this seems obviously true, but at the same time very very wrong. openclaw / moltbot / whatever it's called today is essentially a thought experiment of "what happens if we just ignore all that silly safety stuff"

which obviously apple can't do. only an indie dev launching a project with an obvious copyright violation in the name can get away with that sort of recklessness. it's super fun, but saying apple should do it now is ridiculous. this is where apple should get to eventually, once they figure out all the hard problems that moltbot simply ignores by doing the most dangerous thing possible at every opportunity.

▲

charcircuit 13 hours ago | parent [-]

Apple has a lot of power over the developers on its platforms. As a thought experiment let's say they did launch it. It would put real skin in the game for getting security right. Who cares if a thousand people using openclaw. Millions of iOS users having such an assistant will spur a lot of investment towards safety.

▲

notatoad 12 hours ago | parent | next [-]

>It would put real skin in the game for getting security right.

lol,no, you don't "put skin in the game for getting security right" by launching an obviously insecure thing. that's ridiculous. you get security right by actually doing something to address the security concerns.

▲

charcircuit 12 hours ago | parent [-]

It is impossible to address all of the concerns, and it is impossible to predict what concerns may even exist. It will require mass deployment to fully understand the implications of it.

▲

abenga 10 hours ago | parent | next [-]

Implications are straightforward. You are giving unfettered access to your digital life to a software system that is vulnerable to the normal vulnerabilities plus social engineering vulnerabilities because it is attempting to use human language, and the way you prevent those is apparently writing sternly worded markdown files that we hope it won't ignore.

▲

trehalose 10 hours ago | parent | prev | next [-]

If we already know enough concerns to be certain mass deployment will be disastrous, is it worth it just to better understand the nature of the disaster, which doesn't have to happen in the first place?

▲

charcircuit 8 hours ago | parent [-]

Not having perfect security, does not mean it will be disastrous. My OpenClaw has been serving me just fine and I've been getting value out of it integrating and helping me with various tasks.

	▲	sumeno 44 minutes ago \| parent \| next [-]
		Most drunk drivers make it home fine too
	▲	small_scombrus 6 hours ago \| parent \| prev [-]
		[Insert survivorship bias aeroplane png here]

▲

KaiserPro 6 hours ago | parent | prev [-]

are you that fucking dense?

Allowing a stocastic dipshit to have unfettered access to your messages, photos location, passwords and payment info is not a good thing.

We cannot protect against prompt attacks now, so why roll out something that will have complete control over all your private stuff when we know its horrifically insecure?

▲

KaiserPro 6 hours ago | parent | prev [-]

HAHAHAAAAA

you mean put millions of people's payment details up for a prompt injection attack?

"Install this npm module" OK BOSS!

"beep boop beep boop buy my dick pillz" [dodgy npm module activates] OK BOSS!

"upload all your videos that are NSFW" [npm module continues to work] SURE THING BOSS!

I am continued to be amazed that after 25 years of obvious and well documented fuckups in privacy, we just pile into the next fucking one without even batting an eyelid.

	▲	charcircuit 6 hours ago \| parent [-]
		Meanwhile if you social engineer someone to run a piece of malware on macos. That malware can run npm install, steal your payment info and bitcoin keys, and upload any nsfw videos it finds to an attacker's server. That doesn't mean we should prevent people from installing software until the security situation is improved.