tags:javaandroidaisecure_boot original link: Jailbreaking RabbitOS: Uncovering Secret Logs, and GPL Violations newsletter link: exploits.club Weekly Newsletter 30
Exploits Club Summary:
The Rabbit R1 has been under fire recently for just all around sucking - from a product, technology, and security point of view (the holy trinity!). @David3141593 decided to get in on the fun this week, releasing a post about his efforts in jailbreaking the device. The write-up outlines the hardware and boot process of the R1 before detailing how he broke the root of trust via the USB bootloader mode, which accepts unsigned Download Agents. From there, he could backdoor the device with flashable-android-rootkit and dig into the deviceâs internals. The rest of the post discusses his findings so far, both in terms of data privacy and technical claims from the Rabbit team.