmal because people don't like it.
The smart phone and smartwatch paired with earbuds already does what you are wanting. Hell the HomePod/alexa/google home already do much of what you are taking about and people don’t use it.
0 replies
9h54m
People already wear earbuds all day.
Those are outliers, not representations of something most people would do. And even within that population, do they really wear them for 12+ hours straight? While driving, in class, etc.? I doubt it.
The reality is that no gadget that you put inside or over your ear will be as comfortable for long periods of time as something you wear on your clothes, or around your neck. I keep mentioning the word "unobtrusive", but this aspect is critical for mass adoption.
For these short interactions you are talking about, our phones can already do this and people rarely use it.
The voice recognition accuracy and, more importantly, the actions you can do with it on current gen devices is not generally useful for many people. But this will improve.
I mentioned use cases that I can (poorly) imagine, but once the tech is 100% reliable, there will be many others that we can't think of today. The Rabbit demo seems fake partly because some of these scenarios are far fetched, but there will be a time when it will seem normal. Just like we couldn't imagine what smartphone apps would enable us to do in, say, 2005.
Our home assistants can already do much of what you are talking about and uptake has been abysmal because people don't like it.
This is another category of devices. A speaker with microphones you put on your desk in one room is not a personal device. And many people, myself included, don't feel comfortable with a device built by a corporation that profits from personal data always listening, but I think that will change as well. And we'll have entirely self-hosted and open source alternatives for the privacy conscious as well.
Though I still think smart speakers, earbuds, smartphones and smartwatches will also see improvements, and become more useful as voice recognition and what it enables us to do becomes better. But these are not personal or unobtrusive enough to become deeply embedded in our daily lives. Wearable tech together with highly accurate voice recognition as an interface to AI assistants that know our preferences on a deep level, and are integrated with many of the same services we use today, sure seems like an improvement over any current gen "smart" gadget.
1 replies
14h21m
I agree. No matter how good LLMs and voice recognition get, having a screen is still the best way of inputting and reading information in many scenarios. If I'm trying to find a restaurant to go to, unless I'm in a real "just decide for me" mood, I want a screen. I can read fast, see pictures of the food, open multiple browser tabs to remember potential options, quickly scroll menus, etc. I don't want a voice slowly reading me out the names of restaurants one-by-one.
And that's just finding a restaurant. Imagine using voice input to book a flight. I feel sick just thinking about it.
0 replies
12h2m
For visual content we'll need some kind of screen, of course. But I don't think this will be in the form of a rectangular slab we carry in our pockets, where we use our fingers as input. It's much more likely that it will be in the form of lightweight glasses, and eventually contact lenses, or if we get to that sooner, directly in contact with our visual cortex. It's scary to think about today, but we'll get there eventually.
As for input, think about how slow, clunky and imprecise touch typing really is. I'm typing this on my phone right now, and it's still infuriating. And this is after more than 15 years of perfecting this technology. This is just the best it's ever going to get.
Voice recognition OTOH, if it gets to a state where it's 100% reliable, understands all our accents and nuances, in all kinds of environments, then it's not difficult to imagine it becoming the primary input method. And in recent years, LLMs have made generational leaps in this area to the point where this can finally be a competent option.
You won't need to have a list of restaurants read back to you, or have to have long interactions to book a flight or vacation. This is what the Rabbit device is trying to sell, and they at least have the right idea. The AI will have deep knowledge about you, so that just by saying "book me a restaurant tonight", it will make the right decision for you. At least, that's the idea. I think we'll get there eventually, even if the Rabbit is not the device that does it today.
0 replies
18h58m
It wasn't that long ago that it wasn't socially acceptable to have phone conversations in public wearing Bluetooth ear pieces, whereas now we don't think twice about it.
When amongst other people? Maybe I'm behind the times, but it's still rather annoying in my mind. And the younger generations don't really seem to talk on the phone much at all anymore. They just text.
1 replies
22h36m
I don’t know why I need to keep saying this, but the point of the pin is to replace phones. It’s meant for you to have access to digital services while staying in the moment and avoiding a screen. Many ppl are addicted to their smartphones, so they propose something different.
You can like and prefer a phone but it’s their raison d’etre.
0 replies
18h36m
To be fair, it seems reasonable to presume that the goal of these pins is to get users addicted to the new form factor with much less competition in the market rather than to help with tech addiction.
0 replies
20h59m
So I agree generally,
BUT existing phone companies have an incentive to maintain the app-centric world that keeps their app stores profitable, and app companies have an incentive to lock you into their app to keep customer loyalty and be “more than an API”.
All that’s to say, the Rabbit idea of manually scripting against apps to allow “business as usual” for all these individual parties who wouldn’t want to collaborate fills a void that existing players don’t have incentives to fill.
0 replies
12h23m
Because the phone platforms want 30% of everything sold and won’t let your app change its behaviour.
It’s the same reason YouTube and Netflix actively opted out of having their iPads apps work on Vision Pro - platform wars.
So the only real play is to be Apple/Android or try to bypass them by pretending there’s a new product category other than a phone and hope to get some small critical mass there.
8 replies
23h34m
I really think this + the humane AI pin would be super interesting products if they made them hackable. The hardware is super cool, no problem if the software isn't there yet, it's not like they're being sold at Best Buy, I'm not worried about my mom acquiring one of these and getting her passwords leaked. Who cares if the auth flow is super hacky/insecure? Let us self host it! Let the community create more playwright scripts!
2 replies
23h13m
0 replies
19h38m
But how is an hardware version of a mic/speaker anything interesting? The humane AI pin, to which you wear and gets contextual data, is the only wearable of interest to hackers.
0 replies
1h3m
See https://github.com/OpenAdaptAI/OpenAdapt for an alternative that works with desktop GUIs.
1 replies
23h31m
Humane is founded and populated by ex-Apple folks, so I wouldn't hold my breath.
You're right, though - it's a bit weird because ostensibly the interface is via the GPT system and you've gotta work through those interactions (same problem Alexa had), but given how early both the platform and the product category are, they'd benefit big from letting early adopters build capabilities for them.
0 replies
19h46m
Worst possible thing is that bozos learn the closed source model. The closed source model only worked because they had the Great SJ.
0 replies
21h2m
If you want something fun and hackable look at these glasses:
https://brilliant.xyz/products/frame
They have shipped products before, and they include a bunch of code - today on GitHub to start hacking with.
0 replies
15h48m
Yeah, I had a similar thought. If they just removed the ai or only focused on building a voice command to mobile app sdk there could be something viable there. Sadly that’s just not what they made at all.
0 replies
23h28m
Agreed.
The Rabbit R1 looks like it would be the perfect device to play with.
As is I just assumed Rabbit was sending off pictures and stuff to a Chat GPT API or something. I never assumed the models ran on device
8 replies
20h29m
According to their CTO in the Discord[0]:
If someone spends enough time with the login minions they can extract these code. But these code are locked down and are sanitized. LAM lives elsewhere. This is someone looking at the rabbit hole not understanding how it works. And tries to be smart.
[0]: https://cdn.discordapp.com/attachments/1185274946981732374/1...
7 replies
20h6m
Can somebody translate this?
2 replies
17h14m
The code is their "minions" to handle actions on websites. When you ask it to, say, book a trip, and it tries to search AirBnB.
"If someone spends enough time with the login minions they can extract these code"
AKA "Someone will figure out how this worked, but our code is secure, trust us".
The "rabbit hole" they mention is the whole "cloud" system that Rabbit talks about using to manage all of your services and integrations and 'rabbits' you create that run tasks.
1 replies
16h22m
So it is a confirmed leak and they are just doing damage control?
0 replies
13h53m
It seems to just be a leak of their sandboxed headless browser setup and the API code for controlling it. Obviously such a thing will run arbitrary JS from the web so inevitably there will be something like a browser sandbox exploit, and subsequent dump of its filesystem.
The leak doesn't seem to contain what Rabbit calls the LAM, their purported AI model for interacting with UIs. And what the leakers are claiming is that Rabbit's automation is just handwritten scripts which seems to be completely unsubstantiated. The rabbit secret sauce could still turn out to be a scam but I didn't see anything to corroborate any of the leakers' claims. Grepping the files I found no reference to doordash, uber eats or midjourney, only a path reference to what appears to be a spotify integration library, but the source for that isn't there.
1 replies
19h39m
I think it means to say that:
1) The got the code by bruteforcing the login credentials on device.
2) Server-side code is not accessible which is where the LAM runs.
0 replies
13h52m
This isn’t likely though, is it? The device is unlikely to be running NodeJS and playwright.
0 replies
20h2m
"Shit, shit, shit, shit! Dissemble!"
0 replies
19h39m
The original claim in the code dump is that no ML tools are used at all and the tool is just leaning on Playwright to automate specific actions on a website.
The CEO here is claiming that the ML code is being run outside this code base and that the original claim is being made by someone who doesn't know how the code works.
The CEO's mention of sanitized code isn't as clear to me, that can mean different things. Compiled code can be considered sanitized since it likely isn't human readable, obfuscated code makes that harder, and removing some code all together would be the most effective. The problem with removing code all together is that you would still find code paths that just can't be executed at all, leaving some trail of what code was removed. That wouldn't leak any secrets obviously, but would support the argument that code has been removed and the codebase is being misread.
6 replies
23h46m
Why did they upload the code to some random site instead of GitHub?
EDIT:
But let's call a spade a spade – this is a blatant lie. And we're about to expose it with the first partial release of the source code for its so-called "large action model".
FYI, Text to Action is possible. I personally tested a couple of apps, but I don't think anything reliable exists like we humans.
I would not disregard what they claim is completely false.
2 replies
23h42m
It buys time for them. GitHub will have a lengthy internal discussion about DMCA takedown requests and the fact that the code isn't on their server. During this time it'll give the HN and reddit communities time to grab the link and redistribute.
1 replies
23h39m
Understood!
But zipped files are super fishy though. What if this repo is spreading malware?
0 replies
23h5m
Zip is just a tarball that Windows understands.
0 replies
23h45m
Because it will be taken down from Github.
0 replies
23h40m
Potentially due to the threat of DMCAs. Pixeldrain and Mega are widely used in piracy and sometimes leaks like these, considering they are not known for complying with them most of the time, unlike GitHub.
0 replies
23h43m
to reduce the chances of GitHub taking it down, perhaps? not sure it'll help though
3 replies
23h2m
Not much here explicitly in the source code dump. A little insight into their worker node infra but no "secret sauce" imo.
2 replies
21h59m
Isn't the secret sauce just VNC with playwright? What more do you need to achieve 80% of what they are showcasing (basic doordash orders, spotify controls)?
1 replies
20h41m
I can't find any purported auomation scripts for those services as claimed in the Github page. There is a reference to "cm-spotify-client" which seems to be some sort of custom integration code they've written, but other than that there is no reference to doordash, midjourney, or uber eats. This dump seems to just be the code/infrastructure to run chromium/playwright in kubernetes, wrapped in a Node API to accept commands, persist/hydrate browser state, etc.
0 replies
12h2m
Is there a less convoluted less enterprisy implementation of such a project someone can point to. I was interested to see what is or isn't so intensive about it. Or is this a good scaffold to start a fork?
3 replies
23h23m
In reality, they're simply relying on several Playwright automation scripts to do the job for you, which is why they only support four apps: Spotify, Midjourney, Doordash, and UberEats.
I think that part is mostly fine? I'd rather make give a LLM access to https://woob.tech to be my personal assistant while parsing 99% less noise, than have a LLM that parse and understand stupidly complicated web pages, and randomly fail at the task because the name of my doctor is bobby drop tables.
That being said, it can be interesting to use LLMs to assist creating woob plugins.
1 replies
21h58m
The problem is that they claim to have developed a groundbreaking Large Action Model when in fact it's just a playwright wrapper
0 replies
20h2m
you can't automate playwright without a decision making component in front of it, they are definitely using a transformer there. one could train a llama and make it perform triggers to playwright automations. you can even get deep into transformer tokenization and create action tokens and a formal grammar for your generation, build a parser on top of your predict function and have a "lam" working. the fact that they use playwright does not imply it is not generative ai. i'd say it is really hard to do those actions without a transformer involved
0 replies
22h25m
Midjourney does not have a public API and I'm pretty sure that automating a Midjourney account is against the TOS, so I wouldn't expect that functionality to last long.
3 replies
23h21m
What NFT projects were they involved with?
2 replies
23h8m
/s?
Underrated comment.
0 replies
22h37m
0 replies
22h39m
Sadly, this shouldn't come as a shock to anyone who's done minimal due diligence on the team. After all, they were still hawking NFTs just two years ago.
2 replies
23h44m
Big if true.
Could set back the AI device hype 5 years back after Humane getting exposed as another scam.
1 replies
23h36m
You already have the best AI hardware we’ll see for a while in your hand.
0 replies
23h8m
I remember Mozilla was working on 3D web browsers. Could be new way to do things in Vision Pro? Is there any progress on that front?
2 replies
23h41m
Some will call it scam, some will call it MVP
0 replies
21h28m
In and of itself, the product might be a decent MVP to validate the idea or some aspects of the design.
The problem is in how they've marketed. If you're taking people's money and giving them an MVP, you need to be upfront about it; if you aren't you're doing a bad thing.
0 replies
23h22m
If your product doesn't work anywhere near what your "live demo" shows, it's a scam.
That's very different from "here's the product we envision and need money to build it."
And just because others have scam demos (including Gemini) that doesn't make it okay. It makes it a race to the bottom (and is why I'm more upset about Gemini because big players are held to higher standards)
2 replies
23h44m
I expect it (or at least I hope) to be really hackable.
1 replies
20h50m
Based on how hackable their infra is?
0 replies
8h55m
basically
2 replies
22h46m
I just couldn't fathom the big three phone platforms not implementing this on a device that we all have and is capable of same if-not better dynamic voice integration.
At the very least, I hope products like the Rabbit spur these companies to start innovating again. Even if they are smoke & mirrors, the interest shows there's demand for these features.
Site Note: I've noticed Google Home's voice assistant has declined over time -- it used to handle complex queries and now it can barely understand simple directions. It used to understand me perfectly in the noisiest environments and now it makes many transcribing errors.
1 replies
22h44m
Like in iOS with SiriKit?
Blame app developers for prioritizing implementing less useful features.
0 replies
21h53m
The problem with Siri is their voice recognition sucks, especially compared to e.g. Whisper.
1 replies
21h53m
They gave 12 months perplexity pro with it - and I am already a subscriber. So, I basically paid a bit extra for another 12 months and a rabbit r1 to play with.
If it doesn't work how I want, I should be able to sell on whilst keeping the perplexity pro sub.
0 replies
2h8m
So you were able to get your Perplexity Rabbit gift to work? I'm also already a subscriber, and tried several times to get the Rabbit offer to work, and it never seems to have worked.
1 replies
20h49m
I thought the idea of the Rabbit R1 was cool. I have a strong feeling this will end up like the Humane Pin, which is sad. I'm glad companies are trying something different.
I'd love to be able to use my phone hands free without having to look at it, and interface with ChatGPT/Claude/whatever but I am not sure if it's possible? Siri works very poorly and is unreliable. I'd like to be able to use an LLM as a personal assistant. Set timers, call people, message people, but also be able to ask questions like the voice chat function in the ChatGPT app. Maybe one day!
0 replies
19h54m
I must be a Siri unicorn but for setting timers, calling people, messaging people, controlling my smart home, adding things to my shared shopping list, adding items to my 3rd party task manager, controlling my music. It works great!
1 replies
23h17m
I implemented my own DIY version of Rabbit at a hackathon using Playwright and VNC. I feel extremely validated that they use the same things that I thought of.
0 replies
14h13m
Wow, can you share more about the Playwright+VNC combo?
0 replies
22h24m
One of the bizarre talking points in defense of the existence of rabbit was to get away from our phones. It's just completely inexplicable to me because it's not like it was ever intended to be a replacement, the only difference is congratulations you now have to lug around two separate brick shaped appliances wherever you go...
0 replies
23h10m
If it can do what it claims to do, which is automate on top of existing apps by your voice, whats the difference? Seems innovative regardless of the tech underneath.
0 replies
21h19m
I never understood the appeal outside the cute form-factor, all of the demos were absolutely terrible.
an aside : npr doesn't like the 'spade' comment, although I think the explanation is kind of iffy.[0]
[0]: https://www.npr.org/sections/codeswitch/2013/09/19/224183763...
0 replies
1h3m
...Aaand It's Gone!
0 replies
1h6m
Looks like the repo was just removed from GH.
0 replies
22h55m
Pretty much in-line with my expectations. I ordered one because I thought the design was neat, and I was interested in hacking around and flashing my own stuff onto it. The pricing was clearly at or below cost.
Looking at just the concept (and ignoring execution), I don't really see the point of this thing? The whole thing is a feature that could exist on a smartphone. The dream of an AI agent that you can converse with to replace your smartphone could be compelling, but nowhere close to reality yet. Even then, the big smartphone OS companies are obviously better positioned for this. The smartphone is the hub for all your information, plus they have years of voice assistant, automation, and home IoT integration to build off of.
Humane was silly because it was a smartwatch without any of the proper software support, but Rabbit is essentially doing the same but targeting a smartphone replacement. If you really want to break out and try to dethrone smartphone vendors, you'll have to come up with something more compelling than a worse user interface to a poorly made software platform. That's a software feature you're building.
In some sense, I do think Rabbit had a better approach than Humane, though. Getting a bunch of low-priced "toy" devices into the market that are just a frontend to your server software could get you off the ground. The software needs to exist, though...
0 replies
21h42m
The UIUX isn’t good, AI models are useless without good user experiences
0 replies
22h31m
Who cares how its made if you can make a bag from it before anyone is the wiser? The point in all this stuff is to make bags of money, whatever way you can do that don't matter as long as you gettin the bread.
0 replies
23h5m
Maybe they hacked together something that can feasibly me marketed as an AI-assistant knowing that whatever they build now will get "steamrolled" by GPT-5 (Sam's words, not mine). When GPT-5 gets released, update the OS and it'll work as advertised... EZ-PZ!
0 replies
21h48m
LOL
0 replies
23h43m
Any background on how the code got leaked? Insider? Hacked servers?
0 replies
1h8m
For an open source alternative, check out https://github.com/OpenAdaptAI/OpenAdapt. We combine Segment Anything Model with GPT4-V to understand recordings of workflows in desktop user interfaces, then replay them according to the user's instructions.
0 replies
23h38m
We already know that the large action model would not be available at launch, but I wonder how well it does works as an AI assistant.
TE might have their name really damaged by this. I wonder why they agreed to this colab in the first place
Selling underpowered toys at eye-popping prices has been Teenage Engineering's modus-operandi since the beginning. After the OP-1 price hike (and subsequent re-release at an even higher price), I don't think their target audience cares past this point. You either buy TE stuff for the brand recognition or you own a bunch of Behringer gear because you're poor.
While I agree this has been true of TE for most of their existence, their most recent $300 sampler bucks this trend considerably.
https://teenage.engineering/store/ep-133/
Neither that, nor this little AI cloud device are eye watering in price.
People loooove to complain about TE pricing. OP-Z is $499, find me anything else that can sequence sound, video and DMX (on the go) like OP-Z can, there are exactly zero others. OP-1 for portable synths.... are people pulling a Deluge out on a flight? I've seen people compose a whole set with a OP-1, over 30 minutes, with nothing else... good luck doing that on a MC-101.
I own a Pocket Operator, my head's not in the sand about their cheaper offerings. The Pocket Operators are cheap toys though, you cannot tell me with a straight face that it's about to prop up your next EP. It's a mass-produced calculator PCB they forgot to make a case for, and sell at insane markup.
The same goes for the KO and indeed, the OP-Z. The OP-Z doesn't even have a screen, it has no business costing $499 for being a bunch of buttons with a USB-C plug.
How about the mandatory paired device it requires to sequence everything? That iPhone/iPad is certainly capable of doing that itself, alongside multiple things the OP-Z can't. Nevermind how far you'd get with a $300 laptop and $200 DAW.
You can't memorize how to use an OP-Z.......?? That aside, what company is making an OP-Z alternative?
What company is making pocket operator alternative? What company is making an OP-1 alternative...?
Right, that's what I thought.
On your laptop point, I'm going to be doing a show this weekend, OP-Z, OP-1, 170 and 400. I don't even know HOW I would do that without TE gear, $50k worth of Eurorack?
They've existed for almost 4 decades now under a market labelled "MPCs and MIDI controllers". To name a few common alternatives, you have the Digitakt and Octatrack, a cheap TASCAM and a laptop, a 4-track cassette recorder, the Akai grooveboxes, the Electribe series, the recent Novation Circuit line... the list goes on. People have been making beats on battery-power long before the iPhone and Garageband, if that's news to anyone.
A quad-core laptop running Reason and VCV Rack would do just as well, but I won't spoil your hardware fun. Who can deny how sweet TE's analog DCO sounds?
Right, anyway. Can you spec for spec find me alternatives for the TE gear I mentioned? Same form function, similar software, interoperable within its ecosystem. Just name the TE model and then the brand and model alternative that is basically the same, and then how they work together in terms of their sync clocks.
For example:
OP-Z, you could buy X device, it has all the same features, is about the same price, same size, battery etc.
Very curious to check out your suggestions!
OP-Z: iPhone or iPad, it has all the same features, is about the same price, same size as you would have carried, same battery, whatever
OP-1: Literally just about anything. It is a 4 channel digital recorder. You have an iPhone with USB-class compliant audio, you can do multichannel recording. Use a guitar, some iOS plugins and a $40 DAC. If you're going to complain about buttons, go blow your cash on a midi controller (it will still come up cheaper than ANY OF THE OP-1 MODELS!)
Pocket Operator: God, please grant me reprieve from finite suffering. There is no hope for humanity if we are looking for "alternatives" to grooveboxes with kilobyte-sized memory. What do I say? Fairlight CMI? Do I send a picture of the Mellotron as a joke? The Ti-84 graphing calculator? Heaven forbid... the Akai Rhythm Wolf. Is there a future for us yet if iPad children would rather pay college-tuition prices for Fischer-Price hardware that can do what their iPad does already?
You'll never please everyone, which is why snake oil still finds customers in the 21st century.
Not op (haw haw). What is the iPad software that has the same features in 1 app?
You have an audience eager for genuine alternative recommendations - why not use it? Instead you've spent a lot of words and mock despair not providing any answer to GP, when we want to hear what technologies you would suggest instead.
You can't take someone's OP-Z out of their hands and replace it with an iPhone and expect them to be able to continue, unless you're also recommending a specific iPhone DAW/sequencer with comparable functionality and usability? People would be very keen to hear which ones you like!
And replacing a Pocket Operator's functionality with a Ti-84? If the future of hope for humanity depends on everyone seeing that a Ti-84 is an obviously fully capable substitute for a Pocket Operator, should I be worried that I don't see it (it doesn't even have the right ports, for one thing)?
You seem to have a lot of conviction in your position, we'd love to see some of the substance behind it!
https://teenage.engineering/store/field-desk/
I retract my previous statement. Indeed, toys are not the only expensive stuff they have for sale.
Hey look down there! The computer-1 case is on sale for $149, down from $249. How much profit you still think they're making, considering it's a DIY kit of bendable sheet metal?
150 for a mini-ITX case is very reasonable. I don't this is the own you think it is.
Maybe give it another think? This time taking thermals and air flow into consideration?
What would you like me to think about? Look at the price of mini-ITX cases. 150 is in the ballpark. I made no claims about this cases quality only that it is priced around the same price as other mini-ITX cases.
I bought that case and it’s not great quality and does not look as good as the picture. Also it is flat pack so you have to bend all the pieces and the toggle switch feels terrible. So definitely overpriced for what you get.
I didn't buy the case so I can't comment on quality. Just that asking $150 for a mini-ITX case is in the ballpark for what I expect to pay. Most small-batch ITX cases are also flat pack. All the dan cases, formD T1, among others.
SnazzyLabs bought their case a few years ago for a hackintosh project and did not review it favorably.
They send you a bunch of flat panels of metal you have to bend into shape yourself, and are supposedly very flimsy and can be easily bent even once the whole thing is assembled. They didn't even punch out the screw holes so you have to bore your own holes and screw through them manually. The USB-C port on the front uses a 3.0 header instead of 3.1. And it can't even fit a small formfactor GPU.
https://youtu.be/WOMeETfRQkE?t=418
Yes. But the assembly experience and the wobbliness of the case are worse than a $70 mini-ITX options. I think even $70 would be half brand tax. As the quality to my mind puts this case among the cheapest of the cheapest.
Honestly, while I agree there's a massive price discrepancy, I don't know that I even see Behringer as the "lower end" option anymore. The lowest end is a laptop and pirated VSTs. Behringer pedals? Yeah, those are because you're poor (or just don't care, I guess?) but synths? The K2 is better built than the MS20 mini, the Wasp reissue doesn't have a good equivilent I know of, and their 303 clone isn't any better or worse than the other similarly priced 303 options - and it's easily hackable.
I mean, don't get me wrong, I still think Behringer as a company is doing bad things to the music land scape and that they've done some pretty horrendous IP theft and racist stuff, but I don't think "because you're poor" is right either.
To the point though, yeah, no, TE absolutely won't get a black eye for this: Nobody cares, and hardly anyone but tech bros even know. It's no worse than their wooden choir thing.
Or you buy them because they know how to design products unlike Behringer?
I don't think any fan of Teenage Engineering is no longer a fan because they were paid to design a product that flopped.
why not? they clearly wanted to exploit AI hype in order to turn a profit, even if they did so indirectly. Why shouldn't that speak to their motives and trustworthiness?
if Apple started churning out guns, landmines, snakeoil, cancer cures, NFTs, and magic-AIs their reputation would falter.
Apple might be able to get away with all that, their reality distortion field is unmatched, but I agree that teenage engineering might actually take a reputation hit if they are too liberal with their outsourcing.
Personally, the Vision Pro wasn’t really my cup of tea but I will be standing in line on day one at my local Apple Store for the Landmine Pro.
Wait til you find out that the Vision Pro can detect the presence of Landmine Pro in your vicinity.
It's all about that vertical integration.
Teenage Engineering isn't making guns, landmines, NFTs, or magic AI. Maybe I'm just not a deep thinker like you so I'm not making the connection but in my mind a company paid Teenage Engineering to design some hardware; Teenage Engineering designed the hardware. That is all there is to it. They made no promises about the functionality because that wasn't their job because it wasn't their product.
The rabbit guy is on the board of Teenage Engineering.
they were paid money in exchange for services
The Rabbit CEO is on the board of TE.
I highly doubt that. TE has a strong reputation and their involvement in another company's product outside of their normal business won't impact their sales regardless of whether or not R1 is a flop or a ruse.
This reminds me of how Playdate owners make it very obvious they don't use the thing in the way they retroactively justify their purchase by commenting on quirkiness or aesthetics at the expense of functionality or usability. I guess I get it but there's cheaper plastic toys out there.
I'm a Playdate owner, I definitely use it, and one of the games I've made for it was a GOTY 2023. So, there were go.
Very interested, what game did you make?
I don't think that is retroactive, people bought it because it was different and looks cool and is quirky. I think it is a very fun device and has some great games for it. It isn't for everyone but it is a cool device for people that appreciate what Panic is doing with it.
I bought it because I figured out it's gonna be some crummy little Mediatek thing underneath the skin (and it is) running some form of Android (and it is) so I'm just sitting back to hack it back to be a real communicator ;)
EDIT: It's an MT6765 (Helios P35). It's got a known BootROM exploit. Won't be long until someone dumps it and cracks it open, though would be hilarious if a part2/part3 dump is just a factory stock ROM.