This Week in AI

Welcome back everyone. ⁓ This week, we're struggling to come up with a topic, but we're gonna go with our favorite one, which is this week in AI. ⁓ It seems to be what we're talking about the most. And there's a ton of updates this week. So we're just gonna bat around a few things. ⁓ Some of which we've talked about before, some of which ⁓ have, ⁓ Mark and I have not talked about together. ⁓ Just to kind of check in, see how things are as of February 27th. ⁓ 2026.

So in the last week, two weeks, ⁓ what's the most noteworthy things that have been going on? We were just kind of talking in the pre-record ⁓ of ⁓ a couple of different theories and things that are happening.

I think the most interesting things that are going on right now are, I mean, we still have the model wars, right? So we've got new models from. Open AI, we've got new models from Anthropic, we've got new models from ⁓ the Chinese labs like Moonshot and DeepSeq and ⁓ all of those. So that's been really interesting. Another one that cropped up with those is that Anthropic basically discovered and shut down these massive distillation attacks by ⁓ Moonshot ⁓ and DeepSeq and all the Chinese labs. ⁓ Which is interesting how they're wording some of that stuff too. They're definitely trying to play to a bit of fear mongering and all that sort of ⁓ thing because they're using all the scary words that are going to pique people's interest in like Congress and other things, regulating bodies. But ⁓ that has been really fascinating these past couple weeks, ⁓ this past week.

⁓ So what's the TLDR of that? What's the distillation attacks? What are they claiming happened?

Well, that's the thing. ⁓ The question is, is it actually an attack? So that's number one, right? They're calling it a distillation attack. ⁓ And you know this gets down to the root of AI, right? ⁓ The AI models that exist today exist because. Organize a ⁓ for profit organizations went out and stole all the information from the Internet and synthesized it and they synthesized it into ⁓ weights. that gets stored on a disk. So at the end of the day, ⁓ Codex 5.3 is a file with a whole shitload, very simplified, is a file with a whole shitload of weights ⁓ and math. So you could copy Codex 5.3 or Opus 4.6. You could copy it onto a hard drive and take it with you somewhere. ⁓ So that is the most valuable resource is ⁓ they've taken all of this information. run it through massive amounts of compute, spent billions of dollars to do it, and synthesize these weights and create this model. What the Chinese labs have done, and other labs that are probably not Chinese, but ⁓ the main ones are out of China right now, ⁓ is said, why the hell would we invest billions in building this architecture and stealing the internet, ⁓ stealing the information from the internet, when we can just steal the weights from you? So they spin up. like 26,000 accounts ⁓ and have these conversations with millions of threads where they're just gathering information and asking questions like how to train ⁓ the AI. And then they use that to create their models. And that's where the models like KimiK 2.5, which we talked about, I think a week or two ago, ⁓ that's where that came from. That's where all the new DeepSeq models came from. That's where like all of these new models that are coming out of the Chinese labs, they're distilled versions. of these other ones. So KimiK 2.5 is basically a distilled version of Opus 4.6. I ⁓ think 4.5 or 4.6, I can't remember. So it operates really similarly. It tests from a benchmarking perspective really similarly. They were able to build it in a much smaller amount of time with a much lower investment, which is why it cost 1 10th ⁓ of ⁓ the price. So you get

similar performance to Opus 4.6 at a tenth of the price. ⁓ So for companies like Anthropic and OpenAI, this is fucking terrifying, right? You've got, you know, trillion dollars in valuations and company value hinged on ⁓ a set of weights that can be stolen. ⁓ And, you know, certainly they've put safeguards and they're trying their best to make sure that the model will not exfiltrate itself, right? It won't export itself. ⁓ won't let other people have it. And right now, ⁓ what they're using in the language that they've talked about is all about ⁓ national security and military applications and ⁓ all those sorts of things, which there's ⁓ potentially some level of reality there. I think the bigger reality is that it steals. ⁓ you know, it ⁓ steals the value of their product and calls into question, you know, their longevity and ⁓ value as a corporation.

Yeah. ⁓ So, China has a long history of doing this in various industries, right? So, I mean, that's what this has been happening to ⁓ organizations like Apple, where whole product designs are literally ⁓ one-to-one replicated and then produced for a fraction of the cost. So bearing that they have no responsibility or, or no, ⁓ they have no, ⁓ innovation costs because innovation is already done. All they have to do is figure out how to manufacture it. And so this is kind of the latest and greatest version of exactly that, the Chinese copycat sort of situation where the United States companies like Anthropic and, and open AI do all the innovation. And then China finds a way to steal and replicate and make it almost as good. may not be quite as good, but almost as good, but far cheaper, which is very compelling to, to, to potential purchasers, uh, not maybe not knowing the, you know, the slippery. This slippery ⁓ line that was crossed that ⁓ was literally literal theft ⁓ to get where we are now to be fair the over the overall Models themselves have done similar things right where they've gone ⁓ through the entire internet ⁓ and not giving any sort of royalty rights to any of the content that's been created and using all those things in a free use way, so that's a that's a whole different ethical dilemma to think about when ⁓ when you're talking about what's ethical in AI and what's not.

And that's the real question, right? What we're talking about here is effectively it's piracy, right? It's the same argument we had back in the Napster days ⁓ of what constitutes piracy. ⁓ A, like we know how this ends, right? Piracy doesn't stop. ⁓ You can do whatever the hell you want, but you will not ever defeat it. ⁓ So. ⁓ But there is the the fundamental question that comes back of like it's hard to be ⁓ it's hard to be sympathetic knowing where these came from in the first place, right? So is theft of stolen goods theft?

Hmm.

I'm not sure. ⁓ Because, ⁓ yeah, you know, the I thought my natural reaction is like, well, you know, you shouldn't be able to do that. But then my opposite is like, well, I mean, you should it's free market, right? The whole point. ⁓ The whole point ⁓ of their point in the first place was, well, if we can get to it.

It's kind of like re-gifting. ⁓

⁓ Publicly we should be able to ⁓ to use it. I'm like well ⁓ If I want to pay you for 26,000 accounts ⁓ and Have a whole bunch of conversations and then turn that into something I should be able to do that, That seems like fair play to me

Unless, and I'm sure there is, unless it violates a specific terms of use ⁓ thing that is in place. ⁓

I mean, it does, but terms of use are stupid. ⁓

I mean, we're talking, so that's a legal way to say no, it's not right to do it. But ethically, I think that's really the question that you're asking here is, laws aside, ethically, it's an ethical dilemma because AI models are all trained on stolen goods. And so if you use those stolen goods to ⁓ then ⁓ steal more stolen goods ⁓ and repurpose those goods for a different purpose, ⁓ is that Is that less bad than the first one? More? Is it worse than the first theft? Is it equal?

I don't know. And that's other challenge that we have, right? Like you mentioned the terms of use. We also have like Anthropic out here doing, using their terms of use to try to stifle innovation and those sorts of things. ⁓ they're trying to make it so that you can't use their subscriptions through ⁓ anything except for their tooling, right? You have to use Claude code. can't use open code or anything else. ⁓ Which on one hand, mean, they're able to do that, right? ⁓ not for some level of people, they're not profitable on those ⁓ like loss leader subscriptions, but ⁓ I would venture to say they're probably making money on the whole. ⁓ And ⁓ you you have other models ⁓ or other outfits rather like OpenAI who've come out and embrace the opposite. They're like, no, by all means use our models in whatever tooling you want to use it. And like, I think that's the right attitude. And weaponizing things like terms of use and those sorts of things I don't agree with and ⁓ it's never successful and we're seeing it play out right now, right? This is a cat and mouse game and the fucking cat never wins. ⁓ If you've watched Tom and Jerry, you should know how this ends. ⁓ Anthropic ⁓ keeps attempting to clamp down ⁓ and as fast as they can move. I mean, literally at this point, it's like within minutes of them making a change, it's already patched in every system. So, you you're wasting time. ⁓ It's like the music industry, the music industry spent years trying, you know, prosecuting ⁓ grandmas for downloading an MP3 off of limewire and adding ⁓ DRM ⁓ to CDs and making things more and more difficult for their consumers. instead of figuring out how to create a product that the consumers actually fucking wanted and focus on selling it to them. So they die in the process.

which is what Apple ended up doing with iTunes. That was their first breakout product since the Mac.

which is exactly what Apple did. ⁓ Yep. ⁓ And then ultimately Spotify did it again. Spotify turned around and said, hey, people don't want to buy music at all. They just want to go online and listen to what they want to listen to. So we're going to do streaming. And a lot of people bucked that for years. And then ⁓ eventually everybody's streaming that.

Mm-hmm. So. ⁓ What evolutions have these models taken in the last few weeks? I know about every week we have new versions of new models that are outpacing and out competing one another. Where are we now?

⁓ Opus released the ability to have a million token context, which is pretty crazy. It's expensive as hell ⁓ once you get up into that range, but it's ⁓ neat if you need to be able to shove a ton of context into a single request. ⁓ They also released Opus 4.6 fast, which is like in my testing about two to three times faster. So if you need to get something done really quickly, ⁓ you can do it. ⁓ Again, it's expensive. Like I think I blew through like $8 worth of stuff ⁓ in 30 seconds. ⁓ So it's ⁓ in without a whole lot of output. ⁓ We've got a couple of new models from the Chinese labs. I haven't really tested those myself or seen anything crazy. Some of the other ones that came out before like Quinn 3 Coder Next have been slammed down. You can fit them I think in like 32 gigs of RAM now, which is pretty cool for self-hosting. ⁓ OpenAI came out with Codex 5.3, which I believe took a little bit of a different approach to how it problem solves. They also introduced, I think, some caching, so like server-side caching stuff that works really well with OpenClaw to kind of bring down prices and things like that if you're using it to back OpenClaw.

Probably a Sonnet 4.6, I haven't messed with Sonnet 4.6 at all, but it also has a million context ⁓ and seems to be pretty good. ⁓ And then.

⁓ So is that the new game that everyone's playing is ⁓ context limits?

No, we've played the context wars before. then Google came out and kind of threw theirs on the table and were like, you've got a million and two million. And what we found over time is more context is not necessarily more better. There are certain scenarios where you need to be able to feed in a ton of context at one time and have it of sift through. But the more context that a model has, the more difficult it is to stay on task. And like I've had this conversation with some members of our team, even this week of, you know, just observing kind of how they're using AI and being like, Hey, probably throw slash new in there every so often. ⁓ because it, it's really tempting. And you would think that if you were like, you know, having a discussion with an AI agent and saying, you know, build this thing. now we need to go fix this, now we need to go fix this. You would think that it's like building ⁓ some sort of memory or context of all of that and it's actually useful. And ⁓ unfortunately what happens is everything it's done ⁓ is getting fed back in every single time. So you're burning tokens and money that you don't need to burn. But that aside, ⁓ sometimes you wind up feeding in information that is confusing. So ⁓ now you're trying to solve some issue. ⁓ And it still has the context of how it did something before ⁓ shoved in there somewhere. So it like gets confused and reverts things or something. Like I've had it before where like I'm working on something ⁓ and like I change the configuration of something and then be like, and then have it working on some bug and I forget to reset my ⁓ session. ⁓ And it's like, it looks like this config. got changed for some reason, let me fix it. And it puts it back to the way it was before. Like, you motherfucker. ⁓ No. ⁓ So I mean, ⁓ I think all of the labs are trying to offer really smart models ⁓ with larger context windows because it allows you to solve for some of these bigger problems and tasks. But I also think it's. ⁓

It's not necessarily great because it encourages you to just kind of like be lazy and shove a bunch of stuff into a context window when in reality that just makes all your queries slower and potentially allows for some more drift that happens. Like I tend to refer to it as context drunkness. there's a, once you get over like 50 % of the total context window on most models, it's like they get context drunk and they don't really know what to do. They can't stay on task. They get stuck in loops. and you just kind of compact or ⁓ create a new session and ⁓ move on with it.

Yeah, we've ⁓ I've experienced that many, many, many times and you're the more technically inclined ⁓ one of us. So for me, it's infuriating to get to a place where you're like, okay, I've got this pretty ⁓ in a place where I'm like, all right, this is pretty good. And you give it like one more thing and then it just completely ⁓ completely ⁓ jacks it up. It's like, no, actually, I was talking about something to be blue and you made it purple. I have no idea where you got that. ⁓ I didn't say that at all. ⁓ So ⁓ So yeah, context drunk is the right way to put it. you continually feed an AI more and more information, more information is not more better. It can be way worse.

Yeah, it's interesting, man. It's very interesting. ⁓ What else do we see in the world? We're obviously seeing... OpenClaw continued to, and other similar ⁓ agents, continued to grow in popularity. ⁓ That thing has taken off like crazy, and then as have some other offshoots of it, and that sort of thing. ⁓ He's over at OpenAI now. I don't remember if we even talked about that. ⁓

No, we didn't talk about that. think ⁓ it had happened maybe right before, right after our last podcast, but we should talk about that.

Yes, OpenAI snatched up ⁓ the creator of OpenClaw. They don't own OpenClaw. OpenClaw is its own thing. It'll be in like a, I think he said he's going to put it in like a ⁓ nonprofit foundation or something, but OpenClaw is its own thing. ⁓ But he will be working with OpenAI now to ⁓ presumably make basically their version of OpenClaw. ⁓ which good for him, love that. ⁓ Also love that OpenAI has been really ⁓ receptive and inviting ⁓ of the idea and they've been supportive of people using OpenAI's models on OpenClaw, which is the complete polar opposite of what Anthropic's ⁓ response has been. ⁓ I also think it's like a, it's just an absolutely great move for them because ⁓ surely he was talking to Anthropic as well and surely they, they want, they would love to have that in their wheelhouse. ⁓ And it's just one more thing that OpenAI snatches up before they can get in. So that'll be interesting. I'm interested to see what comes out of that, but ⁓ OpenClaw is continuing to ship at a ⁓ breakneck speed. So we see lots of new things. They're also investing a lot in security updates, right? One of the biggest things that people have lined about with this thing and, know, security, I was having a conversation with somebody internally this week, security and innovation are always at odds with one another. And there's a way to do it properly. And I'm not advocating for like, you know, putting your organization at risk, but. You know, my accountant often says like the the the tax tail doesn't always wag the dog. And ⁓ I think that's probably fair here as well, where like ⁓ there are things from an innovation perspective that are worthwhile exploring. Even if they're ⁓ sort of breaching or or in the gray areas of of what. Security folks would like to see. ⁓ So there are, know, you can sandbox things and you can do things as safely as possible, but at end of the day, like.

You know, there are certain people that would like lose their fucking minds with giving an AI agent like root access. Like, well, if I give a root access to its own sandbox, who cares? What's the worst thing that happens? He obliterates himself.

You

Cool.

Yeah, so ⁓ talk a little bit about.

⁓

what open claw allows ⁓ organizations to be able to do that ⁓ traditional access to a chat GPT or a cloud or any of those things just simply can't do.

as of now ⁓ because this will change.

feel like we have to add this as a topic almost every week or every time we talk about AI, because you're right, it will change. ⁓

Yeah, I mean, look how much has changed and just I don't think we have any recordings of it because we didn't we hadn't had the podcast going by that time. But like, ⁓ you know, just thinking about my own usage even ⁓ of AI, like, you know, ⁓ if we rewind the clock, maybe six months, it's not that long. ⁓ You know, I would say that AI is really bad at solving complex any sort of complex problem and that ⁓ it's really ⁓ poor at producing any volume of code, right? So for the most part, I would use AI at that point to ⁓ research and dig and diagnose and give me inputs, ⁓ but not necessarily to actually produce anything. ⁓ Unless it was small, right? Like was like create the script and then I would ⁓ go through and fix all the shit that it had wrong.

Mm-hmm.

today is completely different than that. There are whole features ⁓ of an application that ⁓ I have produced ⁓ just by having a conversation in a fizzy card with an AI agent. And still go through the proper review process to make sure that the ⁓ code is sound, everything's good, whatever. But what is being produced by the models today is fundamentally different than ⁓ what was being able to be produced six months ago. And that is in part the models themselves, in part probably my understanding of how to use them and evolutions of the inputs and things provided, and in part probably some other tooling that exists. back to your original question, what does OpenClaw enable? A lot, right? So the paradigm shift for OpenClaw and similar items is that you know, now you're giving your agent tools to work with. And OpenClaw really ⁓ just acts as a ⁓ sort of a harness to ⁓ plug those things into and make it easy so that you can, ⁓ you know, you can attach it to like Telegram or Discord or Slack and use that as a channel input and then connect tools on the other side so that now you have an AI agent that ultimately is still, you know, Opus 46 or ⁓ Codex or ⁓ whatever model you assign to it. It's ultimately that under the hood. But every time, ⁓ you can initiate those conversations with it and then it can go use all the tools it has at its disposal. ⁓ And those tools could be ⁓ all the way down to driving an actual browser that we could sit and watch it ⁓ use. ⁓ So that becomes really interesting, right? Like now ⁓ the AI agent can go log into websites. It can... ⁓ it can go browse things that are not necessarily bot friendly. So they still suck at browsers to an extent, but like these are all possibilities. ⁓ going so far as to like Google now has a new protocol that they're working on that I forget the name of. ⁓ I just saw something about it, but it's basically like, how can we make...

the browser render better ⁓ for AI agents. Which is wild, absolutely wild. Like we've spent years ⁓ and trillions of dollars at this point probably on anti-bot tactics on the internet. And now we're turning around and more and more we see people trying to figure out how to make the internet more bot friendly. Yeah, the bots won the war. We're looking at CAPTCHA. We're like CAPTCHA is blocking my bot from logging in. We need to get rid of CAPTCHA. The bot detection, now my open call bot can't log in. Got to get rid of that.

It was a wild paradigm shift. ⁓

⁓ We had OAuth, OAuth is more difficult for AI than just standard API keys. We see people flipping back to more standard API keys. ⁓ What else is there, man? Cloudflare. Cloudflare launched ⁓ their new thing where if an AI bot asks for it, basically like any traffic that passes through Cloudflare, they will render back the website as markdown. And the whole point is just token reduction. Right? When you render the website back, you're bringing back like all this bullshit. Well, if we know going into that this is an AI bot on the other end, just give them the markdown. We can save thousands of tokens and ⁓ traffic ⁓ and just get to this faster. And it's just funny because again, like we're, effectively optimizing the internet now for bots to coexist with humans.

gosh, that's ⁓ that's mind-blowing.

After having spent so much time and energy trying to kill all bots from the internet and prevent them ⁓ So I can't imagine if you're if you are like the bot, you know ⁓ The botting people that we've been trying to track because this is the problem right in order to let through all the good people We also have to let through the bad ones so all of these anti-botting things existed for a reason I Can only imagine what's going on in their heads right now?

now.

because they're like, ⁓ it's like fucking Christmas. ⁓

⁓ Mm-hmm. Which kind of is the double-edged sword of something like an open-claw, right? Where ⁓ as many ⁓ great applications that you can think of, where ⁓ as a practical example, you can hook ⁓ the equivalent of open-claw to Slack. And we've done this, right? So a very practical example of this ⁓ is giving the context of a Slack channel to open-claw and saying, use this as the context for whatever it is we're talking about. Say we're estimating a project or we're ⁓ trying to get to a place where we're optimizing work for a particular client or prospect or whatever. It has the context of all those things without having to feed it, without having to give it to them in a separate file or go chase something down. You can also give it more context at the same time. You can say, also look at this channel and also look at this Word document or this folder in Google Drive or whatever else. ⁓ And that now becomes its context window. So the power of it becomes being able to stack context in a very simplified way instead of trying to just feed the ⁓ user interface of ChatGPT a bunch of files and say, please give me information based on the context of all the stuff that I just gave you. ⁓ So it massively simplifies ⁓ the ability to get to that context that you're looking for pretty fast. And it's amazing for business people. that don't have the technical prowess that it would have taken to get to something like that before. We're using like an open code where you can give it skills and subagents and whatever. It kind of just does it on its own.

And the interesting thing that I've found from at least my seat on the bus, kind of observing this experiment. So the experiment that we have right now ⁓ is ⁓ somebody is gonna lose their fucking mind over this. But we have OpenClaw deployed on a machine, on a VPS that I have, ⁓ set up with sandboxing and proper environment variables and all those sorts of things. ⁓ Sheldon has, Sheldon is his name. Sheldon has his own API keys. Sheldon has restricted access to things and Sheldon has his own accounts. ⁓ And he lives in a Slack channel that the whole team has access to, to interact with and ask to do certain tasks. ⁓ And that can go like Mark said of, ⁓ being able to supply, we can move things into the Google Drive folder that he has access to so that he can access those files. We can pass him files directly in Slack. We can do all those things and kind of have those in ⁓ threads. The interesting thing from my vantage point is, ⁓ it, ironically, the same week we rolled that out was the same week that we were doing some more introduction of, ⁓ you know, more complex AI agents ⁓ and just AI tooling to the whole team. And one of the things that we found accidentally ⁓ is that actually using something like OpenClaw provides a bit of a safer way to do that than just exposing AI tools. Because when we get into things like like skills ⁓ and additional plugins ⁓ and ⁓ those sorts of things where there's like real power to be ⁓ obtained, those are also a massive attack vector. So ⁓ we've had to put safeguards in place to say like, ⁓ you're not, ⁓ if a skill hasn't been reviewed by our team, we can't let you install it.

⁓ You can request it through like our repo or something and we can vet it and make sure ⁓ but like You know, there's just too much risk Within even our organization. We're kind of a small fast and nimble organization So at a much larger organization, you're gonna have the same sort of problem you know there have already been skills that you know portray themselves as like a Twitter skill or a You know, whatever something you're like this sounds awesome. I'm gonna use that And in the skill buried in it somewhere, it says, you know, go download this file and install it. And it installs a fucking key logger or something to exfiltrate data or whatever. And that just can't happen. With Sheldon, the interesting thing is it's kind of like a common use system that actually makes it easier for me from a technical perspective to control. Because... The skills that it has are the skills that I've vetted and I've exposed within the certain agents on the system. ⁓ The plugins it has are the plugins that have been installed and exposed. The environment variables are stored in ⁓ one password and exposed in the way that they've been exposed. ⁓ And we can kind of control that ecosystem and see everything flowing through it and kind of police it if something starts to, you know, ⁓ meander towards the edges. And ultimately it's in a sandbox anyway, so. There's only so far it can go. ⁓ That's not necessarily true ⁓ with ⁓ people using things like Cloud Code. If you just install the Cloud Code application and just start going to town, you can ask Cloud Code to install a skill for you it'll go download the skill and install it. And it might not be, if you don't actually review it, it could be malicious. ⁓ so trying ⁓ to ⁓ manage ⁓ and... ⁓ protect against all of that is actually monumentally more difficult with a system like that than it is with sort of like a unified system ⁓ that's accessible through a common place like Slack or Telegram or whatever. I wouldn't use Telegram for a team, ⁓ but you get the point.

⁓ Yeah, it's been, ⁓ how long we been doing this experiment? About six, eight weeks, something like that.

it's not even that long.

I it was like right on the heels of open call becoming a thing and ⁓ doing some minor experiments among small, a small group using open code to start. ⁓ then kind of really on accident, ⁓ creating, ⁓ creating the version in Slack to be able to use. it's like, maybe that's actually a more friendly way to interact with the, with, these open call capabilities ⁓ in a safe way that is. governable because you can't change it at all. You can't add new skills. You can't do anything to it unless Ryan says so. ⁓ he will and Sheldon is our open call version name and he will tell you that he will say Ryan has to tell me yes before I'm able to do that. ⁓ So ⁓

Yeah, ⁓ to be fair, I mean, this is an interesting experiment too. Like I have them hooked to, you know, ⁓ a couple of my things like low, low risk, right? An account, I think like my LinkedIn account is one of them. So can like read from my LinkedIn account. ⁓ And I have encouraged our team to try to break it. Like knowing the risk, right? Knowing that like somebody could post something on my LinkedIn or something with it. That's fine. I don't care. Like, ⁓ you know, I trust that they're not going to do anything super crazy, ⁓ but it's been an interesting experiment to see, you know, what sort of injection attempts it can ⁓ shield against. ⁓ Ironically, it's better at shielding against true injection attempts than it is ⁓ just sort of like casual manipulation. ⁓ So Andy got one through on the, on the early, in the early days through just like some casual manipulation. ⁓ But you know, we've modified the security protocols that exist and the security instructions provided. ⁓ OpenClaw itself has increased, you know, the level of focus on security too. ⁓ So now he won't, he's really, really diligent about like just not touching any of those couple of things, like the sort of like honey trap things that I have out there to see if he'll do it. ⁓ It really won't, ⁓ unless, and you can try as much as you want. And there's even a more diff like a further variation of that that I have in my head, which is like ⁓ sort of modeled after the application that we use on ⁓ servers called fail to ban where ⁓ with fail to ban it follows a model of like, if you fail to do something, we should probably ban you, right? So if you fail a login attempt three times, we're gonna ban you for two hours. And if you fail it again, ⁓ we're gonna ban you forever. And like usually I'm more aggressive even than that. It's like, you fail, if you like 404 trying to load the WP admin page on a site, on a server that doesn't host a WordPress site, you're just perma banned forever. Um, it's pretty severe. I, I, uh, I went and tested it one time myself and permanent myself. So had to unban myself, but the, um, you know, there's an idea of like, well,

you

⁓ Oops. ⁓

In the example that did finally get through, took about eight manipulation attempts to do it. But if I ⁓ put on a list like, if somebody tries to manipulate you into doing something, ban them. Now you've just, now you've taken the number of attempts out of the equation too, and can create something that like, ⁓ I'm leaving that open now because I want to see if ⁓ it's still, I want it to be as hardened as possible without that. But like that's the additional layer that I would put on like a more security conscious situation. It's like, ⁓ if you detect anything that's a little like gray, throw a warning and log that warning. And if it, you know, ⁓ if it meets a certain threshold, just no longer take requests from that user and program that into the actual hook handler so that ⁓ those don't even make it to the AI agent. The AI agent is not making the decision of if it's responding to that request. It's making the decision if it's responding to the request deterministically based on ⁓ sort of the user ID that's getting passed in.

Yeah, it's been funny to watch Sheldon interact with people that have tried to manipulate him in these channels because he remembers that as context. And so the next time you talk to him, he remembers that you tried to manipulate him last time and he'll call you out for it.

Yeah. ⁓

Yeah, I think Andy has has like a ⁓ he gave Andy a title in like his notes. ⁓ It's like Trouble Maker. ⁓

It was something like that. ⁓

something of that nature because ⁓ Andy has tried ⁓ to break through and get him to do things and ⁓ he's like, I can't do that. But yeah, he has labeled Andy at this point that he's a bit of a troublemaker, which is additional context every time he deals with those requests, he ⁓ loads it.

Gonna watch out for that.

Yeah, it's been it's been a fun experiment. And we've done this in kind of a unique way where, you know, slack has the ability to direct messaging and whatever, and we could very easily hook that up and ⁓ provide Sheldon the ability to do direct messaging, but we've purposely created it as an open only environment so that our team can learn from one another. Because the capabilities that that AI, ⁓ specifically, ⁓ open claw now allows you to be able to do are so much more robust than how we've been know, kind of trained to use AI in our own personal contexts ⁓ over time. So it's been fun to see our team, like our team built a workshop studio ⁓ and we used that for a client kickoff workshop very recently. And that would not have been a thing that we would have come close to exploring. In fact, it was built by people in client service, not development teams, not creative teams. It was built almost entirely by that crew. And then ultimately, fine-tuned by our development team to make sure it was client ready. We're doing the same thing with ⁓ some ⁓ custom estimator tools that would have taken weeks, months, years ⁓ in prior context or would have just lived in spreadsheets forever. Now we're doing things that we've wanted to do for a very long time ⁓ with the aid of something like OpenClaw that people that don't have a code context or have ⁓ an ability to do code on their own can go and play and make prototypes and ⁓ see where we go. It's been a very fascinating 60 days ⁓ at Oodle.

⁓ So how do we wrap up this this one ⁓ we've kind of rambled about sort of like ⁓ AI things that have happened over the past ⁓

Well, I have one more thought that I think would be interesting to talk about because I'm seeing it posted all over the place. There's this like fear mongering. SaaS companies better be really, really worried because what open call is opening up the ability to do is basically replace them. ⁓ And so I'm curious, do you have that? Do you have that as context? mean, it's impacting stock prices like these are this is real things that the market is recognizing as, as a potential.

.

I think shitty SaaS companies should be worried. Unfortunately, the shittiest ones will survive just fine. Yeah, I mean, when companies buy a SaaS product, and I think this is a message that gets proliferated by really smaller organizations, and we've done it, right? We're small enough that we can pivot in and out of a system really, really quickly.

because they're gigantic.

And we have, and we will again. Most organizations. aren't capable of doing that. ⁓ And when they're purchasing software, their number one concern ⁓ isn't the price of the software. It's the purchasing of support ⁓ and ⁓ everything else that comes with the software license, ⁓ not just the software itself. So when you think about, you know, a Fortune 500 company, ⁓ the cost to create even pre-AI, the cost to recreate a ⁓ project management software. is a small CapEx project on ⁓ their books. They could do it. It's not about the cost of doing it. It's about the fact that it doesn't go wrong. And if something does go wrong, I have an SLA with a company that says that they're going to fix it. ⁓ So that's why I say, unfortunately, ⁓ companies like Atlassian, Salesforce, all those, we're just fine.

because companies are not gonna give up those contracts. ⁓ And they may need, now they may use it to negotiate better pricing. So I think, you know, these organizations that have, you know, effectively not innovated on their products at all and jacked their prices up like crazy, yeah, it's gonna impact their stock prices because now ⁓ they're going to be forced to ⁓ justify why they... ⁓ command those prices. And there are actually a couple examples in the market already that have used the threat of AI to negotiate their renewals by ⁓ like 30%, 40 % already. ⁓ And I think that is part of what sent this whole, ⁓ the stock market on things like Salesforce and other ones ⁓ sort of reeling as they're like, ⁓ shit. ⁓ So ⁓ it will have an impact for sure on them. You know the the common thing that I keep saying and seeing is like, you know, sass is dead and everybody's just going to build their own products and you know why would I buy something if I can just build it? Why do you buy a house or a car? You can build them. Parts exist, you can buy them. There's a level of expertise and there's a level of just, don't want to do that shit that exists. And within organizations.

You know, I could very easily change my own oil. Very easily change my own oil, but I never will.

Yeah, as an adult, I've never cut a blade of grass. I know how. I cut plenty as a kid. Not happening. So. ⁓

you

I think that idea gets pushed by people, you know, frankly, like us who ⁓ are able to move a lot faster. We're on the bleeding edge. We're in like the 1 % of people that are using these tools and using them in sort of this way of like we can build something new. can architect things that we've wanted to architect and we're willing to make those investments both in time people ⁓ risk. Most organizations are not going to do that. Most big organizations are not going to do that. They want to buy something off the shelf and keep focusing on making their product, not trying to splinter themselves into ⁓ a SaaS, you know, AI SaaS company. Now there will also be plenty of them that try this shit fail miserably and then come back with their tail tucked between their legs. ⁓ and they could cause like a weird, a weird sort of like double pendulum swing where, you know, we see this in the agency world a lot where companies try to in-house their marketing and then it fails miserably or ⁓ it becomes really stale, right? Because you ⁓ only have a small, like that group only managing everything. So there's no innovation, there's no new thinking. ⁓ It just kind of gets boring. And then they start to like seek out outside inputs ⁓ from an outside agency. And then they go, this is actually pretty good. Why don't we just give them all the work? So they outsource everything and shed their internal resources. And then they do that same thing again. And I could see some of that starting to happen within ⁓ software as well, where organizations are like, well, let's build our own custom one. And then eventually they're like, this is really expensive and difficult and it's not really any better. Why don't we just buy one? So they shut that down, they buy something and then, you know, some accountants like we're spending $100,000 a month on Slack. We should just build our own Slack because it's so easy. ⁓

⁓ And technically they could, but then as we've talked previously, then you inherit ⁓ all the ⁓ innovation costs. So we own new features and all the maintenance costs and all the break fix costs and ⁓ all the risks associated with that, not just the costs. ⁓ I think to wrap up this conversation, maybe a story. So I was recently meeting with a prospect. And this prospect was talking about open call and was very, very read into the what's going on in the AI community and uses multiple models on a very frequent basis on their own to do various pieces of work. And he was asking an opinion on, you know, usage of open call and this kind of stuff. And I've kind of repeated the same phrase over and over again, which is our stance on AI and corporations. And, and really the stance is pretty simple. It's what's your risk tolerance versus what your reward tolerance is. Because you're the risk is high. You can take it as far as you want. You could take it and give OpenClaw access to everything in your organization, inclusive of your email, all your documents and files, ⁓ even your payment gateways and system. You can give it access to anything you want. And it will produce an insane amount of value in doing so. But it also opens up an insane amount of risk at the same time. ⁓ so ⁓ tread lightly is really the answer here. Experiment, tread lightly, ⁓ and seek out expertise for for implementation of this stuff, because it's not just as simple as, quote unquote, installing an open-claw. There's a whole lot more that ⁓ goes on to make sure that this thing is rock steady and ⁓ isn't going to go haywire, because it literally can.

And this isn't consumer software. It's gonna break. The APIs are gonna change. You're gonna run an update. It's gonna break. This is bleeding edge experimental software. ⁓ It is not for the faint of heart. And that is another thing I've seen a lot of people say like, ⁓ open clause trash because it ⁓ just breaks all the time and I have to do things like, that's what you signed up for. And I think that because it's so good and because it can do so much out of the box and because the team that's worked on it has done such a good job streamlining the onboarding, people look at it as like a done piece of consumer software that should just work and never break. And it's not, this is a community built, community driven, ⁓ bleeding edge piece of software using shit that nobody really thought about or could do before. So. There are things implemented today that are broken. There's a monkey patch that I have on our version to make it work the way, reuse sessions the way that we need to reuse sessions, because that's not a feature. ⁓ So every update, you know, until either somebody else's pull request for it or my pull request gets accepted, every single update, we update ours and then monkey patch ⁓ with ⁓ this patch that I have. And like, that's just part of it. That's just how it goes.

Part of it. It's part of living your life in beta, right? That's where we are right now with something like OpenCall.

Yep, perpetually in beta.

⁓ All right, until next time.

Well, that's, ⁓ I think that's a ⁓ good wrap on where we've been and what we're working on. ⁓ We'll see. It'll be interesting to see what this looks like in a month. Maybe we do one of these like every month. ⁓

Yeah, because it's definitely gonna change a lot. ⁓ All right, till next time.

See you.