User avatar
Angry Sun @sun@shitposter.world
4mo
So, I got OpenClaw installed, which was a terrible pain in the ass until I switched to Linux, then it worked pretty much right away.

You can tell it to do things using a chat gateway, but it only supported protocols I didn't want to use, like IRC or Telegram or Discord.

I pointed it at documentation and told it to implement a delta.chat gateway.

first working version: under 5 minutes
final fully-working version: under one hour.

openclaw provided its own fix iteration loop and was able to see its own errors and fix them itself. I wrote/read no code.

I told it to prepare the code to be redistributed. I'll be auditing the code for bugs and then submitting it back to them after this conference.
2
1
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
4mo
@sun Did basicly the same thing for XMPP. Using XMPP is a security win because I control the XMPP server, so I'm not depending on openclaw security to decide who can talk to my bot. I can just stop that account from federating.
1
0
1
0
User avatar
Angry Sun @sun@shitposter.world
4mo
@fastfinge very nice. I do actually run an xmpp server but the image attachments are always broken + I didn't want to raise the size limit for everyone, so I just went with my friend's delta.chat.

the telegram stuff icked me out, it uses some random unknown person's bot management service? how long until that gets pwned
2
0
0
0
User avatar
Angry Sun @sun@shitposter.world
4mo
@fastfinge next I'm working on a way to do email better so I don't have to use an api key and gmail.
2
0
0
0
User avatar
Ree of Rome the force of nature ⚧️💚 @Ree@shitposter.world
4mo
@sun @fastfinge will the emails be encrypted
2
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
4mo
@Ree @sun Seems like security theatre. Openclaw is just sending them to some AI service anyway. Yes, local AI where possible. But it isn't, always. And openclaw could just randomly decide to email all log files to a guy named Bruce anyway. If I'd want it encrypted, I don't want it in openclaw.
1
0
1
0
User avatar
Ree of Rome the force of nature ⚧️💚 @Ree@shitposter.world
4mo
@fastfinge @sun yeah because someone could just ask it give me the key to unencrypt them anyway.
1
0
0
0
User avatar
🇨🇦Samuel Proulx🇨🇦 @fastfinge@interfree.ca
4mo
@Ree @sun Yes exactly. Better to make sure that even if it, say, hands out the password to its XMPP account, nobody can log into that account anyway, because it's protected by an IP allow list. And the XMPP server is a different machine, so it can't add your IP to the allow list even if it wants to. Same for API keys and so on. Assume it will give them to any random jerk who puts up a webpage that asks it to. Make sure they can't do anything with those keys.
0
0
0
0