April 20, 2026
From DOS to “uh‑ohs”
OpenClaw isn't fooling me. I remember MS-DOS
Readers say these AI helpers feel like unlocked PCs — and nobody wants a robot in their chats
TLDR: A veteran warns modern AI “agent” gateways echo the insecure DOS era, even as NVIDIA shows how to deploy them. Commenters split between anti-agent skeptics, hardcore local-only privacy purists, and permission-first pragmatists — a debate that could decide whether AI assistants can be safe and useful in everyday apps.
Remember those wild‑west MS‑DOS days with no locks on the doors? That’s the vibe critics say OpenClaw/NemoClaw-style AI “agent gateways” are giving off. The article recounts bar‑room horror stories and warns that giving one super‑key (“one token”) to a chatty robot that can run commands is a throwback. NVIDIA’s tutorial shows how to deploy one, pair it with Telegram, and poke holes so it can talk out — careful steps, sure, but also proof it needs loopholes to work.
The comments came in hot. One reader bluntly said they have zero interest in a robot inside their messages and called the whole thing negative value. The privacy die‑hards showed up waving flags for local‑only setups — no internet, no Python, just laptops and llama.cpp — and dropped links like “Stop using Ollama” and their own projects like TriOnyx. The pragmatists? They’re begging for granular permissions: “let it use my GitHub tool, but keep it away from my app installer.”
Between jokes about a drunk Swedish consultant waving a lobster as he shouts “one password for everything!”, the mood is clear: people want assistants that ask nicely and stay in their lane — not a friendly hacker with the keys to the house.
Key Points
- •The article argues that many AI agent gateways mirror MS‑DOS-era security by centralizing privileges (one process, one token) and broad execution trust.
- •It references an NVIDIA tutorial deploying OpenClaw/NemoClaw on DGX Spark, covering model serving to Telegram connectivity for a self-hosted agent setup.
- •Tutorial steps include binding Ollama to 0.0.0.0 for cross-namespace access, pairing a Telegram bot via chat, and approving outbound connections via a host-side TUI.
- •The author’s “Wirken” gateway reduces trust boundaries: per-channel processes with Ed25519 identities, an out-of-process vault, loopback-only inference, and tool-level hardened containers.
- •Wirken prompts for 16 high-risk command prefixes on every call and others on first use for 30 days; setup begins with registering the NVIDIA container runtime with Docker and setting cgroup parameters.