I think the reason why some people really like things like OpenClaw is just because of the fact that they seem ... liberating in a way. The idea of you being able to have your own interface, commands, and automations, all customised, open, running on your own systems ... it's like a dream. It's also simply _impossible_ using the current incentives in society (which will probably start abusing DRM APIs to prevent you from automating screen taps and stuff), and just so absurdly dangerous ...

Part of it just sounds like returning to the pre-computer era where instead of opening the Wealthsimple app to check your balance, you ask a friendly teller your balance and ask them to make a transfer for you. It would be amazing if that actually was possible again today, but with the current technology we have it's just absolutely not the case.

One prompt injection in one Interac transaction description and that's it, you're out of money.

@pojntfx Reminds me of us nerds installing Linux then spending weeks tweaking our WMs, shells and editor configs...

@buherator Kind of? I don't know. There is a way to make Linux systems reasonably secure. There is no currently known way to make something like OpenClaw secure due to fundamental limitations around prompt injection.

@pojntfx No doubt about that! I just think you revealed a very relatable human desire in the works here.

@pojntfx I kind of see both sides of this.

My engineering friends all immediately recognize the incredible security threat vector this provides. They also know what's available and how to do some of this stuff themselves. Just run n8n with the appropriate plugins. For them this is a bad trade-off.

But if you don't have that background, this whole thing can seem like absolute magic. You finally have this tool that just listens to your instructions and (mostly) does the thing. That's unimaginable power that was previously gate kept by those expensive software engineers. That's incredibly addictive!

I think the end result is going to be somewhere in between. I think the promise of a true personal assistant, of a tool working for you, is so fundamentally important. People will struggle to sort out security issues, but they will want this enough to make it happen. It may not be OpenClaw, but it will be something.

@gatesvp Yup yup, I agree with you. I wonder what the interfaces for this will eventually look like. If you could somehow mask all user-generated input for example and then do basic string checks and stuff on them w/o ever revealing their results you could in theory make something like this reasonably secure.

But I just don't see why any service provider - like say a bank or Amazon - would ever opt into this being an option. Being an API provider _sucks_ as a business model.

@gatesvp Maybe homorphic encryption for all user-generated data and a set of Wasm functions to operate on said data in a way that only checks for something to be true/false/a number, never a string could work for example?