Singapore regulators have issued an advisory on agentic AI platform OpenClaw, citing limited built-in security controls, such as authentication gaps. In its first such warning to organisations, the Infocomm Media Development Authority advised users against unrestricted access to files and applications. Doing so may run the risk of having sensitive data leaked to other external AI model providers. Over 400 cases of vulnerabilities and exposures have been reported. Released in November last year, OpenClaw can automate and carry out everyday tasks. Its popularity was driven by the ease of usage and integration with other tools.
ADVERTISEMENT
Giving a warning is a good thing, but according to Nvidia CEO openclaw is the most important software release in the history, nevertheless, giving no permission access to your life to anything, not just openlcaw is a stupid thing
Nothing is safe not even the day you're born
Specialised agent specific design for specific work is definitely a go to for secure progress.
cna a bit slow ah, open claw has already been out a few months
Best AI in the market. As u can just whatsapp your ai agent in ur remote computer to some work. Like buying stuff on your desktop browser.
Just use a vps or vpc or buy a mac mini...
Just don't use it. Simple code suggestions and asking questions from LLMs are enough. Don't let AIs do the project for you. If you don't like Software Engineering, maybe building a software is not for you...
Yes its HIGHYLY dangerous
The government's IT consultants surely know that Linux isn't a secure OS (OpenClaw run on Linux). IMDA knows a leak is coming or, more likely, has already arrived. Admitting that aloud, however, would require a degree of fortitude they've yet to display.
wow... now then you all warn? lol. Months too late duncha think? Vids on YT already warned about this issue. :/
For security, You can install on a vps. More on the tokenize cost.
Need to define what is sensitive data.
nah give AI access to your root shell bet
Not surprise western stuff all have backdoors ... OpenClaw (an open-source AI agent) was created by developer Peter Steinberger in Austria
so is it your doing or the Ai doing ? in the end who's undoing ?
Talking nonsense......how to restrict access????? Just like installing a app on your device,it may contain a ""malware" deep inside without you know.SO HOW TO RESTRICT???? ???????
I wander why these authorities keep on recommending AI........do you know that with you are inviting a DEVIL into your device and in the end even your password, bank account data,how much money you have........and YOU MAY LOSS EVERYTHING!!! SUCCESS????HAHA.......
Run it in container with VPN. Don't put this application in your host network
Good to see regulators catching up on this. I went through the Feb 15 build right after release and the auth gaps plus the way sessions and tokens get hoarded basically guarantee the "data leaking to external providers" issue the IMDA flagged. The 400+ CVE count tracks with what's actually in the repo. Did a full source-level walkthrough back in February for anyone who wants the technical version: /MXo5CRqP5XI
Risk management is a balancing act. If you do not trust the agent why implement it? The power of the agent is giving them the tools with access like an employee. If the agent needs to seek permission for every tools and data to complete the work. Then it’s more work than driving efficiency. I seriously doubt if IMDA has use openclaw extensive enough to issue such advisory or simply just reading cybersecurity papers and start drawing advisory without practical experience. Corporate security does not stop at just deploying network firewalls. There are many systems involved, and all must work together to ensure an acceptable risk.