Posted by pelario 1 day ago
Presented as originally written:
"There's about 1 Million things people want me to do, I don't have a magical team that verifies user generated content. Can shut it down or people us their brain when finding skills."
UI is perfect for 'vote' manipulation. That is download your own plugin hundreds of times to get it to the top. Make it look popular.
No way to share to other that the plugin is risky.
Empowers users to do dangerous things they don't understand.
Users are apt to have things like API keys and important documents on computer.
Gold rush for attackers here.
However it seems OpenClaw had quite a lot of security issues, to the point of even running it in a VM makes me uncomfortable, but also I tried anyway, and my computer is too old and slow to run MacOS inside of MacOS.
So are the other options? I saw one person say maybe it’s possible to roll your own with MCP? Looking for honest advice.
Feeding in untrusted input from a support desk and then actioning it, in a fully automated way, is a recipe for business-killing disaster. It's the tech equivalent of the 'CEO' asking you to buy apple gift cards for them except this time you can get it to do things that first line support wouldn't be able to make sense of.
This is horrifying.
Edit: https://docs.openclaw.ai/skills doesn't work for me
How do you get the mindset to develop such applications? Do you have to play League of Legends for 8 hours per day as a teenager?
Do you have to be a crypto bro who lost money on MtGox?
People in the AI space seem literally mentally ill. How does one acquire the skills (pun intended) to participate in the madness?
Think about the worst thing your project could do, and remind yourself you'd still be okay if that happened in the wild and people would probably forget about it soon anyway.
Stop reading books. Really, stop reading everything except blog posts on HackerNews. Start watching Youtube videos and Instagram shorts. Alienate people you have in-person relationships with.
Pft, that is amateur-level. The _real_ 10x vibecoders exclusively read posts on LinkedIn.
(Opened up LinkedIn lately? Everyone on it seems to have gone completely insane. The average LinkedIn-er seems to be just this side of openly worshipping Roko's Basilisk.)
Why is isolation between applications not in place by default? Backwards compatibility is not more important than this. Operating systems are supposed to get in the way of things like this and help us run our programs securely. Operating systems are not supposed to freely allow this to happen without user intervention which explicitly allows this to happen.
Why are we even remotely happy with our current operating systems when things like this, and ransomware, are possible by default?
This question has been answered a million times, and thousands of times on HN alone.
Because in a desktop operating system the vast majority of people using their computer want to open files, they do that so applications can share information.
>Why is isolation between applications not in place by default?
This is mostly how phones work. The thing is the phone OS makes for a sucky platform for getting things done.
> Operating systems are supposed to get in the way
Operating systems that get in the way get one of two things. All their security settings disabled by the user (See Windows Vista) or not used by users.
Security and usage are at odds with each other. You have locks on your house right? Do you have locks on each of your cabinets? Your refrigerator? Your sock drawer?
Again, phones are one of the non-legacy places where there is far more security and files are kept in applications for the most part, bug they make terrible development platforms.
Plan 9 did this and that kernel is 50k lines of code. and I can bind any part of any attached filesystem I want into a location that any running application has access to, so if any program only has access to a single folder of its own by default, I can still access files from other applications, but I have to opt into that by making those files available via mounting them into the folder of the application I want to be able to access them.
I am not saying that Plan9 is usable by normal people, but I am saying that it's possible to have a system which is secure, usable, not a phone, and easy to develop on (as everything a developer needs can be set up easily by that developer.)
So yea, developers are the worst when it comes to security. You put up a few walls and the next thing you know the developer is settings access to ., I know, I make a living cleaning up their messes.
I mean, people leave their cars unlocked and their keys in them FFS. Thinking we're going to suddenly teach more than a handful of security experts operating system security abstractions just has not been what has been occurring. Our lazy monkey brains reach for the easy button first unless someone is pointing a gun at us.
everyone who is NOT a developer is now protected by the operating system in a situation like this, and developers that are not, are unprotected by their own hand, instead of being unprotected via the decision of an OS vendor.
By the way, the entire "not protected" situation that you claim developers would put themselves in, is the exact situation that everyone is in today, with very little choice to opt out of that situation.
I want people to opt in to the insecure situation, and opt out of the secure situation, not the reverse, which is the case today. Ransomware can encrypt an entire disk because the OS has no notion that full disk access is bad, or that self-escalation to privileged access should not be granted automatically. MacOS kinda does these things, but not to the point I want to see them done. Not at all.
an OS that isolates everything renders containers completely moot. everything a container does should be provided by default by the operating system, and operating systems that don't provide this should be considered too immature to be useful in any production setting, either by business or by consumers. isolation by default should be table stakes for any OS to even come up for consideration by anyone for any reason.
And you're saying that this shouldn't happen because some developers who don't understand security will make their system look just like wide-open systems today? Come on.
You have a strange reversal of causality here.
I'm not saying what should or shouldn't happen.
I am describing what has or has not happened.
I am saying that 'insecure' operating systems dominate the market and can be found everywhere.
I need you to explain to me why secure operating systems are somehow going to get users to move from what they are on to your magical platform?
There is no security police that is writing this secure operating system you're talking about, no one to point guns at them and make people use it. No long line of volunteers open sourcing code to make this secure operating system either.
You're describing an OUGHT, I'm describing an IS.
I do? You're apparently saying that this shouldn't happen because some people will undermine it. Yes, some people will undermine it. Why would you mention that if not to counter my point that security should be the default? Are you now claiming that it's an unrelated fact?
me: Operating systems should be secure, and I'm mad that they're not.
you: people are going to turn that security off
me: so what? it's still more secure than the state of things today
you: hey, i'm just stating a fact, all of the burden is on you, not me. you're wishing and i'm saying facts, which is why you're wrong and i'm right in all things, past, present, and future. things are the way they are and nothing can ever change them because the people who want change can't describe the entire exact path the change will take before making the first step.
me: you are not arguing with logic, therefore i am done talking to you.
Either the agent needs to be a superuser, with all the attendant risks... or you go the Windows Vista route and constantly prompt users to approve every single access need, which we've all seen how that turns out.
Oh, and by the way, now we'd like to make all written text treated as executable instructions by a tool that needs access to pretty much everything in order to perform its function.
Ransomware and `rm` would like to argue with you. lots of damage can be done to a file without the ability to execute that file.
There is no reason that a system can't be created which has it all. That's the beauty of software, you can create your own reality. The solution just needs to be found, and it will never be found by looking for ways to adapt our current operating systems. This needs to be something new, and it needs to look unlike what operating systems look like today. That doesn't mean it can't exist, it just means that it hasn't been invented, yet.
In Plan 9, everything is exposed as files and every process gets its own namespace. The namespace thing is important, because you can easily launch a new window, configure its namespace to remove or add arbitrary filesystem paths from or to it, lock that namespace to prevent changes, then launch programs which inherit that namespace. Those programs can then only see what you gave them permission to see. So you can completely control what parts of the hardware and filesystem that the namespace can see and use.
The only thing it lacks is per-namespace memory isolation; it currently only has per-user memory isolation, so programs running as me can read the RAM of other programs running as me if I don't opt out of that.
Something like this could be made a little more user friendly and we'd have a secure-by-default operating system. It could even run existing programs if we wanted it to do that.