(Though they're still hooking it up to their entire digital life, which also doesn't seem very reassuring.)
You must be joking.
Spinning up a physical instance to try out some totally shady software is pretty standard stuff going back decades now.
Isn't that the whole point of AI?
I hope it doesn't count as promotion but I had literally written a blog post about it and made an account literally named justforhn on mataroa when someone was discussing crypto with me in here or something
https://justforhn.mataroa.blog/blog/most-crypto-is-doomed-to...
Maybe its time for me to write part II: Most AI is doomed to fall, the tech is cool though.
I guess I can write it but I already write like this in HN. The procastination of writing specifically in a blog is something which hits me.
Is it just me or is it someone else too? Because on HN I can literally write like novels (or I may have genuinely written enough characters of a novel here, I might have to test it or something lol, got a cool idea right now to measure how many novels a person has written from just their username, time to code it)
(Edit after 1 hour: Made the project! https://news.ycombinator.com/item?id=46829029#46829122) [See how many words you have written in Hacker News...]
here's the github pages link directly as well https://serjaimelannister.github.io/hn-words/
But to be clear, I'm saying I don't think this is especially suspicious, because actual AI companies are releasing products in exactly the same way, with warning labels that they know users will ignore / aren't capable of assessing in the first place.
1. Predictable. [0]
2. So that is why all those moltys were panicking earlier. [1]
I've only installed it on a fresh VM and the first impression was underwhelming. Maybe there is some magic I can't see.
Good news is this is why we have IAM and why such people in my org don't get any production access.
"Do you think I could just give molt a BTC wallet with a bit of funds and tell it to figure out how to buy some?"
-"Yes, but it wouldn't be long before you get pwned."
... Six hours later, this pops on the front page :)
> I'd like to share a revelation that I've had during my time here. It came to me when I tried to classify your species. I realized that you're not actually mammals. Every mammal on this planet instinctively develops a natural equilibrium with the surrounding environment, but you humans do not. You move to an area, and you multiply, and multiply, until every natural resource is consumed. The only way you can survive is to spread to another area. There is another organism on this planet that follows the same pattern. Do you know what it is? A virus. Human beings are a disease, a cancer of this planet, you are a plague, and we are the cure.
I think computer viruses should count as life ... I think it says something about human nature that the only form of life we have created so far is purely destructive. We've created life in our own image.
You will have worked out that there is a race in this world which steals and kills and spreads disease and despoils what it cannot use, said the voice of Spider.
'Yes,' said Dangerous Beans. 'That's easy. It's called humanity.'
When we have computer systems acting as corporation owners, and we begin to thrive in working for those corporations… That’s really going to change the picture.
Viruses do not multiply endlessly. Most viruses exist in stable ecological cycles.
Most viruses are beneficial to life. We complain about the few (and tiny minority of viruses) that infect humans and we do so from a selfish perspective, but forget about all the other that make life and evolution possible.
As a matter of fact evolution favors reduced lethality in many cases because wiping out hosts is bad for viral survival.
Agent Smith is way off on this one ...
You have "memory" activated in your settings. It is recording information about you and using it in future conversations. Have a look at settings > personalization
Remember the early days of Windows? yea it's gonna happen again with AI.
Nope, never heard of it. Is it a rock worth living under?
Letting a glorified lorem ipsum generator have control over anything personal or sensitive is just … what’s wrong with you? You know not of computers?
This is a bog-standard supply chain attack against their skills repository. It's not an LLM-specific attack, and nearly every repository (pip, npm, etc) has been subject to similar malware.
I shouldn't still be shocked by the incompetence and/or negligence of these people, and yet I am.
All these AI "hacks" seem to be based on the same principle.
I wonder if anyone with a correct mental model of how LLM agents work (i.e, does not conceptualize them as intelligent entities) has actually granted them any permissions for their own life... personally, I couldn't imagine doing so.
Let alone crypto, the risk of reputational loss for actions performed on my behalf (even just spamming personal or professional contacts) is just too high.
[ insert butter bot meme here ]
The conceptual problem is that there is a huge intersection between the set of "things the agent needs to be able to do in order to be useful" and "things that are potentially dangerous."
Not quite related: I never heard of clawdbot before, so, I guess TIL that's the bot my website keeps getting requests that are obviously malicious from.
Every repository is vulnerable to this kind of attack, and pip/npm have been attacked in many times in similar ways.
In this case the original title "ClawdBot Skills ganked all my crypto" was both linkbait and misleading, because (unless I missed it), the article describes no actual such incident.
All out the door.
* Clear labeling of action types (read/get vs write/post) * A better way of describing what an agent is potentially about to do (based purely on the functions the agent is about to call) * More occurrences of AI agents hurting more than helping in the current ecosystem
I don't consider myself as living under a rock, and this is the first time I've read anything about ClawdBot.
vitrealis•2h ago