top | item 47065566

(no title)

m_ke | 11 days ago

also i wasn't concerned about open chinese models till the latest iteration of agentic models.

most open claw users have no idea how easy it is to add backdoors to these models and now they're getting free reign on your computer to do anything they want.

the risks were minimal with last generation of chat models, but now that they do tool calling and long horizon execution with little to no supervision it's going to become a real problem

discuss

8cvor6j844qw_d6|11 days ago

I went with an isolated Raspberry Pi and a separate chat account and network.

The only remaining risk is the API keys, but easily isolated.

Although I think having direct access on your primary PC may make it more useful, the potential risk is too much for my appetite.

oxag3n|11 days ago

The only remaining risk? Considering wide range of bad actors and their intent, stealing your API keys is the last thing I'd worry about. People ended up in prison for things done on their computers, usually by them.

iugtmkbdfil834|11 days ago

This is genuinely the only way to do it now in a way that will not virtually guarantee some new and exciting ways to subvert your system. I briefly toyed with an idea of giving agent a vm playground, but I scrapped it after a while. I gave mine an old ( by today's standards ) pentium box and small local model to draw from, but, in truth, the only thing it really does is limit the amount of damage it can cause. The underlying issue remains in place.