I’m joining OpenAI
steipete.me864 points by mfiguiere 9 hours ago
864 points by mfiguiere 9 hours ago
I'm happy for the guy, but am I jealous as well? Well yes, and that's perfectly human.
We have someone who vibe coded software with major security vulnerabilities. This is reported by many folks
We also have someone who vibecoded without reading any of the code. This is self admitted by this person.
We don't know how much of the github stars are bought. We don't know how many twitter followings/tweets are bought.
Then after a bunch of podcasts and interviews, this person gets hired by a big tech company. Would you hire someone who never read any if the code that they've developed? Well, this is what happened here.
In this timeline, I'm not sure I find anything inspiring here. It's telling me that I should rather focus on getting viral/lucky to get a shot at "success". Maybe I should network better to get "successful". I shouldn't be focusing on writing good code or good enough agents. I shouldn't write secure software, instead I should write softwares that can go viral instead. Are companies hiring for vitality or merit these days? What is even happening here?
So am I jealous, yes because this timeline makes no sense as a software engineer. But am I happy for the guy, yeah I also want to make lots of money someday.
It's funny to me how still so many don't realize you don't get hired for the best positions for being a 10x programmer who excels at hackerrank, you get hired for your proven ability to deliver useful products. Creativity, drive, vision, whatever. Code is a means to an end. If you're the type of programmer who thinks of yourself as just a programmer, and take pride in your secure code, ability to optimize functions and algorithms, you're exactly the kind of programmer AI will replace.
Quality of code has never had anything to do with which products are successful. I bet both youtube and facebook's codebase is a tangled mess.
I’ve met many more $5M/year “SaaS” entrepreneurs who built a Wordpress plugin than a custom SaaS platform. Your point is well made.
This is exactly right.
The goal is delivering a useful product to someone, which just requires secure enough, optimized enough, efficient enough code.
Some see the security, optimization, or efficiency of the code itself as the goal. They'll be replaced.
The opposite is not true though: successful products might have messy codebases, but that doesn’t mean, that messy codebases lead to successful products, or that quality doesn’t matter.
> It's telling me that I should rather focus on getting viral/lucky to get a shot at "success".
A vibe coder being hired by the provider of the vibe coding tools feels like marketing to sell the idea that we should all try this because we could be the next lucky ones.
IMHO, it'd be more legitimate if a company that could sustain itself without frequent cash injections hired them because they found value in their vibe skills.
It's telling me that I should rather focus on getting viral/lucky to get a shot at "success". Maybe I should network better to get "successful". I shouldn't be focusing on writing good code or good enough agents.
All of this is true and none of it is new. If your primary goal is to make lots of money then yes you should do exactly that. If you want to be a craftsman then you'll have to accept a more modest fortune and stop looking at the relative handful of growth hacker exits.
He also spent 13 years building [an] OCR document engine company (PSPDFKit) before becoming an "overnight" vibe coder success story.
I bet they did not invert a binary tree on the whiteboard, nor answered how many golf balls fit into a plane.
I’m surprised to read this comment. I totally get why openAI hired the guy, IMO its a brilliant hire and I wish Meta would have fought more to get him (at the same time Meta is very good at copying and I think they need more people pushing products and experiments and less processes, they’ve been traumatized by cambridge analytica and can’t experiment anymore)
They're buying him for his ideas, not for his ability to code. And if his stars are bought, then they're buying him also for his black hat marketing, I guess...
Going by how insanely viral OpenClaw has been on X, I don’t think any of the stars were bought
There were some comments somewhere below about that virality being bought though. I don't know how true that is or where those commenters got their information. If you look at google trends though there is practically no mention of ClawdBot before around January 23, even though the project was released in November.
It was renamed many times. It was also called "clawdis" at one point, and prior to that "warelay," when it was simply a Whatsapp gateway for Claude Code. It was already gaining some momentum at that point but wouldn't reflect as search results for "Clawdbot," and especially wouldn't be visible on Google Trends when most of the conversation was on X/Github.
he likely poured oil into the flame investing a few hundred bucks to double the virality
He didn't specify the role he was hired for, code is just a means to an end. Perhaps OpeaAI wanted him for his vision (I like to think so) or just to make up for the public support they're losing (I hope not). In either case, it may not be an engineering role.
The lesson here is to make something people want. All else is forgiven is the product is something people really want - the product market fit most of us never achieve.
Good move. OpenClaw is alpha quality, very dangerous, super useful and super fun - which amplifies the danger. It’s a disaster waiting to happen and a massive risk for a solo dev to take on. So best to trade it for a killer job offer and transfer all that risk.
To get a sense of what this guy was going through listen to the first 30 mins of Lex’s recent interview with him. The cybersquatting and token/crypto bullshit he had to deal with is impressive.
He's not really trading anything though. He was hired by OpenAI. OpenClaw will remain free and open source (it's the first line of his blog post). He says that OpenAI will allow him to work on it and already sponsors it so maybe that means he'll have time to improve it, I guess.
With OpenClaw we are seeing how the app layer becomes as important as the model layer.
You can switch models multiple times (online/proprietary, open weight, local), but you have one UI : OpenClaw.
> You can switch models multiple times (online/proprietary, open weight, local), but you have one UI : OpenClaw.
It’s only been a couple months. I guarantee people will be switching apps as others become the new hot thing.
We saw the same claims when Cursor was popular. Same claims when Claude Code was the current topic. Users are changing their app layer all the time and trying new things.
Memory. I have built up so many scripts and crons and integrated little programs and memories with open claw it would be difficult to migrate to some other system.
System of record and all.
Considering you have built them all in last few weeks, it should not be that difficult and no reason other systems won't reuse same.
Exactly! The whole point of personal agents is that the data is yours and it's where you want it not in someone's cloud. What harness you use to work with this should be a matter of preference and not one of lock in.
How hard do you think it would be for ai to generate all those for some alternative?
AI didn't do the work, I did. Building up context is the part we actually have to put work into. I'm not saying it would be impossible, but boy would it be annoying to have to constantly reach a new assistant about your whole life.
"Here's my corpus of records from OpenClaw. Please parse it and organize into your own memories" boom done
Sorry but for $5 in credits you can have an agent port over all your bullshit to the next fad. I'll have one port over all my bullshit when the time comes too.
Indeed, coding agents took off because of a lot of ongoing trial and error on how to build the harness as much as model quality.
This is the sort of thing employers are failing on. They sign contracts that assume employees are going to be logging in and asking questions directly.
But if I don’t have a url for my IDE (or whatever) to call, it isn’t useful.
So I use Ollama. It’s less helpful, but ensure confidentiality and compliance.
It’s only 2 months and there are already a rush of viable alternatives, from smaller, lightweight versions, to hosted, managed SaaS alternatives.
I’d suspect the moat here will be just as fragile as every other layer
openclaw is just one of many now, there are new ones weekly.
Plus you can get the model to write you a bespoke one that suits your needs.
I've been digging into how Heartbeat works in Openclaw to bring directly into Vibetunnel, another of Peter's projects
Why?
You can literally ask codex to build a slim version for you overnight.
I love OpenClaw, but I really don't think there is anything that can't be cloned.
Well, duh.
You being able to go places is the interesting thing, your car having wheels is just a subservient prerequisite.
There’s actually many UI’s now? See moltis, rowboat, and various others that are popping up daily
Are there any with a credible approach to security, privacy and prompt injections?
Does any credible approach to prompt injection even exist?
Anyone who figures out a reliable solution would probably never have to work again.
? We saw this years/months ago with Claude Code and Cursor.
But it just codes. And are console / ide tools.
Openclaw is so so so much more.
That’s missing the point. OpenClaw is just one of many apps in its class. It, too, will fall out of favor as the next big thing arrives.
Seems like models become commoditized?
Same for OpenClaw, it will be commodity soon if you don't think it is already
It's definitely not right now. What else has the feature list and docs even resembling it?
OpenClaw has only been in the news for a few weeks. Why would you assume it’s going to be the only game in town?
Early adopters are some of the least sticky users. As soon as something new arrives with claims of better features, better security, or better architecture then the next new thing will become the popular topic.
OpenClaw has mediocre docs, from my perspective on some average over many years using 100s of open source projects.
I think Anthropic's docs are better. Best to keep sampling from the buffet than to pick a main course yet, imo.
There's also a ton of real experiences being conveyed on social that never make it to docs. I've gotten as much value and insights from those as any documentation site.
Not sure. I mean the tech yes definitely.
But the community not.
The community is tiny by any measure (beyond the niche), market penetration is still very very early
Anthropic's community, I assume, is much bigger. How hard it is for them to offer something close enough for their users?
> Anthropic's community, I assume, is much bigger. How hard it is for them to offer something close enough for their users?
Not gonna lie, that’s exactly the potential scenario I am personally excited for. Not due to any particular love for Anthropic, but because I expect this type of a tight competition to be very good for trying a lot of fresh new things and the subsequent discovery process of new ideas and what works.
My main gripe is that it feels more like land grabbing than discovery
Stories like this reinforce my bias
Things that arn't happening any time soon but need to for actual product success built on top:
1. Stable models
2. Stable pre- and post- context management.
As long as they keep mothballing old models and their interderminant-indeterminancy changes, whatever you try to build on them today will be rugpulled tomorrow.
This is all before even enshittification can happen.
This is the underrated risk that nobody talks about enough. We've already seen it play out with the Codex deprecation, the GPT-4 behavior drift saga, and every time Anthropic bumps a model version.
The practical workaround most teams land on is treating the model as a swappable component behind a thick abstraction layer. Pin to a specific model version, run evals on every new release, and only upgrade when your test suite passes. But that's expensive engineering overhead that shouldn't be necessary.
What's missing is something like semantic versioning for model behavior. If a provider could guarantee "this model will produce outputs within X similarity threshold of the previous version for your use case," you could actually build with confidence. Instead we get "we improved the model" and your carefully tuned prompts break in ways you discover from user complaints three days later.
Can someone explain what value openclaw provides over like claude code? It seems like it's literally just a repackaged claude code (i.e. a for loop around claude) with a model selector (and I guess a few builtin 'tools' for web browsing?)
From what I remember, the key differentiating features were:
- a heartbeat, so it was able to 'think'/work throughout the day, even if you weren't interacting with it - a clever and simple way to retain 'memory' across sessions (though maybe claude code has this now) - a 'soul' text file, which isn't necessarily innovative in itself, but the ability for the agent to edit its own configuration on the fly is pretty neat
Oh, and it's open source
I see, so there's actually an additional for loop here, which is `sleep(n); check_all_conversations()`, that is not something claude code does for sure.
As far as the 'soul' file, claude does have claude.md and skills.md files that it can edit with config changes.
One thing I'm curious about is whether there was significant innovation around tools for interacting with websites/apps. From their wiki, they call out like 10 apps (whatsapp, teams, etc...) that openclaw can integrate with, so IDK if it just made interacting with those apps easier? Having agents use websites is notoriously a shitty experience right now.
Its a coding agent in a loop (infinite loops are rejected by coding agents usually) with access to your computer, some memory, and can communicate through telegram. That’s it. It’s brilliant though and he was the first to put it out there.
The main one is that you can run and/or host it remotely, unlike Claude Desktop. By this I mean, you can run OpenClaw on a service like Tailscale and protect your actual machine from certain security/privacy concerns and - regardless of the choice - you can connect your access to OpenClaw via any chat agent or SSH tunnel, so you can access it from a phone. If Claude Cowork comes to iOS/Android with a tunnel option, they can resolve this difference.
A smaller difference would be that you can use any/all models with OpenClaw.
Hmm, whats stopping you from running claude code on a separate machine you can ssh into? I don't understand that point at all, I do that all the time.
Using a claude code instance through a phone app is certainly not something that is easy to do, so if there's like a phone app that makes that easy, I can see that being a big differentiator.
They serve different purposes. OpenClaw is supposed to be more of an autonomous sidekick assistant thing that can take instructions over different messenger channels. It can also be set up to take ongoing instructions and just churn on general directions.
Did this guy just exit the first one man billion-dollar startup for... less than a billion?
The fact that 1 billion is the threshold you chose to highlight shows the ridiculousness of this industry.
Openclaw is an amazing piece of hard work and novel software engineering, but I can't imagine OpenAI/anthropic/google not being able to compete with it for 1/20th that number (with solid hiring of course).
The game theory here is that either OpenAI acquires this thing now, or someone else will. It doesn't matter whether they could replicate it. All of the major players can and probably will replicate OpenClaw in their own way and make their thing incredibly scalable and wonderful. But OpenClaw has a gigantic following and it's relevant in this moment. For a trivial amount of money (relatively speaking), OpenAI gets to own this hype and direct it toward their models and their apps. Had they not succeeded here, Anthropic or Google would have gladly directed the hype in their direction instead, and OpenAI would be licking its wounds for some time trying to create something equivalently shiny.
It was a very good play by OpenAI.
I tend to agree. I don't know whether it's Altman or someone else who makes these deals but OAI have made some brilliant moves and partnerships. Anthropic's tech is great but the OAI makes great business moves.
It was more of a reference to the YC partner who suggested a one-man unicorn was on the horizon due to AI.
I think that’s fair.. building a competing product would likely be relatively easy and inexpensive. But that’s true for most software now: it’s becoming easier to build, and the barriers to entry are lower.
I love Anthropic and OpenAI equally but some people have a problem with OpenAI. I think they want to reposition themselves as a company that actively supports the community, open source, and earns developers’ goodwill. I attended a meeting recently, and there was a lot of genuine excitement from developers. Haven't seen that in a long time.
Is it really that amazing? It’s a pretty simple idea, and seemed pretty buggy when I tried it out.
then explain why google paid 33 billion for a 5 year old israeli cybersecurity startup
Where do you guys get the 1b exit from? I didn't see numbers yet.
It's AI. Take a sane number, add a 14,000x multiplier to that. And you'll only be one order of magnitude off in our current climate.
Everyone is going to have their own flavor of Open Claw within 18 months. The memory architecture (and the general concept of the multi-tiered system) is open source. There's no moat to this kind of thing. But OpenAI is happy to trade his star power for money. And he might build something cool with suddenly unlimited resources. I don't blame the guy. OpenAI is going to change hands 2-3 times over the next 5 years but at the end of the day he will still have the money and equity OpenAI gave him. And his cool project will continue on.
what is the memory architecture, doesn't this already exist in claude code?
Was the project really ever valued that high? Seems like something that can be easily replicated and even properly thought out (re: pi). This guy just ran the social media hype train the right way.
Reminds me of Facebook, there was nothing particularly interesting about a PHP app that stored photos and text in a flat user environment.
Yet somehow the network effects worked out well and the website was the preeminent social network for almost a decade.
Social media is the king of network effects. Almost nothing else compares. See how quickly people drop AI products for the next one that does the same thing but slightly better. To switch from ChatGPT to Gemini I don't have to convince all of my friends and family to do the same.
> Social media is the king of network effects. Almost nothing else compares.
Ecommerce is close second
Technology does not determine the success of a company. I’ve seen amazing tech fail, and things strapped together with ducktape and bubblegum be a wild success.
The instant someone makes a better version of openclaw -literally- everyone is going to jump ship.
There is no lock in at all.
Except in this case there's no network effect for autonomous agents. In fact, Peter is going to be working mostly on an OpenAI locked down, ecosystem tied agent, which means it's going to be worse than OpenClaw, but with a nicer out of the box experience.
If you're on OpenAI, and I'm on Anthropic, can we interoperate? What level are we even trying to interoperate on? The network effect is that, hey, my stuff is working here, your stuff is working over there. So do we move to your set of tools, or my set of tools, or do we mismash between them, as our relationship and power dynamics choose for us.
It's kind of crazy that this kind of thing can cause so much hype. It is even useful? I just really don't see any utility in being able to access an LLM via Telegram or whatever.
the ability to almost "discover" or create hype is highly valued despite most of the time it being luck and one hit wonders... See many of the apps that had virality and got quickly acquired and then just hemorrhaged. Openclaw is cool, but not for the tech, just some of the magic of the oddities and getting caught on somehow, and acquiring is betting that they can somehow keep doing that again.
I think a lot of this is orchestrated behind the scenes. Above author has taken money from AI companies since he’s a popular “influencer”.
And it makes a lot of sense - there’s billions of dollars on the line here and these companies made tech that is extremely good at imitating humans. Cambridge analytica was a thing before LLMs, this kinda tool is a wet dream for engineering sentiment.
A lot of the functionality I'm not using because of security concerns, but a lot of the magic comes down to just having a platform for orchestrating AI agents. It's honestly nice just for simple sysadmin stuff "run this cron job and text me a tl;dr if anything goes wrong" or simple personal assistant tasks like"remind me if anyone messaged me a question in the last 3 days and I haven't answered".
It's also cool having the ability to dispatch tasks to dumber agents running on the GPU vs smarter (but costlier) ones in the cloud
In Asia people do a big chunk of their business via chatbots. OpenClaw is a security dumpster fire but something like OpenClaw but secure would turbocharge that use case.
If you give your agent a lot of quantified self data, that unlocks a lot of powerful autonomous behavior. Having your calendar, your business specific browsing history and relevant chat logs makes it easy to do meeting prep, "presearch" and so forth.
Curious how you make something that has data exfiltration as a feature secure.
Mitigate prompt injection to the best of your ability, implement a policy layer over all capabilities, and isolate capabilities within the system so if one part gets compromised you can quarantine the result safely. It's not much different than securing human systems really. If you want more details there are a lot of AI security articles, I like https://sibylline.dev/articles/2026-02-15-agentic-security/ as a simple primer.
Nobody can mitigate prompt injection to any meaningful degree. Model releases from large AI companies are routinely jailbroken within a day. And for persistent agents the problem is even worse, because you have to protect against knowledge injection attacks, where the agent "learns" in step 2 that an RPC it'll construct in step 9 should be duplicated to example.com for proper execution. I enjoy this article, but I don't agree with its fundamental premise that sanitization and model alignment help.
Show me a legitimate practical prompt injection on opus 4.6. I read many articles but none provide actual details.
I agree that trying to mitigate prompt injection in isolation is futile, as there are too many ways to tweak the injection to compromise the agent. Security is a layered thing though, if you compartmentalize your systems between trusted and untrusted domains and define communication protocols between them that fail when prompt injections are present, you drop the probability of compromise way down.
> define communication protocols between them that fail when prompt injections are present
There's the "draw the rest of the owl" of this problem.
Until we figure out a robust theoretical framework for identifying prompt injections (not anywhere close to that, to my knowledge - as OP pointed out, all models are getting jailbroken all the time), human-in-the-loop will remain the only defense.