Maven, a new social network backed by OpenAI’s Sam Altman, found itself in a controversy today when it imported a huge amount of posts and profiles from the Fediverse, and then ran AI analysis to alter the content.

  • @[email protected]
    link
    fedilink
    English
    12
    edit-2
    5 months ago

    Hmmm it was even able to pull in private DMs.

    Maybe private DMs on Mastadon aren’t as private as everyone thinks… that, or the open nature of Activity Pub is leaking them somehow?

    Edit - From the article:

    Even more shocking is the revelation that somehow, even private DMs from Mastodon were mirrored on their public site and searchable. How this is even possible is beyond me, as DM’s are ostensibly only between two parties, and the message itself was sent from two hackers.town users.

    From what @[email protected] mentioned below, it sounds like this shouldn’t be very shocking at all.

      • @[email protected]
        link
        fedilink
        English
        25 months ago

        They’re called DMs not PMs

        ? Did you mean that the other way around? And if you did… forgive me, I don’t really use Mastodon. I was never much of a twitter fan. I don’t really like how all of my likes are public (although I guess I have had to get used to that with Lemmy).

          • @[email protected]
            link
            fedilink
            English
            55 months ago

            Ah, I see. So it’s the same mistake that Lemmy users make when thinking that Upvotes/Downvotes aren’t public.

            It sounds like DMs on Mastodon are public, but are commonly mistaken to be private then?

            • @[email protected]
              link
              fedilink
              25 months ago

              I don’t know why anyone would think any of this stuff is private. It can be pseudonyms, but that’s up to you.

      • JackbyDev
        link
        fedilink
        English
        25 months ago

        PM never implied any form of end to end encryption. It only ever meant people couldn’t see it apart from site operators. I genuinely don’t believe people thought it meant otherwise.

          • JackbyDev
            link
            fedilink
            English
            45 months ago

            No, should just be your instance admin and the admin of the instance your messaging.

    • Sean TilleyOPM
      link
      fedilink
      English
      55 months ago

      The shocking part was less about Maven’s methods or lack of ethics, and more along the lines of “How the fuck did they do that?!”

      • @[email protected]
        link
        fedilink
        English
        75 months ago

        What @[email protected] seemed to be implying is that direct messages on Mastodon should be considered “public” rather than “private”.

        I’m assuming that’s along the same lines of how Lemmy users generally think that their upvotes/downvotes are private when in reality, if you know how to look for them, you can see them.

        • @[email protected]
          link
          fedilink
          22 months ago

          I don’t think we should expect privacy from either. Instead, we need better documentation.

          Personally, I’d appreciate to see a public dashboard displaying everyone’s DMs and upvotes would help.