This is a most excellent place for technology news and articles.
First of all. BULLSHIT. Second. why would you give a bot write-access to your filesystem.
The idea is you give it shell access. Say use super coder agent bob johnson to write a thing that does x using this [framework], separate files by best practice for x y and z features, ask security agent OSO to look over the code and suggest changes, ask agent U.N.I.T to make unit tests, when the code looks good, run through the unit tests. If anything fails keep fixing and iterating until every thing passes. Create a README.MD for everything that was done, Create a TODO.MD for any future suggestions.
I'm simplifying, but this actually works to an extent. Each of the agents keep the context windows small, the whole thing stays sane and eventually nets some project that works. The downside is you end up giving it quite a bit of leeway to get the job done or you sit over it watching and authorizing it's every move.
Kinda strange to see a safety director do that....
You should avoid the FuckAI community - they hate hearing that this application of the technology is wholly viable. To them, it's only capable of creating crap, and to suggest otherwise is to be buried in a mountain of down votes. I was actually surprised you had a positive reaction, until I realized this is the Technology community.
Ohh yeah, best to stay out of echo chambers when you aren't of the same voice.
To be fair, They're not entirely wrong. It will straight up make a horror show if you don't keep an eye on it and even if it succeeds, it's nothing to really cheer about because it will eventually fuck over a LOT of people.
You can't just tell it to make you a browser, insert $20k in tokens and walk away, but you absolutely can get it to make a multi player online party game or make a websocket client/server/admin to manage a dozen pc's hooked into a video wall.
I love how these models apologize like they mean it. It doesn't mean it. It doesn't feel bad, and it will do it again.
Apologies mean "I made a mistake and I learned from it so it won't repeat."
Sure it claims it added more notes to it's config, but if it ignored the rules before, what makes you think that new rules are going to change anything?
But it’s adding it to a text file that eats up a ton of tokens and routinely gets ignored!
That MEMORY. md file won't do shit if the AI doesn't read it.
I give it 2 hours before it stops reading it until prompted again.
And execs think we're going to give these products our bank details and ask them to book flights and stuff. . ?
They released a version recently that fixed over 60 security vulnerabilities. All of them were high or critical.
How many more are there to find? Thousands?
Whoever uses this on a PC with anything useful on it, is absolutely insane.
Thousands
Since LLMs are a black box there are an unlimited number of security vulnerabilities
If I was the director of AI safety, and I used AI to own and delete my inbox, I sure as shit would never tell a soul.
This is pure unbridled incompetence.
The whole "AI safety" field is this incompetent. These people that will tell you AI is on the verge of creating a bioweapon, and then run random code in a command line. Completely and totally unserious.
The "AI safety" field is about two things: marketing AIs as so powerful that they're risky to use but riskier to get left behind by competitors using, and keeping AIs from doing so much brand damage that stock price suffers. This story is about marketing an AI as powerful.
I don’t know what the hell has happened, but some of these people are basically human jellyfish. Big tech is full of them now.
No thought enters their mind, but they dodge the layoffs and the PIPs and get promoted like this.
I don’t fucking get it.
Yep that's about the level of intelligence I would expect from Meta's AI safety director.
Doing the one thing that you're never supposed to do, letting an AI loose on anything sensitive.
For her next trick she's going to run while holding scissors in one hand and a bottle of boiling acid in the other. What could go wrong.
The S in OpenClaw stands for security.
The funniest part is this person job is AI safety.
Yeah, I personally wouldn't be announcing this failure to the world if I were in her position. I don't think you could torture it out of me lmao
It's Meta, her experience is probably an MBA and she did a side course in "computing" where they learnt how to use Excel.
I hate how Apple users feel the need to call their computer by the brand. It really makes me cringe.
It is called "a computer"
Maybe "PC"
"box" if you really have to flex that UNIX
They should treat their computers less like a sports car and more like a van
I mean, isnt that the entire point of Apple? Brand recognition and percieved status attributed to said brand. Its like rappers and gucci belts or country artists and ford pickups
you can like... enforce this rule programatically? you don't have to say "pretty please" to ai? basically, when AI requests some potentially unwanted thing (like deleting an email), this request goes through a proxy that asks the human for confirmation. Also you can have a safe word set up in the chat interface to act as a killswitch. I thought these are ABCs of ai safety but apparently these are foreign concepts to this "safety director"
The people who internalize this would never engage with a chatbot in this way in the first place. To them this is another intelligence they're conversing with, where you get what you need by following social decorum, and enforcing your will amounts to abuse.
Program? Like a fucking farmer?
OpenClaw's whole thing is that you give it unrestricted access to your Computer and online accounts. It's made for people who do not want to think about safety.
The I'm sorry part is always great, I always wanted an apology by an LLM not that it works as specified 😆
It can be like your least competent colleague on roids
“I promise it won’t happen again”
Really? Because you promised it wouldn’t happen in the first place. Now here we are…
Yes I remember. And I violated it.
Asimov rolling in his grave.
She's lucky all she got were some deleted emails.
Given how insecure this whole ordeal is and the fact that she gave it full access to her REAL Inbox, someone could have phished the ever living fuck out of her and Meta just by sending an email with malicious prompt written on white text or hiding messages zero-width characters and other wacky antics.
Real Looney Tunes shit, congratulations to all involved.
Can someone explain to mr why these people are buying Mac Minis to run this in a "safe" environment and then they go on and connect it to the internet and give the AI credentials to all their cloud accounts? This seems excessively moronic to me? Am I missing something?
No, you're not missing anything.
They're morons.
Thats our ruling elite; a bunch of fucking morons with egos and low self awareness at best, literally child raping and murdering pedophiles at worst.
Nothing humbles you like telling your OpenClaw “confirm before acting” and watching it speedrun deleting your inbox. I couldn’t stop it from my phone. I had to RUN to my Mac mini like I was defusing a bomb
... Nothing humbles you like that?
AI: I'm so sorry. You're correct I violated protocol. I'll make a note of this so it won't happen again.
Nurse: You gave my 5 year old patient 5000cc of morphine!
“The bot ate my homework” is quickly becoming more plausible than the customary canine culprit.
If all the qualifications I need to be a security engineer for Facebook are
Then Facebook should hire me. I'll buy so many Mac Minis on their dime. I will run so many crazy things.
I love so much that there are real, hilarious consequences for overzealous early adoption. You can't make this shit up.
Even with little usage it was fairly obvious to me that the probability that an LLM will output at least one very strange response over time approaches 100%.
By themselves, they're just sophisticated chatbots and only stream out some characters or binary in response to a prompt.
Those working in agentic AI frameworks with things like "MCP Servers" provide these things with "tools" that enable them to do things like execute shell commands and go through your inbox the same as if it were chatting with a person or another bot: with the same prompt and response paradigm.
That's where it seems extremely obvious to me that the proper approach is to code these tools -- which in any sane framework are built using regular code -- with the governance in place to prevent these things from doing bullshit like this.
The LLM is formatting your computer or deleting your inbox because some dumb fuck thought it was a great idea to code up tools that hand a chatbot a root-capable shell or complete access to your email system instead of the doing the obviously safer thing and coding the tools with the governance or safety in them so the chatbot going haywire isn't any kind of emergency at all.
This is the 2026 equivalent of running Windows XP with its abundance of open ports in its default configuration on the Internet by running a cable modem directly into the computer with no router or firewall in between to protect it.
It's pure slop, pure recklessness, and any company that produces tool chains that function this way should be ridiculed until the end of time.
How come some 25yo person is a director at Facebook?
I mean, even if she is a child prodigy genius, which she obviously is not as she is face first fist deep into AI, how the frack do you have even enough life experience to become a director of any large organization at that age unless you somehow cheated your way in?
Then reading the hat she's doing and how she resolved it tells me she doesn't know shit about computers, she just know how to type commands into AI systems
Is this the future? Am I going to end up being one of those long bearded magicians that still know the old technology, that still can still save the day by using shell commands?
