mccSo there's this guy who made a tool where someone punches in their bluesky or mastodon credentials to his website, and it auto-crawls their feeds and produces an LLM summary of everyone it finds posting there. He was asked what people should do if we don't want to be mulched as content for his summary feeds. He said we should block him. I replied, I can do that, but that only stops *you* from running the tool on me, how do I prevent *your other users* from running your tool on me? He blocked me.
It is possible he interpreted the way I phrased my request as rude. I may have said something like "you are selling us as meat".
Anyway, the fact he's blocked me *partially* solves my problem, in that now he cannot LLM summarize me anymore, but the problem that possibly eventually a *second* person would use his tool remains unresolved.
Honestly, it's baffling that he added Mastodon support at all given that he's been here for years and thus saw some of the MANY YEARS of conflict and debate about the idea of people merely *archiving* or *indexing* Mastodon posts. And then he goes an uploads an auto-LLM-mulcher tool. IDK.
I wonder what the tool does when it encounters a DM. From his description it seems to just grab the last N posts from your feed, and depending on how the feed is queried (like if his Mastodon client code were written indifferently, or perhaps slopcoded) the feed he queries might well contain DMs intermixed. I wonder if his tool is taking DMs and sending them over the wire to Anthropic and/or Microsoft
Cass 🇵🇸@mcc it would appear to do no filtering of DMs https://github.com/seldo/zeitgeist/blob/main/app/api/mastodon/timeline/route.ts#L49
Furbland's Very Cool Mastodonâ„¢
GunChleoc@gunchleoc @GroupNebula563 @cass Does that work? It's not clear to me if the client API calls come from the IP of the server, the app might run fully in the user's browser, like phanpy. However also the app might present itself with a known client name.
@mcc @gunchleoc @GroupNebula563 From skimming the code and the posts about the app, I'm pretty sure the only communications are between the app and the authorized user's instance. So unfortunately blocking zeitgeist.blue won't (I think) do anything here. Blocking a user of the app might actually be the only way to deal with this.
@cass @mcc @gunchleoc does the client send a specific combo of user agent + headers that we can use to detect it?
@GroupNebula563 @cass @gunchleoc so by "client name" I mean the human readable client ID sent to the app registration endpoint. To stress I am speculating without having investigated the specific app. https://docs.joinmastodon.org/methods/apps/
@GroupNebula563 @mcc @gunchleoc your instance will never see this agent. It’s basically a mastodon client and only interacts with the users instance. It looks this this terrible sketch I just made
@cass @GroupNebula563 @gunchleoc However, the *instance* (specifically masto.ai in your diagram) might have options that the various persons on the feed (Jill and/or masto.social in your diagram) do not.