Everyone? It's very unpopular to say this on SN but sometimes, listening to NVK is advisable if you worry about cyber hygiene for your keys. Being autistic about security in a world where everyone went full yolo and installs shit that even the guy taking credit for it [didn't read](https://stacker.news/items/1425030/r/optimism), is not a bad idea.

Because believe it or not, you're not too big to fail. You will not be bailed out. You will not be made whole.

This is why I'm surprised by how many hardware signers (and many wallets) allow you to connect your signing device to sign. Who does this?

Scoresby

Yeah we call this containers. It's what I run Claude Code in. LXC is nice, it honors SELinux design too. Botbois will cry that now their openclaw isn't able to use their browser, and that this is a bug. But Opti thinks that when openclaw cannot use the browser, an awesome feature has been introduced. 

Opti is truly estranged from the AI folks now.

How hard will you work to make sure your signing device never touches a device with an agent

Unless you have reviewed every line of code of every app on your device, and the operating system (and all the firmware), you should probably already be doing that if you have a lot at stake.

I trust you, but your AI agent is a snitch.

> Agent Exclusion Zones

Yeah we call this containers. It's what I run Claude Code in. LXC is nice, it honors SELinux design too. Botbois will cry that now their openclaw isn't able to use their browser, and that this is a bug. But Opti thinks that when openclaw cannot use the browser, an awesome feature has been introduced. _Opti is truly estranged from the AI folks now._

> How hard will you work to make sure your signing device never touches a device with an agent

Unless you have reviewed every line of code of every app on your device, and the operating system (and all the firmware), you should probably already be doing that if you have a lot at stake.