The security team at my company announced recently that OpenClaw was banned on any company device and could not be used with any company login. Later in an unrelated meeting a non technical executive said they were excited about their new Mac Mini they just bought for OpenClaw. When they were told it was banned they sort of laughed and said that obviously doesn't apply to them. No one said anything back. Why would they? This is an executive team that literally instructed the security team to weaken policies so it could be more accommodating of "this new world we live in."

Those people aren't the same. Those are two ideas that you heard from the internet, and you're imagining it's the same person talking.

Who are these developers that have both been "advocating for best practices" and also "seem to be completely abandoning all of them simply because it’s AI"? Can you point to a dozen blogs/Twitter profiles, or are you just inventing a fictitious "other" to attack?

They aren't. They're the ones who are resisting the all in thing on AI stuff. What you're seeing is over reactive trend followers.

openclaw is the napster of itunes.

people who have been around long enough know that we're currently in the wild west of networked agentic systems. it's an exciting time to build and explore. (just like napster and early digital music.) eventually some big company will come along and pave the cow paths and make everything safe and secure. but the people who will actually deliver that are likely playing with openclaw (and openclaw-like systems) now.

I agree with a lot of the siblings that it's probably not the same people. But for the overlap that probably does exists, I don't think "because it's AI" is their reasoning. If I were to guess, I'd say it's something closer to "exploring the potential of this new thing is worth the risk to me".

> why sane developers who for decades have been advocating for best practices when it comes to security and privacy seem to be completely abandoning all of them

I'm a sane developer. I do not trust AI at all. I built my own personal OpenClaw clone (long before it was even a thing) and ran controlled experiments inside a sandbox. My stack is Elixir, so this is pretty much easy. If an agent didn't actually respect your requirements, it's just as easy as running an iex command to kill that particular task.

In my experience, AI, be it any model - consistently disobeys direct commands. And worse, it consistently tried to cover up its tracks. For example, I will ask it to create a task within my backend. It will tell me it did - for no reason at all, even share me a task ID that never existed. And when asked why it lied, it would actually spin the task up and accuse me of not trusting it.

It doesn't matter which vendor, which model. This behaviour is repeatable across models and vendors. Now, why would I give something like this access to my entire personal and professional life?

To group me and others like me with the clowns doing this is an insult to me and others who have accumulated decades of experience and security best practices and who had nothing to do with OpenClaw.

I'm enthusiastic about AI (it's gone from the 2nd most important thing to happen in my career to tied for first, with the Internet) and I am baffled by OpenClaw.

Lots of developers have been flippant for a long time when it comes to the security of the systems they use and violate best practices on a regular basis, often for convenience. Developer ≠ sensible with personal security.

Was building a claw clone the other day when for debugging I added a bash shell. So I type arbitrary text into a Telegram bot and then it runs it as bash commands on my laptop.

Naturally I was horrified by what I had created.

But suddenly I realized, wait a minute... strictly this is less bad than what I had before, which is the same thing except piped through a LLM!

Funny how that works, subjectively...

(I have it, and all coding agents, running as my "agent" user, which can't touch my files. But I appear to be in the minority, especially on the discord, where it's popular to run it as the main admin user on Windows.)

As for what could go wrong, that is an interesting question. RCE aside, the agentic thing is its own weird security situation. Like people will run it sandboxed in Docker, but then hook it up to all their cloud accounts. Or let it remote control their browser for hours unattended...

https://xkcd.com/1200/

The bar for working security at Meta doesn't seem that high

You must not say his name. If you say it, you will summon him.

Honestly it’s been a breath of fresh air to have most of the gatekeeping in software be removed.

Seems that it was by and large just people wanting to feel important, and holding onto their positions.

Apps need great security, but security can also get out of control. Apps need good abstractions and code hygiene but that too can get out of control.

I’ve fallen in love with programming all of again now that I’m not so tied down by perceived perfection.

Developers with and without devops experience.

It's greed.

[dead]

"ever" is the key word. Like driving, we as humans will cede control, at some point, to AI.

> Why would you ever let a non deterministic program god level access to everything?

If they don't their jobs are going to get replaced by AI