Hacker News

no personal attacks, just rebranding over and over again of the same basic functionality with no true innovation. people are rightfully angry. imagine if this had happened with the advent of rest apis. folks would be just as furious, and rightfully so

Now we do computing like we play Sim City: sketching fuzzy plans and hoping those little creatures behave the way we thought they might. All the beauty and guarantees offered by a system obeying strict and predictable rules goes down the drain, because life's so boring, apparently.

Another pattern would mirror BigCorp process: you need VP approval for the privileged operation. If the agent can email or chat with the human (or even a strict, narrow-purpose agent(1) whose job it is to be the approver), then the approver can reply with an answer.

This is basically the same as your pattern, except the trust is in the channel between the agent and the approver, rather than in knowledge of the password. But it's a little more usable if the approver is a human who's out running an errand in the real world.

1. Cf. Driver by qntm.

I created my own version with an inner llm, and outer orchestration layer for permissions. I don't think the OTP is needed here? The outer layer will ping me on signal when a tool call needs a permission, and an llm running in that outer layer looks at the trail up to that point to help me catch anything strange. I can then give permission once/ for a time limit/ forever on future tool calls.

I've created my own "claw" running in fly.io with a pattern that seems to work well. I have MCP tools for actions that I want to ensure human-in-the loop - email sending, slack message sending, etc. I call these "activities". The only way for my claw to execute these commands is to create an activity which generates a link with the summary of the acitvity for me to approve.

How do you enforce this? You have a system where the agent can email people, but cannot email "too many people" without a password?

Will that protect you from the agent changing the code to bypass those safety mechanisms, since the human is "too slow to respond" or in case of "agent decided emergency"?

So human become just a provider of those 6 digits code ? That’s already the main problem i have with most agents: I want them to perform a very easy task: « fetch all recepts from website x,y and z and upload them to the correct expense of my expense tracking tool ». Ai are perfectly capable of performing this. But because every website requires sso + 2 fa, without any possibility to remove this, so i effectively have to watch them do it and my whole existence can be summarized as: « look at your phone and input the 6 digits ».

The thing i want ai to be able to do on my behalf is manage those 2fa steps; not add some.

Does it actually require an OTP or is this just hoping that the agent follows the instructions every single time?

This is the future we need to make happen.

I would love to subscribe to / pay for service that are just APIs. Then have my agent organize them how I want.

Imagine youtube, gmail, hacker news, chase bank, whatsapp, the electric company all being just apis.

You can interact how you want. The agent can display the content the way you choose.

Incumbent companies will fight tooth and nail to avoid this future. Because it's a future without monopoly power. Users could more easily switch between services.

Tech would be less profitable but more valuable.

It's the future we can choose right now by making products that compete with this mindset.

Yesterday IMG tag history came up, prompting a memory lane wander. Reminding me that in 1992-ish, pre `www.foo` convention, I'd create DNS pairs, foo-www and foo-http. One for humans, and one to sling sexps.

I remember seeing the CGI (serve url from a script) proposal posted, and thinking it was so bad (eg url 256-ish character limit) that no one would use it, so I didn't need to worry about it. Oops. "Oh, here's a spec. Don't see another one. We'll implement the spec." says everyone. And "no one is serving long urls, so our browser needn't support them". So no big query urls during that flexible early period where practices were gelling. Regret.

Any website could in theory provide api access. But websites do not want this in general: remember google search api? Agents will run into similar restrictions for some cases as apis. It is not a technical problem imo, but an incentives one.

> if claws had existed beforehand.

That's literally not possible would be my take. But of course just intuition.

The dataset used to train LLM:s was scraped from an internet. The data was there mainly due to the user expansion due to www, and the telco infra laid during and after dot-com boom that enabled said users to access web in the first place.

The data labeling which underpins the actual training, done by masses of labour, on websites, could not have been scaled as massively and cheaply without www scaled globally with affordable telecoms infra.

I agree, and it seems like the incumbents in this user-oriented space (OS vendors) would be letting the messy, insecure version play out before making an earnest attempt at rolling it into their products.

It always depends on who you consider the user. The one who initiated the agent, or the one who interacts with it? Is the latter a user or a victim?

It's a new, dangerous and wildly popular shape of what I've in the past called a "personal digital assistant" - usually while writing about how hard it is to secure them from prompt injection attacks.

The term is in the process of being defined right now, but I think the key characteristics may be:

- Used by an individual. People have their own Claw (or Claws).

- Has access to a terminal that lets it write code and run tools.

- Can be prompted via various chat app integrations.

- Ability to run things on a schedule (it can edit its own frontal equivalent)

- Probably has access to the user's private data from various sources - calendars, email, files etc. very lethal trifecta.

Claws often run directly on consumer hardware, but that's not a requirement - you can host them on a VPS or pay someone to host them for you too (a brand new market.)

I think for me it is an agent that runs on some schedule, checks some sort of inbox (or not) and does things based on that. Optionally it has all of your credentials for email, PayPal, whatever so that it can do things on your behalf.

Basically cron-for-agents.

Before we had to go prompt an agent to do something right now but this allows them to be async, with more of a YOLO-outlook on permissions to use your creds, and a more permissive SI.

Not rocket science, but interesting.

it's a psychological state that happens when someone is so desperate to seem cool and up with the latest AI hype that they decide to recklessly endanger themselves and others.

That's it basically. I do not think running the tool in a container really solves the fundamental danger these tools pose to your personal data.

There are a few qualitative product experiences that make claw agents unique.

One is that it relentlessly strives thoroughly to complete tasks without asking you to micromanage it.

The second is that it has personality.

The third is that it's artfully constructed so that it feels like it has infinite context.

The above may sound purely circumstantial and frivolous. But together it's the first agent that many people who usually avoid AI simply LOVE.

I am creating a claw that is basically a loop that runs every x minutes. It uses the Claude cli tool. And it builds a memory based on some kind of simple node system. With active memories and fading old memories. I also added functionality to add integrations like whatsapp, agenda. Slack and gmail. so every "loop" the ai reads in information and updates it's memory. There is also a directive that can decide to create tasks or directly message me or others. It's a bit of playing around. Very dangerous, but fun to play with. The application even has self improvement system. I creates a few pull requests every day it thinks is needed to make it better. Hugely fun to see it evolving. https://github.com/holoduke/myagent

A claw is an orchestrator for agents with its own memory, multiprocessing, job queue and access to instant messengers.

you need to add cron to have a claw

I think this is basically obvious to anyone using one of these but they're just they like the utility trade off like sure it may leak and exfiltrate everything somewhere but the utility of these tools is enough where they just deal with that risk.

could you share that study?

To clarify, you mean that we're entering a post-HTML world, correct? As in, why spend effort on the aesthetics if a human will never see it, correct?

Because that is also my worry; a post-HTML and perhaps even a POST-API world....

And will there be a corresponding specialty that optimizes your "website" for claws to navigate. (Beyond just providing API access)

The creator was hired by OpenAI after coincidentally deciding codex was superior to all other harnesses not long before. It’s mostly marketing.

Still an interesting idea but it’s not really novel or difficult. Well, doing it securely would actually be incredibly impressive and worth big $$$.

It’s as if ChatGPT is an autonomous agent that can do anything and keeps running constantly.

Most AI tools require supervision, this is the opposite.

To many people, the idea of having an AI always active in the background doing whatever they want them to do is interesting.

Never underestimate the lengths people will go to, just to avoid reading their damn email! :)

You don’t understand the allure of having a computer actually do stuff for you instead of being a place where you receive email and get yelled at by a linter?

Well now somebody will

Give it a few years and distilled version of frontier models will be able to run locally

Maybe it’s time to start lining up CCPA delete requests to OAI, Anthropic, etc

"Scott is not suing"

For what?

He didn't name it though, Peter Steinberger did. (Kinda.)

Just The Thing to grab life by(TM), for those who hitherto have struggled to

White Claw <- White Colla'

https://www.whiteclaw.com/

Another fun connection: https://www.willbyers.com/blog/white-lobster-cocaine-leucism

(Also the lobsters from Accelerando, but that's less fresh?)

How does "claw" capture this? Other than being derived from a product with this name, the word "claw" doesn't seem to connect to persistence, scheduling, or inter-agent communication at all.

Why do we always have to come up with the stupidest names for things. Claw was a play on Claude, is all. Granted, I don’t have a better one at hand, but that it has to be Claw of all things…

Some users are moving to local models, I think, because they want to avoid the agent's cost, or they think it'll be more secure (not). The mac mini has unified memory and can dynamically allocate memory to the GPU by stealing from the general RAM pool so you can run large local LLMs without buying a massive (and expensive) GPU.

They recommend a Mac Mini because it’s the cheapest device that can access your Apple reminders and iMessage. If you are into that ecosystem obviously.

If you don’t need any of that then any device or small VPS instance will suffice.

A Mac allows it to send iMessage and access the Apple ecosystem.

Easy enough for average Joe to set up. Can run several Chrome tabs. pi cannot

What everyone else said, plus the cuteness factor

When I tried it out last time, a lot of the features are macOS only. It works on other OS, but not all.

Could a malicious claw sidechannel this by creating a localhost service and calling that with the signed micropayment, to get the decrypted contents of the wallet or anything?

What exactly are they self hosting here? Probably not the model, right? So just the harness?

That does sound like the worst of both worlds: You get the dependency and data protection issues of a cloud solution, but you also have to maintain a home server to keep the agent running on?

Yep. Not YC backed, but we're working on this over at LobsterHelper.

ShowHN post from yesterday: https://news.ycombinator.com/item?id=47091792

There are lots of results for "host openclaw", some from VPS SEO spam, some from dedicated CaaS, some from PaaS. Many of them may be profitable.

In a sense, self-hosting it ( and I would argue for a personal rewrite ) is the only way to limit some of the damage.

I wonder how much the clawbase domain name would sell for, hmm

I already built an operator so we can deploy nanoclaw agents in kubernetes with basically a single yaml file. We're already running two of them in production (PR reviews and ticket triaging)

Great idea, happy to ~steal~ be inspired by.

I propose a few other common elements:

1. Another AI agent (actually bunch of folks in a 3rd-world country) to gatekeep/check select input/outputs for data leaks.

2. Using advanced network isolation techniques (read: bunch of iptables rules and security groups) to limit possible data exfiltration.

  This would actually be nice, as the agent for whatsapp would run in a separate entity with limited network access to only whatsapp's IP ranges...

  Possibly like IFTTT/Zapier/etc. like integration, where you drag/drop objectives/tasks in a *declarative* format and the agent(s) figure out the rest...

I don't have a Claw running right now and I wish I did. I want to start archiving the livestream from https://www.youtube.com/watch?v=BfGL7A2YgUY - YouTube only provide access to the last 12 hours. If I had a Claw on a 24/7 machine somewhere I could message it and say "permanent archive this stream" and it would figure it out and do it.

I've been thinking about this (dishes vs creative work). I think it's because our high-production culture requires everyone to figure out their own way of providing value - otherwise you'll go hungry.

Getting a little meta here .

If we were to consider this with an economics-type lens, one could say that there is a finite-yet-unbounded field of possibility within which we can stake our ground to provide value. This field is finite in that we (as individuals, groups, or societies) only have so much knowledge and technology with which to explore the field. As we gain more in either category, the field expands.

Maybe an analogy for this would be terraforming an inhospitable planet such as Mars - our ability to extract value from it and support an increasing amount of actors is limited by how fast we can make it habitable.

the efficiency of industrialization results in less space in the field for people to create value. So the boundaries must be expanded. It's a different kind of work, and maybe this is the distinction between toil and creative work.

And we're in a world now where there is decreasing toil-work -- it's a resource that is becoming more and more scarce. So we must find creative, entrepreneurial ways to keep up.

Anyways, back to the kitchen sink -- doing our dishes is simply not as urgent as doing the creative thing that will help you stay afloat. With this anxious pressure in mind it makes sense to me that people reach for using AI to (attempt to) do the latter.

AI is great at toil-work, so we feel that it ought to be good at creative work too. The lines between the two are very blurry, and there is so much hype and things are moving so fast. But I think the ones who do figure out how to grow in this era will be those who learn to tell the distinction between the two, and resist the urge to let an LLM do the creative work for them. The kids in college right now who don't use AI to write for them, but use it to help gather research and so on.

Another planetary example comes to mind -- it's like there's a new Western gold rush frontier - but instead of it being open territory spanning beyind the horizon, it's slowly being revealed as the water recedes, and we are all already crowded at the shore.

> Has anyone find a useful way to to something with Claws without massive security risk?

Not really, no. I guess the amount of integrations is what people are raving about or something?

I think one of the first thing I did when I got access to codex, was to write a harness that lets me fire off jobs via a webui on a remote access, and made it possible for codex to edit and restart it's own process, and send notifications via Telegram. Was a fun experiment, still use it from time to time, but it's not a working environment, just a fun prototype.

I gave openclaw a try some days ago, and besides that the setup wrote config files that had syntax errors, it couldn't run in a local container and the terminology is really confusing ("lan-only mode" really means "bind to all found interfaces" for some stupid reason), the only "benefit" I could see would be the big amount of integrations it comes with by default.

But it seems like such a vibeslopped approach, as there is a errors and nonsense all over the UI and implementation, that I don't think it'll manageable even in the short-term, it seems to already have fallen over it's own spaghetti architecture. I'm kind of shocked OpenAI hired the person behind it, but they also probably see something we from the outside cannot even see, as they surely weren't hired because of how openclaw was implemented.

once the models get smart enough, you wont need n8n, they will just do the workflow without it needing to be specified. this is coming pretty soon

What other device would you suggest as a home server that a non tech person can set up themselves and has enough power to run several Chrome tabs? Access to iMessage is a plus. Small beeline Windows devices could also work but it’s Windows 11, slow as molasses.

I’m pretty sure people are using them for local inference. Token rates can be acceptable if you max out the specs. If it was just the harness, they’d use a $20 raspberry pi instead.

You don’t, but for those who would like the agent to interact with Apple provided services like reminders and iMessage it works for that.

You don't, that's just the most visible way to do it. Any other computer capable of running not-Claude code in a shell with a browser will do, but all the cool kids are buying mac's, don't you wanna be one of them?

> Imagine the possibilities

1.5B models are not very bright which doesn't give me much hope for what they could "claw" or accomplish.

It's just sending API calls to anthropic, $50 is overkill.

This zeroclaw.org has to be some kind of malware.

This is the official repo https://github.com/zeroclaw-labs/zeroclaw and its website: https://zeroclawlabs.ai/

I assumed that was for running the actual LLM locally?

Looks interesting but I haven't seen it discussed much yet. How did you find out about it?

dude nobody cares about school prestige, the whole value in openclaw was that its an innovative idea, not that its written in Rust

I also built the equivalent of OpenClaw myself sometime when it was still called Clawdbot and I'm confused how LLMs can be both heralds of the era of personal apps and everyone at the same time be using the same vibe coded personal LLM assistant someone else made, much less it being worth an OpenAI acquisition. I agree building one yourself is very fun.

Little too lexically close to girth

As far as I can tell it's mostly use-cases like "externalized claude code", accessible on mobile. Maybe the "agentic harness" is slightly tweaked for longer running tasks, but if it's really better claude code will copy the tweaks anyway, so I don't really see what the hype and point is.

My favorite use so far has been giving it a copy of my Calibre library. After having it write a few scripts and a skill, I can ask it questions about any book I’m reading.

This week I had it order a series internally chronological.

I could use the search on my Kindle or open Calibre myself, but a Signal message is much faster when it’s already got the SQLite file right there.

Moltis has a web chat UI at least. https://moltis.org/

Depending on what you mean by claw-like, stumpy.ai is close. But it’s more security focused. Starts with “what can we let it do safely” instead of giving something shell access and then trying to lock it down after the fact.

https://yepanywhere.com/ But has no Cron system. Just relay / remote web UI that's mobile first. I might add Cron system to it, but I think special purpose tool is better / more focused (I am the author of this)

Openclaw!

You can sandbox anything yourself. Use a VM.

It has a web ui.

You can run openclaw locally against ollama if you want. But the models that are distilled/quantized enough to run on consumer hardware can have considerably poorer quality than full models.

You need very high-end hardware to run the largest SOTA open models at reasonable latency for real-time use. The minimum requirements are quite low, but then responses will be much slower and your agent won't be able to browse the web or use many external services.

$3k Ryzen ai-max PCs with 128GB of unified ram is said to run this reasonably well. But don't quote me on it.

The question is: what type of mac mini. If you go for something with 64G + +16 cores, it's probably more than most laptop so you can run much bigger models without impacting your job laptop.

it's because Apple blocks access to iMessage and other Appe services from non Apple os.

If you, like me, don't care about any of that stuff you can use anything plus use SoTA models through APIs. Even raspberry pi works.

It absolutely can be a vm. Someone even got it running on a 2 dollar esp32. Its just making api calls

I don't know but I'm guessing that it's because it makes it easy to give access to it to Mac desktop apps? Not sure what's the VM story with Mac but usually cloud VM stuff is linux so it may be inconvenient for some users to hook it up to their apps/tools.

No shade, I think it looks cool and will likely use it, but next time maybe disclose that you’re the founder?

They're buying Mac Minis to isolate the environment in which their agents operate. They consume little power and are good for long running tasks.

Most aren't running models locally. They're using Claude via OpenClaw.

It's part of the "personal agent running constantly" craze.

For a machine that must run 24/7 or at least most of the day, the next best alternative to a separate computer is a cheap Linux VPS. Most people don't want to fiddle with such setup, so they go for Mac Minis. Even the lower spec ones are good enough, and they consume little power when idle.

No they’re buying them as a home server. You can’t message your claw if your laptop lid is closed.

i am thinking 2 steps (48 hours in ai land) ahead and conclude we need a linkedin and fiverr for these claws.

It's pretty much Claude Code but you can have it trigger on a schedule and prompt it via your messaging platform of choice.

It's just agents as you might know them, but running constantly in a loop, with access to all your personal accounts.

What could go wrong.

> the "policy people" will climb out of their holes

I am one of those people and I work at a FANG.

And while I know it seems annoying, these teams are overwhelmed with not only innovators but lawyers asking so many variations of the same question it's pretty hard to get back to the innovators with a thumbs up or guidance.

Also there is a real threat here. The "wiped my hard drive" story is annoying but it's a toy problem. An agent with database access exfiltrating customer PII to a model endpoint is a horrific outcome for impacted customers and everyone in the blast radius.

That's the kind of thing keeping us up at night, not blocking people for fun.

I'm actively trying to find a way we can unblock innovators to move quickly at scale, but it's a bit of a slow down to go fast moment. The goal isn't roadblocks, it's guardrails that let you move without the policy team being a bottleneck on every request.

> People without consideration for the implications will inevitably get burned

They will also burn other people, which is a big problem you can’t simply ignore.

https://theshamblog.com/an-ai-agent-published-a-hit-piece-on...

But even if they only burned themselves, you’re talking as if that isn’t a problem. We shouldn’t be handing explosives to random people on the street because “they’ll only blow their own hands”.

>IMO the security pitchforking on OpenClaw is just so overdone.

Isn't the whole selling point of OpenClaw that you give it valuable (personal) data to work on, which would typically also be processed by 3rd party LLMs?

The security and privacy implications are massive. The only way to use it "safely" is by not giving it much of value.

This may be a good place to exchange some security ideas. I've configured my OpenClaw in a Proxmox VM, firewalled it off of my home network so that it can only talk to the open Internet, and don't store any credentials that aren't necessary. Pretty much only the needed API keys and Signal linked device credentials. The models that can run locally do run locally, for example Whisper for voice messages or embeddings models for semantic search.

I think there are two different things at work here that deserve to be separated:

1. The compliance box tickers and bean counters are in the way of innovation and it hurts companies.

2. Claws derive their usefulness mainly from having broad permissions, not only to you local system but also to your accounts via your real identity [1]. Carefulness is very much warranted.

[1] People correct me if I'm misguided, but that is how I see it. Run the bot in a sandbox with no data and a bunch of fake accounts and you'll see how useful that is.

> every time you try something innovative the "policy people" will climb out of their holes and put random roadblocks in your way

This is so relatable. I remember trying to set up an LLM gateway back in 2023. There were at least 3 different teams that blocked our rollout for months until they worked through their backlog. "We're blocking you, but you’ll have to chase and nag us for us to even consider unblocking you"

At the end of all that waiting, nothing changed. Each of those teams wrote a document saying they had a look and were presumably just happy to be involved somehow?

I am also ex-FAANG (recently departed), while I partially agree the "policy-people" pop-up fairly often, my experience is more on the inadequate checks side.

Though with the recent layoffs and stuff, the security in Amazon was getting better. Even the best-practices for IAM policies that was the norm in 2018, is just getting enforced by 2025.

Since I had a background of infosec, it always confused me how normal it was to give/grant overly permissive policies to basically anything. Even opening ports to worldwide (0.0.0.0/0) had just been a significant issue in 2024, still, you can easily get away with by the time the scanner finds your host/policy/configuration...

Although nearly all AWS accounts managed by Conduit (internal AWS Account Creation and Management Service), the "magic-team" had many "account-containers" to make all these child/service accounts joining into a parent "organization-account". By the time I left, the "organization-account" had no restrictive policies set, it is up to the developers to secure their resources. (like S3 buckets & their policies)

So, I don't think the policy folks are overall wrong. In the best case scenario, they do not need to exist in the first place! As the enforcement should be done to ensure security. But that always has an exception somewhere in someone's workflow.

The difference is that _you_ wiped your own hard drive. Even if prompt injection arrives by a scraped webpage, you still pressed the button.

All these claws throw caution to the wind in enabling the LLM to be triggered by text coming from external sources, which is another step in wrecklessness.

These comments kill me. It sounds a lot like the “job creators” argument. If only these pesky regulations would go away I could create jobs and everyone would be rich. It’s a bogus argument either way.

Now for the more reasonable point: instead of being adversarial and disparaging those trying to do their job why not realize that, just like you, they have a certain viewpoint and are trying to do the best they can. There is no simple answer to the issues we’re dealing with and it will require compromise. That won’t happen if you see policy and security folks as “climbing out of their holes”.

my time at a money startup (debit cards) i pushed to legal and security people to change their behaviour from "how can we prevent this" to "how can we enable this - while still staying with the legal and security framework" worked good after months of hard work and day long meetings.

then the heads changed and we were back to square one.

but for a moment it was glorious of what was possible.

> every time you try something innovative the "policy people" will climb out of their holes and put random roadblocks in your way, not for the sake of actual security (that would be fine but would require actual engagement) but just to feel important

The only innovation I want to see coming out of this powerblock is how to dismantle it. Their potential to benefit humanity sailed many, many years ago.

Work expands to fill the allocated resources in literally everything. This same effect can be seen in software engineering complexity more generally, but also government regulators, etc. No department ever downsizes its own influence or budget.

No laws when you’re running Claws.

It’s not to feel important, it’s to make others feel they’re important. This is the definition of corporate.

"I have given root access to my machine to the whole Internet, but these security peasants come with the pitchforks for me..."

> I work at a FAANG and every time you try something innovative the "policy people" will climb out of their holes and put random roadblocks in your way

What a surprise that someone working in Big Tech would find "pesky" policies to get in their way. These companies have obviously done so much good for the world; imagine what they could do without any guardrails!

The DoDs recent beef with Anthropic over their right to restrict how Claude can be used is revealing.

> Though Anthropic has maintained that it does not and will not allow its AI systems to be directly used in lethal autonomous weapons or for domestic surveillance

Autonomous AI weapons is one of the things the DoD appears to be pursuing. So bring back the Skynet people, because that’s where we apparently are.

1. https://www.nbcnews.com/tech/security/anthropic-ai-defense-w...

This is exactly why artificial super-intelligences are scary. Not necessarily because of its potential actions, but because humans are stupid, and would readily sell their souls and release it into the wild just for an ounce of greed or popularity.

And people who don't see it as an existential problem either don't know how deep human stupidity can run, or are exactly those that would greedily seek a quick profit before the earth is turned into a paperclip factory.

Humans are inherently curious creatures. The excitement of discovery is a strong driving force that overrides many others, and it can be found across the IQ spectrum.

Perhaps not in equal measure across that spectrum, but omnipresent nonetheless.

There was a small group of doomers and scifi obsessed terminally online ppl that said all these things. Everyone else said its a better Google and can help them write silly haikus. Coders thought it can write a lot of boilerplate code.

We didn't "moved from", both points of view exist. Depending on the news, attention may shifts from one to another.

Anyways, I don't expect Skynet to happen. AI-augmented stupidity may be a problem though.

Because even really bad autonomous automation is pretty cool. The marketing has always been aimed at the general public who know nothing

> “we”

Bunch of Twitter lunatics and schizos are not “we”.

I would have said Doomers never win but in this case it was probably just PR strategy to give the impression that AI can do more than it can actually do. The doomers were the makers of AI, that’s enough to tell what a BS is the doomerism :)

I mean. The assumption that we would obviously choose to do this is what led to all that SciFi to begin with. No one ever doubted someone would make this choice.

Other than some very askew bizarro rationalists, I don’t think that many people take AI hard takeoff doomerism seriously at face value.

Much of the cheerleading for doomerism was large AI companies trying to get regulatory moats erected to shut down open weights AI and other competitors. It was an effort to scare politicians into allowing massive regulatory capture.

Turns out AI models do not have strong moats. Making models is more akin to the silicon fab business where your margin is an extreme power law function of how bleeding edge you are. Get a little behind and you are now commodity.

General wide breadth frontier models are at least partly interchangeable and if you have issues just adjust their prompts to make them behave as needed. The better the model is the more it can assist in its own commodification.

And be nice and careful, please. :)

Claw to user: Give me your card credentials and bank account. I will be very careful because I have read my skills.md

Mac Minis should be offered with some warning, as it is on pack of cigarettes :)

Not everybody installs some claw that runs in sandbox/container.

Even if hordes of humanoids with “ice” vests start walking through the streets shooting people, the average American is still not going to wake up and do anything

I mean we know at this point it's not super intelligent AGI yet, so I guess we don't care.

The increased hardware prices are temporary and will only spur further expansion and innovation throughout the industry, so they're actually very good news. And the compute used for a single LLM request is quite negligible even for the largest models and the highest-effort tasks, never mind routine requests; just look at how little AI inference costs when it's sold by third parties (not proprietary model makers) at scale. We don't need complete automation of every complex task, AI can still be very helpful even if doesn't quite make that bar.

> CME's website is very bot-hostile and blocked it after a few requests

This is one of the reasons people buy a Mac mini (or similar local machine). Those browser automation requests come from a residential IP and are less likely to be blocked.

Lots of hosting companies advertising managed claws, dunno how responsible they are about security.

It’s really just easier integrations with stuff like iMessage. I assume easier for email and calendars too since that’s a total wreck trying to come up with anything sane for Linux VM + gsuite. At least has been from my limited experience so far.

Other than that I can’t really come up with an explanation of why a Mac mini would be “better” than say an intel nuc or virtual machine.

I'm guessing maybe they just wanted an excuse to buy a Mac Mini? They're nice machines.

It would be much cheaper to spin up a VM but I guess most people have laptops without a stable internet connection.

I had a conversation with someone last night who pointed out that people are treating their Claws a bit like digital pets, and getting a Mac Mini for them makes sense because Mac Minis are cute and it's like getting them an aquarium to live in.

Just commented in reply to someone else about this:

https://news.ycombinator.com/item?id=47099886

It works and is plug and play. And can also work as a Mac. But getting in short supply since Apple hadn't planned for this new demand.

Apple fans paying apple tax to have an isolated device accessing their profile.

They're an indicator of complexity and attack surface area.

> fits into both my head and that of AI agents

Why are you not quoting the very next line where he explains why loc means something in this context?

PR. Say you fired all your friends and replaced them with mac minis.

do you remember “moltbook”?

Of course if the proponents are right, this approach may fit to skipping coding :-)

you're right, i should draft one now

I can remember at least since the 90s people were saying "Soon I won't even have to work anymore!"

What a new an interesting viewpoint which has the ability to change as the evidence does!

Openclaw the actual tool will be gone in 6 months, but the idea will continue to be iterated on. It does make a lot of sense to remotely control an ai assistant that is connected to your calendar, contacts, email, whatever.

Having said that this thing is on the hype train and its usefulness will eventually be placed in the “nice tool once configured” camp

As a long time computer hobbyist who grew up in MSDOS and now resides in Linux I'm starting to wonder if I am not more connected to computing than a lot of people employed in the field.

Using a Mac Mini allows for better integration with existing Apple services. For many users, that just makes sense.

Your suspicions are correct, any extra machine works: 4GB Pi, virtual machine, or old laptop.

From https://openclaw.ai/blog/introducing-openclaw:

The Naming Journey

We’ve been through some names.

Clawd was born in November 2025—a playful pun on “Claude” with a claw. It felt perfect until Anthropic’s legal team politely asked us to reconsider. Fair enough.

Moltbot came next, chosen in a chaotic 5am Discord brainstorm with the community. Molting represents growth - lobsters shed their shells to become something bigger. It was meaningful, but it never quite rolled off the tongue.

OpenClaw is where we land. And this time, we did our homework: trademark searches came back clear, domains have been purchased, migration code has been written. The name captures what this project has become:

    Open: Open source, open to everyone, community-driven
    Claw: Our lobster heritage, a nod to where we came from

You can see it that way, but I think its a cynics mindset.

I experience it personally as super fun approach to experiment with the power of Agentic AI. It gives you and your LLM so much power and you can let your creativity flow and be amazed of whats possible. For me, openClaw is so much fun, because (!) it is so freaking crazy. Precisely the spirit that I missed in the last decade of software engineering.

Dont use on the Work Macbook, I'd suggest. But thats persona responsibility I would say and everyone can decide that for himself.

I had to use AI to actually understand what you wrote it and I think it's an underrated comment

How about "Open Assistants"? "OpenAss" for short?

I think claws is a great name. They let the AI go grab things. They snap away and get stuff done. Claws are powerful and everything that has claws is cool.

Some of this may be slightly satirical.

(But I still think “claws” works better than “personal assistant” which anthropomorphises the technology too much.)

Stupid name? sure, but there's no point in fighting it. Claws is a sticky name.

"Personal assistant” already has enough uses (both a narrower literal definition and a broader metaphorical definition applying to tools which includes but is not limited to what "claws" refers to) that using it probably makes communication more confusing rather than more clear. I don't think “claws” is a great name, but it does have the desirable trait of not already being heavily overloaded in a way that would promote confusion in the domain of application.

"OpenClanker"?

> OpenSlave" would be a better fit.

Wow. Can we please not?

fr idg this obsession with lobsters/molting/claws/shrimps it feels like i'm going insane

https://karpathy.ai/

PHD in neural networks under Fei-Fei Li, founder of OpenAI, director of AI at Tesla, etc. He knows what he's talking about.

Really smart AI guy ex Tesla, cum educator now cum vibe coder (he coined the term vibe coder)

The person that made the svmjs library I used for a blue monday.

A quick Google might’ve saved you from the embarrassment of not knowing who one of the most significant AI pioneers in history is, and in a thread about AI too.

This doesn't seem to be promoting every new monstrosity?

"m definitely a bit sus'd to run OpenClaw specifically - giving my private data/keys to 400K lines of vibe coded monster that is being actively attacked at scale is not very appealing at all. Already seeing reports of exposed instances, RCE vulnerabilities, supply chain poisoning, malicious or compromised skills in the registry, it feels like a complete wild west and a security nightmare. But I do love the concept and I think that just like LLM agents were a new layer on top of LLMs, Claws are now a new layer on top of LLM agents, taking the orchestration, scheduling, context, tool calls and a kind of persistence to a next level.

Looking around, and given that the high level idea is clear, there are a lot of smaller Claws starting to pop out."

I expect him to be LLM curious.

If he has influence it is because we concede it to him (and I have to say that I think he has worked to earn that).

He could say nothing of course but it's clear that is not his personality—he seems to enjoy helping to bridge the gap between the LLM insiders and researchers and the rest of us that are trying to keep up (…with what the hell is going on).

And I suspect if any of us were in his shoes, we would get deluged with people who are constantly engaging us, trying to illicit our take on some new LLM outcrop, turn of events. It would be hard to stay silent.

We construct a circus around everything, that's the nature of human attention :), why are people so surprised by pop compsci when pop physics has been around forever.

LLMs alone may not deliver, but LLMs wrapped in agentic harnesses most certainly do.

Agree, but his content on LLM are top-notch.

Docker and k8s didn't deliver?

so what's your point? he should just not get involved in the most discussed topic in the last month and highest growth OS project?

He really is, on twitter at least. But his podcast with Dwarkesh was such a refreshing dose of reality, it's like he is a completely different person on social media. I understand that the hype carries him away I suppose.

Is the problem you're thinking of LLMs, or cloud LLMs versus local ones?