What other device should we try and research? Subscribe for more #cybernews

A physical hack through a debug port is not exactly the greatest heck of all times

Looking at a serial port with a multimeter is like taking time at the Olympics with a sundial

So you did not "hack" anything and found "nothing" :P Guy hypes up but its just another script kiddo :P

I find it hilarious that anyone took this guy seriously after his nft pump and dump.

This content is interesting but the delivery style is way too over the top. You don't have to act like you're doing an informercial.

10:30 to only say that the chip has got a vulnerability. C'mon..

Breaking News: A device is exploitable, given unlimited physical Access.

The rabbit R1 ain't nothing but the spotify car thing on steroids. Wait until the day they end support for it.

You did not hack anything. People are running Linux in that R1.

access to the debug port is something that everyone should have, as well as the tools to debug any and everything. The entire schematics should be public so that it can be repaired.

Some devices that might be fun to explore: AI Friend, Any meshtastic, Anything using TEE like STM32MP1 ProvenCore, Steamdeck, CanBus/ECU automotive display.

You didn't hack anything. You found a serial port that wasn't enabled, then tried someone else's exploit and found it still works.

Important thing to note: This doesn't tangibly affect the security of the device, only the end-user's ability to modify it. If a device software were modified by a third-party, this would require the bootloader to be unlocked, which would then launch an error message regarding such upon every single startup, alerting users to potential modification. If the device is AVB (Android Verified Boot) 2.0 compliant and supports avb_custom_key, it can be re-signed with another key (something I have only seen in Pixels and select OnePlus and Motorola devices), however it will still notify the user that it is loading a separate operating system. Any Android 10+ device is also mandated to be encrypted for Play Services certification, which may not apply to this device anyway, but this means if the bootloader were unlocked, it would dump the encryption key and force a factory reset, rendering the data effectively useless. It's about as much of a danger as Qualcomm's EDL mode.

They choose Mediatek because is the only logical and commercially viable option for this kind of devices.

So uhh, whats an example of the vulnerability besides the debugging port?

Ah yes mediatek, the most disgusting chip company ever. These people will literally make actual human shit if they could sell it to you.

Just gonna mention that the Nintendo Switch originally shipped with a vulnerable chip on board which ultimately lead to custom code being executable.

Oh no. Root access on a device I own. What a nightmare.

Many tech companies will obfuscate what key components they use by e.g. laser etching the markings away. Good luck guessing the part number by a standard package format.

Do some more like this - deep dives into exploits are my favorite, even the old ones.

For thos wondering what vulnerability it is, its BROM mode

The chip doesn't seem to be a rebaged old chip, from what I found it is Helio P35, which was designed before 2019. Mediatek probably just didn't bother with updating the design. I don't really think there was a malicious intent, and the Rabbit company simply cheaped out. The chip is/recently was very common in low budget devices (below 80$ on many brands). I guess the moral of the story is not to buy devices with pre-2019 chips designed by mediatek

I'm dealing with an exploit with my toothbrush. There's no place to put the batteries and it doesn't run, proving I've become a victim of North Korean espionage or something Snowden did.

why does alot of this look edited and fake?

Amazing video!! Please make more videos like this, as a programmer and cybersecurity enthusiast, I really enjoy this style of content, keep it up!!

How nice it is for a Lithuanian to see that your employee is from Lithuania

3:00 it connects to _chinese_ servers but its encrypted so thats "additional points for privacy"? you have to be joking

The key to security on this device is that it’s really expensive and doesn’t do anything. That’s a feature, not a bug.

i think the only reason they went with that specific chip, was it was dirt cheap, because of said vulnerabilities, and the creators of the R1 didnt do their research beforehand, OR if they did, and knew of the vuln, that is treading dangerously close to criminal behaviour, willingly using a bad chip, for a device like that..

LLL covered pretty much the same vulnerability, but with more information about the actual vulnerability

Most people don't realize that this is such a dangerous layered issue. It starts with hardware, but the entire stack needs to move away from being closed or "hidden". We need open source for everything, to be auditable, secure, and transparent. Automation is going to shock the system in the coming years.

"This was discovered in 2019. Some of you were not even born then." How many 6 year olds do you think watch your videos? Like *really* watch them?

Nice my mum's phone is bricked and the boot loader is locked. I might try to use this exploit to finally fix it

most advanced ai newscaster i’ve seen from y’all yet ;)

there goes 10:30 mins of my life i’ll never get back

I could see Rabbit having cheaped out in their source for the CPU and having gotten an inofficial rebadged CPU which used old CPUs.

Looks like the "debugging port" is a UART. Note the RX and TX pins.

Good job bringing out the risk of buying a second hand Rabbit. But that applies to almost every device running these processors.

Omg!! we can read and write the firmware of a device we own, how craaZzzyyy. That just shows that there should be a foolproof way to do a factory reset on a device, not that we should lock down every piece of equipment...

This device would be a practise tool for learning hacking. Or to practise modding devices.

Just the product design alone was a joke. Also, who would want to keep track of that and their smartphone. The day it came out my first thought was that I would be seeing them in thrift shops within a year.

Not the Monty Python Rabbit catching strays 😭😭🤣🤣🤣🤣

I'll even go as far as to say this channel is view farming. Too many views and likes, not enough comments.

The obvious next step is to start connecting random phones, tablets, TVs, routers, smart speakers, robot vacuums, etc. to a laptop and run this exploit. If Mediatek is still selling vulnerable chips and Rabbit bought them, there's no way other random companies haven't also.

If I own one of these, I'm more than a regular user, and should be allowed to access if fully without hacking it.

Fantastic video. Thanks

love to see more, thx for sharing

was **not** expecting this bro

Suggestion for research. Just bought the cheap TP-Link TAPO C220, and found that it requires internet AND inter-client (phone:app and camera) communication. A huge red-flag.

Wow. This coupled with the fact that all your use is logged to the device, including past GPS history, and the fact that the rabbit hole uses VNC to have you enter your credentials to sites on computers you don't control instead of using oauth tokens client side is a huge liability for consumers. What were they thinking?!

7:55 'where money?' wtf come on guys LOL

Hopefully, your researchers are not in Kaliningrad as the map suggests.😂

Summary: Mediatek chip in Rabbit r1 has a vunrability since 2019

Props for the Monty Python reference.

cant wair for the r1 to be used in ddos attakcs

good video, thanks!

Happy for more of that!

I discovered all this in June. Along with everyone else in the Rabbitude discord.

This is a big, and I mean a BIG Security risk. If rabbit does not fix this bug soon. It would probably be discontinued. (Correct me if I am wrong.)

Never let someone else hookup a USB to your device lmao

so is it possible Rabbit bought the chips from anywhere but Meditak? The chip etching is scratched off pretty much. Also, I can't find anything on the Mediatek R1 that it showed up as. I would highly recommend going to Mediatek themselves and asking about the chip name it came up as. It's very possible that the chip isn't what Rabbit claimed it to be. My guess is that it's a custom chip and Rabbit went with the older architecture that MediaTek used with the vulnerability.

I was waiting for you to have a point. You didn't. This video is so pointless, of course if you have physical access to a device you can reprogram it and have access to it. That's why the mediatek "vulnerability" isn't considered really notable either. You trying to somehow gas yourself up as if this was some big revelation makes your whole channel look bad

I am curious about how secure are gaming consoles. That could be an interesting device to hack into

Can someone tell me what is the stuff that we shouldn't be allowed to do on R1 that the debugging makes possible?

Never trusted a MediaTek chipset in my life :D

Its insane that we still give views to a company that is legit a scam ........

You couldn't find a lump of coal in a coal sack, but hey you can say you did if you were handed one.

Great video and awesome explanation on the larger issue

It's ORANGE! Orange for: FREEMASON! That says it all right there. 2 billion colors and they chose the big O.

Did you expect anything less for a Chinese product?

6:16 They could use a CPU from a different manufacturer like Qualcomm.

yes please make more like this

Good thing I never purchased one

Alternative video title: a rabbit hole of cyber exploits

I didn’t realise Christian Bale was a tech head

I have no idea why I feel so relieved and satisfied for watching this video 😂 Maybe because of the bit of exposing a vulnerability

IS ANY1 REALLY USING THAT TRASH? LMAO

I'm sure this is a cliffhanger for all the people watching who were born after 2019.

you make good explanations more than AI generated one

I don't need to open rabbit to know it's crap, all you need to know is the founder previously had a get rich quick scheme involving a videogame and nfts.

"We" = your research team..

Grace period allows the Zero day Market...

They could just remove the debug points.

ooh nice Leon reference

2:48 And the amount of bot activity in comment section indicates that it is what the Rabbit is meant for.. and you should not buy it to serve CCP 😂 Message to the channel: Guys you explained everything in detail but, please be aware of bots when you are touching some countries!

I'm kinda shocked Rabbit is still in business. Horrible product.

That's a good vulnerability for developers 😅 They can use Rabbit for various projects, instead of fiddling with microchips and trying to solder tiny cameras and mics. I guess R1 is the best development board out there!

5:09 Gary Oldman in Leon

you cracked the fortune cookie and found the following message" "Clarity is better than cleverness"

You know what, 1. I don't care, and 2. So what? Most major "hacks" and "leaks" are not the end users fault, it's the corporate companies fault, and the end user is left holding the bag. Everything is hackable, Just accept that and move on.

Can you please make a video a install Minecraft to it for the Rabbit r1

It's alright no one even bought that physical android app :D

That's all interesting and all but can Rabbit run Doom???

Working as intended

what have to say Nothing brand?

Interesting...🤔

FitMC is that you?

This device is not worth any attention, why give it more coverage?

we got steve jobs talking rabbit r1