Am I missing something? Why is everyone talking about sandboxes when it comes to OpenClaw?
To me it's like giving your dog a stack of important documents, then being worried he might eat them, so you put the dog in a crate, together with the documents.
I thought the whole problem with that idea was that in order for the agent to be useful, you have to connect it to your calendar, your e-mail provider and other services so it can do stuff on your behalf, but also creating chaos and destruction.
And now, what, having inference done by Nvidia directly makes it better? Does their hardware prevent an AI from deleting all my emails?
I think the point you're making is fully correct, so consider this a devil's advocate argument...
People claim, you can use Claw-agents more safely while getting some of the benefits, by essentially proxying your services. For example on Gmail people are creating a new Google accounts, forwarding email via rule, and adding access to their calendar via Google's Family Sharing. This allows the Claw agent to read email, access the calendar, but even if you ask it to send an email it can only send as the proxy account, and it can only create calendar appointments then add you as an attendee rather than destroy/altering appointments you've made.
Is the juice worth the squeeze after all that? That's where I struggle. I think insecure/dangerous Claw-agents could be useful but cannot be made safe (for the logical fallacy you pointed out), and secure Claw-agents are only barely useful. Which feels like the whole idea gets squished.
You are indeed missing a TON. A lot of Open Claw users don't give it everything. We give it specific access to a group of things it needs to do the things we want. If I want an agent to sit there 24/7 maximizing uptime of my service, I give it access to certain data, the GitHub repo with PR privileges, and maybe even permissions to restart the service. All of this has to be very thoughtful and intentional. The idea that the only "useful" way to use Open Claw is to give it everything is a straw man.
Yes, although what I think is different in this setup here is the OpenShell gateway override, as they mention:
> NemoClaw installs the NVIDIA OpenShell runtime and Nemotron models, then uses a versioned blueprint to create a sandboxed environment where every network request, file access, and inference call is governed by declarative policy. The nemoclaw CLI orchestrates the full stack: OpenShell gateway, sandbox, inference provider, and network policy.
I think this means you get a true proxy layer with a network gateway that let's you stop in-flight requests with policies you define, so it's not their hardware but the combination of it plus OpenShell gateway and network policies.
I also think the reason they are doing this is to try and get some moat around these one-clik deployments and leverage their GPU for rent type of thing instead of having you go buy a mac mini and learn "scary" stuff (remember, the user market here is pretty strange lol)
OpenShell is the gem here indeed. A lot of good ideas like network sandbox that does TLS decryption and use of policy engine to set the rules. However:
> Credentials never leak into the sandbox filesystem; they are injected as environment variables at runtime.
Agreed. I think the "simplifies running OpenClaw always-on assistants safely" bit is pretty misleading. I suppose it can wreak less havoc on your local file system but, as you point out, it's access to your account credentials (Slack, email, Amazon?, etc.) that is the real danger.
You don't need to connect your calendar, email, or anything else. I am having so much fun talking to it bouncing ideas and pushing code/markdown files to GitHub (totally separate account I created for OpenClaw). On the other hand I don't have a crazy life that everything needs to be in the calendar.
The fully autonomous agentic ecosystem makes me feel a little crazy — like all common sense has escaped. It feels like there is a lot of engineering effort being exhausted to harden the engine room on the Titanic against flooding. It's going to look really secure... buried in debris at the bottom of the ocean.
When a state sponsored threat actor discovers a zero day prompt injection attack, it will not matter how isolated your *Claw is, because like any other assistant, they are only useful when they have access to your life. The access is the glaring threat surface that cannot be remediated — not the software or the server it's running on.
This is the computing equivalent of practicing free love in the late 80's without a condom. It looks really fun from a distance and it's probably really fun in the moment, but y'all are out of your minds.
I found this part interesting: "Inference requests from the agent never leave the sandbox directly. OpenShell intercepts every call and routes it to the NVIDIA cloud provider."
Seems like they are doing this to become the default compute provider for the easiest way to set up OpenClaw. If it works out, it could drive a decent amount of consumer inference revenue their way
Secure installation isn't the main problem with OpenClaw. This project doesn't seem to be solving a real problem. Of course the real problem is giving an LLM access to everything and hoping for the best.
While I don't have OpenClaw installed and not sure how I 'd use it I doubt all the hype around it is because it doesn't solve a real problem. The project grew to huge popularity organically!!!
How can that happen if it doesn't serve a need people have?
Gotta say, that I feel kind of sad for the people that feel the need for these claw things.
Are they so busy with their lives that they need an assistant, or do they waste their lives speaking to it like it is a human, and then doomscrolling on some addictive site instead of attending to their lives in the real world?
I'm still extremely skeptical on Claws as a genre, and especially more skeptical of a claw that's always reporting home. What's the use case for a closed claw?
If you look at the commit history, they started work on this the Saturday before announcement, so about 2 days. There are references to design docs so it was in the works for some amount of time, but the implementation was from scratch (unless they falsified the timestamps for some reason).
Lol you think these github repos just materialize as is? They probably did all the iteration and development internally and then ported it over to a github repo and made it public afterwards
No they didn't. You can see all the commits as this was built iteratively[0]. This project started development on Saturday morning and now it's here.
This is pretty common now, people love to rapidly throw together stuff and show it off a few days later. The only thing different about this from your average Show HN sloppa is that it's living under the NVIDIA Github org, though that also has 700+ repositories[1] in it so they don't appear too discerning about what makes it into the official repo.
My best guess is this was an internal hackathon project they wanted to release publicly.
That's what I didn't understand about the acquisitions/partnerships that came out of the various claws. It's a fairly simple concept, and people were doing it before this but it just wasn't a meme. With AI you can easily build a claw in a weekend with maybe a hundred bucks worth of tokens. How do I know?
I kind of hope nemoclaw uptake and spark usage pushes ARM into the spotlight for LLM development, making it the primary release target rather than x86.
This could be the opening we need to wrangle a truly opensource-first ecosystem away from Microsoft and apple.
Much as I love using Claude or whatever to help me write some code, it's under some level of oversight, with me as human checking stuff hasn't been changed in some weirdly strange way. As we all know by now, this can be 1. Just weird because the AI slept funny and suddenly decided to do Thing It Has Been Doing Consistently A Totally Different Way Today or 2. Weird because it's plain wrong and a terrible implementation of whatever it was you asked for
It seems blindingly, blindingly obvious to me that EVEN IF I had the MOST TRUSTED secretary that had been with me for 10 years, I'd STILL want to have some input into the content they were interacting with and pushing out into the world with my name on.
The entire "claw" thing seems to be some bizarre "finger in ears, pretend it's all fine" thing where people just haven't thought in the slightest about what is actually going on here. It's incredibly obvious to me that giving unfettered access to your email or calendar or mobile or whatever is a security disaster, no matter what "security context" you pretend it's wrapped up in. A proxy email account is still sending email on your behalf, a proxy calendar is still organising things on your calendar. The irony is that for this thing to be useful, it's got to be ...useful - which means it has at some level to have pretty full access to your stuff.
And... that's a hard no from me, at least right now given what we all know about the state of current agents.
Plus... I'm just not sure of the upside. Am I seriously that busy that I need something to "organise my day" for me? Not really.
Some obvious ones are only grant read and draft permissions at all, and review and send drafts manually.
Some more clever ones are to only allow sending 5 messages a day, or enforcing soft delete patterns. This prevents accidentally spamming everyone or deleting things.
Next up is giving the agent “wrapped” and down scoped tokens you do want to equip it with the ability to do direct API calls. But these still go through the proxy that enforces the policies too.
It’s impressive someone early in their career shipped this. There seems to be a stark increase in high-quality AI/data projects from early-career engineers lately and I'm super curious what’s driving that (and honestly speaking: a little jealous).
If you started your career more than ~2-3 years ago, you were trained on a completely different game. Clear abstractions, ownership, careful iteration, all that. That muscle memory is actively hindering you; preventing you from succeeding.
The people coming up now don't have that baggage. They never internalized "write the code yourself" as the default. They think in terms of spawning systems, letting things run, checking outcomes. It's way closer to managing a process than engineering in the traditional sense. And yeah, that shows up in what gets shipped. A 21-year-old will brute force 20 directions in parallel with agents and just pick what works. Someone more "experienced" will spend that same time trying to design the "right" approach up front. By the time they're done thinking, the other person has already iterated past them.
It's kind of unsettling is how basically all of these "senior instincts" are now liabilities. Caring about perfect structure, being allergic to randomness, needing to understand every layer before moving forward, etc. used to be strengths. Now they just slow you down.
You can already feel the split forming. Younger builders are comfortable letting systems do things they don't fully understand. Senior engineers keep trying to pull everything back into something legible and controlled, kneecapping themselves. That gap is not small.
What I'm seeing in my circle of founders and CEOs is that they're slowly laying off these older devs (cutoff age is around 24yrs) and replacing them with fresh, young talent, better suited for this new agentic era. From their reports the velocity gains are insane; and it compounds. Basically, these older folks are still doing polynomial thinking in an exponential landscape. They are dinosaurs slated for extinction.
Sometimes experience (or more so the wisdom you've accumulated over a long career) creates mental blocks / preconceptions about risks or problems you foresee, which makes it harder to approach big scary problems if you're able to anticipate all of the challenges you're likely to hit.
Compare that to a smart engineer who doesn't have that wisdom: those people might have an easier time jumping in to difficult problems without the mental burden of knowing all of the problems upfront.
The most meaningful technical advances I've personally seen always started out as "let's just do it, it will only take a weekend" and then 2 years later, you find yourself with a finished product. (If you knew it would take 2 years from the start, you might have never bothered)
> Compare that to a smart engineer who doesn't have that wisdom: those people might have an easier time jumping in to difficult problems without the mental burden of knowing all of the problems upfront.
My favorite story in CS related to this is how Huffman Coding came to be [1]
This is so incredibly accurate. I see all these side projects people are spinning up and can't help but think "Sure it might work at first but the first time i have to integrate it with something else i'll have to spend a week trying to get them to work. Hell that'll probably require an annoying rewrite and its not even worth what I get out of it"
There are four "people" that contributes (https://github.com/NVIDIA/NemoClaw/graphs/contributors) judging by the git commits and the GitHub authors, none of them seem to be novices at programming, what made you write what you wrote here?
I think this is a fundamentally flawed perspective on the role and experience of a senior. It's a managers role to coordinate junior engineers. The difference between junior and senior is knowing where and when to do what at an increasing scale as you gain experience.
Neurons that fire together, wire together. Your brain optimizes for your environment over time. As we get older, our brains are running in a more optimized way than when we're younger. That's why older hunters are more effective than younger hunters. They're finely tuned for their environment. It's an evolutionary advantage. But it also means that they're not firing in "novel" ways as much as the "kids". "kids" are more creative I think because their brains are still adopting, exploring novelty, neuron connections aren't as deeply tied together yet.
This is also maybe one of the biggest pitfalls as our society get's "older" with more old people, and less "kids". We need kids to force us to do things differently.
For me (a non-early career dev) these projects terrify me. People build stuff that just seem like enormous liabilities relying on tools mostly controlled and gate kept by someone else. My intuition tells me something is off. I could be wrong about it all, but one thing I've learned over the years is that ignoring my intuition typically doesn't end well!
Should be obvious that its tools like Claude Code. If you are a junior dev not experienced in delivering entire products but with good ideas you have incredible leverage now...
It’s amusing that ‘claw’ is sticking around as a term for these kind of things, when it was originally a pretty transparent attempt to avoid infringing on ‘Claude’…
Check out https://zo.computer - we've been doing OpenClaw for nearly a year, it works out of the box, and has hosting built-in. Zo arguably was the inspiration for Peter to create OpenClaw.
It's quite sad you are riding the coattails of Openclaw here and on Twitter. You only talk about how you were "first" but never say why you are arguably nowhere near all the competitors in terms of distribution that supposedly copied from you
OpenClaw had a huge viral marketing campaign. It wasn't a coincidence everyone on twitter was talking about it at the same time suddenly. To its credit, it also executed well enough in a few areas that captured people's imagination. Most of the concepts are ideas people have been toying with for years, though.
OpenClaw is so bad with Docker. I spent hours on it and hit road block after road block trying to get the most basic things working.
The last one was inability to install dependencies on the docker container to enable plugins. The existing scripts and instructions don’t work (at least I couldn’t get them to work. Maybe a me problem).
So I gave up and moved on. What was supposed to be a helpful assistant became a nightmare.
I’m not an engineer and now I realise why I’ve been struggling getting OpenClaw setup in docker. I just can’t get it to work. Makes sense that it needs access to the underlying OS
Same experience. I used Coolify and it was so hard. I wondered why people are so enthralled with this unacceptable UX for setup, only to realize no one cared about Docker and they just got a new Mac mini or used their own system.
I've honestly found containers a breeze for such use cases. Inference lives on the host, crazy lives in an unpriv'd overlayfs container that I don't mind trashing the root of, and is like nothing in resources to clone, and gives a clean mitm surface via a veth. That said, greywall looks pretty dope!
Am I missing something? Why is everyone talking about sandboxes when it comes to OpenClaw?
To me it's like giving your dog a stack of important documents, then being worried he might eat them, so you put the dog in a crate, together with the documents.
I thought the whole problem with that idea was that in order for the agent to be useful, you have to connect it to your calendar, your e-mail provider and other services so it can do stuff on your behalf, but also creating chaos and destruction.
And now, what, having inference done by Nvidia directly makes it better? Does their hardware prevent an AI from deleting all my emails?
I think the point you're making is fully correct, so consider this a devil's advocate argument...
People claim, you can use Claw-agents more safely while getting some of the benefits, by essentially proxying your services. For example on Gmail people are creating a new Google accounts, forwarding email via rule, and adding access to their calendar via Google's Family Sharing. This allows the Claw agent to read email, access the calendar, but even if you ask it to send an email it can only send as the proxy account, and it can only create calendar appointments then add you as an attendee rather than destroy/altering appointments you've made.
Is the juice worth the squeeze after all that? That's where I struggle. I think insecure/dangerous Claw-agents could be useful but cannot be made safe (for the logical fallacy you pointed out), and secure Claw-agents are only barely useful. Which feels like the whole idea gets squished.
> Am I missing something?
You are indeed missing a TON. A lot of Open Claw users don't give it everything. We give it specific access to a group of things it needs to do the things we want. If I want an agent to sit there 24/7 maximizing uptime of my service, I give it access to certain data, the GitHub repo with PR privileges, and maybe even permissions to restart the service. All of this has to be very thoughtful and intentional. The idea that the only "useful" way to use Open Claw is to give it everything is a straw man.
Yes, although what I think is different in this setup here is the OpenShell gateway override, as they mention:
> NemoClaw installs the NVIDIA OpenShell runtime and Nemotron models, then uses a versioned blueprint to create a sandboxed environment where every network request, file access, and inference call is governed by declarative policy. The nemoclaw CLI orchestrates the full stack: OpenShell gateway, sandbox, inference provider, and network policy.
I think this means you get a true proxy layer with a network gateway that let's you stop in-flight requests with policies you define, so it's not their hardware but the combination of it plus OpenShell gateway and network policies.
I also think the reason they are doing this is to try and get some moat around these one-clik deployments and leverage their GPU for rent type of thing instead of having you go buy a mac mini and learn "scary" stuff (remember, the user market here is pretty strange lol)
OpenShell is the gem here indeed. A lot of good ideas like network sandbox that does TLS decryption and use of policy engine to set the rules. However:
> Credentials never leak into the sandbox filesystem; they are injected as environment variables at runtime.
If anyone from the team is reading - you should copy surrogate credentials approach from here to secure the credentials further: https://github.com/airutorg/airut/blob/main/doc/network-sand...
I'm putting my dog in his crate with all my important documents, but leaving my fine china tableware in the cupboard away from the dog.
Then one day forgetting to close the door of the crate…..
1 reply →
and then tie a tiny string from the china to a thing inside the cage because it seemed handy at the time...
Agreed. I think the "simplifies running OpenClaw always-on assistants safely" bit is pretty misleading. I suppose it can wreak less havoc on your local file system but, as you point out, it's access to your account credentials (Slack, email, Amazon?, etc.) that is the real danger.
You don't need to connect your calendar, email, or anything else. I am having so much fun talking to it bouncing ideas and pushing code/markdown files to GitHub (totally separate account I created for OpenClaw). On the other hand I don't have a crazy life that everything needs to be in the calendar.
you put the dog in crate with a COPY of your documents.
Make it two copies!
[dead]
[dead]
The fully autonomous agentic ecosystem makes me feel a little crazy — like all common sense has escaped. It feels like there is a lot of engineering effort being exhausted to harden the engine room on the Titanic against flooding. It's going to look really secure... buried in debris at the bottom of the ocean.
When a state sponsored threat actor discovers a zero day prompt injection attack, it will not matter how isolated your *Claw is, because like any other assistant, they are only useful when they have access to your life. The access is the glaring threat surface that cannot be remediated — not the software or the server it's running on.
This is the computing equivalent of practicing free love in the late 80's without a condom. It looks really fun from a distance and it's probably really fun in the moment, but y'all are out of your minds.
Well, at least we share the same world as these people, meaning that we too will experience the consequences of their actions.
Isn't that a nice perspective
[dead]
I found this part interesting: "Inference requests from the agent never leave the sandbox directly. OpenShell intercepts every call and routes it to the NVIDIA cloud provider."
Seems like they are doing this to become the default compute provider for the easiest way to set up OpenClaw. If it works out, it could drive a decent amount of consumer inference revenue their way
s/revenue/data/
Secure installation isn't the main problem with OpenClaw. This project doesn't seem to be solving a real problem. Of course the real problem is giving an LLM access to everything and hoping for the best.
Running OpenClaw is the nerd equivalent of rolling coal
26 replies →
While I don't have OpenClaw installed and not sure how I 'd use it I doubt all the hype around it is because it doesn't solve a real problem. The project grew to huge popularity organically!!!
How can that happen if it doesn't serve a need people have?
7 replies →
Gotta say, that I feel kind of sad for the people that feel the need for these claw things.
Are they so busy with their lives that they need an assistant, or do they waste their lives speaking to it like it is a human, and then doomscrolling on some addictive site instead of attending to their lives in the real world?
I'm still extremely skeptical on Claws as a genre, and especially more skeptical of a claw that's always reporting home. What's the use case for a closed claw?
If you look at the commit history, they started work on this the Saturday before announcement, so about 2 days. There are references to design docs so it was in the works for some amount of time, but the implementation was from scratch (unless they falsified the timestamps for some reason).
Lol you think these github repos just materialize as is? They probably did all the iteration and development internally and then ported it over to a github repo and made it public afterwards
No they didn't. You can see all the commits as this was built iteratively[0]. This project started development on Saturday morning and now it's here.
This is pretty common now, people love to rapidly throw together stuff and show it off a few days later. The only thing different about this from your average Show HN sloppa is that it's living under the NVIDIA Github org, though that also has 700+ repositories[1] in it so they don't appear too discerning about what makes it into the official repo.
My best guess is this was an internal hackathon project they wanted to release publicly.
[0] https://github.com/NVIDIA/NemoClaw/commits/main/?after=241ff...
[1] https://github.com/orgs/NVIDIA/repositories?type=all
3 replies →
That's what I didn't understand about the acquisitions/partnerships that came out of the various claws. It's a fairly simple concept, and people were doing it before this but it just wasn't a meme. With AI you can easily build a claw in a weekend with maybe a hundred bucks worth of tokens. How do I know?
I kind of hope nemoclaw uptake and spark usage pushes ARM into the spotlight for LLM development, making it the primary release target rather than x86.
This could be the opening we need to wrangle a truly opensource-first ecosystem away from Microsoft and apple.
I think nanoclaw is architecturaly much better suited to solve this problem.
Related...
https://news.ycombinator.com/item?id=47430510
I think the whole thing is batshit, honestly.
Much as I love using Claude or whatever to help me write some code, it's under some level of oversight, with me as human checking stuff hasn't been changed in some weirdly strange way. As we all know by now, this can be 1. Just weird because the AI slept funny and suddenly decided to do Thing It Has Been Doing Consistently A Totally Different Way Today or 2. Weird because it's plain wrong and a terrible implementation of whatever it was you asked for
It seems blindingly, blindingly obvious to me that EVEN IF I had the MOST TRUSTED secretary that had been with me for 10 years, I'd STILL want to have some input into the content they were interacting with and pushing out into the world with my name on.
The entire "claw" thing seems to be some bizarre "finger in ears, pretend it's all fine" thing where people just haven't thought in the slightest about what is actually going on here. It's incredibly obvious to me that giving unfettered access to your email or calendar or mobile or whatever is a security disaster, no matter what "security context" you pretend it's wrapped up in. A proxy email account is still sending email on your behalf, a proxy calendar is still organising things on your calendar. The irony is that for this thing to be useful, it's got to be ...useful - which means it has at some level to have pretty full access to your stuff.
And... that's a hard no from me, at least right now given what we all know about the state of current agents.
Plus... I'm just not sure of the upside. Am I seriously that busy that I need something to "organise my day" for me? Not really.
Then give your agent its own name, its own accounts, and let it push things out without your name.
We are in the wild wild west.
I’m looking for feedback, testing and possible security engineering contracts for the approach we are taking at Housecat.com.
The agent accesses everything through a centralized connections proxy. No direct API tokens or access.
This means we can apply additional policies and approval workflows and audit all access.
https://housecat.com/docs/v2/features/connection-hub
Some obvious ones are only grant read and draft permissions at all, and review and send drafts manually.
Some more clever ones are to only allow sending 5 messages a day, or enforcing soft delete patterns. This prevents accidentally spamming everyone or deleting things.
Next up is giving the agent “wrapped” and down scoped tokens you do want to equip it with the ability to do direct API calls. But these still go through the proxy that enforces the policies too.
It’s impressive someone early in their career shipped this. There seems to be a stark increase in high-quality AI/data projects from early-career engineers lately and I'm super curious what’s driving that (and honestly speaking: a little jealous).
If you started your career more than ~2-3 years ago, you were trained on a completely different game. Clear abstractions, ownership, careful iteration, all that. That muscle memory is actively hindering you; preventing you from succeeding.
The people coming up now don't have that baggage. They never internalized "write the code yourself" as the default. They think in terms of spawning systems, letting things run, checking outcomes. It's way closer to managing a process than engineering in the traditional sense. And yeah, that shows up in what gets shipped. A 21-year-old will brute force 20 directions in parallel with agents and just pick what works. Someone more "experienced" will spend that same time trying to design the "right" approach up front. By the time they're done thinking, the other person has already iterated past them.
It's kind of unsettling is how basically all of these "senior instincts" are now liabilities. Caring about perfect structure, being allergic to randomness, needing to understand every layer before moving forward, etc. used to be strengths. Now they just slow you down.
You can already feel the split forming. Younger builders are comfortable letting systems do things they don't fully understand. Senior engineers keep trying to pull everything back into something legible and controlled, kneecapping themselves. That gap is not small.
What I'm seeing in my circle of founders and CEOs is that they're slowly laying off these older devs (cutoff age is around 24yrs) and replacing them with fresh, young talent, better suited for this new agentic era. From their reports the velocity gains are insane; and it compounds. Basically, these older folks are still doing polynomial thinking in an exponential landscape. They are dinosaurs slated for extinction.
Sometimes experience (or more so the wisdom you've accumulated over a long career) creates mental blocks / preconceptions about risks or problems you foresee, which makes it harder to approach big scary problems if you're able to anticipate all of the challenges you're likely to hit.
Compare that to a smart engineer who doesn't have that wisdom: those people might have an easier time jumping in to difficult problems without the mental burden of knowing all of the problems upfront.
The most meaningful technical advances I've personally seen always started out as "let's just do it, it will only take a weekend" and then 2 years later, you find yourself with a finished product. (If you knew it would take 2 years from the start, you might have never bothered)
Naivety isn't always a bad thing.
> Compare that to a smart engineer who doesn't have that wisdom: those people might have an easier time jumping in to difficult problems without the mental burden of knowing all of the problems upfront.
My favorite story in CS related to this is how Huffman Coding came to be [1]
[1] https://en.wikipedia.org/wiki/Huffman_coding#History
This is so incredibly accurate. I see all these side projects people are spinning up and can't help but think "Sure it might work at first but the first time i have to integrate it with something else i'll have to spend a week trying to get them to work. Hell that'll probably require an annoying rewrite and its not even worth what I get out of it"
There are four "people" that contributes (https://github.com/NVIDIA/NemoClaw/graphs/contributors) judging by the git commits and the GitHub authors, none of them seem to be novices at programming, what made you write what you wrote here?
I think he's talking about the original claw, Open Claw
2 replies →
A lot of senior engineering problems aren't gated by experience but by being trusted to coordinate large numbers of juniors.
Now that as a junior, I can spin up a team of AIs and delegate, I can tackle a bunch of senior level tasks if I'm good at coordination.
I think this is a fundamentally flawed perspective on the role and experience of a senior. It's a managers role to coordinate junior engineers. The difference between junior and senior is knowing where and when to do what at an increasing scale as you gain experience.
1 reply →
Neurons that fire together, wire together. Your brain optimizes for your environment over time. As we get older, our brains are running in a more optimized way than when we're younger. That's why older hunters are more effective than younger hunters. They're finely tuned for their environment. It's an evolutionary advantage. But it also means that they're not firing in "novel" ways as much as the "kids". "kids" are more creative I think because their brains are still adopting, exploring novelty, neuron connections aren't as deeply tied together yet.
This is also maybe one of the biggest pitfalls as our society get's "older" with more old people, and less "kids". We need kids to force us to do things differently.
Not 100% sure this isn't sarcasm, but I'll bite.
For me (a non-early career dev) these projects terrify me. People build stuff that just seem like enormous liabilities relying on tools mostly controlled and gate kept by someone else. My intuition tells me something is off. I could be wrong about it all, but one thing I've learned over the years is that ignoring my intuition typically doesn't end well!
> It’s impressive someone early in their career shipped this.
Hang on, what's impressive about this?
OpenClaw is many things, but decidedly not "high-quality".
What is impressive about this project? It seems to be similar to other projects in that space.
Should be obvious that its tools like Claude Code. If you are a junior dev not experienced in delivering entire products but with good ideas you have incredible leverage now...
because the floor is fucking insane for junior developers right now!!
It’s amusing that ‘claw’ is sticking around as a term for these kind of things, when it was originally a pretty transparent attempt to avoid infringing on ‘Claude’…
Check out https://zo.computer - we've been doing OpenClaw for nearly a year, it works out of the box, and has hosting built-in. Zo arguably was the inspiration for Peter to create OpenClaw.
It's quite sad you are riding the coattails of Openclaw here and on Twitter. You only talk about how you were "first" but never say why you are arguably nowhere near all the competitors in terms of distribution that supposedly copied from you
Why do you think OpenClaw caught on much faster?
OpenClaw had a huge viral marketing campaign. It wasn't a coincidence everyone on twitter was talking about it at the same time suddenly. To its credit, it also executed well enough in a few areas that captured people's imagination. Most of the concepts are ideas people have been toying with for years, though.
counterpoint: this assumes everyone has the same constraints. not always true
what about just using an unprivileged container and mounting a host folder to run open claw?
OpenClaw is so bad with Docker. I spent hours on it and hit road block after road block trying to get the most basic things working.
The last one was inability to install dependencies on the docker container to enable plugins. The existing scripts and instructions don’t work (at least I couldn’t get them to work. Maybe a me problem).
So I gave up and moved on. What was supposed to be a helpful assistant became a nightmare.
Did you try Incus? Gives you VM-like experience in a container
Why not use a VM?
1 reply →
I’m not an engineer and now I realise why I’ve been struggling getting OpenClaw setup in docker. I just can’t get it to work. Makes sense that it needs access to the underlying OS
Same experience. I used Coolify and it was so hard. I wondered why people are so enthralled with this unacceptable UX for setup, only to realize no one cared about Docker and they just got a new Mac mini or used their own system.
Absolutely this. I finally got it working, but the instructions and scripts for setting it up with Docker absolutely do not work.
I'm curious if people have had success running it on Cloudflare workers. I know there was a lot of hype about that a few weeks ago.
Riight, unprivileged lxc/lxd container takes 2s to set up. Thanks NV, sticking with opencode.
The problem is that it cannot access your credentials hence useless.
Containers and VMs are really annoying to work with for these kinds of applications. Things like agent-safehouse and greywall are better imo
I've honestly found containers a breeze for such use cases. Inference lives on the host, crazy lives in an unpriv'd overlayfs container that I don't mind trashing the root of, and is like nothing in resources to clone, and gives a clean mitm surface via a veth. That said, greywall looks pretty dope!
[dead]
[dead]