mccSo there's this guy who made a tool where someone punches in their bluesky or mastodon credentials to his website, and it auto-crawls their feeds and produces an LLM summary of everyone it finds posting there. He was asked what people should do if we don't want to be mulched as content for his summary feeds. He said we should block him. I replied, I can do that, but that only stops *you* from running the tool on me, how do I prevent *your other users* from running your tool on me? He blocked me.
It is possible he interpreted the way I phrased my request as rude. I may have said something like "you are selling us as meat".
Anyway, the fact he's blocked me *partially* solves my problem, in that now he cannot LLM summarize me anymore, but the problem that possibly eventually a *second* person would use his tool remains unresolved.
Honestly, it's baffling that he added Mastodon support at all given that he's been here for years and thus saw some of the MANY YEARS of conflict and debate about the idea of people merely *archiving* or *indexing* Mastodon posts. And then he goes an uploads an auto-LLM-mulcher tool. IDK.
I wonder what the tool does when it encounters a DM. From his description it seems to just grab the last N posts from your feed, and depending on how the feed is queried (like if his Mastodon client code were written indifferently, or perhaps slopcoded) the feed he queries might well contain DMs intermixed. I wonder if his tool is taking DMs and sending them over the wire to Anthropic and/or Microsoft
Cass šµšø@mcc it would appear to do no filtering of DMs https://github.com/seldo/zeitgeist/blob/main/app/api/mastodon/timeline/route.ts#L49
Furbland's Very Cool Mastodonā¢
GunChleoc@gunchleoc @GroupNebula563 @cass Does that work? It's not clear to me if the client API calls come from the IP of the server, the app might run fully in the user's browser, like phanpy. However also the app might present itself with a known client name.
@mcc @gunchleoc @GroupNebula563 From skimming the code and the posts about the app, I'm pretty sure the only communications are between the app and the authorized user's instance. So unfortunately blocking zeitgeist.blue won't (I think) do anything here. Blocking a user of the app might actually be the only way to deal with this.
@GroupNebula563 @cass I am fairly certain if an instance wanted to do this it would be possible. Go to Preferences->Account->Authorized Apps. It knows the names of all the clients you've used. An instance surely could not prevent someone from downloading the source and running their own instance with a changed client name, but I feel confident the instance *could* prevent users from using the main version of the app uploaded by its original author.
Landa 
mirabilos@mcc oh of course it will do that. @davidrevoy hinted at that in https://www.peppercarrot.com/en/miniFantasyTheater/035__Avian-Intelligence.html already.
@mcc itās so āgreatā that we now not just have hostile instances to worry about but also hostile clientsā¦
GJ Groothedde šŖšŗ@mirabilos @mcc It's almost like real life, isn't it?
Persephone@mcc bet he's not honouring delete messages either.
@mindpersephone The design of the program does not seem to make this relevant. Although I have not tested it, on each run it appears to do a one time timeline slurp through the client API, pass the posts it finds to anthropic/copilot, then discard the posts*. It is unclear that the posts are ever sent to the tool author's server (I suspect not).
* Of course, I expect anything sent to Anthropic/Claude as a query gets permanently retained by, at minimum, at least one state intelligence service.
n3wjack
Legit_Spaghetti@mcc ...okay, THIS finally convinced me to set my toots to auto-expire.
What a nightmare.
Saupreiss #PrƤparat500 š½
La Guiri@Legit_Spaghetti @mcc the problem is precisely that readers which copy your feed remove your chance to delete or expire. I'm followers only for that reason; some crypto guy put in his website, delete impossible, everyone's last few public posts.
Leon@mcc I think one of the big stories of the decade is the slow realisation that when folks say they are releasing things for everyone to do anything with, and used licences that encode that utterance, we don't in fact mean anyone, and we don't in fact mean anything
a lot of people are also realising, myself included, that the parties who can exploit and profit disproportionately more from free stuff is are the parties who are highly experienced at exploitation and profiteering. and the parties most immune from the social checks we have on harmful behaviour are sociopaths who can do the most harm.
it's a bummer
jablkoziemne@mcc it was bound to happen :/ though I believe servers could mitigate this by placing limits on number of querries given user/ip/subnet/userahent could perform. Thoyhg that would impact people behind NAT, thoes who want to scroll and read bit longer, and probably bots would just go around it by adding longer sleeps between querries.
Still, in the end if your client can display toots or other activities, so can bots.
Condor Puma Serpiente@mcc Well he shouldn't have made an invasive, consent obliterating tool with the slop shitting machine
@brad Okay so I tried to raise that point with him, and his refutation was (if I understood him correctly) along the lines that he *should* have made an invasive, consent obliterating tool with the slop shitting machine, and at that point the conversation hit an impasse
Mx. Aria Stewart@mcc Yeah. There's a thing going on here where that hits people in a sore spot (LLMs) that is in many ways out of bounds (you can't actually control other people's tools); the place it gets dicy is when you're running a service so you're promoting the use of the tools.
But in general, I'd be real mad at anyone who tried to control what I used to read with.
eanopolsky@aredridel @mcc I had a similar response to quote permissions: what good is turning off quoting for a public post when others can still use their "tools" to link to it? Someone explained to me that it's about making it easy to respect other people's wishes, for those who are inclined to do so.
Maybe it would be nice if this person added a more effective opt out mechanism? Or made their bot opt in? You'd still be free to implement your own LLM reading tool if you really want to.