So no 1m context window on Claude Code still 200k. Only on the API. they missed that from the marketing.

My biggest issue with this whole thing is: how do you protect yourself from prompt injection?

Anyone installing this on their local machine is a little crazy :). I have it running in Docker on a small VPS, all locked down.

However, it does not address prompt injection.

I can see how tools like Dropbox, restricted GitHub access, etc., could all be used to back up data in case something goes wrong.

It's Gmail and Calendar that get me - the ONLY thing I can think of is creating a second @gmail.com that all your primary email goes to, and then sharing that Gmail with your OpenClaw. If all your email is that account and not your main one, then when it responds, it will come from a random @gmail. It's also a pain to find a way to move ALL old emails over to that Gmail for all the old stuff.

I think we need an OpenClaw security tips-and-tricks site where all this advice is collected in one place to help people protect themselves. Also would be good to get examples of real use cases that people are using it for.

It should be that when you sign up with an ISP AND have children, you should be required by law to install software to monitor and track your children's usage. It needs to be done at this level, as this then stops the Proxy, VPN argument as well.

This is both a technical and an educational problem that needs to be solved. The technology for network monitoring needs to be easier for parents to install, with all 18+ content blocked by default, etc. Companies have software installed that tracks everything you do—every piece of software you install (or can't install if the system is locked down). We need this level of technology available at home.

Now, if Microsoft, Google, etc all got together, backed by the government, they could build this in months, and so the cost would be low and shared.

All mobile phone contracts block access to 18+ content. If a child has a mobile phone, then yes, block access to social networks.

It could be a plug-in device that connects between your router OR an ISP-level feature that, when you first join, asks whether there are children in the house. If you say no and there are, then that's breaking the law.

When you first install it, a well-designed interface would prompt you to select your children's ages and add their devices (laptops, iPads, etc.). You install the client software locally, link everything up, and the whole system tracks and monitors usage. Problem solved.

If children go to friends' houses, there should be a way for them to join as guests so parents can still see everything.

If children go to grandparents' houses or friends of friends, then either you need to install this box to manage access, or there's no Wi-Fi. They'd have to use their mobile data.

What I don't agree with is that childless people have to comply. I don't know any children, and all the ones I did have have grown up now. Fundamentally, I do think that we need to find a better way to stop social media bullying, the fact that beheading or gore videos are so easily accessible - I think that's worse than any "normal" porn!

Children cannot drink or smoke. It's not like you can argue against this; parents have a responsibility to stop that from happening. It's no different; in fact, it's worse.

Now, of course, once kids get to 14+, they will find a way. Since the start of history, we've all gone through that, and nothing any government does is going to stop children from pushing boundaries, learning, and experimenting.

My concern is that Gov will go down a route where every website you sign up to requires AgeID. It will be impossible to have Anon accounts anywhere. Sites will love it as more advertising and tracking for everyone. I stopped posting on social networks, as the second you say anything slightly different from someone else, the trolls come out and attack. I simply could not be bothered, and so deleted all social networks.

Waiting now for the HN trolls to attack - don't worry, I simply cannot be bothered to respond :)

100% agree. Sadly, I have realised fewer people actually give an F than you realise; for some, it's just a paycheck. I am not sure what has happened over the decades regarding actually being proud of the work you produce.

I also think they tend to be the older ones among us who have seen what happens when it all goes wrong, and the stack comes tumbling down, and so want to make sure you don't end up in that position again. Covers all areas of IT from Cyber, DR, not just software.

When I have moved between places, I always try to ensure we have a clear set of guidelines in my initial 90-day plan, but it all comes back to the team.

It's been 50/50: some teams are desperate for any change, and others will do everything possible to destroy what you're trying to do. Or you have a leader above who has no idea and goes with the quickest/cheapest option.

The trick is to work this out VERY quickly!

However, when it does go really wrong, I assume most have followed the UK Post Office saga in the UK around the software bug(s) that sent people to prison, suicides, etc. https://en.wikipedia.org/wiki/British_Post_Office_scandal

I am pretty sure there would have been a small group (or at least one) of tech people in there who knew all of this and tried to get it fixed, but were blocked at every level. No idea - but suspect.

my cloudflare pages website is down - 500 server error :(

cannot login to get to workers to check - auth errors

I thought this was the point of a cached CDN!

I feel old - remember watching this when i started out, later went on to use Delphi before moving to the web.

We already have multiple forms of identification. The National Insurance number, passports and photo ID such as driving licences, which we must provide when starting employment.

If you're not from Britain, you must present evidence of your right to work or other documentation. This is already the law.

Any company that does not follow this is violating the law.

In reality, most illegal workers are engaged in cash-in-hand jobs that never require ID. A digital ID alone will not solve this problem.

Adding a digital ID won't make any difference.

We've also seen similar issues with the UK's attempt to censor adult content "to protect children." It sounds reasonable on the surface (no child should have open access to the internet!). Still, the law was written so broadly that even community clubs involving children with no relation to adult content were caught in its provisions.

Threatened by fines and bureaucratic red tape, many closed their doors. International sites that had no idea what to do - now block the UK. And did this stop access to explicit content? No. Anyone can use a VPN, or an anonymity-oriented browser like Brave and use a Tor tab to bypass the blocks completely. For the non-technical, how long before these Age ID check services, which the government wants everyone to use (private companies owned mainly by adult companies), are hacked and everyone's viewing habits are released?

How long before we're required to use our Digital ID to log on to the internet, enabling monitoring of everything we browse?

A more innovative approach would be for ISPs to by default integrated parental controls on residential connections, something that has been technically possible for decades. In fact, any mobile phone contract in the UK operates similarly. Why not home internet? This isn't about new legislation; it's about education.

Parents already understand why they shouldn't give alcohol or tobacco to their children; why not teach them how to protect their children online?

The new NHS app and driving licence app are expected to be available by the end of 2025. How long before they're integrated into a single system where the government maintains one massive database containing every individual's driving information, medical records, browsing history, banking and tax details? It's not far-fetched to imagine such overreach occurring.

Also as of this week, HMRC (our UK tax office) also now has the right to raid any UK bank account for taxes owed (leaving only £5,000 in the account). This applies to both individuals and companies. Consider a company that becomes insolvent days before paying salaries how will they pay their workers? Some companies have already become insolvent after paying wages while still owing taxes and National Insurance. Just HMRC now get their money and the employees won’t.

I realise there are several loosely connected points above, but that's precisely the problem: all these developments have emerged over the past 18 months.

So when the UK government claims these measures are "for the people," the argument falls flat.

It's difficult to believe that policymakers don't recognise these fundamental flaws.

This raises the question: what's the real motivation? To me, it seems less about protection and more about monitoring and control, implemented by people too afraid to speak against their superiors.

At nearly 50, I see a UK very different from the one I was born into. One thing I know for sure: once this process begins, it will only worsen, and a new government will maintain these systems and extend them further. We left Europe - but kept every single law! As a nation, we just allow all of this to happen. It’s the British way!

Interesting - just updated my rabbit which has not been turned on in a year :)

Once signed up and wanted to test once says no credits so this post is really just an advert

This is really cool - I recently worked on a tool that I installed on my iPhone, which extracts all health data nightly to CSV and then to a cloud database.

This was quite straightforward once you understand the permissions. I wonder why the OP didn’t do this and was instead using a simple health export CSV?

The main concern I had with releasing this or turning it into a tool was data security.

I have been swimming 1500m x 365 days of the year for the last 7 years. My use case was to build a personalised dashboard for my daily swimming and heart rate data to track detailed progress beyond what Apple offers. Having the ability to query this data with AI could be quite useful, rather than relying on manual reports.