[dang]

[stub for offtopicness and general piling-on behavior, which we don't want on this site]

[[attacking project creators when they show up to discuss their work is particularly harmful; please don't ever do that here]]

[[[if you posted any of these, we'd appreciate it if you'd please review https://news.ycombinator.com/newsguidelines.html and stick to the rules from now on]]]

[rybosome]

[flagged]

[dang]

Please make your substantive points without crossing into personal attack. Your comment would be fine but for the paragraph in the middle where it does that.

https://news.ycombinator.com/newsguidelines.html

[rybosome]

Understood, thanks.

[dang]

Appreciated!

[plestik]

[flagged]

[tomhow]

We detached this subthread from https://news.ycombinator.com/item?id=47629849 and marked it off-topic.

[plestik]

Why?

[tomhow]

It breaks several guidelines:

Be kind. Don't be snarky. Converse curiously; don't cross-examine. Edit out swipes.

Comments should get more thoughtful and substantive, not less, as a topic gets more divisive.

Please don't fulminate. Please don't sneer.

Please don't post shallow dismissals, especially of other people's work. A good critical comment teaches us something.

The guidelines still apply, even if you feel negatively towards a project and its creator. Indeed it's even more important to make the effort to heed the guidelines for topics you feel negatively towards (after all, it's easy to be respectful about things we feel positively towards).

https://news.ycombinator.com/newsguidelines.html

[plestik]

Thanks for explaining, is this mostly about replying directly to the person involved in the project? Compared to e.g. a comment in a thread about OpenClaw without replying directly to the creator? Just trying to figure out where the line is, I do think snark is a valid form of criticism sometimes but it's your house after all.

[tomhow]

That comment would be a guidelines breach on HN, whether or not it was in reply to the project creator. It gives off just the kind of negativity that HN has always aimed to avoid. Even if we don't always succeed in avoiding it, the guidelines represent an ideal that we work to uphold every day.

> Just trying to figure out where the line is

It's not really about a line, it's about the qualitative style of discussion we’re here for. HN is for people who like to build things and work on interesting new projects, and have curious conversations about what they're building. Projects that are new and built in different ways than what has come before will always be easy to criticise from a position of conformity to historical conventions, but if we all thought that way, nothing new would ever be built.

> I do think snark is a valid form of criticism sometimes

Not on HN. Thoughtful criticism is fine, and the very first two words of the “In Comments” section of the guidelines are “be kind”.

> but it's your house after all

That's not how we think about it. We’re custodians of this place and our role is to keep it a healthy place for discussion among intellectually curious hackers. It takes daily work and effort to uphold the guidelines and keep the standards up so that it doesn’t become the hellscape of negativity that it's often stereotyped as being.

[inetknght]

> There used to be a time where people who shipped CVEs took accountability.

I see you haven't heard of Microsoft...

[orsorna]

[flagged]

[ua709]

What time was that and who do we get to blame for Log4j?

[lp0_on_fire]

Have you met these AI companies yet?

[rob]

[flagged]

[rdtsc]

- "OpenClaw, read the code"

- "You're absolutely right. One should read and understand their own code. I did, and it looks great"

[TZubiri]

I'm critical of OpenClaw and even the author to some extent, but I prefer to have nuanced and compartmentalized conversations, on a thread about a specific vulnerability, it's much more productive to talk about the specific vulnerability rather than OpenClaw as a whole. Otherwise we would only have generic OpenClaw conversations and we would only be saying the same thing.

[maxbond]

The comment could have been more substantive but it isn't generic or tangential. Discussing a vulnerability ultimately means discussing the failures of process that allowed it to be shipped. Especially with these application-level logic bugs that static analyzers can't generally find, the most productive outcome (after the vulnerability is fixed) is to discuss what process changes we can make to avoid shipping the next vulnerability. I'm sure there's hardening that can be done in OpenClaw but the premise of OpenClaw is to integrate many different services - it has a really large attack surface, only so much can be done to mitigate that, so it's critical to create code review processes that catch these issues.

OpenClaw is probably entering a phase of it's life where prototype-grade YOLO processes (like what the tweet describes) aren't going to cut it anymore. That's not really a criticism, the product's success has over vaulted it's maturity, which is a fortunate problem to have.

[bigstrat2003]

If you're running OpenClaw, you already threw security and reliability out the window by running LLMs on the command line. It's a bit late to start worrying now.

[sbochins]

[flagged]

[dang]

Please don't cross into personal attack. It destroys what this site is for, and you can always make your substantive points without it.

https://news.ycombinator.com/newsguidelines.html

[croes]

Didn‘t know that pointing out a lack of accountability is seen as personal attack.

Who wants the fame must also take the blame.

Especially if they create a dangerous tool.

[dang]

We don't want mobs on HN. There was very clearly a mob dynamic happening in the replies.

Edit: there was another case of this recently:

https://news.ycombinator.com/item?id=47576107

https://news.ycombinator.com/item?id=47576084

The point is that mob dynamics do more damage to the community than the threads add value, and protecting the community has to be the high-order bit.

[pym4n]

Guys, OpenClaw is a toy, that's it!