>As long as it can achieve what it advertises, who cares how the backend looks?
so if I pump out enough advertising, you're going to give me the usernames, passwords, and active sessions for your accounts to me?
I need to log out of this thread asap. I thought the defenses of Ai Pin were going to drive me nuts, I need to preserve some sanity. Has everyone lost their minds? Are tons of people here working for equally scummy, shoddy, if not scammy, startups? Seriously, what the hell.
I mean this in all seriousness, have you used Oauth with google/facebook or the like to login and register with online services? Why not? Have you put passwords into a password manager? Why?
Did you give Uber or Lift your credit card number? What if they were a scam?
I say this also thinking rabbit R1 is a pointless product that based on hype that nobody should buy. However, I can see why people might think it reasonable to give their AI assistant a bunch of personal information. For the same reason people have trusted google with health data.
> have you used Oauth with google/facebook or the like to login and register with online services?
No, I don't use federated login anywhere. I can show you my Google account. The only place I've compromised is Tailscale, and I plan to replace that imminently. And frankly I consider it lazy of them to not support email, especially since google.com accounts are single-tenant anyway. And tailscale never sees my password, never has raw access to my entire damn account, etc, etc.
Also, besides, federated login or delegated access, sure, OAuth is great, I wouldn't have commented in this thread if they were using it. Typing my raw creds into a [redacted] VNC session is not comparable.
>Did you give Uber or Lift your credit card number? What if they were a scam?
I call my credit card company. They reverse the charge, and ding the merchant. My life goes on. Takes a shockingly small amount of time.
If I found out that Android was eavesdropping my Spotify credentials, I'd be just as stupified, yes.
If I found that Android built in some Spotify integration that worked by stealing my active session cookies to do some backdoor integration with it, and billed it as some future AI smart service, I'd find it equally g-d absurd, yes.
Do I think that me logging into the Spotify app, in Android, and it exchanging those credentials for an app-internal access token is the same as a server hijacking my session? No, not really, I don't.
That's what's so damn brazen and shoddy about this. SPOTIFY HAS OAUTH.
I have no idea what you are trying to say. The device works by running apps for Spotify, Uber etc. in a VM and logging you into it. They say it right on their homepage. If you don't trust it, sure don't buy it. That's your own decision, but doesn't make them any more right or wrong.
I'm saying it's shoddy, and scammy, and I can't believe anyone would lift a finger to defend this type of product, engineering, or actively training people to get phished. Hope that clarifies.
Well, I actually don't. I only use hardware from companies that I have a semblance of trust in, and I certainly don't run around entering my Spotify or Uber password into other services.
so if I pump out enough advertising, you're going to give me the usernames, passwords, and active sessions for your accounts to me?
I need to log out of this thread asap. I thought the defenses of Ai Pin were going to drive me nuts, I need to preserve some sanity. Has everyone lost their minds? Are tons of people here working for equally scummy, shoddy, if not scammy, startups? Seriously, what the hell.