Hacking the Humane AI Pin
8 days ago
- #hacking
- #android
- #reverse-engineering
- Humane announced the shutdown of its Ai Pin services on February 18, 2025, following a sale to HP.
- The author acquired multiple Ai Pins but was unable to activate them due to server shutdowns, leaving them stuck on onboarding screens.
- A community effort, 'reHumane,' formed to preserve the Ai Pin's functionality after the official shutdown.
- The author developed a method to connect the Ai Pin to a computer using custom-designed interposers for its small USB 2.0 pads.
- Leaked APKs provided insight into the Ai Pin's Android-based system, aiding reverse-engineering efforts.
- An anonymous message provided an ADB private key, granting the author and others ADB access to the Ai Pin.
- The author explored SELinux restrictions on the Ai Pin, which limited communication between apps and system services.
- A vulnerability (CVE-2024-31317) was identified and exploited to gain elevated system permissions on the Ai Pin.
- The exploit involved manipulating global settings and carefully timing process spawns to bypass security measures.
- The author developed 'pinitd,' an init system to manage privileged processes and maintain functionality after reboots.
- A bridge architecture was created to facilitate communication between restricted apps and system services.
- The author successfully activated an eSIM on the Ai Pin by exploiting permissions and patching bugs in Humane's LPA implementation.
- The project culminated in a functional, albeit hacked, Ai Pin environment, enabling further development and experimentation.