Hi, ItsFOSS has published a list of alternatives to OpenClaw today. One of them caught my attention: IronClaw. It looks good for privacy, but when I read Near AI’s privacy policy, I had some doubts because I’m not as knowledgeable as most people on the forum. What do you think?
2 Likes
A video is sometimes better than a lot of words, here’s what I’m trying to explain but by vetted people in the Security industry IMHO and that do speak a less-clunky English. 
My worded version of the video above + personal opinion
No security expert, meanwhile I still do consider that the main issue is not addressed by any of those:
- enclaves/sandboxes are good but they don’t focus on the main issue
- real-time scanning sounds like something that is a workaround with the drawback of have something constantly running on your machine
- it being built on Rust could help with some exploits but again, not really fixing the core issue of the LLM doing things its not specifically allowed to do
- TEE might help with some issues, not everything
Hence overall, it’s pretty much like:
- OpenClaw is the equivalent of giving your keys to a group of 5 guys and leaving the house to them while you go to work, hopefully they fix the sink and just leave your place as is[1]
- IronClaw is pretty much, you do the same but you can monitor them remotely with your cameras at home
Now, what are the alternatives?
- you watch a tutorial on YT on how to fix it yourself → which is pretty much paying for some LLM and ask it to code you your thing without an AI assistant in between you and the task you want to achieve (“code me an automated tool to send bulk emails from my excel file” should be more than enough)
- you do call your landlord and ask them to fix the issue, a professional repairman will come and fix it in front of you in 5min → old school way of using some piece of software that does not rely on anything AI
Call me doomer or pessimist/whatever but it’s not a surprise that there is a bunch of Nano/Iron/Whatever - Claw copy-pasta that are built over the weekend by some random people.
It’s the most popular project as of lately on Github, so it sounds like a safe bet to make a quick buck and call it a day while spinning up some half-baked “solution” to an entire new subset of security problems.
Mostly just surfing on the popularity wave. 
You can be a beta-tester of any of the Claws, don’t expect any further safety or insurance when something bad happens with it.
An analogy to represent how integrating AI with “write” permissions feels to me 
When people discovered Gunpowder, they were mindblow by the capabilities and potential of such a discovery.
Let’s not forget all the actual blown people by that discovery.
Took years to refine, understand and control such power properly.
Can be expanded to any new tech where people will call it groundbreaking and make you feel like you need to hop on the train otherwise you’ll miss something big.
I’ll be less skeptical once somebody comes with:
- proper real security background in that field and not over-the-WE vibe-coded project
- with a sustainable business plan to entrust it with my precious data
- approved by a reliable 3rd party
Call me doomer or whatever, I’ll be rather cautious with my stuff.
Moreover, I’d rather code my own tools because I value my privacy/security over marketing claims.
PS: quite sad that itsFOSS published such an article indeed. Not sure how I would feel being recommended such a tool without fully understanding the dangers… 
some people are extremely fine doing that apparently
↩︎
4 Likes
The answer is that not everyone is going to be an expert on everything. Such mistakes happen. That’s why it’s always best to verify things yourself.
1 Like
It looks fine to me as long as IronClaw is configured using an LLM provider without an API key.