OpenClaw opens a wide attack surface on your digital life that cannot be remediated so long as hallucinations and prompt injection remain unsolved problems. Anything built on top of it is equally insecure and probably even more insecure.
I really don't want to yuck anybody's yums or step on dev work that I had nothing to do with, because I've been there and I know it sucks, but OpenClaw is barely secure enough to even play with in a sandbox. Giving it private information about your real business and real business contacts feels like an absolutely insane thing to do.
At best OpenClaw is like a toy... if the toy was a gun and it shot real bullets. This feels like playing Russian roulette with your livelihood.
I cannot fucking believe people are letting it remote start their cars and control their garage door. Nevermind ovens. All things people have done and posted about.
As someone that has worked in the automotive space, an enormous amount of regulation and effort is spent making sure you cannot do something like forgetfully remote start the car with your garage door closed and gas yourself. Nevermind securing it so that others cannot do this to you.
And these people are plugging it into ... this, which will happily go "oh, the car turned off after 15 minutes, let me turn it back on!"
There are realistic odds that someone is rotting in their house while their lobster pays the bills and writes blog posts for them.
I like the idea of OpenClaw a lot, it's a technology that I would want in my life. But in it's current form it's kinda chilling and I cannot see it become safe to use anytime soon.
It seems to me many infosec best practices that have been built over decades have been forgot in the last few months like nothing happened. People really do give this kind of software full system access, plus access to their emails, their private chats, most likely their passwords too and who knows what else via plugins. I couldn't really imagine this happening one year ago.
I'm 100% confident that any state actor and cybercrime groups are currently heavily focusing their research on these tools. You compromise the right person and you can access all kind of critical information, it would basically be the same as having some remote control software on their system with full permissions.
And everyone on the hype train seems to be absolutely unaware of this. Maybe I'm missing something, but all of this feels so odd to me.
I think a lot of them are aware of it, but also grifters, and hoping to profit off of it before the bomb goes off so that they can claim ignorance and escape blame. New and powerful thing that people don't fully understand becomes fertile ground for grifters to sew their sins. Like when Marie Curie discovered radium and everyone and their mother started forcing it into products, including toothpaste and "medicine", within like 5-10 years.
This rings so true. Software Engineering should have stricter bar similar to med professionals. If we have leaked such lousy products and the public crowd thinks this is usable, it's a failure of the industry as a whole.
>> Software Engineering should have stricter bar similar to med professionals.
This is a month-old project by someone how has been suckling at the YC teat of release as early as possible; #YOLO. There's no "engineering" here.
> so long as hallucinations and prompt injection remain unsolved problems
Aren't hallucinations mathematically impossible to be _solved_? Cannot believe how so many people just willy nilly give everything they have to a lying parrot.