As is the case with just about all tech service offerings these days, whether they charge you or not, my first question is: How much of the info it extracts from me to provide me with this service is it going to hoard and then resell to others for the sake of "improving user experience" or some other bullshit justification for extracting more money.
The ugly thing is that this vast privacy invasion and resell has become so pervasively normalized that even the fucking services which you pay for almost universally sell off to others ad nauseam anything about you that isn't nailed down.
Since this thing offers to give you personalized AI based on everything you see and do in your day, that's some very private, juicy info to resell.
Perhaps "limitless" refers to what they are allowed to do with the data/information they collect.
NB. Data/information can be transferred to other entities in ways that not meet the definition of "resell".1
In addition to transfer, there must be limits on _use_. Obviously a "restriction" like, "The company shall be limited to using the data to improve the service" is meaningless. Defeating privacy improves the service.
The CEO said on Twitter: "In fact, we built Confidential Cloud in such a way that only you can decrypt your data. Your employer, we as software providers, and the government cannot decrypt your data without your permission, even with a subpoena to do so."
So I think a monthly subscription is the business model, not ads.
They do make some effort to push the “confidential cloud” aspect of their product, where the AI is supposed to somehow operate on your encrypted data, but these days I only believe it when I see the white paper. It is unfortunately quite common in our industry is to posture as more security-conscious and privacy-focused than you actually are.
Especially disappointing given that before they renamed the company they were built on the idea that everything was stored locally. Seems like a pivot solely to gain from the AI hype cycle.
I really wish someone would make a pendant like this which is focussed on local-only use. It could connect to a mobile app or computer for transcription and summarisation, but using local models or an API key that the use chooses. I would pay serious money for a device high quality that did this (>$500) if it was backed by open-source platform/infrastructure for processing the managing the audio. Even better if it was written as an extension or fork of something like obsidian, or if the data structures were fairly open and there was an API for querying the data in interesting ways.
Recording and processing audio locally is something I already do. But there's absolutely no way I'm EVER going to trust a startup with this sort of data, any anyone in any serious job would almost certainly be unable to use it for work.
I guess the risk is that someone would sell a crappy pendant that uses the same software, but I still think there's a potential niche here for people who want something that just works.
I'd also purchase the software from the App Store if it was otherwise only available as a non-signed binary.
Yes, a local-only always-on recorder/transcriber would be a killer product. Combine with a local LLM for summarization, and a simple search engine. But there's no way in hell I'm paying a subscription for this, or letting some 3rd party have this data.
It doesn't seem like this should actually be that difficult to build an open-source version of, modulo battery-life concerns.
I have been wanting this since I first used whisper and saw it’s capability. Nothing you can buy off the shelf is sufficient at the moment and if you diy it’ll be too big.
This looks incredible. Site looks fantastic. In a perfect world, I'd pre-order immediately.
I sure as hell am NOT subjecting friends and family to being recorded and having those recordings going to some cloud I don't control.
Just this morning I got an email from AT&T about how they regret that my data was leaked but it's not so bad, sign up for this monitoring service. I have no choice but to use certain services. I can choose not to engage with this beautiful product.
i haven’t personally used the AI pin, but based on reviews, it doesn’t feel like these devices are going to feel productive until a much higher % of queries is answered on-device (without going to the cloud).
MKBHD asked his pin what he was looking at, and in the time humane’s pin to take a pic, send it up to the cloud, decide what model is most appropriate, and narrate a really long (possibly hallucinatory) answer; he simply took his phone out and google lens answered correctly with a lot of time to spare.
I know these are first-gen products and the fact that this one would presumably have a much higher degree of context on my personal life might make this better (without speaking to privacy implications). Still, over-reliance on the cloud and the fact that this doesn’t interface with my phone (where most reminders, alarms, messages, etc, happen) is going to make these devices a tough sell.
I pre-ordered the rewind, and noticed that I'll be upgraded for free! But my question is for the subscription, will there be any discounts for the pro plan?
Also, I do notice that the free version has 10 free hours a month of AI features.
How easy would it be for me to export the recordings, and use it with say Google Gemini Pro for transcribing?
Do you plan to add support for microsoft calendars and email? I have gmail but none of my work stuff is in there so I can't really make great use of this :(
Aren't there wiretapping laws that make recording conversations in certain situations illegal? I love the idea of this type of technology but it seems tricky to deploy from a moral and legal perspective.
Given how new this product is, shouldn't trailer focus on what it does and how to use it in daily lives, rather than showing off different colors and finish of the product? With iPhones, Pixels, I can understand this focus. No one needs to explain what they do. Not this one. This the first time I am hearing/seeingyou. So, show me what you can do. Not what colors or material you're made with.
The value of taking notes isn’t in the text content that is produced. It’s in the actual act of taking the notes, that’s what actually creates meaningful connections in your brain and leads to greater insight and on demand memory later.
Would you rather have someone who when asked a question can answer it on demand or someone who has to go searching for a needle in their haystack of voice / text / LLM summarized notes?
That’s why people take notes. Not to produce text. It seems like every few years a new crop of dictation as a service companies crop up and learn this lesson all over again. Users who can’t be bothered to take their own notes never go back searching through them.
They don't really give any specifics and I'm not sure if they give you the keys or explain how the keys are derived (which I assume must be based on your login if they don't make you enter it otherwise they must be able to decrypt it whenever they want) but they mention they worked with Latacora[1]. Also curious if anyone else has any ideas on how they prevent themselves from being able to decrypt user data while implying they're not using E2EE[1].
Edit: I just tried it. They don't give you encryption keys you need to enter when signing in and the server literally sends you your transcripts with no encryption. Maybe they're including a key somehow derived when signing in with Google/a magic link in the request, but I don't think anything would stop them from just logging API responses even if that was the case. They're definitely not using E2EE. They might just be encrypting at rest and storing their keys in AWS KMS which sounds like false advertising.
Confidential Cloud is similar to end-to-end encryption, but with the added benefit of letting your personalized AI work for you even when you aren’t using the app.
You control who can decrypt your data
Your employer, we as software providers, and the government cannot decrypt your data without your permission, even with a subpoena to do so.
Your data is anonymized
There is an initial mapping from your application request to an anonymous ID, but after that, even we don't know whose encrypted data is whose.
Your data will never be sold
Not only do we pledge never to sell your data, but we couldn't even if we wanted to because we can't decrypt it without your permission.
Envelope encryption with unique secret keys
Data keys are used to encrypt your data and are themselves encrypted under a secret key. No one, including us, can export the secret keys.
I'm speechless, honestly. Are you seriously bragging about the sheer amount of scrolling animations and other useless but highly annoying bling that you've managed to spring onto the poor visitors of the website? Because, yes, that is a truly impressive amount of it, but the only thing I can take away from it all is that you don't care about usability.
Dear god, just watching some of those videos is painful. Like when trying to scroll literally two lines of text on the screen instead highlights them word by word and pops up icons to "illustrate" each word: https://twitter.com/Stammy/status/1779867509388165203. I don't think I've seen a website condescendingly "speaking slow" to a user before...
Big fan of Rewind (despite the impact on battery life!). My favorite part of it is that everything is verifiably local. I'll take an inferior AI model to shipping recordings of everything I see/hear to someone else.
Hard pass on Limitless. I don't care how good the encryption is, sending this kind of thing to anyone's cloud is a nope for me.
It's not clear from your website who you are and where you are based. Given that you want so much personal data, it might be better to put that up front and center to gain some trust.
We wouldn’t be where we are today without our existing customers, so all Rewind Pro subscribers get Limitless Pro for free.
We are shifting our focus to Limitless because we think it’s a better approach to solving the same problems. In fact, we plan to implement many of your favorite Rewind features directly in Limitless.
We are so bullish on Limitless that we decided to change our company name from Rewind to Limitless.
That said, we have no plans to stop supporting Rewind.
You can even use both products side-by-side and decide for yourself which one you like better.
southernplaces7|1 year ago
The ugly thing is that this vast privacy invasion and resell has become so pervasively normalized that even the fucking services which you pay for almost universally sell off to others ad nauseam anything about you that isn't nailed down.
Since this thing offers to give you personalized AI based on everything you see and do in your day, that's some very private, juicy info to resell.
1vuio0pswjnm7|1 year ago
NB. Data/information can be transferred to other entities in ways that not meet the definition of "resell".1
In addition to transfer, there must be limits on _use_. Obviously a "restriction" like, "The company shall be limited to using the data to improve the service" is meaningless. Defeating privacy improves the service.
1. Years ago, when Facebook was responding to the media with the line, "We do not sell your data", they were sharing it for free. Not to mention leaking it. https://themarkup.org/the-breakdown/2021/09/02/what-does-it-...
ActionHank|1 year ago
jrpt|1 year ago
So I think a monthly subscription is the business model, not ads.
primitivesuave|1 year ago
binary132|1 year ago
beaugunderson|1 year ago
bigfudge|1 year ago
Recording and processing audio locally is something I already do. But there's absolutely no way I'm EVER going to trust a startup with this sort of data, any anyone in any serious job would almost certainly be unable to use it for work.
I guess the risk is that someone would sell a crappy pendant that uses the same software, but I still think there's a potential niche here for people who want something that just works.
I'd also purchase the software from the App Store if it was otherwise only available as a non-signed binary.
flax|1 year ago
It doesn't seem like this should actually be that difficult to build an open-source version of, modulo battery-life concerns.
unknown|1 year ago
[deleted]
fictorial|1 year ago
https://news.ycombinator.com/item?id=39441654
sippeangelo|1 year ago
ametrau|1 year ago
NetOpWibby|1 year ago
I sure as hell am NOT subjecting friends and family to being recorded and having those recordings going to some cloud I don't control.
Just this morning I got an email from AT&T about how they regret that my data was leaked but it's not so bad, sign up for this monitoring service. I have no choice but to use certain services. I can choose not to engage with this beautiful product.
NetOpWibby|1 year ago
Yeah, nah.
https://xoxo.zone/@andybaio/112276682288723340
eh9|1 year ago
MKBHD asked his pin what he was looking at, and in the time humane’s pin to take a pic, send it up to the cloud, decide what model is most appropriate, and narrate a really long (possibly hallucinatory) answer; he simply took his phone out and google lens answered correctly with a lot of time to spare.
I know these are first-gen products and the fact that this one would presumably have a much higher degree of context on my personal life might make this better (without speaking to privacy implications). Still, over-reliance on the cloud and the fact that this doesn’t interface with my phone (where most reminders, alarms, messages, etc, happen) is going to make these devices a tough sell.
silverlake|1 year ago
dsiroker|1 year ago
We are so honored this hit the front page of HN!
Here's the video announcement: https://twitter.com/dsiroker/status/1779857843895599383
And timestamps to moments in the video you might be interested in:
0:06 Reveal
0:48 Why Limitless?
1:39 Demo
3:05 Pendant
4:27 Privacy
5:23 Confidential Cloud
6:36 Rewind
7:12 Roadmap
9:25 Vision
janalsncm|1 year ago
If Limitless gets PMF, anyone who puts Whisper into an iPhone app will do what you’re doing basically for free.
Delumine|1 year ago
Also, I do notice that the free version has 10 free hours a month of AI features.
How easy would it be for me to export the recordings, and use it with say Google Gemini Pro for transcribing?
pmx|1 year ago
lostmsu|1 year ago
cakeface|1 year ago
dsiroker|1 year ago
Consent Mode makes it possible for the first time ever to only capture the voice of people who have given consent to be recorded.
It uses voice identification to determine who is speaking and verbal opt-in to make it frictionless to ask for consent.
Here's a direct link to the timestamp of the announcement where we show how Consent Mode works: https://twitter.com/dsiroker/status/1779857843895599383?t=26...
matzf|1 year ago
ravetcofx|1 year ago
pebblesun|1 year ago
htrp|1 year ago
The company formerly known as rewind ai (https://news.ycombinator.com/item?id=33421751) is going all-in on wearable devices up-to and including a label mic/pendant that will plug into a ton of AI services (https://news.ycombinator.com/item?id=37744213).
As a result, they're changing their name to limitless and also moving a ton of stuff off device and into the cloud.
NetOpWibby|1 year ago
iamleppert|1 year ago
Would you rather have someone who when asked a question can answer it on demand or someone who has to go searching for a needle in their haystack of voice / text / LLM summarized notes?
That’s why people take notes. Not to produce text. It seems like every few years a new crop of dictation as a service companies crop up and learn this lesson all over again. Users who can’t be bothered to take their own notes never go back searching through them.
georgehill|1 year ago
https://www.limitless.ai/#privacy
nihaals|1 year ago
[1]: https://help.limitless.ai/en/articles/9130680-privacy-with-l...
Edit: I just tried it. They don't give you encryption keys you need to enter when signing in and the server literally sends you your transcripts with no encryption. Maybe they're including a key somehow derived when signing in with Google/a magic link in the request, but I don't think anything would stop them from just logging API responses even if that was the case. They're definitely not using E2EE. They might just be encrypting at rest and storing their keys in AWS KMS which sounds like false advertising.
dsiroker|1 year ago
You control who can decrypt your data
Your employer, we as software providers, and the government cannot decrypt your data without your permission, even with a subpoena to do so.
Your data is anonymized
There is an initial mapping from your application request to an anonymous ID, but after that, even we don't know whose encrypted data is whose.
Your data will never be sold
Not only do we pledge never to sell your data, but we couldn't even if we wanted to because we can't decrypt it without your permission.
Envelope encryption with unique secret keys
Data keys are used to encrypt your data and are themselves encrypted under a secret key. No one, including us, can export the secret keys.
Tamperproof hardware
Decrypted data is only ever stored in memory (source: <https://docs.aws.amazon.com/kms/latest/cryptographic-details...>), which is protected from tampering by a multi-chip standalone hardware cryptographic appliance (source: <https://csrc.nist.gov/projects/cryptographic-module-validati...>).
Protected from 3rd party AI providers
Data sent to 3rd party AI providers for transcription and summarization is anonymized, not used for training, and deleted after 30 days.
Protected from cloud provider and subpoena
AWS KMS (source: <https://aws.amazon.com/kms/>) uses FIPS 140-2 (source: <https://csrc.nist.gov/CSRC/media/projects/cryptographic-modu...>) validated hardware security modules (HSMs) to ensure no one, including AWS employees, can retrieve your plaintext KMS keys.
Imnimo|1 year ago
PStamatiou|1 year ago
For any designers / front-end folks here, I wrote a thread going over some of the design details on our new homepage: https://twitter.com/Stammy/status/1779860940541808935
littlestymaar|1 year ago
int_19h|1 year ago
Dear god, just watching some of those videos is painful. Like when trying to scroll literally two lines of text on the screen instead highlights them word by word and pops up icons to "illustrate" each word: https://twitter.com/Stammy/status/1779867509388165203. I don't think I've seen a website condescendingly "speaking slow" to a user before...
vezycash|1 year ago
FL410|1 year ago
Hard pass on Limitless. I don't care how good the encryption is, sending this kind of thing to anyone's cloud is a nope for me.
crooked-v|1 year ago
It's not. If you use the meeting summarization or querying features, the text transcripts are sent to OpenAI for LLM processing.
1vuio0pswjnm7|1 year ago
https://web.archive.org/web/20230426201730if_/http://limitle...
cududa|1 year ago
janice1999|1 year ago
unknown|1 year ago
[deleted]
Rebelgecko|1 year ago
dsiroker|1 year ago
We are shifting our focus to Limitless because we think it’s a better approach to solving the same problems. In fact, we plan to implement many of your favorite Rewind features directly in Limitless.
We are so bullish on Limitless that we decided to change our company name from Rewind to Limitless.
That said, we have no plans to stop supporting Rewind.
You can even use both products side-by-side and decide for yourself which one you like better.
Jonovono|1 year ago
eikowagenknecht|1 year ago
„Sorry! Our app is melting due to overwhelming load Error fetching: TypeError: Load failed“
PStamatiou|1 year ago
throwaway888abc|1 year ago
singleshot_|1 year ago
dedalus|1 year ago
bsenftner|1 year ago