motyl.dev

The Real AI Fight Is About the Open Web, and Trojans Are Coming for Your Crypto

Published on 21.03.2026

#hackernoon
#ai
#open-web
AI & AGENTS

Everyone Is Arguing About AI vs. Humans. They're Watching the Wrong Fight.

TLDR: The real technological battle isn't AI versus humanity — it's the open web versus the closed web. As users grow comfortable letting closed AI systems handle search, payments, and identity, the window to preserve web decentralization is closing fast.

Summary:

Here's a thing that bugs me. Everyone with a blog and a hot take is out there wringing their hands about whether AI will replace humans, steal our jobs, or become sentient and demand voting rights. And sure, that's a fun conversation to have over coffee. But Samiran Mondal argues — and I think he's onto something real here — that this dramatic question is actually a distraction from the fight that matters more right now. The bigger battle isn't AI versus humans. It's the open web versus the closed web, and AI is the accelerant pouring gasoline on that fire.

Think about this for a second. The web was built on openness — open protocols, open standards, the idea that anyone could publish anything and link to anything else. But over time, that openness eroded in practice. Walled gardens grew. Platforms consolidated. And now AI is turbocharging that consolidation. When your search results come from a closed AI model, when your payments flow through a proprietary AI system, when your digital identity lives inside someone else's infrastructure — you've handed over the keys without even realizing the lock changed.

The article makes a critical point about timing: once users get comfortable with closed AI handling these fundamental web interactions, reversing that centralization becomes nearly impossible. That window is open right now, but it's not going to stay open forever. In practical terms, openness supports innovation, competition, user autonomy, and the kind of messy, beautiful ecosystem that gave us everything from Wikipedia to weird personal blogs to open-source projects that power the entire internet.

What I think the author is dancing around but not quite saying directly is that the major AI companies have zero economic incentive to keep things open. OpenAI, Google, Anthropic — they're building proprietary models behind API walls. The open-source AI movement exists, but it's perpetually underfunded compared to its closed counterparts. The article frames this as a philosophical battle, but it's really an economic one, and the money is overwhelmingly on the side of closed systems. That's the uncomfortable truth that doesn't get enough airtime.

I'd also push back slightly on the framing that this is an either/or situation. The open web and closed AI can coexist — they already do. The question is really about defaults and where power accumulates. And on that front, the article's urgency is well-placed even if the analysis could go deeper into specific policy proposals or technical standards that might actually preserve openness.

Key takeaways:

  • The real tech battle is open web vs. closed web, not AI vs. humans
  • AI is accelerating web centralization by consolidating search, payments, and identity into proprietary systems
  • Once users grow comfortable with closed AI infrastructure, reversing centralization becomes nearly impossible
  • The window for preserving web openness is narrowing right now
  • Openness supports innovation, competition, and user autonomy at a fundamental level

Why do I care: As a senior frontend developer, this hits close to home because the platforms and APIs we build on top of shape what's possible. If the web consolidates around closed AI systems, the tools we use, the data we access, and the experiences we can create all get filtered through someone else's priorities. Every architectural decision we make — choosing an open standard over a proprietary SDK, supporting decentralized protocols, building for interoperability — is a small vote in this fight. The technical choices aren't neutral; they're political.

Everyone Is Arguing About AI vs. Humans. They're Watching the Wrong Fight.

Educational Byte: What Is a Trojan and How Does It Steal Your Crypto?

TLDR: Trojans are malware that disguise themselves as legitimate software, silently monitoring your wallet habits and draining cryptocurrency without obvious signs. Basic security hygiene is your best defense.

Summary:

Let's talk about something that doesn't get enough practical coverage in the crypto space: how Trojans actually work to steal your digital assets. The article from Obyte breaks this down in an educational format, and while the concept isn't new, the specifics of how these attacks target crypto wallets are worth understanding — especially as more people hold meaningful amounts of cryptocurrency without understanding the attack surface they're exposed to.

A Trojan, named after the classic Greek wooden horse trick, is malware that presents itself as something harmless or even useful. You download what looks like a wallet tool, a trading app, or a browser extension, and buried inside is code designed to do something entirely different from what you expected. Unlike ransomware that announces itself loudly and demands payment, Trojans are quiet operators. They slip in, observe your behavior, figure out when and how you interact with your wallets, and then act at the worst possible moment for you and the best possible moment for the attacker.

The crypto-specific angle is what makes modern Trojans particularly nasty. They can monitor clipboard activity to swap wallet addresses when you copy-paste during a transaction — you think you're sending funds to your friend, but the address got swapped in the milliseconds between copy and paste. They can capture seed phrases, log keystrokes during wallet unlocks, and even manipulate transaction signing processes. The article emphasizes that staying safe doesn't require advanced technical skills. A few steady habits — verifying download sources, using hardware wallets, keeping software updated, and being skeptical of unsolicited tools — can dramatically reduce your exposure.

What the article doesn't address, and I wish it did, is the supply chain angle. Some of the most devastating Trojan attacks in recent years have come through compromised dependencies in development toolchains — poisoned npm packages, malicious browser extensions with legitimate-sounding names, and even compromised updates to established software. For developers especially, the threat isn't just downloading sketchy software; it's that something in your perfectly reasonable tool chain got quietly compromised upstream. That's the harder problem, and it deserves more attention than the basic "don't download shady files" advice.

I also think there's an elephant in the room about wallet UX. The reason clipboard-swapping attacks work so well is that crypto addresses are long, opaque strings that humans cannot reasonably verify by glancing at them. Until wallet interfaces solve the address verification problem in a human-friendly way, this category of attack will keep working no matter how many educational articles we publish.

Key takeaways:

  • Trojans disguise themselves as legitimate software and operate silently, unlike ransomware
  • Crypto-specific Trojans can swap wallet addresses in your clipboard, capture seed phrases, and log keystrokes
  • Basic security habits like verifying download sources and using hardware wallets significantly reduce risk
  • The supply chain attack vector through compromised development dependencies is an underappreciated threat
  • Poor wallet UX with opaque addresses makes clipboard-swapping attacks persistently effective

Why do I care: Frontend developers building anything that touches crypto wallets or Web3 need to understand these attack vectors intimately. If you're building a dApp or any interface where users handle wallet addresses, you should be thinking about how to make address verification human-friendly, how to protect clipboard operations, and how to audit your own dependency chain. Security isn't just the backend team's problem — the frontend is often where users are most vulnerable, and the UX decisions you make can either enable or prevent these attacks.

Educational Byte: What Is a Trojan and How Does It Steal Your Crypto?

☕ Knowledge costs tokens,fuel meHelp me keep the content flowing
External Links (2)

Everyone Is Arguing About AI vs. Humans. They're Watching the Wrong Fight.

hackernoon.com

Educational Byte: What Is a Trojan and How Does It Steal Your Crypto?

hackernoon.com

Sign in to bookmark these links
Previous
The Productivity Illusion: Why AI Feels Fast But Isn't
Next
Threshold Encryption, Positronic Variables, Passkeys, and the Art of Not Making Dumb Decisions