Hacker News new | ask | show | jobs
by maccard 77 days ago
I’m not an openclaw user or a vibe coder but - the use case of OpenClaw is “give me access to all of your data, programs and information, and I will make decisions and do stuff without asking you permission”. It’s the MO of the project. Even if it was perfectly designed, I think it would have more RCEs by the fact that the Venn diagram of use of the app and high risk areas are a perfect circle
2 comments
BeetleB 76 days ago
> the use case of OpenClaw is “give me access to all of your data, programs and information, and I will make decisions and do stuff without asking you permission”. It’s the MO of the project.

You say that, but you also say

> I’m not an openclaw user

Your first statement makes the second one rather obvious.

As I said some weeks ago, I've given up pointing out on HN: "Well, you could just not give it your data" only to be repeatedly told (by non-users) that the whole point is to give it all your data.

And the myth continues...

link
maccard 76 days ago
The openclaw website[0] 's headline paragraph is:

> Clears your inbox, sends emails, manages your calendar, checks you in for flights. > All from WhatsApp, Telegram, or any chat app you already use.

The _entire point_ is "give me access to email, calendar, whatsapp, telegram, and I'll do your admin".

> "Well, you could just not give it your data"

This is the "you're holding it wrong"[1] argument

[0] https://openclaw.ai/.

[1] https://www.engadget.com/2010-06-24-apple-responds-over-ipho...

link
BeetleB 75 days ago
> This is the "you're holding it wrong"[1] argument

But isn't that what you're doing?

Every single submission on HN has threads where people point out how it's useful to them without giving it access to much/any data. What is the benefit of pointing out what the homepage is saying other than to imply that we are holding it wrong?

And what does it say about you that you're going off based on marketing on a website rather than actual, competent tech users who actually weild the tool?

Until recently Gentoo boasted performance as a reason to use it. Yet as someone who's been in the community for over 20 years, I can assure you the majority of users didn't care about the performance and aren't optimizing their builds for it. Who cares what the site says?

link
earnesti 76 days ago
I'm OpenClaw user and I never would do that. You can do with OpenClaw that, but it is definitely not the only use case, and I would argue that not even the one that makes sense overall. Most people want to be careful which decisions you want to outsource and which not, and you can direct the AI to work however you prefer. Personally I have developed some projects with OpenClaw, and it does have very limited permissions.
link