ersatzmaus
mccSo there's this guy who made a tool where someone punches in their bluesky or mastodon credentials to his website, and it auto-crawls their feeds and produces an LLM summary of everyone it finds posting there. He was asked what people should do if we don't want to be mulched as content for his summary feeds. He said we should block him. I replied, I can do that, but that only stops *you* from running the tool on me, how do I prevent *your other users* from running your tool on me? He blocked me.
It is possible he interpreted the way I phrased my request as rude. I may have said something like "you are selling us as meat".
Anyway, the fact he's blocked me *partially* solves my problem, in that now he cannot LLM summarize me anymore, but the problem that possibly eventually a *second* person would use his tool remains unresolved.
Honestly, it's baffling that he added Mastodon support at all given that he's been here for years and thus saw some of the MANY YEARS of conflict and debate about the idea of people merely *archiving* or *indexing* Mastodon posts. And then he goes an uploads an auto-LLM-mulcher tool. IDK.
I wonder what the tool does when it encounters a DM. From his description it seems to just grab the last N posts from your feed, and depending on how the feed is queried (like if his Mastodon client code were written indifferently, or perhaps slopcoded) the feed he queries might well contain DMs intermixed. I wonder if his tool is taking DMs and sending them over the wire to Anthropic and/or Microsoft
Cass 🇵🇸@mcc it would appear to do no filtering of DMs https://github.com/seldo/zeitgeist/blob/main/app/api/mastodon/timeline/route.ts#L49
Furbland's Very Cool Mastodonâ„¢
GunChleoc@gunchleoc @GroupNebula563 @cass Does that work? It's not clear to me if the client API calls come from the IP of the server, the app might run fully in the user's browser, like phanpy. However also the app might present itself with a known client name.
@mcc @gunchleoc @GroupNebula563 From skimming the code and the posts about the app, I'm pretty sure the only communications are between the app and the authorized user's instance. So unfortunately blocking zeitgeist.blue won't (I think) do anything here. Blocking a user of the app might actually be the only way to deal with this.
@cass @mcc @gunchleoc does the client send a specific combo of user agent + headers that we can use to detect it?
@GroupNebula563 @cass @gunchleoc so by "client name" I mean the human readable client ID sent to the app registration endpoint. To stress I am speculating without having investigated the specific app. https://docs.joinmastodon.org/methods/apps/
@GroupNebula563 @mcc @gunchleoc your instance will never see this agent. It’s basically a mastodon client and only interacts with the users instance. It looks this this terrible sketch I just made
@cass @GroupNebula563 @gunchleoc However, the *instance* (specifically masto.ai in your diagram) might have options that the various persons on the feed (Jill and/or masto.social in your diagram) do not.
@cass @mcc @GroupNebula563 In the moderation UI, there's no option for blocking client apps. Each user can register any app they like to post with their own credentials and you can give it a random name, so there are no possible safeguards for that.
Useragent strings could be blocked at web server level, but they are also really easy to fake - many AI scrapers already to that, impersonating Mozilla, Chrome etc.
D3@GroupNebula563 @mcc @cass I blocked them from registering their app via nginx:
location / {
# block attempts to register the zeitgeist.blue app on this server
if ( $arg_redirect_uri ~ "^https%3A%2F%2Fzeitgeist.blue" ) {
return 403;
}
[...]
@GroupNebula563 @cass I am fairly certain if an instance wanted to do this it would be possible. Go to Preferences->Account->Authorized Apps. It knows the names of all the clients you've used. An instance surely could not prevent someone from downloading the source and running their own instance with a changed client name, but I feel confident the instance *could* prevent users from using the main version of the app uploaded by its original author.
Landa 
Alexander 😷
mirabilos@mcc oh of course it will do that. @davidrevoy hinted at that in https://www.peppercarrot.com/en/miniFantasyTheater/035__Avian-Intelligence.html already.
Legit_Spaghetti@mcc ...okay, THIS finally convinced me to set my toots to auto-expire.
What a nightmare.
Saupreiss #Präparat500 🗽
La Guiri@Legit_Spaghetti @mcc the problem is precisely that readers which copy your feed remove your chance to delete or expire. I'm followers only for that reason; some crypto guy put in his website, delete impossible, everyone's last few public posts.
Condor Puma Serpiente@mcc Well he shouldn't have made an invasive, consent obliterating tool with the slop shitting machine
@brad Okay so I tried to raise that point with him, and his refutation was (if I understood him correctly) along the lines that he *should* have made an invasive, consent obliterating tool with the slop shitting machine, and at that point the conversation hit an impasse
Mx. Aria Stewart@mcc Yeah. There's a thing going on here where that hits people in a sore spot (LLMs) that is in many ways out of bounds (you can't actually control other people's tools); the place it gets dicy is when you're running a service so you're promoting the use of the tools.
But in general, I'd be real mad at anyone who tried to control what I used to read with.
eanopolsky@aredridel @mcc I had a similar response to quote permissions: what good is turning off quoting for a public post when others can still use their "tools" to link to it? Someone explained to me that it's about making it easy to respect other people's wishes, for those who are inclined to do so.
Maybe it would be nice if this person added a more effective opt out mechanism? Or made their bot opt in? You'd still be free to implement your own LLM reading tool if you really want to.