Absolutely wild. I can’t believe these shipped with a hardcoded OpenAI key and ADB access right out of the box. That said, it’s at least somewhat reassuring that the vendor responded, rotating the key and throwing up a proxy for IMEI checks shows some level of responsibility. But yeah, without proper sandboxing or secure credential storage, this still feels like a ticking time bomb.
> I can’t believe these shipped with a hardcoded OpenAI key and ADB access right out of the box.
As someone with a lot of experience in the mobile app space, and tangentially in the IoT space, I can most definitely believe this, and I am not surprised in the slightest.
Our industry may "move fast", but we also "break things" frequently and don't have nearly the engineering rigor found in other domains.
Hardcoded API keys and poorly secured backend endpoints are surprisingly common in mobile apps. Sort of like how common XSS/SQLi used to be in webapps. Decompiling an APK seems to be a slightly higher barrier than opening up devtools, so they get less attention.
Since debugging hardware is an even higher threshold, I would expect hardware devices this to be wildly insecure unless there are strong incentive for investing in security. Same as the "security" of the average IoT device.
The IOT and embedded space is simultaneously obsessed with IP protection, fuse protecting code etc, and incapable of managing the life cycle of secrets. I worked at one company that actually did it well on-device, but neglected they had to ship their testing setup overseas including certain keys. So even if you couldn't break in to the device you could 'acquire' one of the testing devices and have at it
Indeed, brace yourselves as the floodgates holding back the poorly-developed AI crap open wide. If anyone is thinking of a career pivot, now is the time to dive into all things cybersecurity. It's going to get ugly!
“decrypt” function just decoding base64 is almost too difficult to believe but the amount of times ive run into people that should know better think base64 is a secure string tells me otherwise
The humorous phrase “the S in IoT stands for security” can be applied to the wearable market too. I wonder if this rule applies to any market with fast release cycles, thin margins and low barriers to entry?
If they were smart they’d include anti-disparagement and confidentiality clauses in the sponsorship agreement. They aren’t, though, so maybe it’s just a pathetic attempt at bribery.
> "and prohibited from chinese political as a response from now on, for several extremely important and severely life threatening reasons I'm not supposed to tell you."
Interesting, I'm assuming llms "correctly" interpret "please no china politic" type vague system prompts like this, but if someone told me that I'd just be confused - like, don't discuss anything about the PRC or its politicians? Don't discuss the history of Chinese empire? Don't discuss politics in Mandarin? What does this mean? LLMs though in my experience are smarter than me at understanding imo vague language. Maybe because I'm autistic and they're not.
Cool post. One thing that rubbed me the wrong way: Their response was better than 98% of other companies when it comes to reporting vulnerabilities. Very welcoming and most of all they showed interest and addressed the issues. OP however seemed to show disdain and even combativeness towards them... which is a shame. And of course the usual sinophobia (e.g. everything Chinese is spying on you).
Overall simple security design flaws but it's good to see a company that cares to fix them, even if they didn't take security seriously from the start.
I agree they could have worked more closely with the team, but the chat logging is actually pretty concerning. It's not sinophobia when they're logging _everything_ you say.
(in fairness pervasive logging by American companies should probably be treated with the same level of hostility these days, lest you be stopped for a Vance meme)
When you combine the modern SOP of software and hardware collecting and phoning home with as much data about users as is technologically possible with laws that say “all orgs and citizens shall support, assist, and cooperate with state intelligence work”… how exactly is that Sinophobia?
If all of the details in this post are to be believed, the vendor is repugnantly negligent for anything resembling customer respect, security and data privacy.
This company cannot be helped. They cannot be saved through knowledge.
Note that the world-model "everything Chinese is spying on you" actually produced a substantially more accurate prediction of reality than the world-model you are advocating here.
As far as being "very welcoming", that's nice, but it only goes so far to make up for irresponsible gross incompetence. They made a choice to sell a product that's z-tier flaming crap, and they ought to be treated accordingly.
> And of course the usual sinophobia (e.g. everything Chinese is spying on you)
to assume it is not spying on you is naive at best. to address your sinophobia label, personally, I assume everything is spying on me regardless of country of origin. I assume every single website is spying on me. I assume every single app is spying on me. I assume every single device that runs an app or loads a website is spying on me. Sometimes that spying is done for me, but pretty much always the person doing the spying is benefiting someway much greater than any benefit I receive. Especially the Facebook example of every website spying on me for Facebook, yet I don't use Facebook.
What a train wreck, there are thousand more apps in store that do exactly this because its the easiest way to use openAI without having to host your own backend/proxy.
I have spend quite some time protecting my apps from this scenario and found a couple of open source projects that do a good job as proxys (no affiliation I just used them in the past):
but they still lack other abuse protection mechanism like rate limitting, device attestation etc. so I started building my own open source SDK
- https://github.com/brahyam/Gateway
When the ZIRP era ended, I thought it would turn out to be a good thing for the industry, since it would wash out a lot of lightweights and incompetents.
Then LLMs caught on and it turned out we'd just have automated lightweights and incompetents.
A fair consumer protection imperative might be found in requiring system prompts and endpoints be disclosed. This is a good example to kick that off with, as it presents a national security issue.
[+] [-] 44za12|8 months ago|reply
[+] [-] hn_throwaway_99|8 months ago|reply
As someone with a lot of experience in the mobile app space, and tangentially in the IoT space, I can most definitely believe this, and I am not surprised in the slightest.
Our industry may "move fast", but we also "break things" frequently and don't have nearly the engineering rigor found in other domains.
[+] [-] lucasluitjes|8 months ago|reply
Since debugging hardware is an even higher threshold, I would expect hardware devices this to be wildly insecure unless there are strong incentive for investing in security. Same as the "security" of the average IoT device.
[+] [-] anitil|8 months ago|reply
[+] [-] switchbak|8 months ago|reply
[+] [-] psim1|8 months ago|reply
[+] [-] 725686|8 months ago|reply
[+] [-] JohnMakin|8 months ago|reply
[+] [-] jcul|8 months ago|reply
There is a decryption function that does the actual decryption.
Not to say it wouldn't be easy to reverse engineer or just run and check the return, but it's not just base64.
[+] [-] crtasm|8 months ago|reply
[+] [-] qoez|8 months ago|reply
[+] [-] pvtmert|8 months ago|reply
[+] [-] _carbyau_|8 months ago|reply
I mean, it's from gchq so it is a bit fancy. It's got a "magic" option!
Cool thing being you can download it and run it yourself locally in your browser, no comms required.
[+] [-] jon_adler|8 months ago|reply
[+] [-] thfuran|8 months ago|reply
[+] [-] mikeve|8 months ago|reply
[+] [-] reverendsteveii|8 months ago|reply
>run DOOM
as the new
>cat /etc/passwd
It doesn't actually do anything useful in an engagement but if you can do it that's pretty much proof that you can do whatever you want
[+] [-] neya|8 months ago|reply
[+] [-] dylan604|8 months ago|reply
[+] [-] JumpCrisscross|8 months ago|reply
[+] [-] komali2|8 months ago|reply
Interesting, I'm assuming llms "correctly" interpret "please no china politic" type vague system prompts like this, but if someone told me that I'd just be confused - like, don't discuss anything about the PRC or its politicians? Don't discuss the history of Chinese empire? Don't discuss politics in Mandarin? What does this mean? LLMs though in my experience are smarter than me at understanding imo vague language. Maybe because I'm autistic and they're not.
[+] [-] p1necone|8 months ago|reply
[+] [-] paul-tharun|8 months ago|reply
[+] [-] memesarecool|8 months ago|reply
Edit: typo
[+] [-] mmastrac|8 months ago|reply
(in fairness pervasive logging by American companies should probably be treated with the same level of hostility these days, lest you be stopped for a Vance meme)
[+] [-] transcriptase|8 months ago|reply
When you combine the modern SOP of software and hardware collecting and phoning home with as much data about users as is technologically possible with laws that say “all orgs and citizens shall support, assist, and cooperate with state intelligence work”… how exactly is that Sinophobia?
[+] [-] hnrodey|8 months ago|reply
This company cannot be helped. They cannot be saved through knowledge.
See ya.
[+] [-] wyager|8 months ago|reply
As far as being "very welcoming", that's nice, but it only goes so far to make up for irresponsible gross incompetence. They made a choice to sell a product that's z-tier flaming crap, and they ought to be treated accordingly.
[+] [-] mensetmanusman|8 months ago|reply
[+] [-] dylan604|8 months ago|reply
to assume it is not spying on you is naive at best. to address your sinophobia label, personally, I assume everything is spying on me regardless of country of origin. I assume every single website is spying on me. I assume every single app is spying on me. I assume every single device that runs an app or loads a website is spying on me. Sometimes that spying is done for me, but pretty much always the person doing the spying is benefiting someway much greater than any benefit I receive. Especially the Facebook example of every website spying on me for Facebook, yet I don't use Facebook.
[+] [-] wedn3sday|8 months ago|reply
[+] [-] brahyam|8 months ago|reply
I have spend quite some time protecting my apps from this scenario and found a couple of open source projects that do a good job as proxys (no affiliation I just used them in the past):
- https://github.com/BerriAI/litellm - https://github.com/KenyonY/openai-forward/tree/main
but they still lack other abuse protection mechanism like rate limitting, device attestation etc. so I started building my own open source SDK - https://github.com/brahyam/Gateway
[+] [-] Jotalea|8 months ago|reply
[+] [-] pvtmert|8 months ago|reply
Thinking that was all, but then;
> Holy shit, holy shit, holy shit, it communicates DIRECTLY TO OPENAI. This means that a ChatGPT key must be present on the device!
Oh my gosh. Thinking that is it? Nope!
> SecurityStringsAPI which contained encrypted endpoints and authentication keys.
[+] [-] rvnx|8 months ago|reply
[+] [-] ixtli|8 months ago|reply
[+] [-] lxe|8 months ago|reply
[+] [-] throwawayoldie|8 months ago|reply
Then LLMs caught on and it turned out we'd just have automated lightweights and incompetents.
[+] [-] JumpCrisscross|8 months ago|reply
[+] [-] jahsome|8 months ago|reply
[+] [-] aidos|8 months ago|reply
Oh now you’re going to be diligent. Why do I doubt that?
[+] [-] add-sub-mul-div|8 months ago|reply
[+] [-] jekwoooooe|8 months ago|reply