We Distribute

2024-06-12 20:26:10

Maven Imported 1.12 Million Fediverse Posts

A recent investigation by Liaizon Wakest revealed that Maven, a new social network founded by former OpenAI Team Lead Ken Stanley, has been importing a vast amount of statuses from Mastodon without anyone’s consent. Additionally, it’s pulling in Bluesky statuses connected via Bridgy Fed.
Source: Liaizon Wakest
In addition to pulling in posts, the import process seems to be running AI sentiment analysis to add tags and relational data after content reaches Maven’s servers. This is a core part of Maven’s product: instead of follows or likes, a model trains itself on its own data in an attempt to surface unique content algorithmically.

It’s worth mentioning that Maven received 2 million dollars in funding from former Twitter CEO Ev Williams and OpenAI CEO Sam Altman. While I have little input on Ev Williams, the relationship between Maven and OpenAI could be seen as more than a little problematic, as funding could give both parties greater incentive for Maven to adopt OpenAI’s technologies and policies.

What’s Going On?

Digging into the situation, it looks like Maven is working on their own ActivityPub implementation. Jimmy Secretan, Maven’s CTO, confirmed this in a post.

I just can’t keep any secrets around here can I 😀? As you mentioned, we have actually started ingesting posts from Mastodon (toots as they call them 😀).

We are looking to mix them in to the feed, and are doing some limited tests with that now. The good news is that when you reply to these, it should generally work to communicate across systems through ActivityPub.

We are hoping to use this to help connect Maven to a larger audience and a wider world.

This is also supported by looking at Maven’s staging environment, which has ActivityPub response data enabled. The goal for Maven is to federate to these posts back to the Fediverse for seamless communication, but the integration in their live environment seems to only go one way.

Even more shocking is the revelation that somehow, even private DMs from Mastodon were mirrored on their public site and searchable. How this is even possible is beyond me, as DM’s are ostensibly only between two parties, and the message itself was sent from two hackers.town users.
Left: a private message on Mastodon. Right: the same message rendered as a Public status. Source: The Gibson, hackers.town
This raises a lot of uncomfortable questions about how Maven pulled in Fediverse content, and whether Mastodon has some kind of undocumented vulnerability that can leak private messages. At the very least, Maven’s developers should have accounted for posts with a Public scope only, and linked back to the original posts.

Mixed Expectations

On the one hand, Maven seems to have really dropped the ball here. One of the most important things about coming into this space as a developer is to communicate openly, and set expectations with the user community. A big part of the Fediverse cares deeply about consent, and the lack of any opt-in / opt-out mechanism feels like a missed opportunity.

On the other hand, we have to address the myths that crop up about privacy and content controls in the Fediverse. A lot of users have expectations about how their public content can be interacted with. Even 15 years in, we’re still not at a place where people have robust, conditional controls over who can view, interact with, or manipulate public content.

We also still don’t have great resources for setting cultural expectations for developers coming into the space. As we stated in our Content Nation article, most new developers have the ActivityPub spec, and little else. As a network, we need to take it upon ourselves to make our expectations front and center.

What Now?

Shortly after Liaizon made their post, Jimmy Secretan made an announcement on Mastodon that they’ve deleted the entirety of the import.

It’s clear from the feedback on this thread that even our experiments with the tech were confusing to users and didn’t fit with other people’s expectations of how it should work.

We are currently pausing this integration, at least until we can better understand how Maven can fit in as a good citizen of the Fediverse.

Searching within Maven’s app, it appears that thousands of Fediverse handles and posts are suddenly gone. This is a good development, but Maven probably has a long way to go before any part of the Fediverse will want anything to do with them.

I’ll leave you with this anonymous quote, since it feels appropriate: “Trust takes years to build, seconds to break, and a lifetime to repair.” If Maven wants to be a good steward of the Fediverse, it would be good for them to remember that.

Content Nation Backlash Highlights Mastodon’s Toxicity

Yesterday, Mastodon was abuzz regarding a strange new scraper that seemed to be pulling people's profiles and content streams into a platform designed around monetization. Dubbed Content Nation, the s

^{Sean Tilley (We Distribute)}