Hacking the Humane AI Pin
23 comments
·October 8, 2025kjellsbells
I'm strangely comforted by the fact that OP had to work so hard to get in.
I was expecting that the pin software would be IoT-standard terrible, so it was a pleasant surprise to see that the Humane team did their best to use SELinux and lock it down.
No knock on them for not getting it 100% right here, and besides, it's always been the case that once an attacker has physical access they will eventually get in.
philipwhiuk
Using a vulnerability not found until after the software stopped being maintained feels a bit like cheating :)
agg23
It would, but the vulnerability was found and patched in mainline Android a few months after the device came out, but with over half a year until support was dropped. We obviously can't expect them to have kept the OS up to date, especially given the pressure they were under, but applying security patches seems very reasonable.
agg23
I definitely agree. Humane cared about physical device security a lot and it really shows with how they built out the firmware.
jkestner
Best of all, their security through obscurity.
vayup
Me too. Kudos to the team.
elysianPanel2
When it takes a ninja-level hacker to break in, at least they tried harder than most IoT companies.
bko
A bit off topic perhaps but what's difficult about making this a product? Please forgive my ignorance. Its just a microphone, speaker, could be a Bluetooth controller and a battery, and have it go through your phone. Maybe a small local neural net to monitor for keyword locally.
I guess it's a few more parts if you don't want it to go through your phone, but is that all that's happening here? What am I missing?
Is the hard part just the size? Or battery efficiency? Seems like all stuff i have in my drawer from messing around w raspberry pis over the last ten years
agg23
This is something you can accomplish very easily in a ESP32 form factor, streaming audio over wifi/bluetooth. However, it doesn't fully deliver the same experience; the goal was for it to replace your phone, so it needs to support a lot more functionality such as data persistence, offline support, notifications, cellular, maybe some form of visual IO (the laser projector), etc.
From my perspective I was just interested in the excellent industrial design, which is something that is virtually impossible for a DIY setup to attain.
duskwuff
> From my perspective I was just interested in the excellent industrial design
Debatable. The pin ran hot and had a short battery life, often less than a day even with the extended battery. The magnetic attachment was fiddly to use, and some users had trouble with it not staying put. The laser projector had serious usability problems - it wasn't very bright or clear, and interacting with the projected image (which was required to unlock the device, among other features) was extremely awkward.
One can argue that some of these are implementation issues, but working within the limitations of available technology is an inextricable part of industrial design. Dreaming up a perfect fantasy device is easy; designing one which can actually be implemented is much harder.
bobsmooth
It's got a nifty laser projector, that's it. It could be a smartphone app.
buildbot
Wow, there’s so many levels of investigation and depth to getting this device opened. The short section on the eSIM seems like a story in of itself!
Somewhat incredible people have this much dedicated focus.
vessenes
Ooh, this is cool. The Humane was a cool form factor, and I always thought that hand laser projection thing looked awesome. Upshot is the author is a ninja and is building an open assistant platform on the pin, which first requires that the old pins be jailbroken. Significant (successful) effort ensues.
edm0nd
They are cool but both Humane pin and the Rabbit R1 products were largely flops and failures. I do hope in the next 10-20 years this same tech will advance and actually work and be cool.
Gigachad
The actual idea itself seems flawed rather than just the implementation. Ordering an uber on your phone and seeing where it is on the map is always going to be easier than trying to do it through voice and a hand projector.
And the rabbit was just an android app bundled with a low end phone.
SpecialistK
I agree. It looked like a solution in search of a problem.
Which is very common when everyone has big hires screens and oodles of compute power in their pocket. What can a new entrant offer which couldn't be an app?
mattnewton
I guess I just don’t see the appeal over a smartphone. How often are your hands incapacitated where it warrants all the other advantages of that form factor? And the R1 form factor largely didn’t even have that advantage.
bobxmax
[dead]
jkestner
Smartphones exploded when devs were given a bunch of cool new I/O followed by rapid cost reduction. Shame that the startups doing the cool hardware don’t do that… can’t say it’s the funding. They sure had enough.
touchscreenstho
Smartphones exploded because they introduced a new, better form of input to the general market. Most use cases do NOT require fine precision of input, so buttons were unnecessary, and the market had already tried both few and many buttons. Smart on-screen keyboards and an UI entirely controllable with touch was a revolution people don't want to come back from until they DO need that precision, which is why gaming accessories like the bone exist, but are a niche.
A projector is none of that. A projector is a gimmick. The projector could cost $5 and it would still fail to capture an audience if it wasn't just a side-feature on a more conventional phone.
null
aftbit
Wow this is such a cool hack. It seemed like a simple "known vuln" situation but there was so much more that had to be figured out! I wish I had one of these just to play with the open stack.
Sometimes the best treasures are found in failed products, it's like getting a $700 AI pin for $300 and a lot of weekend hacking fun