Nvidia NemoClaw - Hacker News

Posted by hmokiguess 6 hours ago

146 points | 110 commentspage 2

dmje 2 hours ago|

I think the whole thing is batshit, honestly.

Much as I love using Claude or whatever to help me write some code, it's under some level of oversight, with me as human checking stuff hasn't been changed in some weirdly strange way. As we all know by now, this can be 1. Just weird because the AI slept funny and suddenly decided to do Thing It Has Been Doing Consistently A Totally Different Way Today or 2. Weird because it's plain wrong and a terrible implementation of whatever it was you asked for

It seems blindingly, blindingly obvious to me that EVEN IF I had the MOST TRUSTED secretary that had been with me for 10 years, I'd STILL want to have some input into the content they were interacting with and pushing out into the world with my name on.

The entire "claw" thing seems to be some bizarre "finger in ears, pretend it's all fine" thing where people just haven't thought in the slightest about what is actually going on here. It's incredibly obvious to me that giving unfettered access to your email or calendar or mobile or whatever is a security disaster, no matter what "security context" you pretend it's wrapped up in. A proxy email account is still sending email on your behalf, a proxy calendar is still organising things on your calendar. The irony is that for this thing to be useful, it's got to be ...useful - which means it has at some level to have pretty full access to your stuff.

And... that's a hard no from me, at least right now given what we all know about the state of current agents.

Plus... I'm just not sure of the upside. Am I seriously that busy that I need something to "organise my day" for me? Not really.

elif 2 hours ago|

Then give your agent its own name, its own accounts, and let it push things out without your name.

nzoschke 2 hours ago||

We are in the wild wild west.

I’m looking for feedback, testing and possible security engineering contracts for the approach we are taking at Housecat.com.

The agent accesses everything through a centralized connections proxy. No direct API tokens or access.

This means we can apply additional policies and approval workflows and audit all access.

https://housecat.com/docs/v2/features/connection-hub

Some obvious ones are only grant read and draft permissions at all, and review and send drafts manually.

Some more clever ones are to only allow sending 5 messages a day, or enforcing soft delete patterns. This prevents accidentally spamming everyone or deleting things.

Next up is giving the agent “wrapped” and down scoped tokens you do want to equip it with the ability to do direct API calls. But these still go through the proxy that enforces the policies too.

jrmg 2 hours ago||

It’s amusing that ‘claw’ is sticking around as a term for these kind of things, when it was originally a pretty transparent attempt to avoid infringing on ‘Claude’…

quantium1628 3 hours ago||

counterpoint: this assumes everyone has the same constraints. not always true

the_real_cher 5 hours ago||

what about just using an unprivileged container and mounting a host folder to run open claw?

tucaz 5 hours ago||

OpenClaw is so bad with Docker. I spent hours on it and hit road block after road block trying to get the most basic things working.

The last one was inability to install dependencies on the docker container to enable plugins. The existing scripts and instructions don’t work (at least I couldn’t get them to work. Maybe a me problem).

So I gave up and moved on. What was supposed to be a helpful assistant became a nightmare.

k_bx 5 hours ago|||

Did you try Incus? Gives you VM-like experience in a container

eru 5 hours ago||||

Why not use a VM?

tucaz 1 hour ago|||

Because I have a machine running dozens of apps on Docker and have a solid and stable workflow I want to take advantage of to manage my apps.

amelius 5 hours ago|||

Why not ask an AI?

bicepjai 5 hours ago||||

Same experience. I used Coolify and it was so hard. I wondered why people are so enthralled with this unacceptable UX for setup, only to realize no one cared about Docker and they just got a new Mac mini or used their own system.

bazmattaz 4 hours ago||||

I’m not an engineer and now I realise why I’ve been struggling getting OpenClaw setup in docker. I just can’t get it to work. Makes sense that it needs access to the underlying OS

danhon 4 hours ago|||

Absolutely this. I finally got it working, but the instructions and scripts for setting it up with Docker absolutely do not work.

brightball 5 hours ago|||

I'm curious if people have had success running it on Cloudflare workers. I know there was a lot of hype about that a few weeks ago.

yopojones 4 hours ago|||

Riight, unprivileged lxc/lxd container takes 2s to set up. Thanks NV, sticking with opencode.

liuliu 4 hours ago|||

The problem is that it cannot access your credentials hence useless.

cowpig 4 hours ago||

Containers and VMs are really annoying to work with for these kinds of applications. Things like agent-safehouse and greywall are better imo

yopojones 3 hours ago||

I've honestly found containers a breeze for such use cases. Inference lives on the host, crazy lives in an unpriv'd overlayfs container that I don't mind trashing the root of, and is like nothing in resources to clone, and gives a clean mitm surface via a veth. That said, greywall looks pretty dope!

webagent255 3 hours ago||

[dead]

Heer_J 5 hours ago||

[dead]

benzguo 3 hours ago||

Check out https://zo.computer - we've been doing OpenClaw for nearly a year, it works out of the box, and has hosting built-in. Zo arguably was the inspiration for Peter to create OpenClaw.

chill_ai_guy 3 hours ago||

It's quite sad you are riding the coattails of Openclaw here and on Twitter. You only talk about how you were "first" but never say why you are arguably nowhere near all the competitors in terms of distribution that supposedly copied from you

wahnfrieden 3 hours ago||

Why do you think OpenClaw caught on much faster?

tempoponet 2 hours ago||

OpenClaw had a huge viral marketing campaign. It wasn't a coincidence everyone on twitter was talking about it at the same time suddenly. To its credit, it also executed well enough in a few areas that captured people's imagination. Most of the concepts are ideas people have been toying with for years, though.

quatonion 2 hours ago|

I refuse to install Israeli spyware, even if it comes from NVIDIA.

Jensen saying board rooms all across America are having discussions regarding what their OpenClaw strategy is complete b.s. and comparing it to more important than Linux. What tf is he smoking.

It is a complete security nightmare no matter which way you look at it, especially with side chain attacks like Glassworm in the mix.

Why is this OpenClaw stuff being pushed so hard when it is essentially nothing more than an agentic loop around an LLM call plus a bunch of common tools. Something that Claude Code, or pick your favorite coding agent can knock together for you in an afternoon.

The only purpose to this is garbage to sell tokens to prop up the hype bubble and install a Trojan horse that can collect all your personal data. Everything else is a smokescreen.

Just say no.

Veen 2 hours ago|

What does any of this have to do with Israel?