Comment by mark_l_watson
20 hours ago
I have not run OpenClaw and similar frameworks because of security concerns, but I enjoy the author's success, good for him.
There are very few companies who I trust with my digital data and thus trust to host something like OpenClaw and run it on my behalf: American Express, Capital One, maybe Proton, and *maybe* Apple. I managed an AI lab team at Capital One and personally I trust them.
I am for local compute, private data, etc., but for my personal AI assistant I want something so bullet proof that I lose not a minute of sleep worrying about by data. I don't want to run the infrastructure myself, but a hybrid solution would also be good.
AMEX, Capital One and Apple are not even close to the top of the list of companies that I would trust with my digital data.
Never mind the list of companies - I'd be very curious to know what the 'trust signals' are that would help you trust a company?
For hardware, I'd only trust a company if they didn't also have an interest in data. In fact, I'd trust a hardware company more if they didn't also have a big software division.
A company like AMD I would trust more than a company like Apple.
Decent management. A lack of change of business model, no rug pulls and such. Fair value for money. Consistency over the longer term. No lock in or other forced relationships. Large enough to be useful and to have decent team size, small enough to not have the illusion they'll conquer the world. Healthy competition.
5 replies →
the way they respond to security and privacy incidents + publishing technical security + privacy papers / docs
3 replies →
No past history of shady planned-obsolescence sprinkled in a bunch of their products, for one.
So that rules out Apple.
A leadership team that is very open and involved with the community, and one that takes extra steps, compared to competitors, to show they take privacy seriously.
1 reply →
I'd go for a co-operative ownership model rather than capitalist?
and make sure the member/owners are all of like mind, and willing to pay more to ensure security and privacy
12 replies →
Jacques, do you mind sharing your list of trusted companies? Thanks in advance.
It's going to be pretty short. Proton would be there for comms, for hosting related stuff I would trust Hetzner before any big US based cloud company. For the AI domain I wouldn't trust any of the big players, they're all just jockeying for position and want to achieve lock-in on a scale never seen before and they have all already shown they don't give a rats ass about where they get their training data and I expect that once they are in financial trouble they'll be happy to sell your private data down the river.
Effectively you can trust all of the companies out there right up until they are acquired and then you will regret all of the data you ever gave them. In that sense Facebook is unique: it was rotten from day #1.
Vehicles: anything made before 2005, SIM or e-SIM on board = no go.
I'm halfway towards setting up my own private mail server and IRC server for me and my friends and kissing the internet goodbye. It was a fun 30 years but we're well into nightmare territory now. Unfortunately you are now more or less forced to participate because your bank, your government and your social circle will push you back in. And I'm still pissed off that I'm not allowed to host any servers on a residential connection. That's not 'internet connectivity' that's 'consumer connectivity'.
15 replies →
Mark, can you conceive that some people don’t trust any companies?
1 reply →
I’d be very curious what your list would be
See other comment.
> There are very few companies who I trust with my digital data and thus trust to host something like OpenClaw and run it on my behalf: American Express, Capital One, maybe Proton, and maybe Apple. I managed an AI lab team at Capital One and personally I trust them.
I don't really understand what this has to do with the post or even OpenClaw. The big draw of OpenClaw (as I understand it) was that you could run it locally on your own system. Supposedly, per this post, OpenClaw is moving to a foundation and they've committed to letting the author continue working on it while on the OpenAI payroll. I doubt that, but it's a sign that they're making it explicitly not an OpenAI product.
OpenClaw's success and resulting PR hype explosion came from ignoring all of the trust and security guardrails that any big company would have to abide by. It would be a disaster of the highest order if it had been associated with any big company from the start. Because it felt like a grassroots experiment all of the extreme security problems were shifted to the users' responsibility.
It's going to be interesting to see where it goes from here. This blog post is already hinting that they're putting OpenClaw at arm's length by putting it into a foundation.
Prepare for the rug pull...
a tale as old as time ...
Quick plus one for Capital One after also working there. They're by far the most tech-forward of all the larger financial institutions, and by virtue of being a FI they take data-security much more seriously than any other "tech" companies.
No this is not a paid post lol
Not a paid post but a bunch of generalities with no specifics. C1 is by far the worse of the bunch in the banking sector. C1 now openly engages in stack ranking and has absolutely destroyed employee morale, all due to hiring ex Amazon directors.
For any future workers, be highly forewarned that if ex Amazon leadership enters your company their number one goal becomes inducing mass misery to magically raise the share price. It'll never work because they are coming from a company that has a massive unregulated monopoly (or oligopoly if you want to be technical) that is able to subsidize poor business ideas indefinitely. They mistake working in this environment as having competence so be warned: they will fuck everything up, collect massive bonuses, and you'll be collecting unemployment soon enough under their guidance.
Privacy aside, you can never trust an LLM with your data and trust it to do exactly what it was instructed to do.
You raised a good point I am now personally basically expecting to see this year ( next at the latest ). Some brave corporate will decide for millions of users to, uhh, liberate all users data. My money is not of that happening at Googles or OpenAIs of the world though. I am predicting it will be either be a bank or one of the data brokers.
With any luck, maybe this will finally be a bridge too fast, like what Amazon's superbowl ad did for surveillance conversation.
Sorry to pile on, but Capital One is an insane name to drop there.
You really trust them?
My trust does not extend that far.
Sorry to break it to you but I would not trust any financial companies with my personal data. Simply because I’ve seen how they use data to build exploitive products in the past.
Well it’s not even just data, you have to trust actions taken if you want the assist to, you know, assist. I have been yoloing it and really enjoying it. Albeit from a locked off server.
>Apple
Lol
Their marketing team got ya.
I aspire to be as good as Apple at marketing. Who knew 2nd or worse place in everything doesnt matter when you are #1 in marketing?
is this marketing or is just relating what they did to keep things secure?
https://security.apple.com/blog/private-cloud-compute/
Didn't have to click the link. Words don't matter. The fact that their phone security was poor enough for someone to get killed and thousands of others exposed... Oh and PRISM, so...
Marketing.
sorry to say it, but C1 LOL. they don’t care at all about privacy! Don’t mistake your team for the company values.
[flagged]