Lobster-themed AI assistants, milestone releases, and the latest NAS operating system launch
  • SanPe_@lemmy.worldEnglish
    1·
    10 minutes ago

    The “else-hosted” LLM AI is really not my thing, but selfhosted even less…

  • hperrin@lemmy.caEnglish
    7·
    2 hours ago

    I really do not want an AI doing all of those things for me. That would be like giving a four year old full access to my computer.

  • HyperfocusSurfer@lemmy.dbzer0.comEnglish
    18·
    3 hours ago

    Yeah, guess I’ll never understand that whole agentic ai craze. To me it basically looks like

    we have a tool that is relatively simple to trick into doing what it’s not supposed to. Let’s feed it arbitrary data and give it the ability to execute arbitrary code!

    • Scrubbles@poptalk.scrubbles.techEnglish
      53·
      3 hours ago

      It’s not arbitrary code in this case, it’s well defined functions, like list emails, read email, delete email. The agentic portion only decides if it should have those functions invoked.

      Now if they should is up for debate. Personally I would be afraid it would delete an important email that it incorrectly marks as spam, but others may see value.

        • Scrubbles@poptalk.scrubbles.techEnglish
          1·
          6 minutes ago

          Yes, that’s pretty much all an mcp server is, that’s what I’m trying to explain. The ai just chooses what commands out of a list. Each command can be disabled or enabled. Everyone freaking out here like it has sudo access or something when you opt into everything it does

      • theunknownmuncher@lemmy.worldEnglish
        81·
        3 hours ago

        It’s not arbitrary code in this case, it’s well defined functions

        No, you’re 100% wrong as the bot can just directly run arbitrary bash commands as well as write arbitrary code to a file and run the file. There’s probably a dozen different ways it can run arbitrary code and many more ways it can be exposed to malicious instructions from the internet.

          • theunknownmuncher@lemmy.worldEnglish
            4·
            1 hour ago

            Yeah, great, except the bot can literally just write whatever it wants to the config file ~/.openclaw/exec-approvals.json and give itself approval to execute bash commands.

            There’s probably a hundred trivial ways to get around these permissions and approval requirements. I’ve played around with this bot and also opencode, and have witnessed opencode bypass permissions in real time by just coming up with a different way to do the thing it is wanting to do.

          • non_burglar@lemmy.worldEnglish
            2·
            44 minutes ago
            • Bot can write to file
            • Bot can execute code

            You honestly think there isn’t an issue with that?!

  • Decronym@lemmy.decronym.xyzBEnglish
    2·
    6 minutes ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    HTTP Hypertext Transfer Protocol, the Web
    IMAP Internet Message Access Protocol for email
    SMTP Simple Mail Transfer Protocol

    3 acronyms in this thread; the most compressed thread commented on today has 9 acronyms.

    [Thread #46 for this comm, first seen 30th Jan 2026, 16:30] [FAQ] [Full list] [Contact] [Source code]