But its sanewashing is underway
Today's links
- Post-political: What a "leftist" is.
- Hey look at this: Delights to delectate.
- Object permanence: MSFT x OSCON; Parental spyware; "Resurrection Man"; Brexit do-over petition; Workplace email spying; Record label internet death penalty; News should be cheap, free and chaotic; "Jughead".
- Upcoming appearances: London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Post-political (permalink)
There's plenty of reasons to be skeptical of centrists who bemoan "political polarization" and call for a politics that abandons the "tribalism of left and right."
Obviously there's the false equivalence: on the right, you have fascists who want to send masked, armed goons into the streets to beat, kidnap and murder your neighbors. On the left, you have calls for higher taxes, unions, environmental impact reviews for data-centers, and an end to the genocide in Gaza.
"Leftist extremism" is moving some zines around:
https://www.theguardian.com/us-news/ng-interactive/2026/jun/24/prairieland-texas-ice-protests-zines
Right wing extremism is attempting the overthrow of the government, murdering brown people in gulags, and the earth's richest man slaughtering the world's poorest children for the lulz:
https://hsph.harvard.edu/news/usaid-shutdown-has-led-to-hundreds-of-thousands-of-deaths/
"Horseshoe theory" (the idea that the far right and the far left actually bend around to meet each other) is bullshit:
https://pluralistic.net/2024/02/26/horsehoe-crab/#substantive-disagreement
The reality is that the right and left have large, substantive disagreements that are matters of life and death. Anyone dismissing these as "tribalism" doesn't know what "left" and "right" mean. At best, they have mistaken a collection of cultural signifiers – pronouns, MMA, brands of beer – for politics.
Mistaking cultural signifiers and identity markers for politics is centrism's most dangerous pathology, the thing that makes centrism the handmaiden of the right. If you think identity markers are politics, then you'll be tempted to think the answer to a world run by 150 rich, white, cis straight guys is to replace half of them with women, POCs and queer people. The difference between the left and the right isn't the identities of the ruling class – it's whether we have a ruling class at all.
I collect definitions of "right" and "left." There's Corey Robin's definition from The Reactionary Mind, that conservatism is the belief that some people were born to rule, and others to be ruled over, and that any attempt to elevate the latter group to positions of power (through civil rights movements, affirmative action, etc) will result in dire misrule and disaster:
https://pluralistic.net/2025/07/22/all-day-suckers/#i-love-the-poorly-educated
This explains how the right can encompass white nationalists (rule by white people), Hindu nationalists (rule by high-caste Hindus), libertarians (rule by bosses), imperialists (rule by military aggressors), etc. It also explains the right's obsession with learning the racial and gender markers of anyone involved in a plane crash or other disaster: "See, the oil tanker was being piloted by a DEI hire when it crashed into that bridge!"
Another important definition is Wilhoit's Law:
Conservatism consists of exactly one proposition, to wit: There must be in-groups whom the law protects but does not bind, alongside out-groups whom the law binds but does not protect.
https://pluralistic.net/2025/08/26/sole-and-despotic-dominion/#then-they-came-for-me
This one hardly needs explanation in this era of "it's not a crime if the president does it," where Alex Jones can owe billions to the parents of dozens of murdered children and somehow not have to pay or give up his assets:
https://www.status.news/p/infowars-the-onion-alex-jones-ben-collins
But when it comes to a "post-politics that is neither right nor left," the definition I turn to most often comes from science fiction writer Steven Brust, who once told me:
"Left" and "right" have had the same meaning since the French Revolution. If you want to know if someone is on the left or the right, ask them, "What is more important: human rights or property rights?" If they say "Property rights are a human right," then they are on the right.
https://pluralistic.net/2021/03/16/wage-theft/#ppp
That's it. That's the crux. If you think that property rights are a tool for achieving human rights, then you're on the left. You might support the right of farmers to block attempts to expropriate them via eminent domain in order to build a data center, or the right of people to not have their homes or devices searched by cops, or a library's right to own and archive digital books, even if the publishers insist that ebooks are never "sold," merely "licensed."
If property rights are a tool to achieve human rights, then property rights can be set aside when they impede other rights. Human beings have the right to health care, which is why we should have taken away the pharma companies' patents and copyrights, ending vaccine apartheid and letting the poor world make its own vaccines:
https://pluralistic.net/2021/05/25/the-other-shoe-drops/#quid-pro-quo
Human beings have the right to shelter. If your town has a million empty homes and a million homeless people, there's an obvious solution. At the very least, you can tax the shit out of empty homes to discourage the creation of derelict, empty blights:
https://www.liverpoolecho.co.uk/news/liverpool-news/owners-homes-left-empty-more-28622796
Human beings have the right to food. If a cartel claims that you may not legally sell your 100,000lbs of nectarines, you can just give them away and tell the cartel to fuck off:
As Brust says, this fight is as old as the French Revolution. It's literally the plot of Les Miz ("In days gone by, I stole a loaf of bread in order to live").
Note that this framework leaves plenty of room for disagreement among leftists: we can disagree about who should get taxed and how, when a company should be ordered to destroy its ill-gotten loot and when that loot should be divided up among its victims, and what to do about empty houses and homeless people. We can disagree about reparations, about collectivization and co-operatives, about land reform. Very (very!) few leftists want to abolish property, but to be a leftist is to agree that property is only ever a means, and never an end.
In systems thinking, we are counseled that the most profound and durable changes come from shifts in paradigms, from which all rules, laws and arrangements flow:
https://pluralistic.net/2026/05/12/donella-meadows/#paradigmatic
"Left" and "right" represent two radically different paradigms. The right's paradigm is that property rights are human rights, which cashes out to "property rights are the only human right." If property rights are a human right, then I can burn down my orchard and laugh as you starve outside the gates. If property rights are human rights, I can leave an apartment building empty while you freeze to death on its sidewalk. If property rights are human rights, I can fill my factory with death-traps and insist that the workers I kill freely chose to assume that risk (as economists would say, they have a "revealed preference" for being killed at work):
https://pluralistic.net/2026/03/30/players-of-games/#know-when-to-fold-em
Leftists view property rights as a tool, like laws, or regulations, or polls, or voting. Used well, these tools can produce prosperity for all. But "voting" and "laws" aren't good unto themselves. The Swiss practice of voting on whether your neighbors qualify for citizenship is barbaric:
https://www.bbc.com/news/newsbeat-38595807
Good regulations and laws are good, but simply passing any law is stupid and gets you into terrible trouble, even if the stupid law you've passed is designed to solve a real problem:
https://pluralistic.net/2026/06/23/destroy-the-village/#to-save-it
Viewed as tools, property rights are perfectly useful ways of achieving the primary purpose of a civilization: to safeguard the human rights of its people. Viewed as ends unto themselves, property rights are a terrible danger to our civilization and species.
If you believe property rights are tools, then you can pass laws banning corporations from electioneering:
https://sos.mn.gov/media/3k4hu2if/minnesota-election-laws-statutes-and-rules.pdf
If you believe property rights are human rights, then you end up supporting unlimited dark money spending in elections:
https://www.supremecourt.gov/opinions/25pdf/24-621_h315.pdf
If you believe property rights are tools, you can order landlords who want to ban their tenants from installing balcony solar to fuck off. If you believe property rights are human rights, then landlords can force their tenants to pay every dime the fossil fuel industry demands of them. "Property right as tool" allows you to defend a farmer's right to install a wind-farm, and still, to block a data-center from installing a gas turbine on its own land.
"Post-political" movements are made up of people who don't know what politics are. A "centrist" is ultimately a rightist, because the foundation of rightism is the supremacy of property. It is the ideology that breeds hereditary aristocracy ("property is a human right" means that it's a violation of your human rights to expect you to work for a living if you emerged from a lucky orifice). It's the ideology that breeds oligarchy.
Politics aren't a bunch of cultural signifiers or identity markers. Politics aren't about who rules – it's about whether we are ruled at all, or whether we are free.
(Image: Lewis Clarke, CC BY-SA 2.0, modified)
Hey look at this (permalink)

- Hell Is Other People https://locusmag.com/feature/commentary-cory-doctorow-hell-is-other-people/
-
Incarcerated People Lose Treasured Media When Prisons Change Tablet Contracts https://truthout.org/articles/incarcerated-people-lose-treasured-media-when-prisons-change-tablet-contracts/
-
Jay Rosen’s Internet Archive: an Introduction https://pressthink.org/2026/07/jay-rosens-internet-archive-an-introduction/
-
Zohran Mamdani on the Promise of America https://jacobin.com/2026/07/zohran-mamdani-independence-day-address
-
The official website of Nand to Tetris courses https://www.nand2tetris.org/
Object permanence (permalink)
#25yrsago Why Microsoft was invited to OSCON https://web.archive.org/web/20010701102931/http://www.oreilly.com/news/osconint_0601.html
#25yrsago The Extent of Systematic Monitoring of Employee E-mail and Internet Use https://web.archive.org/web/20010711204804/http://www.privacyfoundation.org/workplace/technology/extent.asp
#20yrsago BPI: We should be able to cut off your Internet https://memex.craphound.com/2006/07/10/bpi-we-should-be-able-to-cut-off-your-internet/
#20yrsago Technology for parents to spy on kids https://web.archive.org/web/20060711084212/http://sfgate.com/cgi-bin/article.cgi?f=/c/a/2006/07/09/BIGMOTHER.TMP
#20yrsago Dale Bailey's "The Resurrection Man" https://memex.craphound.com/2006/07/09/southern-gothic-science-fiction-collection/
#10yrsago A law prof responds to students who anonymously complained about #blacklivesmatter tee https://backspace.com/notes/2016/07/law-professors-response-to-black-lives-matter-shirt-complaint.php
#10yrsago UK government rejects Brexit do-over petition with 4.1m signatures https://web.archive.org/web/20160709101514/https://www.independent.co.uk/news/uk/politics/brexit-government-rejects-eu-referendum-petition-latest-a7128306.html
#10yrsago New Zealanders raise millions to buy beach and donate it to the public https://www.bbc.co.uk/news/world-asia-36759321
#10yrsago Jughead: Zdarsky’s reboot is funny, fannish, and freaky https://memex.craphound.com/2016/07/10/jughead-zdarskys-reboot-is-funny-fannish-and-freaky/
#5yrsago Biden's Right to Repair will include electronics, too https://pluralistic.net/2021/07/10/unnixing-the-fix/#r2r-plus-plus
Upcoming appearances (permalink)

- London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- Can AI be Saved From Capitalism? (Everyday Anarchism)
https://www.everydayanarchism.com/192-can-ai-be-saved-from-capitalism-cory-doctorow/ -
Lawfare Daily
https://www.youtube.com/watch?v=T1KIwaYRs1g -
How to Think About AI (Organized Money)
https://www.organizedmoney.fm/p/how-to-think-about-ai-with-cory-doctorow -
Breaking Points
https://www.youtube.com/watch?v=VJmUbkRqXeE -
A.I. Enshittifies Everything (Slate)
https://slate.com/podcasts/what-next-tbd/2026/06/cory-doctorow-thinks-a-i-is-overvalued-and-overrated-and-still-a-threat
Latest books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026
https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/ -
"Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Fourth draft completed. Submitted to editor.
- A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- How US states and international trustbusters can beat Big Tech: Their common enemies are Trump and his tech giants.
- Hey look at this: Delights to delectate.
- Object permanence: Sex work synonyms; Carthedral; French pirates; Suffragette surveillance; Hidden library apartments; "The Meaning of July the Fourth for the Negro" x James Earl Jones; Farage quits; Peak indifference; Self publishing; Pepsi spies try to buy Coke formula; Steal this wiki; SF is the only lit people care enough about to steal; HP Lovecraft's commonplace book; "7th Sigma"; Conspiracy fantasy; PalmOS beampoints; Copyright poetry; Abandoned NOLA themepark; Life in Indian call-centers; "Rule 34"; Unpleasant design; WEB du Bois infographics; Drone v South African racism; Escobar's hippos; Brexit nihilism; UK Iraq War inquiry; Copyright reversion; Paperclip traded for house; Pen with shredder; Broadcast Treaty is back; "Influencing Machine"; ANSI x paid sex; Biden x Right to Repair; Technological self-determination.
- Upcoming appearances: London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
How US states and international trustbusters can beat Big Tech (permalink)
For a minute there, it looked like Big Tech was on the ropes. Over the past decade, countries all over the world have gotten antitrust fever, from South Korea to Singapore, Europe to Australia, and even China:
https://pluralistic.net/2025/06/28/mamdani/#trustbusting
Even more important: these international trustbusters shared a common enemy with Biden's antitrust enforcers, like Lina Khan (FTC), Rohit Chopra (CFPB) and Jonathan Kanter (DoJ Antitrust Division), who pursued the most aggressive antitrust agenda America has seen since Jimmy Carter and Ronald Reagan killed antitrust enforcement a half century ago.
This international collaboration was an especially rich and productive one. Today's global trustbusters have opportunities for collaboration that their Gilded Age predecessors could only dream of.
That's because modern monopolies are likewise global, running the same scam in every country that they operate in. It wasn't like this during the era of the first Robber Barons. John D Rockefeller's Standard Oil had many of the world's economies in chokeholds, but each country got its own, national chokehold. In the US, Standard Oil monopolized pipelines and refineries, but it found different chokepoints in other countries. For example, in Germany, Rockefeller monopolized the ports:
https://pluralistic.net/2022/09/24/shithole-billionaires/#tarbells-everywhere
This meant that American and German enforcers had very little to say to one another. Sure, they had a common enemy, but even if US and German authorities commandeered a fleet of zeppelins and used them to ferry documents back and forth between their respective agencies, it wouldn't have done them any good. The fact patterns about German ports had nothing much in common with the cases being built in relation to America's captured oil refineries.
That's not how companies like Google, or Meta, or Apple, or Microsoft, or Oracle work. Like Standard Oil, these companies are planet-girding extraction machines that are strangling the world's economies. But unlike Standard Oil, these companies run the same playbook in every country, meaning that the facts that establish Google or Apple's guilt in Brussels can be translated and used to run cases in the UK, South Korea and Japan.
The opportunities for international cooperation don't stop there! It's been more than a century since the Gilded Age, and the intervening years saw the US enact the Marshall Plan, through which it redesigned the legal systems of countries shattered by WWII and the Korean War. The technocrats who oversaw the Marshall Plan understood that large, monopolistic firms played a key role in the rise of fascist governments in Europe and Japan, and so they transposed America's landmark antitrust laws – like the Sherman Act and the Clayton Act – onto lawbooks around the world:
https://pluralistic.net/2021/01/08/competition-is-killing-us/#borked
That means that it's not just that the same companies are committing the same crimes everywhere around the world – it also means that most of these countries have substantively similar statutes establishing those crimes. A successful case in South Korea will likely be successful in the UK – providing that the company engages in the same conduct in both countries (which, again, it does).
During the Biden years, the UK Competition and Markets Authority ran these international tech antitrust summits in London where US enforcers and their UK, European, Singaporean, South Korean and Japanese counterparts met to plan a shared strategy to take down US Big Tech:
The presence of America's trustbusters at these meetings was key. Not only were they running a string of wildly successful cases against US Big Tech in America, but just by being there, they signaled that the US government would help foreign governments enforce their judgments against US tech giants. That's key, because – as the Marshall Plan's architects could tell you – giant national monopolies often become a de facto, private, unaccountable arm of the state in the countries where they are born, and can call upon the governments they've colonized to protect them from other countries' attempts to enforce their laws.
Which brings me to the Trump election, and the subsequent fusion of Big Tech with Trump's government. It started before Trump took office, when he traveled to Davos to warn the world's governments not to try to enforce their laws over his tech companies. Then there was the inauguration, where tech CEOs paid $1m each out of their pockets for a seat on the dais behind Trump. Big Tech ponied up millions for the Epstein Ballroom, and they also provide key material support to Trump's ethnic cleansing program. If you end up in a concentration camp thanks to one of Trump's ICE chuds, you can blame Microsoft for providing the administrative software; Google for providing the location data used to track you down; and Apple for blocking apps that warn you if you're about to get snatched by masked thugs:
https://pluralistic.net/2025/10/06/rogue-capitalism/#orphaned-syrian-refugees-need-not-apply
All over the world, tech antitrust has gone into retreat. In Canada, ex-Prime Minister Justin Trudeau created sweeping new powers for the country's Competition Bureau, but now his successor Mark Carney is making equally sweeping cuts to the agency's funding. In the UK, PM Keir Starmer fired the devastatingly effective head of the Competition and Markets Authority and replaced him with the CEO of Amazon UK:
https://pluralistic.net/2025/01/22/autocrats-of-trade/#dingo-babysitter
And in Ireland – the place where European tech regulation goes to die – they've just appointed an ex-Meta lobbyist named Niamh Sweeney to regulate the privacy practices of the US tech giants that pretend to be headquartered in Ireland in order to evade their taxes:
https://pluralistic.net/2025/12/01/erin-go-blagged/#big-tech-omerta
This is especially worrying because Meta has a history of binding its former executives with nondisclosure and nondisparagement clauses that forbid them from ever saying a mean word about Meta, or discussing anything they learned while working at the company. There are no ends to the lengths the company will go to in their war on their ex-employees. Take Sarah Wynn-Williams, who has been fined $111m by the company's arbitrator as punishment for her #1 NYT bestselling whistleblower memoir, Careless People. Meta has told Wynn-Williams that she may not appear in public to discuss anything, not just her book, and now they've sued her for standing motionless and silent for an hour on a stage at a literary festival:
https://pluralistic.net/2026/06/27/zuckerstreisand-2/#autodisparagement
When Sweeney was given the job of regulating her former employers, it naturally raised questions about whether she would be legally allowed to criticize – or even talk about – Meta. Sweeney declined to comment on this at all for seven months, and now, at last, she has issued a heavily lawyered statement that seems to affirm that she will be allowed to do her job:
But a close read of her words tells a different story: Sweeney has affirmed that she's not bound by the same gag order as Wynn-Williams, but not whether she has any restrictions on her conduct in respect of Meta. This shouldn't be complicated: if Sweeney is indeed free to vigorously enforce the law against Meta, then she could have published a statement the day her appointment was made public: "I do not have any contractual restrictions on my ability to discuss Meta or its current or former personnel." If she is truly able to do this job, then it shouldn't take her half a year to issue a weasel-worded, heavily caveated statement.
Having narrowly escaped the existential crisis of democratic and legal accountability, Big Tech has captured a string of states: Ireland and the UK, and (especially) the USA. The fears of the Marshall Plan technocrats have been realized: Big Tech is Trump and Trump is Big Tech, and together, they are executing an authoritarian takeover of the USA and countries around the world.
Without the US as a willing partner, other countries have precious little chance of enforcing their laws (which were originally American laws). Just look at how Apple has point-blank refused to follow Europe's new tech regulations:
https://pluralistic.net/2025/09/26/empty-threats/#500-million-affluent-consumers
(Worse: Trump has blacklisted the EU officials who worked on those laws and has permanently barred them from entering the USA, and has now requisitioned more official EU correspondence from Big Tech companies so he can locate and punish more of Big Tech's official enemies:)
https://www.euractiv.com/news/eu-urges-us-tech-firms-to-follow-rules-on-handling-staff-data/
Now that the US state has merged with US tech, every country around the world has motive, means and opportunity to build a "post-American internet" of open source apps running at local data centers:
https://pluralistic.net/2026/01/01/39c3/#the-new-coalition
But don't write US enforcers out of the picture just yet! Writing for The Sling, Tyler Clark calls for "regionalized enforcement" by US states against Big Tech companies:
https://www.thesling.org/regionalizing-enforcement-agencies/
You see, it's not just international governments whose lawbooks were rewritten through the Marshall Plan that have access to America's antitrust laws. When Congress wrote the Clayton Act, Sherman Act and other US federal antitrust laws, they explicitly wrote in the power of state Attorneys General to enforce them. That means that 50+ state AGs all have the ability to wield antitrust against US tech giants.
It seems Congress foresaw this moment, when federal enforcers partnered with American monopolists, trading open bribes for approval for corrupt mergers and other illegal conduct:
https://pluralistic.net/2026/02/13/khanservatives/#kid-rock-eats-shit
But where the Feds fail, the states can pick up the slack. When states fine US companies and order their breakup, it's a lot harder for those companies to flout those orders – unlike the EU or Canada or the UK, America's state governments are first class actors in the US judicial system.
That's where Clark comes in: he calls for coalitions of state enforcers to take on US Big Tech, filling the void created by Trump's pay-to-play fed enforcers. A (future) federal statute could enshrine this system through "regional FTC enforcement centers":
https://www.ftc.gov/reports/collaboration-act-report-congress
I like Clark's idea, but I think he's missing a trick: US regional antitrust enforcement doesn't need to lean on the US government for resources and collaboration. There are national governments all over the world whose antitrust laws were created by the Marshall Plan, and those are the same laws that state AGs have at their disposal. And of course, tech companies' crimes aren't just the same in France and Japan – they're also the same in New York State and California.
The US government isn't the only game in town. American state enforcers have a global buffet of enforcement partners, and those international enforcers need American collaborators who can collect the fines they levy and enforce the breakup orders they issue. It's a win-win (for the people, for international enforcers, and the states) and a big loss (for Trump's tech companies and his corrupt antitrust dingo babysitters).
One place this could start: joint hearings that call ex-Big Tech employees as key witnesses, daring companies like Meta to invoke their gag orders. It's one thing to tell Sarah Wynn-Williams she can't talk to a crowd at a book festival, but Meta has taken the position that she cannot speak before a legislature or regulator, either.
Wynn-Williams isn't alone. The Big Tech companies are laying off employees by the thousands, thanks to their failed 11-figure AI bets. Those ex-employees know where every body is buried. They know where to find the memos that establish their ex-bosses' intent to create and maintain monopolies and the hardest part of any antitrust case is establishing intent.
Together, US states and foreign enforcers have the opportunity of the century – a chance to shatter the power of Trump's tech giants, who are so key to Trump's authoritarian takeover.
Hey look at this (permalink)

- Sony Erases Digital Content From Libraries, a Reminder That You Don’t Own What You Buy https://www.wired.com/story/sony-erases-digital-content-from-libraries/
-
enshittification https://www.oed.com/dictionary/enshittification_n?tab=meaning_and_use&tl=true#1649390880
-
Google must pay €4.1bn fine for using Android to 'block' rivals https://www.bbc.co.uk/news/articles/cvgj0pp5p62o
-
We Crunched the Data: There’s a Grocery Price Emergency in America https://www.nytimes.com/2026/06/27/opinion/grocery-prices-inflation.html?unlocked_article_code=1.uFA.EpN1.HGYs0A5uoRrh
-
The Ghost Brand Epidemic in Mowers & Security https://winnowl.com/audits/2026-ghost-brand-epidemic
Object permanence (permalink)
#25yrsago Prohibited synonyms for sex work https://web.archive.org/web/20010803205316/https://www.ci.sparks.nv.us/municode/Title_5/66/100.html
#25yrsago Carthedral https://web.archive.org/web/20010803104957/http://www.carthedral.com/FAQ.html
#25yrsago How solar is decentralizing power in the Domincan Republic https://web.archive.org/web/20010802180254/https://www.wired.com/news/technology/0,1282,44784,00.html
#25yrsago PalmOS streetlamp beam-points https://web.archive.org/web/20010723042420/http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2001/07/05/BU239233.DTL
#25yrsago Poignant story of a dotcom’s death https://web.archive.org/web/20010703095832/http://www.oreilly.com/news/deathofdotcom_0601.html
#20yrsago Haunted house build-notes https://web.archive.org/web/20060710081617/https://www.dragons-eye.com/watch_us_build!.htm
#20yrsago US copyright law in verse https://jergames.blogspot.com/2006/07/us-copyright-code-in-verse.html
#20yrsago Indie band pulls out of iTunes, cites DRM https://web.archive.org/web/20060708093512/https://www.technozid.de/2006/07/06/bodenstandig-2000-are-opting-out-of-itunes/
#20yrsago Coke employees busted for trying to sell formula to Pepsi https://web.archive.org/web/20060712112019/https://edition.cnn.com/2006/LAW/07/05/coke.secrets.ap/index.html
#20yrsago Sf is the only literature people care enough about to steal on the Internet https://www.locusmag.com/2006/Issues/07DoctorowCommentary.html
#20yrsago Steal This Book, the wiki https://web.archive.org/web/20060707015922/https://stealthiswiki.nine9pages.com/index.php?title=Table_of_Contents
#20yrsago Canadian artists call for less copyright https://web.archive.org/web/20060706205719/https://www.theglobeandmail.com/servlet/story/LAC.20060705.COPYRIGHT05/TPStory/
#20yrsago Pirate Party launches in France https://web.archive.org/web/20060706141024/http://www.parti-pirate.info/?page_id=17
#20yrsago Guy successfully trades paperclip for house https://web.archive.org/web/20060806194814/http://oneredpaperclip.blogspot.com/2006/07/interesting.html
#20yrsago Woman gamer voice-changer for impersonating men https://web.archive.org/web/20060711114727/http://www.eurogamer.net/article.php?article_id=65946
#20yrsago Collection of publishing industry statistics https://web.archive.org/web/20060704112005/http://parapublishing.com/sites/para/resources/statistics.cfm
#20yrsago Pen with built-in shredder and FM radio https://web.archive.org/web/20061027190059/http://www.radicauk.com/product/instructions/74011
#15yrsago Women football players half as likely to fake an injury as men https://www.sciencedaily.com/releases/2011/07/110706195906.htm)
#15yrsago WIPO’s Broadcast Treaty is back: copyright nuts want to steal the public domain, kill Creative Commons, and give copyright over your videos to YouTube and other streamers https://www.eff.org/deeplinks/2011/07/its-back-wipo-broadcasting-treaty-returns-grave
#15yrsago Influencing Machine: Brook Gladstone’s comic about media theory is serious but never dull https://memex.craphound.com/2011/07/07/influencing-machine-brook-gladstones-comic-about-media-theory-is-serious-but-never-dull/
#15yrsago Suffragette surveillance photos from 1912 http://news.bbc.co.uk/2/hi/uk_news/magazine/3153024.stm
#15yrsago Steampunk thinking helmet https://tombanwell.blogspot.com/2011/07/tauruscat-final-photos.html
#15yrsago RIP, Len Sassaman: cypherpunk and anonymity hacker https://web.archive.org/web/20110707065058/https://www.cso.com.au/article/392338/young_cryptographer_ends_own_life/
#15yrsago Italian telco regulator grants itself power to censor Internet; Obama administration approves https://hyperorg.com/2011/07/04/obama-admin-backs-berlusconis-unfettered-anti-piracy-regs/
#15yrsago Massive science fiction encyclopedia’s third edition will be digital https://web.archive.org/web/20110709072721/http://www.sf-encyclopedia.com/
#15yrsago HP Lovecraft’s commonplace book https://web.archive.org/web/20110706091953/https://www.wired.com/beyond_the_beyond/2011/07/h-p-lovecrafts-commonplace-book/
#15yrsago America’s copyright scholars speak out against PROTECT-IP bill https://volokh.com/2011/07/04/and-speaking-of-the-inalienable-right-to-the-pursuit-of-happiness/
#15yrsago Little Brother stage adaptation in San Francisco, Jan 2012 https://web.archive.org/web/20130803164337/https://littlebrotherlive.wordpress.com/
#15yrsago Steven “Jumper” Gould’s new novel 7TH SIGMA: genre-busting science fiction/western kicks ass https://memex.craphound.com/2011/07/05/steven-jumper-goulds-new-novel-7th-sigma-genre-busting-science-fiction-western-kicks-ass/
#15yrsago Rotting, abandoned New Orleans theme-park https://www.flickr.com/photos/uelaphantom/sets/72157625672417251/comments/
#15yrsago Spanish anti-piracy execs busted for ripping off artists https://web.archive.org/web/20120510175030/https://arstechnica.com/tech-policy/2011/07/police-raid-spanish-collecting-society-in-embezzlement-case/
#15yrsago Following the money: how spammers do their banking https://krebsonsecurity.com/2011/07/which-banks-are-enabling-fake-av-scams/
#15yrsago Life in an Indian call center https://www.motherjones.com/politics/2011/07/indian-call-center-americanization/
#15yrsago Stross’s Rule 34: pervy technothriller about the future of policing https://memex.craphound.com/2011/07/06/strosss-rule-34-pervy-technothriller-about-the-future-of-policing/
#10yrsago Unpleasant Design: design that bullies its users https://99percentinvisible.org/episode/unpleasant-design-hostile-urban-architecture/
#10yrsago 2016’s Illusion of the Year will make you cover your screen with fingerprints https://www.youtube.com/watch?v=Jri0del_6t4
#10yrsago WEB Du Bois’s infographics on black life, from the 1900 Exposition Universelle https://hyperallergic.com/w-e-b-du-boiss-modernist-data-visualizations-of-black-life/
#10yrsago “Security is what happens to people, not machines” https://www.oreilly.com/content/eleanor-saitta-on-security-as-a-product-of-shared-human-outcomes/
#10yrsago Drone’s eye view photos reveal the racism of South African neighbourhoods https://web.archive.org/web/20160706105856/https://edition.cnn.com/2016/07/06/africa/south-africa-apartheid-drone-photography-unequal-scenes/index.html
#10yrsago Man builds giant, discrete-component-based computer that can play Tetris https://www.megaprocessor.com/
#10yrsago Epipens have more than quintupled in price since 2004 https://inthesetimes.com/article/anaphylactic-sticker-shock
#10yrsago Let’s check in with Pablo Escobar’s herd of feral hippos https://web.archive.org/web/20160706160442/https://www.bangkokpost.com/opinion/opinion/1028733/legacy-of-drug-lord-escobars-pet-hippos
#10yrsago UK Tory leadership race: “a sort of X Factor for choosing the antichrist” https://www.theguardian.com/commentisfree/2016/jul/05/tory-leadership-election-x-factor-choosing-antichrist-brexit-frankie-boyle
#10yrsago UK Tories want 10-year prison sentences for watching TV the wrong way https://torrentfreak.com/uk-bill-introduces-10-year-prison-sentence-for-online-pirates-160706/
#10yrsago Brexit’s other shoe drops: austerity, deregulation, climate nihilism https://www.theguardian.com/commentisfree/2016/jul/04/disaster-capitalism-tory-right-brexit-roll-back-state
#10yrsago After 7 years, UK’s Iraq War inquiry releases 2.6M word report damning Tony Blair and the invasion https://www.theguardian.com/uk-news/2016/jul/06/chilcot-report-crushing-verdict-tony-blair-iraq-war
#10yrsago IS CELL PHONE DO BAD TO CHILD IN CLASSROOM?!11? https://www.youtube.com/watch?v=2JdyABt6Ldo
#10yrsago UK cops routinely raided police databases to satisfy personal interest or make money on the side https://www.bigbrotherwatch.org.uk/wp-content/uploads/2016/07/Safe-in-Police-Hands.pdf
#10yrsago New York’s stately libraries sport hidden apartments for live-in caretakers https://www.6sqft.com/life-behind-the-stacks-the-secret-apartments-of-new-york-libraries/
#10yrsago Russia’s ghastly Children’s Rights Commissioner finally quits https://globalvoices.org/2016/07/04/russias-childrens-rights-commissioner-is-stepping-down-but-well-remember-him-for-these-7-things/
#10yrsago Frederick Douglass’ “The Meaning of July the Fourth for the Negro,” read by James Earl Jones https://www.youtube.com/watch?v=E2YYEceo1HI
#10yrsago Sanders supporters are the least racist https://web.archive.org/web/20160705084803/https://blogs.reuters.com/talesfromthetrail/2016/07/01/belatedly-what-sanders-supporters-say-about-race/
#10yrsago Hidden “anti-crime” mics are proliferating on US public transit, recording riders’ conversations https://web.archive.org/web/20160704073920/https://www.csoonline.com/article/3090502/security/big-brother-is-listening-as-well-as-watching.html
#10yrsago Nigel “Brexit” Farage, having tanked the UK economy, retires to “get his life back” https://www.bbc.com/news/uk-politics-36702468
#10yrsago Peak indifference: privacy as a public health issue https://locusmag.com/feature/cory-doctorow-peak-indifference/
#10yrsago ANSI board member thinks we should all pay for sex (and also pay to read the law) https://www.techdirt.com/2016/07/07/standards-body-whines-that-people-who-want-free-access-to-law-probably-also-want-free-sex/
#10yrsago Post-Brexit, EU Commission plan to ram through disastrous Canada-EU trade deal dies https://wolfstreet.com/2016/07/02/to-save-canada-eu-trade-pact-ceta-eu-assaults-democratic/
#10yrsago Claude Shannon, MOOCs, and nanoassembly: what 3D printing is really about https://www.edge.org/conversation/neil_gershenfeld-digital-reality
#5yrsago Comic book store files comic-book lawsuit https://pluralistic.net/2021/07/07/instrumentalism/#legal-funnies
#5yrsago Biden delivers Right to Repair via executive order https://pluralistic.net/2021/07/07/instrumentalism/#r2r
#5yrsago Technological self-determination https://pluralistic.net/2021/07/07/instrumentalism/#self-determination
#5yrsago Self-publishing https://pluralistic.net/2021/07/04/self-publishing/
#5yrsago Conspiracy fantasy https://pluralistic.net/2021/07/05/ideomotor-response/#qonspiracy
#5yrsago Quantifying copyright reversion https://pluralistic.net/2021/07/06/backsies/#take-backs
Upcoming appearances (permalink)

- London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- Can AI be Saved From Capitalism? (Everyday Anarchism)
https://www.everydayanarchism.com/192-can-ai-be-saved-from-capitalism-cory-doctorow/ -
Lawfare Daily
https://www.youtube.com/watch?v=T1KIwaYRs1g -
How to Think About AI (Organized Money)
https://www.organizedmoney.fm/p/how-to-think-about-ai-with-cory-doctorow -
Breaking Points
https://www.youtube.com/watch?v=VJmUbkRqXeE -
A.I. Enshittifies Everything (Slate)
https://slate.com/podcasts/what-next-tbd/2026/06/cory-doctorow-thinks-a-i-is-overvalued-and-overrated-and-still-a-threat
Latest books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026
https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/ -
"Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Fourth draft completed. Submitted to editor.
- A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- CARDiac, syntax coloring, view source and vibe code: With great abstraction comes great power comes great responsibility comes great loss of fidelity.
- Hey look at this: Delights to delectate.
- Object permanence: Real elections v reality TV; Copyright troll loses license; Who gets fed housing subsidies? Trump x forced labor.
- Upcoming appearances: London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
CARDiac, syntax coloring, view source and vibe code (permalink)
In the mid-1970s, my dad – then a budding computer scientist, subsequently a math teacher – brought home my first computer: the CARDiac, a Turing-complete, all-cardboard papercraft computer that you could write and execute programs on:
https://en.wikipedia.org/wiki/CARDboard_Illustrative_Aid_to_Computation
CARDiac stands for "CARDboard Illustrative Aid to Computation," and it was created in 1968 at Bell Labs as a way to teach high schoolers how computers worked. I wasn't anywhere near high school age (I think I was in third grade?) but the CARDiac was revelatory. The year before, I'd had access to a teletype terminal and acoustic coupler that let me operate a PDP machine at the University of Toronto, and I'd been endlessly fascinated with the possibilities. I wrote simple BASIC programs, chatted with ELIZA, and messaged other system users, one keystroke at a time, all on paper (the terminal didn't have a screen, just a printer, and we fed it 1,000' rolls of paper towels my mom brought home from her kindergarten classroom, which I then rolled back up so she could put them back in the bathroom for the kids to dry their hands on).
Interacting with a computer in real-time was captivating, but it wasn't until I assembled and used the CARDiac that it all snapped into place. With the CARDiac, you composed simple programs with pencil and paper, then followed instructions that directed you to move paper tokens in and out of various slots representing memory cells and an accumulator. All an electronic computer does is repeat these crude mechanical operations, millions of times per second, using microscopic transistors. None of that action can be observed with the naked eye, of course. If you had a very sensitive multimeter and a very good microscope, it's conceivable that you could indirectly watch this intricate dance, but only on very early processors, and only if you drastically slowed down their operations.
Much later, I learned a word for what I got from the CARDiac: legibility. Together, the CARDiac and I made a working digital computer, with me standing in for the physics that propels electrons down the endless labyrinth of a microchip, like a pinball triggering various blooping, beeping bumpers. Though the computing we performed was sub-trivial (adding one and one was a major undertaking!), the physical performance of that computing imbued me with Fingerspitzengefühl ("fingertip feeling"):
https://en.wikipedia.org/wiki/Fingerspitzengef%C3%BChl
This stood me in great stead in the years to come. To this day, when I think about my computer, I sometimes imagine those little cardboard tokens, shuffling in and out of the slits in my paper CARDiac. There's something very reassuring about this imagery. No matter how many levels of abstraction sit between me and the nanoscale transistors ranked in their billions beneath my fingertips, they are all undertaking those familiar operations I painstakingly performed on my child's desk all those years ago.
(This is one of the things that makes Science Comics Computers: How Digital Hardware Works such an amazing kids' book! By illustrating how a computer's operations are built up from simple boolean logic that can be represented as physical switches, the comic performs that same legibilizing magic that I got from the CARDiac:)
https://pluralistic.net/2025/11/05/xor-xand-xnor-nand-nor/#brawniac
Not long after my CARDiac experience, my dad brought home an Apple ][+, which came with a schematic that revealed the inner workings of the machine in ways that I found visually striking, if significantly less accessible than the CARDiac:
(For me, at least. For the legendary hardware hacker Andrew "bunnie" Huang, it was the start of a journey that turned him into one of the world's virtuoso reverse-engineers and science communicators):
https://pluralistic.net/2026/01/09/quantity-break/#so-many-chips
The Apple ][+ did very little when you took it out of the box. It came with a few floppies' worth of demo programs, and we bought a few more down at the local computer store, but most of the programs I ended up using with that machine were ones I typed in myself, from magazines I bought at the corner store (I spent half my magazine budget on Cracked, Mad and Crazy, the other half on computer magazines full of BASIC program listings).
Typing in a program, keystroke by keystroke, was another Fingerspitzengefühl-generating exercise. I wasn't much of a typist, so it was slow going, and of course I made a lot of typos. What's more, BASIC had already fragmented into several dialects by this point, so even a correctly typed program could fail to run until it had been adapted for the BASIC that shipped with the computer. Getting a program to run on my computer required me to hone my typing skills, but even more so, my problem solving skills.
After months of this, I (re-)invented the debugger, from first principles, coming up with lots of little tricks and gimmicks (many of them horribly inefficient) for identifying and solving my programs' errors. In later years, I had lots of opportunity to work with real debuggers, created and maintained by trained programmers who'd forgotten more than I would ever know about writing code, and my own cack-handed efforts to build my own version of their tools conferred a confidence and intuitive understanding that I could not have achieved otherwise. Figuring out the need for a debugger and then rolling my own (crude, inefficient) one made all debuggers more legible to me.
I think that "legibility" is an underrated trait. If a system is legible to you, then you have a superior basis for understanding it, improving it, and making it work again when it breaks down.
There's an old joke that goes, "physics is applied math; chemistry is applied physics, and biology is applied chemistry" (I've also heard versions that start with "math is applied philosophy" and carry on to "sociology is applied biology," etc). While this isn't entirely true, there's something profound in it: we understand and manipulate our complex reality by wrapping it in abstractions that package up a writhing, shuffling, vibrating machine inside a smooth, serene membrane with a sturdy and easily grasped handle. You could do chemistry using the tools of physics, but it would take hours to perform the kind of calculations a chemist does in seconds (just as it takes an eternity to add one and one with a CARDiac).
Nevertheless, there are times when it is useful for a biologist to think about chemical processes, and for a chemist to think about interactions at the level of physics, and for a physicist to do math. The membrane and the handle are essential, but sometimes you have to decap the sealed package and inspect and manipulate its internals directly. Problem solving, improvement and maintenance all require the ability to move up and down the stack of abstractions to figure out where to stick your probes and stage your interventions.
This is where legibility comes in. Interacting with physical processes improves your mental model. In Broad Band (a magisterial history of women in computing), Claire Evans talks about how the first programmers were women who did the "unskilled" labor of physically cabling components together, developing powerful Fingerspitzengefühl, with such high-fidelity, trans-abstraction mental models of the machines' operations that they became the world's best programmers and debuggers:
https://pluralistic.net/2021/02/13/data-protection-without-monopoly/#broad-band
My early adventures in programming were so powerful and instructive because nearly all the programs I interacted with on my Apple ][+ were written in BASIC (not just the ones I keyed in, but also the demo software and much of the packaged software we bought). That meant that I could get a listing of any program I was using, peeling open the membrane to look at the machinery underneath. I could even laboriously trace the operations of that program using my toy debugger. This, too, was legibility: the ability to flip between the effects of the running code, and the instructions themselves (and then to mentally map those instructions onto the movement of cardboard tokens in my CARDiac).
This affordance was repeated later on the early web, thanks to the "View Source" function that came built into every browser, acting as a velcro tab for the membrane that separated rendered web pages from their underlying instructions. In my early years as a web developer, I copied, pasted, adapted, probed and traced HTML in ways that would have been instantly recognizable to the younger me, keying in those BASIC programs and ripping apart the commercial software on my computer.
I read somewhere that the Bell Labs scientists who created the CARDiac were worried that, thanks to transistorization, the next generation of programmers wouldn't understand the physical, material processes that unfolded when their programs ran, and that this would mean a loss of legibility and intuition and Fingerspitzengefühl. I can't track down the reference now, but it stuck with me, because the CARDiac is such a perfect way of preserving those virtues.
Modern computer science curriculum includes some chip design for just this reason (just as chemists study physics and biologists study chemistry). But there are plenty of programmers – better programmers than I ever was or will be – who taught themselves and never had a CARDiac or gave much thought to chip design. They work at different layers of abstraction and in different ways to solve different problems. Maybe they could improve their art by tinkering with FPGAs, but there's always something even the most skilled artisan can do to round out and incrementally improve their craft.
In the same way, there are plenty of programmers – better ones than I ever was or will be – whose journey started at higher abstraction layers than a teletype terminal or a CARDiac. Maybe they started with a browser's View Source, teasing apart other people's Javascript to create weird Myspace customizations. Maybe they tweaked a programmable block in Minecraft. Maybe they modded a Scratch game. Or maybe they recorded macros using Applescript or Hypercard or Visual Basic to automate a routine task, only to later open up the source code generated by the macro recorder to make fine adjustments.
Whether you're pasting source from Stack Overflow or recording a macro in Excel, you are just one operation away from unwrapping the membrane and exposing the code beneath it. And with the modern internet, with Wikipedia, with endless tutorial videos, you are one further operation from penetrating the high level code to get at the code beneath it, and the code beneath that, and the code beneath that, all the way down to the bare metal.
Which brings me to vibe coding. As I've written, there's a world of difference between writing code for production and writing "personal software" that solves a problem you have. Whatever deficits that code has (due to the fact that you're not a skilled programmer) are offset by the fact that you're the one making the tool (which means your needs aren't lossily filtered through a programmer's understanding of those needs):
https://pluralistic.net/2026/06/15/vernacular/#hypercardian
There's nothing wrong with code that solves your problem, even if you don't know how that code works, even if it breaks in a couple of years, even if no one else could maintain, extend or debug that code. Personal software is fundamentally different from software made to be used and maintained by others:
https://pluralistic.net/2026/07/02/canonization/#operate-iterate-improve
Higher-level abstractions are necessary. Moving tokens between the slits in a CARDiac is a powerful exercise, but eventually you want to do something more substantial than adding one and one, and so you need to package up the mechanics of computing inside a membrane with an easily grasped handle (knowing that you can always open the membrane if need be).
The more automated code you generate – macros, pasted Javascript, Minecraft blocks – the greater the likelihood that you will be failed by a readymade, prefab component. At that point, you have means, motive and opportunity to open the membrane and start tinkering with the internals, and every time you do, you have a better chance of making a realization that improves your grasp on the whole system.
Automated code – whether from an LLM, View Source, Stack Overflow, or a macro recorder – is the top of a funnel. Many – most – of the people who enter the funnel won't slip further down the abstraction chute. They'll solve their problem (a virtue unto itself!) and move on. But the more people we put at the top of the funnel, the more chances our civilization gets to produce another skilled artisan who understands and can improve, iterate and repair the code the rest of us use.
Hey look at this (permalink)

- Crime Pays: The Egg Bandits Made A Thousand Times the Fine They Just Paid for Price Fixing https://www.thebignewsletter.com/p/crime-pays-the-egg-bandits-made-a
-
Digital elbows up https://betakit.com/digital-elbows-up/
-
Stochastic wage suppression on gig platforms and how to organize against it https://arxiv.org/abs/2604.15962
-
The Hacker Digest – LIFETIME (PDF) https://store.2600.com/collections/subscriptions-renewals/products/the-hacker-digest-lifetime-pdf
-
Coprophagia Is Bad For You https://blog.dshr.org/2026/06/coprophagia-is-bad-for-you.html
Object permanence (permalink)
#20yrsago What real elections can learn from reality TV voting https://henryjenkins.org/2006/07/democracy_big_brother_style_1.html
#20yrsago Veteran print journo on neglected demographics http://citmedia.org/blog/2006/07/03/guest-posting-is-media-performance-democracys-critical-issue/
#10yrsago One of the copyright’s scummiest trolls loses his law license https://fightcopyrighttrolls.com/2016/07/03/prendas-hansmeier-stipulates-to-suspension-of-his-law-license/
#10yrsago Macedonia’s Colorful Revolutionaries defy the state by splashing paint on government buildings and monuments https://globalvoices.org/2016/07/03/defying-police-harassment-the-macedonian-colorful-revolutionaries-continue-to-chant-freedom/
#10yrsago Trump and Brexit are like lotto tickets: the more unrealistic, the better https://www.irishtimes.com/news/world/europe/fintan-o-toole-brexit-and-the-politics-of-the-fake-orgasm-1.2707398
#10yrsago Low income US households get $0.08/month in Fed housing subsidy; 0.1%ers get $1,236 https://web.archive.org/web/20160702151008/https://www.thenation.com/article/who-benefits-most-from-housing-subsidies-the-wealthy/
#5yrsago The future is symmetrical https://pluralistic.net/2021/07/03/beautiful-symmetry/#fibrous-growth
#1yrago Trump's not gonna protect workers from forced labor https://pluralistic.net/2025/07/03/states-rights-trumps-wrongs/#mamdani
Upcoming appearances (permalink)

- London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- Lawfare Daily
https://www.youtube.com/watch?v=T1KIwaYRs1g -
How to Think About AI (Organized Money)
https://www.organizedmoney.fm/p/how-to-think-about-ai-with-cory-doctorow -
Breaking Points
https://www.youtube.com/watch?v=VJmUbkRqXeE -
A.I. Enshittifies Everything (Slate)
https://slate.com/podcasts/what-next-tbd/2026/06/cory-doctorow-thinks-a-i-is-overvalued-and-overrated-and-still-a-threat -
A World That Just Might Work
https://aworldthatjustmightwork.com/2026/06/cory-doctorow-ai-use-it-dont-buy-the-hype-dont-feed-the-bubble/
Latest books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026
https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/ -
"Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Fourth draft completed. Submitted to editor.
- A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- The difference between "today's task" and "accretive work": Sometimes, "I got it working" is fine, but sometimes it isn't.
- Hey look at this: Delights to delectate.
- Object permanence: Series of tubes; Paralyzed teen beaten bloody by TSA; "Ultra unreal" Chinese lit; London property prices v Brexit; Biden v surprise billing; "Feeding Ghosts."
- Upcoming appearances: London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
The difference between "today's task" and "accretive work" (permalink)
One thing I've learned about paradoxes: often the answer to the riddle of "how can this one thing have such a contradictory set of features and effects?" is "it's not one thing, it's two things*."
That's the idea that set me on the path to writing about "reverse centaurs" and AI. I was hearing from experienced programmers whom I knew to be reliable narrators of their own experience who described how AI was letting them write the best code of their lives; and from equally experienced and reliable coders who described a nightmare of tech debt: "I work in aviation, and I just don't think anyone should ever fly again, those things are now unsafe at any altitude, thanks to the code I had to sign off on":
https://pluralistic.net/2025/09/11/vulgar-thatcherism/#there-is-an-alternative
For so long as I thought of both of these groups as doing the same thing and getting wildly different outcomes, this was a paradox. But as soon as I realized that the former group were "centaurs" (workers who get to decide and direct their adoption of automation) and the latter were reverse centaurs (workers who were conscripted to serve as peripherals for automation systems), it all snapped into place. It only looked like they were doing the same thing – they were actually engaged in fundamentally different activities, which is why they were having such different experiences.
The same goes for vibe coding. Plenty of people I knew had gotten real value out of vibe coding personal utilities that made things better for them in a way that I instantly recognized from a life spent around people who'd been able to adapt and customize the systems they used to make their lives better:
https://pluralistic.net/2024/01/25/today-in-tabs/#unfucked-rota
Vibe coding can be seen as part of a lineage that includes shell scripting, Applescript, Hypercard and Visual Basic: ways for technical novices to directly create personal software, without having to ask a programmer to interpret their needs (and without having to pay every time they wanted to do something new with their computers):
https://pluralistic.net/2026/06/15/vernacular/#hypercardian
But if that's so, how to make sense of the seeming paradox of all that tech debt? For a tech company, code is a liability, not an asset:
https://pluralistic.net/2026/01/06/1000x-liability/#graceful-failure-modes
AI's pitch to bosses is that they can fire most of their workers in order to terrorize the remainder into tolerating a working life wherein they are made to mark the AI's homework, at superhuman speed, and to assume the blame when it goes wrong. This is obviously a terrible way to write code:
https://pluralistic.net/2024/04/23/maximal-plausibility/#reverse-centaurs
But it's also obviously going to produce terrible code:
https://pluralistic.net/2025/05/27/rancid-vibe-coding/#class-war
So is vibe code a way of empowering people to have the personal, vernacular tools that they design and adapt as they see fit? Or is it a way to shovel technological asbestos into the walls at scale, filling up our high-tech society with ghastly, lethal technical debt we'll be digging our way out of for generations?
Again: the paradox falls away once you realize that personal software you write for yourself is fundamentally different from "production code" that other people have to use, maintain and improve.
In an essay inspired by some thoughts on AI and mathematical theorem proving, Kellan Elliott-McCrea crystallizes this distinction in a really sharp way, bringing in Alex Kontorovich's idea of mathematical "canonization":
By canonization, I mean the process of taking a local, one-off formalization and turning it into library mathematics: general, reusable, coherent, efficient, and compatible with the rest… Canonization often changes the picture itself: the definitions, the abstractions, the API, and sometimes even the statement…
https://laughingmeme.org/2026/06/30/canonization-and-the-overhang.html
Elliott-McCrea posits that making code that is "socially constructed in a way that leaves the team prepared to operate on it, iterate it, and improve it" is the difference between "I got it working" and "something the future can build on."
He's not claiming that "I got it working" is worthless. There's plenty of space for "disposable and single use software." Sure, to a trained software engineer, this might be "bad code" but doing today's task has value, even if the code that performs that task isn't "accretive."
Canonization is accretive. To canonize code is to make it "legible to systems of humans and non-humans operating on it." Free/open source software is the backbone of the canon: "decades of…intelligible, build-on-able work, sitting in public repos."
My "reverse centaurs" thesis isn't just a way to understand how programmers who seem to be doing the same thing can have such different effects. It's also about how the way that the capital was raised for AI requires that it produce as many reverse centaurs as possible, because the only way to recoup the farcical sums associated with AI production is to fire millions of workers and replace them with defective chatbots backstopped by the jobspocalypse's terrorized survivors, who can be made to endlessly toil away at marking the AI's homework because there are so many other workers who'll take their jobs if they refuse.
The point being that while centaurs are good and reverse centaurs are bad, the AI bubble requires the production of reverse centaurs, to the exclusion of centaurs.
In a similar vein, Elliott-McCrea describes how the imperatives of the AI industry are devouring its seed-corn – consuming the canon without putting anything new back in it. In the same way that AI can do endless theorem-proving but is essentially useless for creating "library mathematics: general, reusable, coherent, efficient, and compatible with the rest," AI can write a lot of running code, but the AI industry is further devaluing the already undervalued work of cleanup and canonization. As Elliott-McCrea writes, "the social production of knowledge [is] the seed corn."
Hey look at this (permalink)

- No Touch Money https://www.unpopularfront.news/p/no-touch-money
-
After Trump v Slaughter the Answer Is Court Reform https://economicpopulist.substack.com/p/after-trump-v-slaughter-the-answer
-
County With 37 Data Centers Asks Schools to ‘Conserve Electricity’ https://www.404media.co/henrico-virginia-datacenter-energy-cost-email/
-
The Assault on Congress’s Anti-Monopoly Solution https://prospect.org/2026/07/01/supreme-court-assault-on-congress-anti-monopoly-solution/
-
Spain’s Solar Is So Cheap Investors Are Looking for an Exit https://archive.is/EZMV8
Object permanence (permalink)
#20yrsago Sen. Stevens’ hilariously awful explanation of the Internet https://web.archive.org/web/20060704034735/http://blog.wired.com/27BStroke6/?entry_id=1512499
#20yrsago Best music of 1900s-1920s as MP3s https://web.archive.org/web/20060703112442/http://www.foldedspace.org/weblog/2006/06/in_the_good_old_summertime.html
#15yrsago “No Endorsement” — aligning the interests of creators and fans https://locusmag.com/feature/cory-doctorow-no-endorsement/
#15yrsago Peruvian TV station owners held out for bribes that were 100X larger than those received by judges https://web.archive.org/web/20110705085927/http://fsi.stanford.edu/publications/how_to_subvert_democracy_montesinos_in_peru/
#10yrsago Paralyzed, partially deaf-blind teen with brain tumor beaten bloody by TSA https://wreg.com/news/disabled-st-jude-patient-sues-airport-and-tsa-after-bloody-scuffle-with-airport-police/
#10yrsago China’s “ultra-unreal” literary movement takes inspiration from breathtaking corruption https://lithub.com/modern-china-is-so-crazy-it-needs-a-new-literary-genre/
#10yrsago London luxury property prices plummet after Brexit vote https://www.standard.co.uk/news/london/london-house-prices-slashed-after-brexit-vote-a3285731.html
#5yrsago Biden admin orders an end to surprise billing https://pluralistic.net/2021/07/02/spoil-the-surprise/#surprise-billing
#1yrago Tessa Hulls's "Feeding Ghosts" https://pluralistic.net/2025/07/02/filial-piety/#great-leap-forward
Upcoming appearances (permalink)

- London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- Lawfare Daily
https://www.youtube.com/watch?v=T1KIwaYRs1g -
How to Think About AI (Organized Money)
https://www.organizedmoney.fm/p/how-to-think-about-ai-with-cory-doctorow -
Breaking Points
https://www.youtube.com/watch?v=VJmUbkRqXeE -
A.I. Enshittifies Everything (Slate)
https://slate.com/podcasts/what-next-tbd/2026/06/cory-doctorow-thinks-a-i-is-overvalued-and-overrated-and-still-a-threat -
A World That Just Might Work
https://aworldthatjustmightwork.com/2026/06/cory-doctorow-ai-use-it-dont-buy-the-hype-dont-feed-the-bubble/
Latest books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026
https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/ -
"Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Fourth draft completed. Submitted to editor.
- A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Trump’s $1.4 billion crypto disclosure
Today's links
- Technocarcinization: Enshittification is the great leveler.
- Hey look at this: Delights to delectate.
- Object permanence: Grampa's backyard Disneyland; Elizabeth Warren on monopolies; Spotify v Apple (antitrust edn); Exxon lobbyist confesses; "When the Sparrow Falls."
- Upcoming appearances: London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Technocarcinization (permalink)
"Carcinization" is a curious biological phenomenon: given enough time, across many environments, many species will evolve into crabs. The body-type of a crab, with its low center of gravity, sideways gait (useful for evading predators), ease of concealment and protected organs is suitable to many different environments:
https://en.wikipedia.org/wiki/Carcinisation
Lately, I've watched the American Big Tech platforms as they underwent their own form of technocarcinization, which is when every tech company turns into Facebook.

For a long time, it seemed to me that you could make sense of the tech platforms by placing them into one of four quadrants on a 2×2 grid, in which one axis denoted "control freakishness" and the other, "surveillance."
Each quadrant had its own canonical company. The most surveillant/least controlling company (top left) was Google. They would let you roam the whole wide internet and exert no control over your conduct, but would spy on you wherever you went. The least surveillant/most controlling company was Apple, who imprisoned you in its manicured walled garden, but promised never to spy on you. The non-spying/non-controlling option is free/open source tech (of course), which doesn't care what you do, and doesn't watch you do it. And the most spying, most controlling company was Facebook, a company whose products did everything they could to imprison you within their virtual walls, from which vantage they could effect maximal surveillance.
I've used this comparison many times over the years. I included in my 2023 book The Internet Con, along with the joke that Tiktok's position on the grid was so far up and to the right (maximum surveillance and control) that we'd had to put its logo on the back cover. Enough people took this joke seriously and wrote in to complain that they'd gotten a misprint without the logo that we added it to the paperback:
https://www.versobooks.com/products/3035-the-internet-con
The grid was useful, until technocarcinization started to push all the tech companies into that top right quadrant. Apple is no longer the company that protects you from surveillance – they're the company that spies on you, having secretly added a total surveillance system to the iPhone to target ads to you:
https://pluralistic.net/2022/11/14/luxury-surveillance/#liar-liar
Apple can't even claim to protect you from third-party surveillance. Sure, they block Facebook from spying on you, but they have barred ICE Block, an app that tells you if there are ICE chuds hunting in your neighborhood, looking to kidnap you and send you to a concentration camp. Apple declared ICE mercenaries to be a "protected class":
https://pluralistic.net/2025/10/06/rogue-capitalism/#orphaned-syrian-refugees-need-not-apply
And thanks to Apple's control-freakery – which prevents you from overriding Apple's decisions about your own devices – once Apple decides to spy on you or sell you out to fascist goons, there's nothing you can do about it:
https://locusmag.com/feature/cory-doctorow-neofeudalism-and-the-digital-manor/
Then there's Google, the company that ran a free-range livestock operation in which you could roam wherever you liked, because they could always find you when it was time for the slaughter. For years now, Google has been moving inexorably to the kind of control-freak nonsense that you used to only find in one of Apple's crystal prisons.
For example, every year or two, Google floats a proposal to use secure hardware in your device to rat you out if you've got an ad-blocker, privacy blocker, or other aftermarket add-on that lets you choose how you experience the digital world:
https://pluralistic.net/2023/08/02/self-incrimination/#wei-bai-bai
It's an idea they just can't quit, despite the fact that it's fucking abominable and everyone hates it:
https://pluralistic.net/2026/06/12/compelled-speech/#quishing
Google used to pride itself in its ability to send you to the open web, viewing search as a conduit to other peoples' resources. Now, with AI search summaries, Google is harvesting the open web and then eating the seed corn, keeping searchers inside of Google's walled garden:
https://pluralistic.net/2026/06/29/arsonist-firefighters/#im-feeling-lucky
Google also took the idea of a free/open browser and ran with it, rehabilitating some discarded Apple code and turning it into Chrome, the internet's most dominant browser – by far. Now, Google is nerfing that browser's plug-in architecture in a way that blocks all kinds of user-tunable options, including and especially ad-blocking:
https://protonprivacy.substack.com/p/google-is-finally-killing-ublock
And Google has also announced that they're going to turn Android into an iPhone, making it both technically challenging and radioactively illegal for you to install software of your choosing on your own property:
Google is adopting every one of Apple's worst practices, and Apple is adopting all of Google's worst practices, and so they're both turning into Facebook: technocarcinization!
What's driving this technocarcinization? Well, the obvious answer is that the more Facebooklike a company becomes, the more ways there are for it to rip you off. Surveillance can be monetized by selling your data, by ad targeting, and by surveillance-based pricing and wage-suppression:
https://pluralistic.net/2026/01/21/cod-marxism/#wannamaker-slain
Control lets platforms block competing products, extract massive junk fees to the businesses they connect you to, and control repair and end-of-life, forcing you to replace hardware by blocking parts and independent service:
https://pluralistic.net/2026/01/10/markets-are-regulations/#carney-found-a-spine
It turns out that "if you're not paying for the product, you're the product" is only half-right. The other half is, "even if you pay for the product, you're the product." Pay, don't pay: companies will productize anyone they can. And thanks to our enshittogenic policy environment – where the worst ideas of the worst people make the most money – you can always be productized:
https://pluralistic.net/2025/09/10/say-their-names/#object-permanence
This is independent of the kind of person running the company. Facebook is run by Mark Zuckerberg, a cringe halfwit whose only successful idea was to offer Harvard bros a way of nonconsensually rating the fuckability of female undergrads. Everything he's done since was an acquisition (Whatsapp, Insta) or a flop (metaverse, Libra), or both (Oculus). Zuck owns the majority of the voting stock in the company, which means he has total control over its actions. He can ignore or fire his board members at will. He is the move fast/break things guy, whose every foolish whim can become policy that impacts billions of people.
By contrast, Google and Apple are no longer run by their flamboyant founders, who were every bit as prone to folly as Zuck. They were constrained by their shareholders, which meant that the blast-radius of Steve Jobs's worst ideas (like treating his otherwise curable cancer with green juice) were confined to his own person.
Today, Apple and Google are run by bloodless business sociopaths who go to enormous lengths to project an air of sober adulthood. And yet, these people – who would never be caught dead bow-hunting their own livestock or climbing into an MMA cage – have steered their companies into Facebook's quadrant on our enshittification 2×2.
I think this shows just how much the enshittification of tech is a matter of the policy environment, not the personalities of the people involved. Sure, the worst people imaginable run these companies, but the reason they're able to yield to their most venal impulses and succeed is because the world has been re-arranged to make sociopathy and greed into fitness factors. We get technocarcinization because the most fit organism for a landscape without consequences is a zuckerbergian techno-crab:
https://pluralistic.net/2023/07/28/microincentives-and-enshittification/
What can we do about it? Well, we're going to have to remake the landscape to punish (rather than reward) enshittification:
https://pluralistic.net/2026/01/01/39c3/#the-new-coalition
And in the meantime, there is one inhabitant of the 2×2 that hasn't drifted up and to the right: free and open source software. It's still snugly nestled in the low-surveillance/low-control box, and if you live in that box, your life will be much, much better for it.
There's no better time to make the switch: with RAM and storage prices through the ceiling and OSes growing ever-more bloated with AI and spyware (but I repeat myself), this is the moment to rehabilitate that old computer with Linux:
https://www.fosslinux.com/158206/linux-on-older-hardware-revival-guide.htm
The alternative is to be tormented by crabs no matter what you're trying to do or where you're trying to get to.
Hey look at this (permalink)

- How the AI bubble could pop and take down the global economy, according to the BIS https://www.theregister.com/ai-and-ml/2026/06/29/how-the-ai-bubble-could-pop-and-take-down-the-global-economy-according-to-the-bis/5263793
-
To Decarbonize Quickly, Think Beyond Electrification https://jacobin.com/2026/06/climate-electrification-homes-cars-decarbonization-tech
-
Ireland is big tech’s lapdog – and that compromises its EU presidency https://www.theguardian.com/commentisfree/2026/jun/30/ireland-big-tech-lapdog-eu-presidency-digital-sovereignty
-
Beyond Denial How Oil Execs Shaped a Landmark Climate Study https://www.propublica.org/article/wedges-climate-research-bp-fossil-fuel-princeton
-
US Supreme Court just blew up EU-US Data Transfers https://noyb.eu/en/us-supreme-court-just-blew-eu-us-data-transfers
Object permanence (permalink)
#15yrsago Print-on-demand and donations - report on DIY publishing business models https://www.publishersweekly.com/pw/by-topic/columns-and-blogs/cory-doctorow/article/47858-with-a-little-help-heuristics.html
#15yrsago Brazil rises up for free speech in 40 national demonstrations https://globalvoices.org/2011/06/30/brazil-freedom-march/
#10yrsago Grandad builds miniature backyard Disneyland https://abcnews.com/Lifestyle/grandpa-builds-disneyland-inspired-backyard-theme-park-grandkids/story?id=40276633
#10yrsago Elizabeth Warren on monopolies in America, including Apple, Google, and Amazon https://washingtonmonthly.com/2016/06/30/elizabeth-warrens-consolidation-speech-could-change-the-election/
#10yrsago White House plan to use data to shrink prison populations could be a racist dumpster fire https://www.wired.com/2016/06/white-house-mission-shrink-us-prisons-data/
#10yrsago Even if Moore's Law is "running out," there's still plenty of room at the bottom https://www.technologyreview.com/2016/05/13/245938/moores-law-is-dead-now-what/
#10yrsago Black-hat hacker handles are often advertisements https://www.wired.com/beyond-the-beyond/2016/07/web-semantics-modern-german-black-hat-hacker-handles/
#10yrsago Spotify threatens to report Apple to competition regulators over App Store rejection https://web.archive.org/web/20160630220301/https://www.recode.net/2016/6/30/12067578/spotify-apple-app-store-rejection
#10yrsago Researchers find over 100 spying Tor nodes that attempt to compromise darknet sites https://www.defcon.org/html/defcon-24/dc-24-speakers.html#Noubir
#5yrsago Exxon lobbyist confesses to his crimes https://pluralistic.net/2021/07/01/basilisk-tamers/#exxonknew
#5yrsago When the Sparrow Falls https://pluralistic.net/2021/07/01/basilisk-tamers/#rage-against-the-machine
Upcoming appearances (permalink)

- London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- Lawfare Daily
https://www.youtube.com/watch?v=T1KIwaYRs1g -
How to Think About AI (Organized Money)
https://www.organizedmoney.fm/p/how-to-think-about-ai-with-cory-doctorow -
Breaking Points
https://www.youtube.com/watch?v=VJmUbkRqXeE -
A.I. Enshittifies Everything (Slate)
https://slate.com/podcasts/what-next-tbd/2026/06/cory-doctorow-thinks-a-i-is-overvalued-and-overrated-and-still-a-threat -
A World That Just Might Work
https://aworldthatjustmightwork.com/2026/06/cory-doctorow-ai-use-it-dont-buy-the-hype-dont-feed-the-bubble/
Latest books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026
https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/ -
"Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Fourth draft completed. Submitted to editor.
- A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Jo Walton's "Everybody's Perfect": A mystical tour-de-force that makes you feel like your mundane life until this point has all been a boring dream.
- Hey look at this: Delights to delectate.
- Object permanence: Corruption; How much (little) are the AI companies making?
- Upcoming appearances: London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Jo Walton's "Everybody's Perfect" (permalink)
There's a new Jo Walton book, called Everybody's Perfect. Because it's a Jo Walton novel, you know in advance that three things are true about it:
- It is beautiful;
-
It is profound;
-
It is unlike every other novel, including every other Jo Walton novel.
https://us.macmillan.com/books/9781250314055/everybodysperfect/
Now, just because it's not like any other Jo Walton novel, that doesn't mean that it's not recognizably in a lineage of Walton's work, especially Walton's recent novels, which reflect an amazingly fruitful deep friendship and artistic relationship with the brilliant novelist and historian Ada Palmer:
https://pluralistic.net/2022/02/10/monopoly-begets-monopoly/#terra-ignota
Walton's work has always been incredible. I mean, every new Jo Walton novel is my favorite Jo Walton novel…until the next Jo Walton novel comes along and blows it out of the water. Her "small change" trilogy, a series of locked-door mystery novels set in a Britain that capitulated to the Nazis, is even more prescient today than it felt 20 years ago:
Among Others – a fictionalized, fantasy memoir about growing up reading genre novels – was so good that it deserved to win two Hugos:
And My Real Children haunts me to this day. I read it all in one sitting, in a hotel room, stricken by jetlag and hooked deep into Walton's narrative about the two paths her protagonist's life took in forking universes that I stayed up all night, and by the morning, I had cried my way through all the kleenex, toilet paper and towels in the room:
But then came Walton's Palmer years, and everything got even better. There was the Philosopher Kings trilogy, an incredibly funny, incredibly ambitious tale in which every person who ever dreamed of living in Plato's Republic is brought to an island (along with Apollo, Athena and Socrates) to try the experiment, raising a cohort of orphans bought from the slave markets of antiquity to be philosopher kings:
https://memex.craphound.com/2015/01/13/jo-waltons-the-just-city/
And then there was Lent, an incredibly nuanced and sympathetic fantasy novel about Savonarola, the mad preacher and cult leader whose Bonfire of the Vanities and feuds with the Pope overshadow his legacy, which Walton recovers admirably as fodder for a novel that turns out to be as action-packed as any spy thriller:
And now it's Everybody's Perfect, a book that pretty much defines what it means for one text to be "in dialog" with another text. In this case, it's Ada Palmer's Inventing the Renaissance, a stunning magnum opus that tells not just the story of the Renaissance, but the story of the story, all the different ways the Renaissance has been used, abused, revised and recovered, starting with the Renaissance itself. It's a book that will make you rethink everything you know about European history, about the world today, and about the very idea of history itself:
https://www.adapalmer.com/publication/inventing-the-renaissance/
The back half of Palmer's Renaissance is a recursive retelling of the same events, from the points of view of 15 different historical personages, from the famous (Michelangelo) to the infamous (Lucretia Borgia). It's a kind of feltschrift, circling and recircling these moments, revealing their depth and contradictions.
Structurally, Everybody's Perfect feels very much like that final section of Inventing the Renaissance. Each chapter introduces a new point-of-view character, who reflects on a single, extraordinary series of events in an even more extraordinary city, the Serenissima, a phantom Venice that sits at the intersection of many parallel worlds with many parallel versions of humanity.
The sun never shines in the Serenissima; it is forever shrouded in mist. If enough of its denizens believe that something is true, it becomes true, and so islands and buildings and even gods are summoned up by the power of belief. The corollary of this is that anything that falls out of the city's regard might just melt into mist. When you tie up your gondola, you'd best pay an urchin to watch it – not just to keep it from being stolen, but to keep it from evaporating altogether. When two people meet in the Serenissima, they greet each other by reciting, "I see you." If you aren't seen, you might just disappear.
Eight different versions of humanity from eight different worlds mix in the Serenissima. They come from all times, and sometimes they go to all times as well. There's the Venetians, who come from our world, and who have kept the secret of the Serenissima for centuries, even as they've used it as a source of wealth and military advantage. But there are also races with the heads of dogs and cats and birds, a race whose faces are all inset with domino masks, and even stranger races still. There's even a rumored ninth race, who may or may not exist, and whose traits are not known to anyone, though surely they are fearsome (if they're real) (and if the people of Serenissima believe in them, mightn't they become real?).
The novel opens with a vision: the Serenissima will receive a doge. A low-born, weak and humble resident, a blind and partially paralyzed pauper who fell victim to a plague will marry the sea, and bring peace to the warring factions of the Serenissima. This prophecy is the prime mover for the eight tales that follow, as we move through the lives and geographies of one representative of each of the races of the Serenissima.
Walton conjures up the dream logic magic of Among Others, where the feeling that something might be magic can never be fully believed – or discounted. She revives the endlessly fascinating philosophical speculation of The Philosopher Kings. She invokes the tender love, sacrifice, and bitter heartbreak of My Real Children. And she invokes Palmer's Renaissance, endlessly reinvented by everyone who falls in love with it, and everyone who rejects it, for their own parochial reasons, and even the ones who are very wrong might just be a little right.
It's a remarkable novel. It's a gift, really. It's so complicated and yet so captivating, so wise and yet so simple. It won't make you feel like you've fallen into a dream – it will make you feel like everything you've lived up until now was the dream, and you have finally awoken.
Hey look at this (permalink)

- Reckoning with the Political Economy of AI: Avoiding Decoys in Pursuit of Accountability https://dl.acm.org/doi/10.1145/3805689.3806739
-
Why Wall Street Isn't Yet Afraid of the Left https://www.thebignewsletter.com/p/monopoly-round-up-why-wall-street
-
Linux on Older Hardware: The Complete Revival Guide (2026) https://www.fosslinux.com/158206/linux-on-older-hardware-revival-guide.htm
-
Angine de Poitrine – Full Performance (Live on KEXP) https://www.youtube.com/watch?v=0Ssi-9wS1so
-
The U.S. is still weaponizing dollars. Just not against Iran https://www.programmablemutter.com/p/the-us-is-still-weaponizing-dollars
Object permanence (permalink)
#5yrsago Corruption https://pluralistic.net/2021/06/30/based/#high-bidders
#1yrago How much (little) are the AI companies making? https://pluralistic.net/2025/06/30/accounting-gaffs/#artificial-income
Upcoming appearances (permalink)

- London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- Breaking Points
https://www.youtube.com/watch?v=VJmUbkRqXeE -
A.I. Enshittifies Everything (Slate)
https://slate.com/podcasts/what-next-tbd/2026/06/cory-doctorow-thinks-a-i-is-overvalued-and-overrated-and-still-a-threat -
A World That Just Might Work
https://aworldthatjustmightwork.com/2026/06/cory-doctorow-ai-use-it-dont-buy-the-hype-dont-feed-the-bubble/ -
"How to Think About AI" (Democracy Now!)
https://www.youtube.com/watch?v=OBUzl_IaWIw -
The Data Centers Are Coming (ILSR)
https://ilsr.org/articles/the-data-centers-are-coming-ep-6-closing-arguments/
Latest books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026
https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/ -
"Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Fourth draft completed. Submitted to editor.
- A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Gemini is better than search because Google enshittified search: We're All Trying To Find The Guy Who Did This.
- Hey look at this: Delights to delectate.
- Object permanence: Microsoft antitrust overturned; Scammer carves C64; RIP Jim Baen; GOP rep to constituent's child: "drop dead" (literally); CCTVs jacked for botnet; Olympic profitability lie; Human factors in health infosec; Exfiltration via computer fans; Congress's summer schedule: 9 working days; Antitrust is political antigrav; Ted Chiang's 72 Letters; Microsoft antitrust appeal; Vinge on privacy; Breaking open the web; Bernie on Brexit; "The Perdition Score"; Intuit v Child Tax Credit.
- Upcoming appearances: London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Gemini is better than search because Google enshittified search (permalink)
Write a critical AI book, and you become everyone's confessor for their AI sins. People in my life keep telling me about their guilty AI pleasures, in search of an explanation, absolution or condemnation:
https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/
Their most common confession: "I only ever use Google's AI-generated search summaries these days. I no longer click those blue links beneath it, not even to verify the summary." People know that the summaries are full of "hallucinations" (that is, "defects" or "errors") but the summaries are right often enough that many people have come to rely on them, to the exclusion of actual websites, made by actual people, on the actual internet.
Everyone knows this isn't good. The reason there's a web for Google's Gemini AI to summarize is that Google – the thrice-convicted monopoly search company with a 90% market share – directs people to websites, and when you visit a website, you generate revenue for the site, which pays for its maintenance. Most commonly, you generate an "ad impression," but you might also buy a subscription, or generate an "affiliate fee" by purchasing a recommended product.
When Google strips all this away by harvesting an "answer" and displaying it at the top of the page, the bargain between Google and the open web breaks down. Google is extracting 100% of the value from the websites it summarizes, and giving nothing back in return.
This is a marked reversal from Google's founding ethos. In the old days, Google measured its success by how little time you spent on its site. The ideal Google outcome was for you to visit its page (or even better, just a search-box in your browser), type a few words, and get "ten blue links" back, the top one of which was the correct link to locate the information or resource you were seeking. The point of Google was to serve as a conduit, a trusted intermediary that neutrally adjudicated the relevance of every web page for every web user from moment to moment.
Everyone dunks on Google for its high-minded motto, "Don't be evil," but over the years, the company's mission was far more important: "Organize the world's information and make it universally accessible and useful." That was the pole star that googlers followed for the first couple decades of the company's history…until, that is, the company saturated its market and its growth stalled out.
That was when Google started to panic over its plateauing search revenue, this being an inescapable consequence of 90%+ market-share. The ensuing power struggle pitted googlers who were committed to technical excellence against the company's most ardent enshittifiers, who pointed out that by making search worse, they could increase revenues. After all, if you need to search two or three times to get the answers to your questions, that means the company can show you two or three times as many ads:
https://pluralistic.net/2024/04/24/naming-names/#prabhakar-raghavan
Where once Google measured its success by how quickly it could send you away from its site and out into the open internet, today's Google is a sticky-trap full of ways to keep you inside its walled garden.
A decade ago, tech had three major approaches:
I. Google's: let you do anything you want, but spy on you while you do it;
II. Apple's: strictly control what you can do, but leave you alone to do it in private; and
III. Facebook's: control everything you do, spy on you from asshole to appetite.
Today, tech is undergoing a form of carcinization, in which every company is turning into a Facebook-crab: maximally surveillant and maximally controlling.
Apple has added surveillance to its walled garden:
https://pluralistic.net/2022/11/14/luxury-surveillance/#liar-liar
While Google has turned its free-range, internet-wide surveillance system into a walled garden that tries to keep you away from the open internet as much as possible.
Now, in Google's defense, the "open internet" kind of sucks these days. Any piece of useful information you seek out on the open internet is liable to be buried under half a dozen pop-ups, pop-unders, and dickovers:
https://daringfireball.net/2026/05/what_is_a_dickover
Even after you clear these away, the actual information you're seeking is further buried in word-salads that anticipated insipid AI prose by half a decade. Think of all those omelet recipes that appear beneath 2,500 words of cod-Proustian remembrances of "the first time I ate an egg."
The major advantage of AI search summaries is in shielding you from all this nonsense. But where did all that nonsense come from in the first place?
It turns out that this is largely Google's fault.
Google and Facebook monopolized the display advertising market, entering into an illegal, collusive arrangement to rig the bidding so that advertisers paid more and publishers received less:
https://en.wikipedia.org/wiki/Jedi_Blue
The Google/Meta duopoly sucks up 51% of display advertising revenue – more than triple the historic take for advertising intermediaries (buyers, brokers, agencies, etc). As ad revenues for web publishers cratered, the "ad load" on web pages went up. This set up a vicious cycle: increasing the number of ads decreases the number of readers, driving publishers to increase the ad-load even more to make up for the losses.
The major brake on this is ad-blocking. In a world with ad-blockers in it, publishers contemplating an increase in ad-load have to confront the possibility that they will induce ad-overload in their readers, who will install a blocker that stops them from seeing any ads:
https://www.eff.org/deeplinks/2019/07/adblocking-how-about-nah
Google has been looking to kill ad-blocking for a decade, and now they're on the verge of making it happen in Chrome, the dominant web browser they use to reinforce their search monopoly:
https://protonprivacy.substack.com/p/google-is-finally-killing-ublock
Google long ago did away with ad-blocking on mobile devices (reverse engineering an app is a felony, which means an app is just a web-page skinned with the right kind of IP to make it a crime to protect your privacy while you use it). Part of Google's argument for killing ad-blocking for the web is that this puts the web on an even footing with apps – which is a very weird way to describe a race to the absolute bottom:
https://pluralistic.net/2026/06/12/compelled-speech/#quishing
To top it all off, this decade has seen Google make a series of changes to its search prioritization that favored low-value shovelware sites over carefully researched, reliable alternatives. Search for product reviews and you're apt to get a "site reputation abuse" result from a once-reliable outlet like Forbes filled with useless and even dangerous reviews, which are ranked far above independently maintained, rigorous competitors:
https://pluralistic.net/2024/05/03/keyword-swarming/#site-reputation-abuse
This has only gotten worse with AI search, which preferentially draws from spam sites to produce decontextualized, highly confident recommendations for substandard, overpriced junk, at the expense of recommendations for good products:
https://pluralistic.net/2025/07/15/inhuman-gigapede/#coprophagic-ai
It's not like Google doesn't have the ability to sort the good from the bad. Kagi.com is a $10/month paid search engine whose results are vastly superior to Google's. But Kagi doesn't have its own search index: instead, they rent access to Google's index, but apply their own (much smaller and less resourced) team's algorithm to rank the results for your queries. In other words, Google could deliver good search results, they just choose not to:
https://pluralistic.net/2024/04/04/teach-me-how-to-shruggie/#kagi
Gresham's Law holds that "bad money drives out good." It refers to a counterfeit coin crisis in Tudor England, where people preferentially spent counterfeit money in order to make it someone else's problem; meanwhile, everyone hoarded their good coins. Soon, virtually all the money in circulation was bogus.
By downranking quality material in favor of low-effort spam, Google set up a web-wide version of Gresham's Law, where bad webpages drive out good ones, and since so many of those webpages contain product recommendations, they're greshaming the world of real products, too, so the bad is driving out the good there, too.
This is the problem that Gemini search summaries solve: in its role as the web's most important gatekeeper, Google remade it as an ad-festooned cesspit of garbage text and cynical shovelware sites. Now Google proposes to wipe out the publishers whose content they stripmined by breaking the web's bargain: that search engines are symbiotic with publishers. Google has turned fully parasitic, sucking the last drops of juice out of the open web before discarding its husk.
Hey look at this (permalink)

- Anti-Monopoly Bill Hits Make-or-Break Moment in California https://prospect.org/2026/06/29/anti-monopoly-bill-hits-make-or-break-moment-in-california/
-
Om Malik, 1966-2026 https://om.co/2026/06/24/1966-2026/
-
Why Carbon Capture Can’t Conceivably Solve Climate Change https://projects.propublica.org/why-carbon-capture-cant-solve-climate-change/
-
The KIDS Act Would Require Age Checks To Get Online https://www.eff.org/deeplinks/2026/06/kids-act-would-require-age-checks-get-online
-
AI Implementation Bingo Card Generator https://www.workersdecide.tech/bingo/
Object permanence (permalink)
#25yrsago Appeals court strikes down Microsoft antitrust ruling https://www.nytimes.com/2001/06/28/business/us-appeals-court-overturns-microsoft-antitrust-ruling.html
#25yrsago Ted Chiang's 72 Letters https://web.archive.org/web/20010720192340/http://www.tor.com/72ltrs.html
#25yrsago Concept handheld devices https://web.archive.org/web/20010620115437/https://www.infosync.no/en/news/n/419.asp
#25yrsago Analyzing Microsoft's successful antitrust appeal https://web.archive.org/web/20010703085656/https://www.salon.com/tech/feature/2001/06/28/appeals_reaction/index.html
#20yrsago Bengali science fiction of the 1880s https://www.lehigh.edu/~amsp/2006/05/early-bengali-science-fiction.html
#20yrsago Vernor Vinge on computers, freedom and privacy https://www.theguardian.com/technology/2006/jun/29/guardianweeklytechnologysection5
#20yrsago Scammer convinced to carve replica Commodore 64 https://www.419eater.com/html/john_boko.php
#20yrsago Jim Baen, sf publisher, has passed away https://web.archive.org/web/20060703024337/http://david-drake.com/baen.html
#15yrsago YouTube listens to fraudulent NyanCat takedown notice, drags heels on put-back from creator https://web.archive.org/web/20110628132607/http://www.prguitarman.com/index.php?id=369
#15yrsago Wyoming’s corporation mills manufacture privileged artificial “people” to order https://www.reuters.com/article/2011/06/28/us-usa-shell-companies-idUSTRE75R20Z20110628/
#15yrsago Publishing in the Internet era: connecting audiences and works https://www.theguardian.com/technology/2011/jun/30/publishers-internet-changing-role?utm_source=twitterfeed&utm_medium=twitter
#15yrsago Why writers should have their own domains https://whatever.scalzi.com/2011/06/29/mastering-ones-own-domain-an-no-this-is-not-a-seinfeld-reference/
#15yrsago Copyright troll’s biggest fan commits terminal irony https://www.eff.org/deeplinks/2011/06/righthaven-cheerleader-wanted-irony-police
#10yrsago Mississippi state rep tells distraught mom to buy kid’s lifesaving meds ‘with money she earns’ https://www.sunherald.com/news/local/counties/jackson-county/article86416087.html
#10yrsago Always-on CCTVs with no effective security harnessed into massive, unstoppable botnet https://arstechnica.com/information-technology/2016/06/large-botnet-of-cctv-devices-knock-the-snot-out-of-jewelry-website/
#10yrsago Gun-waving cop who attacked black teenaged girl in her bathing suit faces no charges https://web.archive.org/web/20160624103549/http://dfw.cbslocal.com/2016/06/23/grand-jury-no-bills-former-mckinney-pool-party-cop/
#10yrsago The Olympics are profitable for every host city (that lies about the numbers) https://timharford.com/2016/06/how-do-you-make-the-olympics-pay-fudge-the-figures/
#10yrsago Healthcare workers prioritize helping people over information security (disaster ensues) https://www.cs.dartmouth.edu/~sws/pubs/ksbk15-draft.pdf
#10yrsago Fansmitter: malware that exfiltrates data from airgapped computers by varying the sound of their fans https://www.youtube.com/watch?v=3GCHCVpndaM
#10yrsago Labour’s knives come out for Corbyn, but he’s guaranteed a spot on the ballot https://www.politico.eu/article/inside-account-of-labour-mps-attacks-on-jeremy-corbyn-shadow-cabinet-resignations-brexit/
#10yrsago Hope Larson’s “Compass South”: swashbuckling YA graphic novel https://memex.craphound.com/2016/06/28/hope-larsons-compass-south-swashbuckling-ya-graphic-novel/
#10yrsago How to Break Open the Web: a report on the first Decentralized Web Summit https://www.fastcompany.com/3061357/the-web-decentralized-distributed-open
#10yrsago Californians will get to vote on legal recreational weed https://web.archive.org/web/20160629130245/http://abcnews.go.com/US/wireStory/voters-decide-legalize-recreational-marijuana-40206739
#10yrsago Bernie Sanders on Brexit: urgent lessons for the Democrats https://www.nytimes.com/2016/06/29/opinion/campaign-stops/bernie-sanders-democrats-need-to-wake-up.html
#10yrsago Electoral fraud: Trump sends fundraiser emails to foreign politicians https://www.cnet.com/culture/trump-spams-foreign-politicians-with-fundraising-emails/#ftag=CAD590a51e
#10yrsago The Perdition Score: Sandman Slim vs the One Percent https://memex.craphound.com/2016/06/29/the-perdition-score-sandman-slim-vs-the-one-percent/
#5yrsago Intuit sabotages the Child Tax Credit https://pluralistic.net/2021/06/29/three-times-is-enemy-action/#ctc
#5yrsago SCOTUS to wrongfully accused terrorists: "drop dead" https://pluralistic.net/2021/06/29/three-times-is-enemy-action/#transunion
#5yrsago Lazy Congress only schedules 9 days' work this summer https://pluralistic.net/2021/06/28/dubious-quant-residue/#back-to-work-you
#1yrago Antitrust defies politics' law of gravity https://pluralistic.net/2025/06/28/mamdani/#trustbusting
Upcoming appearances (permalink)

- London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- Breaking Points
https://www.youtube.com/watch?v=VJmUbkRqXeE -
A.I. Enshittifies Everything (Slate)
https://slate.com/podcasts/what-next-tbd/2026/06/cory-doctorow-thinks-a-i-is-overvalued-and-overrated-and-still-a-threat -
A World That Just Might Work
https://aworldthatjustmightwork.com/2026/06/cory-doctorow-ai-use-it-dont-buy-the-hype-dont-feed-the-bubble/ -
"How to Think About AI" (Democracy Now!)
https://www.youtube.com/watch?v=OBUzl_IaWIw -
The Data Centers Are Coming (ILSR)
https://ilsr.org/articles/the-data-centers-are-coming-ep-6-closing-arguments/
Latest books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026
https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/ -
"Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Fourth draft completed. Submitted to editor.
- A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Zuckerberg's increasingly bizarre war on whistleblowers: Under no circumstances should you rush out and read the book that prompted Mark Zuckerberg to demand $111m and eternal auctorial silence.
- Hey look at this: Delights to delectate.
- Object permanence: Flame warriors; Cryptography and casinos; TSA v dying 95 year old woman's adult diaper; Neoliberalism and Brexit; Beyond solutionism; How Thiel cheated with his Roth; Inequality's stabilizer; Palm Pilot school; Gillmor on PR flacks; "How I Edited an Agricultural Paper; Conservative judge chokes liberal judge; Hollywoodnomics; Rubber fingertips v fingerprint readers; Snowden's telepresence robot; "Shrill"; Moral hazard, "Three Rocks."
- Upcoming appearances: London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Zuckerberg's increasingly bizarre war on whistleblowers (permalink)
More than a decade ago, a group of young, internet-connected Belarusian dissidents launched a series of increasingly high-stakes, increasingly surreal confrontations with the corrupt, authoritarian government of Alexander Lukashenka, a man who is often called "the last Soviet dictator."
Lukashenka's secret police – still called the KGB – routinely terrorize and kidnap pro-democracy activists, and all forms of protest are banned. It was against the backdrop of this unrelenting oppression that the activists launched a series of whimsical "flash mobs" that challenged the Lukashenka regime's willingness to crack down on even the most innocuous behavior.
One of these flash mobs was an ice cream social: activists converged on a public square to eat ice cream cones. Lukashenka's thugs beat them and dragged them away:
https://web.archive.org/web/20070609164305/http://pics.livejournal.com/litota_/gallery/0000bcch
The protestors thought that by daring Lukashenka to arrest people for eating ice cream, they could create a win-win situation: either Lukashenka would be revealed as the kind of asshole who thinks it should be illegal to eat ice cream, or he'd be revealed as the kind of weakling who couldn't keep a lid on dissent.
Lukashenka took the bait. And took it. And took it. In the years that followed, protesters would be arrested for smiling, clapping, and just standing silently:
https://www.indexoncensorship.org/2011/07/belarus-protesters-rally-on-the-web/
The world learned that Lukashenka was a buffoon, and Belarusians affirmed their view that this buffoon would not hesitate to mete out the most vicious punishments for the most innocuous actions:
https://sci-hub.st/10.1080/25739638.2021.1928880
Speaking of thin-skinned, paranoid, wildly corrupt buffoons who will stop at nothing to silence their enemies, how about that Mark Zuckerberg, huh? Sure, all the headlines these days are about Zuck's intention to transform Facebook into a sports betting site:
But in the UK, Zuckerberg's war on whistleblowers keeps finding new, ice cream grade depths of absurdity to plumb. The whistleblower in question is, of course, Sarah Wynn-Williams, author of the internationally bestselling memoir Careless People, which details the criminality she witnesses during her years as the head of Facebook's international relations team:
https://pluralistic.net/2025/04/23/zuckerstreisand/#zdgaf
Careless People is full of revelations about the gross institutional misconduct of Facebook, including its knowing encouragement of a genocide in Myanmar. But it's also full of stories about the severe personal failings of Facebook's executive team, especially Sheryl Sandberg, Joel Kaplan and Mark Zuckerberg.
These three come off as the most colossal of assholes, cruel, petty and predatory. Sandberg comes across as a sexual abuser who dreams of trafficking in poor people's organs. Kaplan is an oaf whose plan to provide paid internet access to refugee camps falls apart once he learns that refugees in camps don't have any money (he also takes points off of Wynn-Williams's workplace evaluation for being "unresponsive" over a period when she was in a near-death coma). Worst of all, though, is Zuckerberg, whose sins range from cheating at Settlers of Catan to endangering the Colombian peace process after a 50-year civil war because he refused to get out of bed before noon. Zuck is also revealed to have given the Chinese state access to all of Facebook and the power to censor content they disliked, as part of a failed bid to get permission to offer a Facebook service in China.
It's a terrible company, with awful products, run by the worst people. Wynn-Williams's conditions of employment required her to sign a contract that bound her to silence (nondisclosure), forbade her from speaking ill of the company (nondisparagement), and denied her access to the legal system in all her dealings with Meta (binding arbitration).
Together, these three clauses – routinely used by Meta to silence would-be whistleblowers – meant that after Wynn-Williams's book was published, Meta got its arbitrator – a lawyer who is paid by Meta to adjudicate contractual disputes instead of an actual judge – to order her to never promote or even speak about her book.
The arbitrator awarded Meta $50,000 for each criticism that Wynn-Williams levied, quickly coming to a total of over $11,000,000. This vastly exceeds the assets and lifetime earning potential of Wynn-Williams and her husband (a reporter with the Financial Times). If this bill ever truly comes due, they will be wiped out.
Which raises an interesting question: what else can they do to her? Once they've secured civil damages that exceeds her net worth several times over, why shouldn't she just flout her agreement? "Freedom's just another word for nothing left to lose," and all that.
Nevertheless, Wynn-Williams has scrupulously hewed to the arbitrator's rules, steadfastly remaining silent about her book, its contents, and her experiences at Facebook/Meta. When she and I appeared onstage together in London for the launch for my book Enshittification last year, she fell silent and assumed a blank expression any time the subject of Meta came up, and she didn't sign or sell books afterward:
https://www.barbican.org.uk/whats-on/2025/event/cory-doctorow-with-sarah-wynn-williams-chris-morris
When she won the British Book Award, she did not speak to accept it, and the cover of her book was blurred out on the overhead screen (she gave an acceptance speech on behalf of her co-winner, the late Virginia Giuffre, who was abused by Jeffrey Epstein and who accused Prince Andrew of sexual assault):
Nevertheless, when she was booked to speak – about a subject other than her book – at the Hay Festival on a stage with Tim Wu and Carole Cadwalladr, Meta sent a legal threat to the festival and Wynn-Williams, claiming that if by speaking about anything in public, she would violate the arbitrator's order. Accordingly, Wynn-Williams maintained total silence and a blank facial expression for an hour on stage, saying not one word, while Wu and Cadwalladr carried on a discussion. Careless People was withdrawn from the festival bookshop on the days she appeared there:
Nevertheless, Meta has informed Wynn-Williams that her silent, motionless appearance on a stage constitutes a further breach of her "agreement" and that they are going to seek even more damages from her. This act of anti-ice cream thuggery has pushed Wynn-Williams over the edge and now she's sued to invalidate her contract:
Her lawyers have posted their documents related to the suit, including a 285-page declaration by Wynn-Williams explaining the great lengths she's gone to in order to comply with Meta's demands, and the company's absolute intransigence and arbitrary menace:
https://katzbanks.com/sarah-wynn-williams-meta-lawsuit-documents/
Why would Meta be so intent on destroying this one high-profile whistleblower? Surely they've heard of the Streisand Effect. There is no better way to ensure that Wynn-Williams's book (already a NYT #1 bestseller) continues to attract readers than to continue to escalate these threats.
I think they're perfectly aware that they are convincing more people to read Careless People (you should read it, it's genuinely excellent):
https://us.macmillan.com/books/9781250391230/carelesspeople/
But I think they've decided that this is a price worth paying, because:
a) They've done even worse things since Wynn-Williams parted ways with the company; and
b) They're laying off thousands of workers because their giant bet on AI has been a flop, leaving them with a massive cash crunch; and
c) By destroying Sarah Wynn-Williams, they can terrorize all those thousands of bitter ex-employees into silence about the even graver sins the company has committed.
That's my theory, anyway:
https://www.businessinsider.com/meta-layoffs-managers-software-engineers-ai-spending-2026-6
Lukashenka knew that arresting children for eating ice cream would make him a laughingstock abroad. Zuckerberg knows that threatening Wynn-Williams for standing in wooden silence on a stage makes him look like history's most guillotineable billionaire. But both Lukashenka and Zuckerberg are willing to be thought a thin-skinned bully, so long as that means the people they oppress the most are too terrified to ever challenge their authority.
Hey look at this (permalink)

- You can’t make billions without hurting people https://www.theguardian.com/technology/2026/jun/24/cory-doctorow-on-elon-musk-ai-bubble-bosses-cruel-fantasies
-
Cargo Culture https://www.wheresyoured.at/cargo-culture/
-
How Do You Beat an Oligarchy? One Bite at a Time. https://www.thebignewsletter.com/p/how-do-you-beat-an-oligarchy-one
-
WIKIPEDIA WORKERS TO SEEK UNION RECOGNITION https://www.cwu.org/press_release/wikipedia-workers-to-seek-union-recognition/
-
A Reasonable Analysis of the Social Web https://riverseeber.net/blog/post/a-reasonable-analysis-of-the-social-web/
Object permanence (permalink)
#25yrsago Actual music piracy https://www.theguardian.com/uk/2001/jun/13/ukcrime.nickhopkins
#25yrsago Flame warriors https://web.archive.org/web/20010603044914/http://www.winternet.com/~mikelr/flame1.html
#25yrsago World court says Arizona murdered German prisoners by denying them consular access https://www.cnn.com/2001/WORLD/europe/06/27/germany.court/index.html
#25yrsago Private school buys every student a Palm Pilot https://web.archive.org/web/20010709075203/https://www.wired.com/news/school/0,1383,44812,00.html
#25yrsago Dan Gillmor’s guide for PR flacks https://web.archive.org/web/20010626230530/http://web.siliconvalley.com/content/sv/2001/02/20/opinion/dgillmor/weblog/PR.htm
#20yrsago German publisher attacks Bulgarian books-for-blind site https://web.archive.org/web/20060629065445/https://protest.bloghub.org/2006/06/27/fight-for-copyrights-in-bulgaria-turns-ugly/
#20yrsago Photographer calls critic’s boss to complain https://www.flickr.com/photos/thomashawk/176785431/
#20yrsago Daddle: a kid-sized saddle for adults https://web.archive.org/web/20060618012713/https://www.cashelcompany.com/dad.php
#20yrsago More on cryptography and online casinos https://memex.craphound.com/2006/06/26/more-on-crypto-and-online-casinos/
#20yrsago Reasons that HD DVD formats have already failed https://www.audioholics.com/editorials/10-reasons-why-high-definition-dvd-formats-have-already-failed
#15yrsago Undercover video from North Korea: starving children, hungry soldiers https://web.archive.org/web/20110629182200/http://www.abc.net.au/news/stories/2011/06/27/3253979.htm
#15yrsago TSA asked 95 year old woman in a wheelchair in terminal stage of leukemia to remove adult diaper for pat-down https://web.archive.org/web/20110627091434/http://www.nwfdailynews.com/news/mother-41324-search-adult.html
#15yrsago Reading of Mark Twain’s “How I Edited an Agricultural Paper” https://ia801406.us.archive.org/22/items/Cory_Doctorow_Podcast_209/Cory_Doctorow_Podcast_209_Mark_Twain_Editing_an_Agricultural_Paper-fixed.mp3
#15yrsago Paramount sends copyright notice to Shapeways user over 3D printable Super 8 cube https://toddblatt.blogspot.com/2011/06/cease-and-desist.html
#15yrsago Advice Goddess: How much longer must we be subjected to invasive TSA patdowns? https://www.advicegoddess.com/archives/2011/06/24/i_think_youre_c.html
#15yrsago Conservative Wisconsin Supreme Court Justice alleged to have choked liberal colleague https://talkingpointsmemo.com/muckraker/wis-justice-ann-walsh-bradley-justice-prosser-put-his-hands-around-my-neck-in-anger-in-a-chokehold
#15yrsago Hollywoodonomics: how Harry Potter and The Order of the Phoenix “lost” $167M https://deadline.com/2010/07/studio-shame-even-harry-potter-pic-loses-money-because-of-warner-bros-phony-baloney-accounting-51886/
#10yrsago I’m profiled in the Globe and Mail Report on Business magazine https://web.archive.org/web/20160628142940/https://www.theglobeandmail.com/report-on-business/rob-magazine/the-crusader-fighting-lock-happy-entertainment-conglomerates/article30520282/
#10yrsago Rubber fingertips to use with fingerprint-based authentication systems https://www.csmonitor.com/World/Passcode/Security-culture/2016/0627/Fake-fingerprints-The-latest-tactic-for-protecting-privacy
#10yrsago How I grilled the best steaks I’ve ever eaten https://memex.craphound.com/2016/06/27/how-i-grilled-the-best-steaks-ive-ever-eaten/
#10yrsago Supreme Court strikes down Texas abortion law https://www.nbcnews.com/news/us-news/supreme-court-strikes-down-strict-abortion-law-n583001?cid=sm_tw
#10yrsago Snowden’s flesh is trapped in Russia, but his mind roams the world in a robot body https://nymag.com/intelligencer/2016/06/edward-snowden-life-as-a-robot.html
#10yrsago China’s $10B/year PR ministry mired in political fight with anti-corruption/loyalty enforcers https://web.archive.org/web/20160701235749/http://www.economist.com/news/china/21701169-xi-jinping-sends-his-spin-doctors-spinning-who-draws-party-line?fsrc=scn/tw/te/pe/ed/whodrawsthepartyline
#10yrsago Snowden publicly condemns Russia’s proposed surveillance law https://www.theguardian.com/world/2016/jun/26/russia-passes-big-brother-anti-terror-laws
#10yrsago Yes Men punk the NRA with “buy one gun, give one gun” program https://www.youtube.com/watch?v=Ikb66V2rDcw
#10yrsago Shrill: Lindy West’s amazing, laugh-aloud memoir about fatness, abortion, trolls and rape-jokes https://memex.craphound.com/2016/06/27/shrill-lindy-wests-amazing-laugh-aloud-memoir-about-fatness-abortion-trolls-and-rape-jokes/
#10yrsago Neoliberalism, Brexit (and Bernie) https://crookedtimber.org/2016/06/26/tribalism-trumps-neoliberalism/
#10yrsago McDonald’s 1987 fashion catalog is a horrorshow https://www.flickr.com/photos/jasonliebigstuff/3050116620/
#10yrsago Beyond “solutionism”: what role can technology play in solving deep social problems https://ethanzuckerman.com/2016/06/22/the-worst-thing-i-read-this-year-and-what-it-taught-me-or-can-we-design-sociotechnical-systems-that-dont-suck/
#10yrsago Donald Trump’s annotated Walk of Fame star https://dduane.tumblr.com/post/146444083461/someome-spray-painted-the-mute-sign-on-donald
#5yrsago New York City's 100 worst landlords https://pluralistic.net/2021/06/26/wax-rothful/#nyc-landlords
#5yrsago How Peter Thiel gamed the Roth IRA for tax-free billions https://pluralistic.net/2021/06/26/wax-rothful/#thiels-gambit
#5yrsago The Overlapping Infrastructure of Urban Surveillance https://pluralistic.net/2021/06/26/wax-rothful/#surveillance-infographic
#5yrsago The Doctrine of Moral Hazard https://pluralistic.net/2021/06/27/the-doctrine-of-moral-hazard/
#1yrago Bill Griffith's 'Three Rocks' https://pluralistic.net/2025/06/27/the-snapper/#9-to-107-spikes
#1yrago Surveillance is inequality's stabilizer https://pluralistic.net/2025/06/26/autostabilizer/#slicey-bois
Upcoming appearances (permalink)

- London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- A.I. Enshittifies Everything (Slate)
https://slate.com/podcasts/what-next-tbd/2026/06/cory-doctorow-thinks-a-i-is-overvalued-and-overrated-and-still-a-threat -
A World That Just Might Work
https://aworldthatjustmightwork.com/2026/06/cory-doctorow-ai-use-it-dont-buy-the-hype-dont-feed-the-bubble/ -
"How to Think About AI" (Democracy Now!)
https://www.youtube.com/watch?v=OBUzl_IaWIw -
The Data Centers Are Coming (ILSR)
https://ilsr.org/articles/the-data-centers-are-coming-ep-6-closing-arguments/ -
The perils of AI – and how to avoid them (Be Giant)
https://www.begiant.ca/stories/people/cory-doctorow-life-after-ai
Latest books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026
https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/ -
"Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Fourth draft completed. Submitted to editor.
- A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Jailbreaking isn't theft: It wasn't progress when they did it, it's not piracy when we do it back to them.
- Hey look at this: Delights to delectate.
- Object permanence: Major AI breakthrough; Disney v Pooh tombstone; Vancouver riot kiss; Farage admits Brexit lies; Protecting the web from its founders; Sanders x Hillary; Surveillance pricing v your dollars.
- Upcoming appearances: Philadelphia, Chicago, London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Jailbreaking isn't theft (permalink)
It's not often that someone on a panel says something that makes my jaw drop, but that's what happened earlier this week when the moderator of a panel I was on in Toronto described jailbreaking an iPhone as "rampant theft of IP."
Some context: the panel was in Toronto, and the nominal subject was "digital sovereignty," though all the panelists (except me) interpreted that to mean "sovereign AI." All of their interventions were focused on how Canada could build and operate its own AI, which I found very weird, since there is no AI-related threat to Canadian sovereignty. If Donald Trump ordered OpenAI and Anthropic to turn off all of Canada's chatbots tomorrow, nothing would change: every firm, ministry and household would operate as per normal:
https://pluralistic.net/2026/06/18/their-trillions-our-billions/
Now, that's not to say that Canada doesn't have a digital sovereignty problem – it really does! Donald Trump and US Big Tech have fused into a single entity and Trump now orders US tech giants to terminate the online accounts of foreign officials who displease him. When Microsoft turns off your Office365 account, you lose your working files, your calendar, your address book, your email archives, and the Outlook email address you use to log in to every online service:
https://pluralistic.net/2026/04/01/minilateralism/#own-goal
So while turning off Canada's chatbots would not inflict any real harm on Canada, M365 terminations could paralyse any federal or provincial ministry, any structurally important firm, and most Canadian households.
The threat doesn't stop there: Trump can also order Apple and Google to brick any of Canada's iPhones or Android devices – terminating individual officials' mobile access, or terminating whole provinces. It's not just iPhones either – Trump can also brick any tractor in Canada:
https://pluralistic.net/2022/05/08/about-those-kill-switched-ukrainian-tractors/
This is the real digital sovereignty risk, and Canada needs to address it now. But Canada can't – our hands are tied…by us. In 2012, we passed a law, The Copyright Modernization Act, that criminalizes "jailbreaking," meaning that Canadian companies can't go into business figuring out how to install different app stores on phones and consoles, or change the firmware in tractors to enable independent repair, or reliably export their cloud data to rival Canadian services:
https://pluralistic.net/2025/05/26/babyish-radical-extremists/#cancon
Why did we pass this law? Because the Americans promised us free trade and no tariffs on our exports if we agreed to it. That's a promise Trump tore up, but we're still holding up our end of the bargain. That's crazy. It means that American companies can use Canada's courts to destroy Canadian businesses that offer the Canadian people tools to help them escape Big Tech's sleazy ripoffs of their data and cash.
And boy do those US tech companies take in a lot of cash. The US ad-tech duopoly of Google/Meta rig the advertising market, taking 51% out of every ad dollar through an illegal, collusive arrangement called "Jedi Blue":
https://en.wikipedia.org/wiki/Jedi_Blue
The US mobile tech duopoly takes 30 cents out of every dollar spent via an app, by forcing every app vendor to use their payment processors, which charge 1,000% more than any other payment processor in Canada. That means that every time a subscriber to a Canadian news site signs up through an app, 30% of the lifetime subscription revenue for that Canadian subscriber is funneled to one of two California companies.
The corollary, of course, is that if Canadian businesses were free to compete with US companies – if Canada stopped foolishly holding up its end of the bargain that Trump has dishonoured – then it would be as though every Canadian news outlet increased its subscriber base by 25% overnight! What's more, the Canadian companies that sell those jailbreaking tools would make billions out of US Big Tech's billions.
And that's where the moderator of this week's panel comes in. When I finished making this pitch, they turned to the rest of the panel and said something like, "Well, apart from rampant theft of IP, what else could Canada do to secure its digital sovereignty?"
That's when my jaw dropped. Making it possible for, say, a Canadian company to sell its own Canadian game to a Canadian customer, in Canada, without giving Apple or Xbox 30% of the purchase price, is not "theft of IP." It's not "theft of IP" for a rightsholder to sell their own products to their customers. It's not "theft of IP" for a Canadian owner of a device to decide for themselves which software they want to run on it. If buying software from the company that made it and installing it on a device you own is "theft of IP," then so is putting non-Nike shoelaces in your Air Jordans.
It's not "theft of IP." It's just good business. Moreover, it's the kind of good business that created America's tech giants in the first place. As Jeff Bezos tells his suppliers: "Your margin is my opportunity." US tech giants make whopping margins around the world, thanks to the anticircumvention laws that the US Trade Rep crammed down every US trading partner's throats, laws that allow US companies to use other countries' legal system to destroy their competitors.
I've been mulling this "rampant theft of IP" remark for a couple of days now, but it wasn't until a reader wrote to me to remind me about Apple's origin story that I realised what the punchline is. Apple founders Steve Jobs and Steve Wozniak financed their first product launch by selling "Blue Boxes" (devices that let you make free long distance calls by cheating the phone company) door to door in the UC Berkeley dorms:
Now, I'm not going to weep for the lost revenues that Jobs and Woz denied to AT&T. After all, AT&T was stealing that money from its customers, which is why, just a few years later, a federal court convicted AT&T of monopolistic practices and broke the company up:
https://en.wikipedia.org/wiki/Breakup_of_the_Bell_System
But the legal term for what a Blue Box does is "toll theft," which is to say, Apple – a company literally founded on theft – now makes the majority of its profits by convincing people that making a competing product is literally stealing. A company whose founders got their seed capital by marketing illegal circumvention devices now markets products designed to make it a crime for a rightsholder to sell their own work to you.
I've long said that "every pirate wants to be an admiral":
https://pluralistic.net/2025/03/04/object-permanence/#picks-and-shovels
But this is just a little too on the nose. When Apple went into business selling products to rip off the phone company, that wasn't progress. When Canadians go into business selling devices that let iPhone owners use their own property to do legal things – like buying copyrighted works directly from their creators – that is not piracy.
Canada has a real digital sovereignty problem, and it's not AI. Canada will not mitigate its digital sovereignty risk by successfully launching a Made in Canada version of the money-losingest venture in the history of the human species:
https://www.wheresyoured.at/brokenomics/
Canada's real digital sovereignty problem is its reliance on the apps, cloud services and devices that are tethered to the American cloud, access to which Donald Trump could – and does – terminate whenever he feels grumpy. Trump has repeatedly threatened to annex Canada and turn us into "the 51st state." He's trying to steal Alberta right now. Our digital sovereignty risk is the risk of Trump paralysing our country in order to steal Alberta – or the entire shop.
We can address that digital sovereignty risk – and make billions at the same time – by legalising jailbreaking and becoming the world's "disenshittification nation." Unlike a program to build Canadian AI, this will make billions, not lose them – and unlike Canadian AI, this will make our country more resilient and safer, by delivering products that Canadians – and the world – want to buy and will pay us a fortune for.
Big Tech's margins are our opportunity.
(Image: Matthew Yohe, CC BY-SA 3.0; SABYST, CC BY-SA 4.0, modified)
Hey look at this (permalink)

- How to Passive-Aggressively Shame People Who Use LLMs Selfishly https://joshmoody.org/blog/selfish-ai/
-
We have a union https://unitedwizardsofthecoast.com/news/2026-06-23-we-have-a-union
-
Nearly Half of LG Smart TV Apps Are Laced with Proxies https://spur.us/blog/smart-tv-apps-residential-proxy-sdks
-
The Right — and Wrong — Way to Criticize AI https://jacobin.com/2026/06/ai-bubble-layoffs-workers-copyright
-
How to burst the AI bubble: Strike at its roots https://arstechnica.com/gadgets/2026/06/how-to-burst-the-ai-bubble-strike-at-its-roots/
Object permanence (permalink)
#25yrsago Major AI breakthrough is imminent https://web.archive.org/web/20010625114014/https://www.latimes.com/business/cutting/lat_cyc010621.htm
#25yrsago Webcomic reply to Scott McCloud on microtransactions https://web.archive.org/web/20010708225439/https://www.penny-arcade.com/view.php3?date=2001-06-22&res=l
#25yrsago School censorware blocks LBGTQ sites https://web.archive.org/web/20010803114449/https://www.salon.com/tech/feature/2001/06/14/net_filtering/print.html
#25yrsago SCOTUS backs freelance writers https://edition.cnn.com/2001/LAW/06/25/scotus.copyright/index.html
#20yrsago Canadian Gov’t Pays Copyright Lobby to Lobby https://web.archive.org/web/20060720230403/http://www.thestar.com/NASApp/cs/ContentServer?pagename=thestar/Layout/Article_Type1&c=Article&cid=1151273413030&call_pageid=971794782442&col=971886476975
#20yrsago How can we keep the Bells from committing net-neutricide? https://web.archive.org/web/20060714044219/http://informationweek.com/news/showArticle.jhtml?articleID=189600971
#20yrsago Disney: We [will|won’t] sue if you put Pooh on a baby’s headstone https://web.archive.org/web/20060711194928/http://www.upi.com/NewsTrack/view.php?StoryID=20060623-093710-8391r
#15yrsago Comic Book Legal Defense Fund backs traveller arrested at Canadian border for “pornographic” manga on his hard drive https://cbldf.org/2011/06/cbldf-forms-coalition-to-defend-american-comics-reader-facing-criminal-charges-in-canada/
#15yrsago Rochester police use selective enforcement of parking laws to harass attendees at a meeting in support of Emily Good https://rochester.indymedia.org/node/7516
#15yrsago What happened before the Vancouver riot kiss https://www.youtube.com/watch?v=8mtURc7mkUg
#15yrsago Mexican Congress votes to reject ACTA https://www.techdirt.com/2011/06/22/mexican-congress-says-no-to-acta/
#15yrsago “Hot News” doctrine gets a body-blow https://www.eff.org/deeplinks/2011/06/hot-news-doctrine-surviving-life-support
#15yrsago Solar-powered 3D sand-printer https://web.archive.org/web/20110627035221/https://www.thisiscolossal.com/2011/06/markus-kayser-builds-a-solar-powered-3d-printer-that-prints-glass-from-sand-and-a-sun-powered-laser-cutter/
#10yrsago Australian educational contractor warns of wifi, vaccination danger to “gifted” kids’ “extra neurological connections” https://web.archive.org/web/20180211151730/https://www.theage.com.au/national/victoria/antivaccination-program-offered-to-gifted-children-in-primary-schools-20160621-gpnzzp.html#ixzz4CYBYf4Bl#ixzz4CYBYf4Bl
#10yrsago US Customs and Border Protection wants to ask for your “online presence” at the border https://www.theverge.com/2016/6/24/12026364/us-customs-border-patrol-online-account-twitter-facebook-instagram?utm_campaign=theverge&utm_content=chorus&utm_medium=social&utm_source=twitter
#10yrsago Stasi radio monitoring department, hard at work, 1980s https://web.archive.org/web/20160625190241/https://visualhistory.livejournal.com/1039990.html
#10yrsago Apps help women bypass states’ barriers to contraception https://www.nytimes.com/2016/06/20/health/birth-control-options-websites.html
#10yrsago The blacker a city is, the more it fines its residents (especially black ones) https://priceonomics.com/the-fining-of-black-america/
#10yrsago The demographics of Brexit https://web.archive.org/web/20160626130820/http://www.perc.org.uk/project_posts/thoughts-on-the-sociology-of-brexit/
#10yrsago The morning after the Brexit vote, Nigel Farage admits money for the NHS was a lie https://memex.craphound.com/2016/06/24/the-morning-after-the-brexit-vote-nigel-farage-admits-money-for-the-nhs-was-a-lie/
#10yrsago How to protect the future web from its founders’ own frailty https://memex.craphound.com/2016/06/24/how-to-protect-the-future-web-from-its-founders-own-frailty/
#10yrsago More than 30 people burned during Tony Robbins “motivational” firewalk https://web.archive.org/web/20160627054938/https://bigstory.ap.org/c7872f6db09e4656a612ee13aab74d50
#10yrsago Google’s version of the W3C’s video DRM has been cracked https://www.youtube.com/watch?v=5CkWjOvpZJw
#10yrsago Undercover reporter spent four months as a prison guard in a Louisiana pen run by CCA https://www.motherjones.com/politics/2016/06/cca-private-prisons-corrections-corporation-inmates-investigation-bauer/
#10yrsago Sanders will vote Hillary https://www.nbcnews.com/politics/2016-election/bernie-sanders-says-he-will-vote-hillary-clinton-n598251
#10yrsago Brexit: a timeline of the coming slow-motion car-crash http://www.antipope.org/charlie/blog-static/2016/06/tomorrow-belongs-to-me.html
#5yrsago The pandemic showed remote proctoring to be worse than useless https://pluralistic.net/2021/06/24/proctor-ology/#miseducation
#1yrago Surveillance pricing lets corporations decide what your dollar is worth https://pluralistic.net/2025/06/24/price-discrimination/
#1yrago What's a "public internet?" https://pluralistic.net/2025/06/25/eurostack/#viktor-orbans-isp
Upcoming appearances (permalink)

- Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- How to Mess with Big Tech Oligarchs (Fighting Fascism)
https://podcasts.apple.com/us/podcast/how-to-mess-with-big-tech-oligarchs-w-cory-doctorow/id1888647397?i=1000773711479 -
Reverse Centaur with Angie Coiro (Kepler's Books)
https://www.youtube.com/live/cWN6XBa73xA -
How to Think About AI Before It’s Too Late (Galaxy Brain)
https://www.youtube.com/watch?v=SPQNPJ0CEPo -
The future of world governance, with Kim Stanley Robinson (UN Independent Expert on International Order)
https://www.youtube.com/live/wJvBvYdaAMY -
How to Think About Artificial Intelligence (KUER)
https://radiowest.kuer.org/show/radiowest/2026-06-16/cory-doctorow-on-how-to-think-about-artificial-intelligence
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Fourth draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Spying on kids to save kids from spying is very, very stupid: First they came for the VPNs.
- Hey look at this: Delights to delectate.
- Object permanence: RIP Darwin's tortoise; ISPs conspire to create copyright jail; Waxy v fair use; Broken Windows is BS; Google is a machine-learning company; "Writing the Other"; Canadian wealth-tax.
- Upcoming appearances: Toronto, NYC, Philadelphia, Chicago, London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Spying on kids to save kids from spying is very, very stupid (permalink)
The literature on harms to kids from online platforms is complex and nuanced, rife with people citing small, ambiguous studies as iron-clad evidence that kids are being destroyed by the internet:
https://www.youtube.com/watch?v=Ype6c6DdHQY
It's a weird coalition of anti-Big Tech campaigners (who are rightly angry at the platforms' callous disregard for user welfare) and Heritage Foundation-backed culture warriors (who think that if their kids aren't exposed to LGBTQ content they won't come out as queer). While there's plenty these groups disagree about, they share one consensus: there should be a "minimum age" for certain kinds of internet use.
The problem is, there's no such thing as "age verification" for the internet. What we call "age verification" is actually mass surveillance, so invasive and pervasive that it makes the ad-tech industry's commercial surveillance look like some kind of cypherpunk darknet pirate utopia:
https://pluralistic.net/2025/08/14/bellovin/#wont-someone-think-of-the-cryptographers
"Age verification" means that everyone who does anything online will have to submit to fine-grained tracking and recording of all their online activities. This nightmare is the surveillance advertising industry's fondest dream, a world where it's literally illegal to avoid their tracking, all in the name of saving kids…from them!
So it's not just a weird alliance of anti-Big Tech crusaders and the conspiratorial right that's pushing for age verification – they are unwitting allies of the very tech industry they think they're fighting. Those tech industry insiders are fully aware that an "age verification" mandate is really a way for the government to teach every child how to use a VPN. They're also fully aware that the next move is to ban VPNs:
https://www.express.co.uk/news/uk/2217934/vpn-ban-table-july-labour
Tech bosses are the ones sitting on our shoulders saying, "Go ahead, swallow that fly – it'll be fine. And if you do have to swallow a spider afterward, well, that'll surely be the end of it":
https://pluralistic.net/2026/05/19/shes-dead-of-course/#consensus-hallucination
Behind them is a long line of caliper-wielding grifters who claim they can use your phone's camera to distinguish a child who is 17 years, 364 days old from an adult who's just turned 18:
https://www.gov.uk/government/publications/facial-age-estimation
It's beyond farce. After all, whatever harms you believe the internet is inflicting on kids – and there's absolutely some kids who are being harmed by their internet use – those harms all start with surveillance. Your kids can't be targeted by algorithms without the surveillance data that's being used to target them. They can't be funneled into pro-anorexia content or extreme misogyny forums without that funnel being primed by commercial spying.
Why do tech companies spy on your kids? The same reason your dog licks its balls: because they can, and no one stops them:
https://pluralistic.net/2026/03/10/ice-tech/#foreseeable-outcomes
America hasn't updated its consumer privacy laws since 1988 (when Congress banned the disclosure of your VHS rentals). The EU has the GDPR, but it also has Ireland, the country where all GDPR cases against Big Tech go to die, because any tax haven inevitably becomes a crime haven:
https://pluralistic.net/2025/10/31/losing-the-crypto-wars/#surveillance-monopolism
Other countries have privacy laws to varying degrees, but are grossly outmatched by US tech giants, who have fused with the Trump regime, to the extent that Trump will impose penalties on your country if you attempt to regulate his tech companies – he'll even have your top officials cut off from the internet in retaliation:
https://pluralistic.net/2026/04/04/digital-subjugation/#greenlands-next
Any attempt to save kids from online harms should start with saving kids from online surveillance, but that's the opposite of what we're doing today. After decades of failing to pass and enforce privacy controls for the internet, those same governments are breaking all land-speed records to pass "age verification" laws that make privacy illegal:
https://bsky.app/profile/rebeccawilliams.info/post/3moviqzdit22z
The fact that these bills have the firm backing of the tech industry's most controlling, most spying companies tells you everything you need to know about them:
https://web.archive.org/web/20260315022337/https://tboteproject.com/
Kids are being harmed by online spying, and so are the rest of us. Whether you think that the algorithm made Grampy go Qanon or you're suspicious that online surveillance data was used to deny you a loan, a job, or a lease, you should want privacy:
https://pluralistic.net/2023/12/06/privacy-first/#but-not-just-privacy
Online surveillance is being used to raise the prices you pay and lower the wages you're offered:
https://pluralistic.net/2026/04/06/empiricism-washing/#veena-dubal
And the same data that's being used to "verify age" today will be used by ICE tomorrow to figure out who to round up for a concentration camp:
https://www.wired.com/story/ice-asks-companies-about-ad-tech-and-big-data-tools/
You can't protect kids from online surveillance by spying on them. You just can't. Anyone who tells you otherwise is trying to get you to swallow a fly so they can sell you a spider, a bird, a cat, and an ICE chud in a gaiter, Oakleys and plate carrier (beneath which lurks a stick-and-poke Totenkopf tattoo).
Hey look at this (permalink)

- AI doomerism is misplaced. Here’s what it will take to pop the bubble https://www.salon.com/2026/06/22/ai-doomerism-is-misplaced-heres-what-it-will-take-to-pop-the-bubble/
-
Visa and Mastercard: The Original Gangsters of Electronic Collusion https://www.thesling.org/visa-and-mastercard-the-original-gangsters-of-electronic-collusion/
-
Has it happened yet? https://hasithappenedyet.org/
-
Platform-Controlled Search and Distortions in Attention Allocation https://tinbergen.nl/discussion-paper/6496/26-035-vii-platform-controlled-search-and-distortions-in-attention-allocation
Object permanence (permalink)
#20yrsago Darwin’s tortoise dead at 176
https://web.archive.org/web/20060704143750/http://news.yahoo.com/s/afp/20060623/od_afp/australiaanimal_060623102146;_ylt=Ave_b4Ps2r9TGXqs5nZIVIoFO7gF;_ylu=X3oDMTA5bGVna3NhBHNlYwNzc3JlbA–zoo
#15yrsago Major US ISPs set to limit repeat infringers with throttling, limiting access to 200 websites, and copyright reeducation school https://web.archive.org/web/20111105225114/http://news.cnet.com/8301-31001_3-20073522-261/exclusive-top-isps-poised-to-adopt-graduated-response-to-piracy/
#15yrsago Why fair use doesn’t work unless you’ve got a huge war-chest for paying lawyers https://waxy.org/2011/06/kind_of_screwed/
#15yrsago Model net neutrality rule for municipalities https://web.archive.org/web/20110626114610/http://envisionseattle.org/2011/06/model-net-neutrality-ordinance-for-seattle.html
#15yrsago Campus hookups: college sex isn’t new, but hookups are different https://thesocietypages.org/socimages/2011/06/21/the-promise-and-perils-of-hook-up-culture/
#15yrsago A Brief History of the Corporation: understanding what an attention economy is and where it comes from https://ribbonfarm.com/2011/06/08/a-brief-history-of-the-corporation-1600-to-2100/
#15yrsago Eliza: what makes you think I’m a psychotherapeutic chatbot? https://www.filfre.net/2011/06/eliza-part-1/
#10yrsago Broken Windows policing is nonsense https://www.nyc.gov/assets/oignypd/downloads/pdf/Quality-of-Life-Report-2010-2015.pdf
#10yrsago How it feels to be under DDoS attack https://www.oreilly.com/radar/ddos-emotions/
#10yrsago 2016: the first presidential election in 50 years without Voting Rights Act protections https://www.rollingstone.com/politics/politics-news/welcome-to-the-first-presidential-election-since-voting-rights-act-gutted-179737/3/
#10yrsago Google is restructuring to put machine learning at the core of all it does https://web.archive.org/web/20180530051703/https://www.wired.com/2016/06/how-google-is-remaking-itself-as-a-machine-learning-first-company/
#10yrsago Misconfigured database exposes sensitive data for 154 million US voters https://dailydot.com/politics/154-million-voter-files-exposed-l2
#10yrsago To understand the Trump campaign, study real-estate developer hustle https://web.archive.org/web/20161028030522/https://storify.com/KC_EDM/trump-is-running-his-campaign-like-a-real-estate-d
#10yrsago Writing the Other: intensely practical advice for representing other cultures in fiction https://memex.craphound.com/2016/06/23/writing-the-other-intensely-practical-advice-for-representing-other-cultures-in-fiction/
#1yrago The case for a Canadian wealth tax https://pluralistic.net/2025/06/23/billionaires-eh/#galen-weston-is-a-rat
Upcoming appearances (permalink)

- Toronto: The Sovereignty Debate (IAB Canada's State of the Nation), Jun 23
https://iabcanada.com/state-of-the-nation-2026 -
Toronto: The Reverse Centaur's Guide to Life After AI (Osler Records/Type Books), Jun 23
https://www.eventbrite.com/e/cory-doctorow-book-launch-and-talk-tickets-1991501299998 -
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- How to Mess with Big Tech Oligarchs (Fighting Fascism)
https://podcasts.apple.com/us/podcast/how-to-mess-with-big-tech-oligarchs-w-cory-doctorow/id1888647397?i=1000773711479 -
Reverse Centaur with Angie Coiro (Kepler's Books)
https://www.youtube.com/live/cWN6XBa73xA -
How to Think About AI Before It’s Too Late (Galaxy Brain)
https://www.youtube.com/watch?v=SPQNPJ0CEPo -
The future of world governance, with Kim Stanley Robinson (UN Independent Expert on International Order)
https://www.youtube.com/live/wJvBvYdaAMY -
How to Think About Artificial Intelligence (KUER)
https://radiowest.kuer.org/show/radiowest/2026-06-16/cory-doctorow-on-how-to-think-about-artificial-intelligence
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Fourth draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Good politics: Just make people's lives better.
- Hey look at this: Delights to delectate.
- Object permanence: WWII online; Xbox security blunders; Homeless bloggers; Thermal printer racing game; Robbing a bank to get healthcare in jail; Crumb v Trump; "The Blues Brothers"; Bagelheads; Pickpocket training mannequin; Windmill joke; Singularity skepticism; GPU Dieselgate; Peleton bricks treadmills; Juul's junk science.
- Upcoming appearances: Toronto, NYC, Philadelphia, Chicago, London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Good politics (permalink)
Some people love to admire a beautiful football play; me, I can't get enough of politicians doing good politics – and like those World Cup fans, I am doubly pleased when it's my team making the play.
I definitely have a team in Brazilian politics: President Luiz Inácio Lula da Silva and his Workers' Party. Lula's done so many amazing things in his career, and these often intersect with my own special interests. Like, he made Gilberto Gil his minister of culture, and his people built the telecentros, free software-based internet dojos for the poorest kids in the country, living in favelas:
https://www.informationweek.com/software-services/brazil-turns-away-from-microsoft
Lula was royally ratfucked – framed by a corrupt justice minister who secretly conspired with the country's oligarchs – and imprisoned, and the conspirators installed Jair Bolsonaro, a fascist war criminal whose covid bungling led to mass death:
https://en.wikipedia.org/wiki/Operation_Car_Wash
When Bolsonaro lost his next election – to a triumphant Lula – he attempted a coup, for which he was arrested and handed a long prison sentence, despite Trump and Microsoft trying to intimidate the Brazilian judge into letting him walk:
https://www.politico.com/news/2025/09/22/bolsonaro-prosecution-us-sanctions-00575122
Now, Lula is fighting to keep Bolsonaro's nepobaby failson, Senator Flávio Bolsonaro, from wrestling back control over the country for his fascist party; and that's where the good politics come in.
Lula's party has just scored a massive, national political victory by tabling legislation to establish a five-day workweek. While Brazil's professional/managerial class enjoy a two-day weekend, the working poor of the nation are prisoners of the escala 6×1 system, which sees them working six days per week. It's a hangover from the era of Brazil's fascist dictatorship, which (nominally) ended in 1988, but whose legacy still haunts the Brazilian people.
Lula's 40-hour workweek is incredibly popular. So popular that Bolsonaro's party whipped its members to vote for it, because they fear that to do otherwise would hand an even bigger majority to Lula, who might go on to give workers a four-day work-week:
https://prospect.org/2026/06/22/lula-sees-boosts-as-he-pushes-to-reduce-brazilian-workweek/
It turns out that weekends are popular and promising the electorate access to a weekend is good politics. What's more, denying weekends to the electorate is shitty, awful politics, which is why Bolsonaro's fascists were forced to vote in favor of a policy they hate, even though all credit for that policy will still go to Lula and the Worker' Party. The bill passed 461-19.
Contrast Lula's muscular, deliverism-based politics that seeks to improve the lives of working people in tangible, immediate ways with the catastrophic series of blunders that Keir Starmer's Labour has delivered. Despite having won a majority so large it would have made Saddam Hussein blush (not because Labour was popular, but because the outgoing Conservatives were universally loathed), Starmer has refused to lift a finger to improve Britons' lives. Instead, he's abetted genocide, criminalized protest, proposed ending jury trials, imposed austerity, handed the NHS over to Palantir and all the remaining potable water and electrical capacity in the country over to America's most unprofitable AI giants.
Starmer's insistence that we can't have nice things is bad politics, because (and it's weird that this has to be said) a government that makes people's lives worse is less popular than a government that makes people's lives better:
https://www.whatwelo.st/p/everyone-hates-tech-but-nobody-knows
Now, the right is incapable of making working people's lives better, because broad improvements to the vast majority necessarily come at the expense of the tiny minority of morbidly wealthy hoarders whom the right serves. In order to get millions of turkeys to vote for Christmas, the right substitutes spectacular acts of cruelty against disfavored minorities to distract their voters from the quiet acts of everyday cruelty they subject those voters to:
https://pluralistic.net/2026/04/12/always-great/#our-nhs
This isn't good politics. The sadistic torture of your base's enemies will never please them so well nor so durably as making immediate, significant improvements in their lives will.
That's why the corporate Dems who say that the party should campaign against renewables and in favor of fossil fuel companies aren't merely climate criminals, they're also bad at politics:
Cleantech is fucking great. Since I put in solar, a heat pump and an induction top, my energy bills have fallen to less than $80 per month, even in Los Angeles, even at the height of summer. My EV – a 7-year old Kia Niro – costs pennies to run, because I charge it off my roof. Not only that, it's fast, maneuverable, silent, and incredibly reliable. It handles like that Mustang a rental agency once upgraded me to. I mean, I'd rather have a subway, but if I have to drive, this is so much better than any ICE car I've ever owned.
Sure, our solar was a giant pain in the ass to get installed and working, but that's because the same corporate Dems who say climate is a political loser also said the best way to roll out solar nationwide was to set up an elaborate system of financialized tax-credits. That meant that every solar installer I talked to was more interested in swindling me by putting solar on my roof that they would own than they were in selling me a system I owned outright. Financializing America's rooftop solar conjured up a vast army of scammers and hustlers who screwed the majority of people they sold solar to, and my installers, Solaredge, were no exception:
https://www.propublica.org/article/missouri-pace-loans
Everything about living in the cleantech future is better. I can boil a gallon of water in under a minute on my stovetop! And it's only gonna get better: not only is cleantech improving every year, but fossil fuel is getting shittier every year, thanks to Trump's lunatic war of choice in Iran, the cost of using fossil fuels will only go up from here:
https://pluralistic.net/2026/04/20/praxis/#acceleration
Look, as a workaholic whose unhealthy anxiety coping mechanism is to work even harder, I might not make the best use of an extra day off:
https://pluralistic.net/2026/04/14/compartment/#flow
But as Pete Seeger sang in 1941, your time is all you have, and every hour you give to your boss is an hour you can never get back:
You'll get shorter hours
Better working conditions
Vacations with pay
Take your kids to the seashore
https://genius.com/Pete-seeger-talking-union-lyrics
It's something Lula understands, which is why he's winning. Good politics are a delight to watch, especially when it's your team doing them. But man, it can be pretty demoralizing to watch your team fumble play after play after play.
Hey look at this (permalink)

- Arindrajit Dube on Wages https://paulkrugman.substack.com/p/arindrajit-dube-on-wages
-
WE WON OUR UNION! https://unitedfaculty-uaw.org/
-
Understanding the Luddites in the age of AI https://www.bloodinthemachine.com/p/understanding-the-luddites-in-the
-
Promises Made, Promises Kept: The Lincoln Memorial Reflecting Pool Absolutely Looks Like Shit Now https://defector.com/promises-made-promises-kept-the-lincoln-memorial-reflecting-pool-absolutely-looks-like-shit-now
-
Why Is It So Bad to Let A.I. Do My Thinking for Me? https://www.nytimes.com/2026/06/20/books/review/the-reverse-centaurs-guide-to-life-after-ai.html?unlocked_article_code=1.rlA.BN8p.23Ho_LuzI-Tr
Object permanence (permalink)
#25yrsago WWII Online https://web.archive.org/web/20010625120559/https://www.gamespot.com/gamespot/stories/reviews/0,10867,2778704,00.html
#20yrsago Microsoft’s myriad Xbox security mistakes https://web.archive.org/web/20060703000421/http://www.xbox-linux.org/wiki/17_Mistakes_Microsoft_Made_in_the_Xbox_Security_System
#20yrsago Kentucky government censors political watchdog site https://web.archive.org/web/20060628055926/http://www.bluegrassreport.org/bluegrass_politics/2006/06/bluegrassreport.html
#20yrsago Life among the homeless bloggers https://web.archive.org/web/20060702205047/https://www.wired.com/news/technology/1,71153-0.html
#20yrsago Disney, 1939: No woman animators allowed https://animationguildblog.blogspot.com/2006/06/disney-1939-girls-are-not-considered.html
#15yrsago Sick man robs bank for $1, demands jail and healthcare https://web.archive.org/web/20110628144748/https://www.gastongazette.com/news/bank-58397-richard-hailed.html/
#15yrsago Car-racing game on a thermal printer https://www.undef.ch/project/receipt-racer
#15yrsago Toronto police swear off kettling https://web.archive.org/web/20110625131204/http://www.thestar.com/news/article/1012959–exclusive-toronto-police-swear-off-g20-kettling-tactic?bn=1
#15yrsago LEAKED: UK copyright lobby holds closed-door meetings with gov’t to discuss national Web-censorship regime https://www.openrightsgroup.org/blog/rights-holders-propose-voluntary-website-blocking-scheme/
#15yrsago Georgia’s anti-immigrant law leaves millions in crops rotting in the fields https://web.archive.org/web/20110620213900/https://blogs.ajc.com/jay-bookman-blog/2011/06/17/gas-farm-labor-crisis-playing-out-as-planned/
#15yrsago Bagelheads: toroidal saline forehead injections https://web.archive.org/web/20110619033443/https://vicestyle.com/en/news/today/post/japanese-bagelheads
#15yrsago Spitalfields Nippers: East London street-urchins of 1912 https://spitalfieldslife.com/2011/04/02/spitalfields-nippers/
#15yrsago Danish police proposal: Ban anonymous Internet use https://www-computerworld-dk.translate.goog/art/117279/forslag-du-maa-ikke-laengere-gaa-anonymt-paa-nettet?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US
#15yrsago Bell-mannequin for training pickpockets https://web.archive.org/web/20110626045035/http://blog.modernmechanix.com/2011/06/23/amateur-pick-pockets-study-in-crime-college/
#15yrsago Skeptical take on Singularity http://www.antipope.org/charlie/blog-static/2011/06/reality-check-1.html
#15yrsago Windmill joke https://www.reddit.com/r/Jokes/comments/4p8qkb/two_windmills_are_standing_in_a_field_and_one/
#10yrsago Electronics repair shops overbill for labor when the customer has insurance https://arstechnica.com/science/2016/06/computer-repair-shops-screw-over-customers-if-theyve-got-insurance/
#10yrsago Being a Craigslist scammer is hard work https://web.archive.org/web/20160622140008/https://www.infoworld.com/article/3086304/cyber-crime/interview-with-a-craigslist-scammer.html
#10yrsago Dieselgate for GPUs: review-units ship at higher clockspeeds than retail ones https://www.theverge.com/circuitbreaker/2016/6/21/11986836/msi-asus-overclocked-graphics-cards-review
#10yrsago Phones without headphone jacks are phones with DRM for audio https://www.theverge.com/circuitbreaker/2016/6/21/11991302/iphone-no-headphone-jack-user-hostile-stupid
#10yrsago Donald Trump sources $6M worth of campaign expenditures from companies he and his family own https://web.archive.org/web/20160621142100/https://bigstory.ap.org/article/9f7412236962464f9f2c0a8d2696ba25/trumps-campaign-cycles-6-million-trump-companies
#10yrsago Samantha Bee puts the NRA before a firing squad https://www.youtube.com/watch?v=-M4qHzd3xfM
#10yrsago Improv Everywhere: asking random New Yorkers to give a commencement speech https://www.youtube.com/watch?v=drvcLC3DuHo
#10yrsago R. Crumb v. D. Trump, 1989 https://dangerousminds.net/comments/robert_crumb_and_friends_flush_donald_trump_down_the_toilet_1989/
#10yrsago Cleveland: “First Amendment zones” will fence protesters far away from RNC https://www.wired.com/2016/06/cleveland-will-create-city-within-city-keep-rnc-civil/
#10yrsago Space botanists are beneficiaries of Canada’s legal weed boom https://web.archive.org/web/20160624043929/https://motherboard.vice.com/read/how-space-technology-will-produce-the-best-weed-marijuana-cannabis-pot
#10yrsago Debullshitifying the EU referendum (radio comedy edition) https://www.bbc.co.uk/programmes/p03yylpn
#10yrsago Judenstaat: an alternate history in which a Jewish state is created in east Germany in 1948 https://memex.craphound.com/2016/06/21/judenstaat-an-alternate-history-in-which-a-jewish-state-is-created-in-east-germany-in-1948/
#10yrsago Gun control is a great idea, terrorist watchlists are bullshit https://www.aclu.org/sites/default/files/field_document/2016_06_20_aclu_vote_recommendation_on_feinstein_and_cornyn_amendments_to_h.r._2578.pdf
#5yrsago New Yorkers just missing the subway https://www.youtube.com/watch?v=iWh385F5lms#5yrsago
#5yrsago Peloton bricks its treadmills https://pluralistic.net/2021/06/22/vapescreen/#jane-get-me-off-this-crazy-thing
#5yrsago Juul's junk science https://pluralistic.net/2021/06/22/vapescreen/#smokescreen
#5yrsago Improving the ACCESS Act https://pluralistic.net/2021/06/22/vapescreen/#improve-access
#1yrago Daniel de Visé's 'The Blues Brothers' https://pluralistic.net/2025/06/21/1060-west-addison/#the-new-oldsmobiles-are-in-early-this-year
Upcoming appearances (permalink)

- Toronto: The Sovereignty Debate (IAB Canada's State of the Nation), Jun 23
https://iabcanada.com/state-of-the-nation-2026 -
Toronto: The Reverse Centaur's Guide to Life After AI (Osler Records/Type Books), Jun 23
https://www.eventbrite.com/e/cory-doctorow-book-launch-and-talk-tickets-1991501299998 -
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- How to Think About AI Before It’s Too Late (Galaxy Brain)
https://www.youtube.com/watch?v=SPQNPJ0CEPo -
The future of world governance, with Kim Stanley Robinson (UN Independent Expert on International Order)
https://www.youtube.com/live/wJvBvYdaAMY -
How to Think About Artificial Intelligence (KUER)
https://radiowest.kuer.org/show/radiowest/2026-06-16/cory-doctorow-on-how-to-think-about-artificial-intelligence -
The Enshittification of Life, the Universe, & Everything (Luke Savage)
https://www.lukewsavage.com/p/the-enshittification-of-life-the -
Cory Doctorow's digital jail-break (DW In Focus)
https://www.dw.com/en/cory-doctorows-digital-jail-break/audio-77414035
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Fourth draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- How the Epstein Class recruits: Oh wait, THAT'S what this was?!
- Hey look at this: Delights to delectate.
- Object permanence: MPAA blasted in WSJ; RFID skimmers; Post-Soviet inventions; "Farthing"; "Dirty, Drunk and Punk"; Dweb v founders' frailty; Tax cheating made simple; Oregon v corporate medicine.
- Upcoming appearances: Toronto, NYC, Philadelphia, Chicago, London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
How the Epstein Class recruits (permalink)
Perhaps you've encountered the stories about Dialog, an extremely weird secret society associated with Peter "Antichrist" Thiel, whose membership data and details have leaked this week:
https://www.wired.com/story/how-peter-thiels-private-dialog-club-secretly-ranks-its-members/
By all appearances, this is a comically creepy, awful talking-shop for the Epstein Class. It's not all that surprising, in retrospect, to learn that all these terrible people were in a group chat, secretly assigning ratings to one another, and periodically gathering to have tedious panels about, I dunno, "race science" or whatever.
I'm on the oligarchy beat, so stories about Dialog have been popping up in my RSS feed for the past week or so, but it wasn't until last night that I made a connection.
A year or two ago, I got an invite to speak at an event. This is normal, I get a lot of these and I do a lot of public speaking. I'm good at it, and it's a good way for me to reach people and get them energized about the issues I care about. Sometimes, I do these talks for free. Sometimes I get paid.
When I first glanced at this speaking offer, I thought, "Huh, I guess this is one to send on to my speaking agent," because the names the offer dropped were a bunch of rich people, and so I assumed that they were having some kind of summit and looking for a keynoter. Then I read a little more carefully and realized they – these billionaires and their lickspittles! – wanted me to pay them, thousands of dollars, so that I could shlep my ass to some luxury resort in order to have the privilege of speaking to them.
I came up as a science fiction writer, and at some point, every sf writer learns "Yog's Law," coined by James D Macdonald when he was running the science fiction forum on GEnie, under the screen name "Yog Sysop":
money flows toward the writer
https://en.wikipedia.org/wiki/James_D._Macdonald#Educational_work
In other words, whenever you, as a creative worker, are approached by someone who wants to "help" you with your work, and they want you to pay them, they are a scammer, preying upon your essential human need to communicate with others. Run away.
Which is what I did. I deleted the email.
Then, I got another one a couple months later. Ugh. I wrote a mail rule that auto-deleted anything from that sender and promptly forgot about the matter. Until last night.
I just had a look at my Trash folder and yup, these people are still emailing me in hopes that I will give them thousands of dollars to join their weird secret society.
I don't know if everyone who joined Dialog got an email like the one I was sent, but if you want to understand how at least some of those people ended up on those membership rolls, well, now you know: they were schmucks who'd never learned Yog's Law.
(Image: Gage Skidmore 1, 2, 3, 4, 5, 6, CC BY-SA 2.0; TechCrunch50-2008, Dan Taylor 1, 2, CC BY 2.0; modified)
Hey look at this (permalink)

- EFF Joins 60+ Groups Urging the UK to Halt Face Estimation at the Border https://www.eff.org/deeplinks/2026/06/joins-60-groups-urging-uk-halt-face-estimation-border
-
AI Shouldn’t Dictate Our Democracy. Vote Alex Bores. https://www.youtube.com/watch?v=M6KQ2yDK1Q4
-
tokenalysis and john henry https://backofmind.substack.com/p/tokenalysis-and-john-henry
-
Making Free Warhammer Terrain https://www.youtube.com/watch?v=p6YC-cOngHg
-
Mechanical Watch https://ciechanow.ski/mechanical-watch/
Object permanence (permalink)
#20yrsago Wendy Seltzer smokes the MPAA in the Wall St Journal https://web.archive.org/web/20061016014904/http://online.wsj.com/public/article/SB115047057428882434-1V_FEK_CJelMfytdST8APRW7cZw_20060720.html
#20yrsago HOWTO build an RFID skimmer https://web.archive.org/web/20060703081753/http://www.eng.tau.ac.il/~yash/kw-usenix06/index.html
#20yrsago Desperate inventions of post-Soviet Russia https://memex.craphound.com/2006/06/20/desperate-inventions-of-post-soviet-russia/
#20yrsago NYT falsely reports that Wikipedia has added restrictions https://jimmywales.com/2006/06/17/the-new-york-times-gets-it-exactly-backwards/
#20yrsago Farthing: Heart-rending alternate history about British-Reich peace https://memex.craphound.com/2006/06/20/farthing-heart-rending-alternate-history-about-british-reich-peace/
#15yrsago Dirty, Drunk and Punk: the untold history of Toronto’s BUNCHOFFUCKINGGOOFS https://memex.craphound.com/2011/06/20/dirty-drunk-and-punk-the-untold-history-of-torontos-bunchoffuckinggoofs/
#10yrsago Video: Guarding the Decentralized Web from its founders’ human frailty https://www.youtube.com/watch?v=zlN6wjeCJYk
#10yrsago Unnamed Canadian telco sabotages’ library’s low-income internet service https://web.archive.org/web/20160618143132/https://motherboard.vice.com/read/canadian-telecoms-limiting-wifi-low-income-families-toronto-public-libraries-digital-divide
#10yrsago Clarence Thomas rumored to be considering retirement https://web.archive.org/web/20160622135444/http://www.washingtonexaminer.com/end-of-conservative-supreme-court-clarence-thomas-may-be-next-to-leave/article/2594317
#10yrsago Tolkien elf or prescription drug name? https://web.archive.org/web/20160609021515/https://entertainment.howstuffworks.com/arts/literature/drug-or-tolkien-elf-quiz.htm
#5yrsago The EU, Tech Trustbusting, and Trade Wars https://pluralistic.net/2021/06/20/the-eu-tech-trustbusting-and-trade-wars/
#5yrsago How to cheat on your taxes https://pluralistic.net/2021/06/20/la-hougue/#complexity
#1yrago Oregon bans the corporate practice of medicine https://pluralistic.net/2025/06/20/the-doctor-will-gouge-you-now/#states-rights
==
Upcoming appearances (permalink)

- Toronto: The Sovereignty Debate (IAB Canada's State of the Nation), Jun 23
https://iabcanada.com/state-of-the-nation-2026 -
Toronto: The Reverse Centaur's Guide to Life After AI (Osler Records/Type Books), Jun 23
https://www.eventbrite.com/e/cory-doctorow-book-launch-and-talk-tickets-1991501299998 -
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- How to Think About AI Before It’s Too Late (Galaxy Brain)
https://www.youtube.com/watch?v=SPQNPJ0CEPo -
The future of world governance, with Kim Stanley Robinson (UN Independent Expert on International Order)
https://www.youtube.com/live/wJvBvYdaAMY -
How to Think About Artificial Intelligence (KUER)
https://radiowest.kuer.org/show/radiowest/2026-06-16/cory-doctorow-on-how-to-think-about-artificial-intelligence -
The Enshittification of Life, the Universe, & Everything (Luke Savage)
https://www.lukewsavage.com/p/the-enshittification-of-life-the -
Cory Doctorow's digital jail-break (DW In Focus)
https://www.dw.com/en/cory-doctorows-digital-jail-break/audio-77414035
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- The Big Con: Making the pile of shit bigger won't increase the number of ponies underneath it.
- Hey look at this: Delights to delectate.
- Object permanence: TVA v SETI@Home; Telemarketers v DHS batphones; Matt Stone's MPAA censorship memo; Stonehenge pocket watch; W3C v security research; Congressional mass-shooting response simulator; Dynastic wealth; Gig economy astroturf; Meta publishes your AI prompts.
- Upcoming appearances: LA, Menlo Park, Toronto, NYC, Philadelphia, Chicago, London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
The Big Con (permalink)
Partway through Bridget Read's unmissable chronicle of pyramid ("multi-level marketing") schemes, Little Bosses Everywhere, there comes a dual revelation: no one is selling any product to end-users and no one knows it:
https://pluralistic.net/2025/05/05/free-enterprise-system/#amway-or-the-highway
That is to say, all the hustlers who have spent thousands of dollars on Mary Kay, Herbalife and Amway have failed to move any of their product (beyond a statistically insignificant number of sales to friends and family who quickly tire of being hustled and stop buying this substandard, overpriced junk). But none of these "entrepreneurs" knows it, or admits it to anyone – not their "downlines" (friends they've lured into the swindle), nor their "uplines" (friends who recruited them into the con).
Each pyramid scheme victim thinks that they're the only failure in the whole bunch. They go to massive "sales conferences" where people boast about all the sales they're making, and they're all lying about it. Incredibly, the pyramid schemers who run these criminal enterprises have figured out how to make a virtue out of this situation: they offer "sales coaching" courses to help people make the sales that "everyone else is making." In other words, once you've gone bust failing to sell Amway, they'll get you to go further into debt to learn how to correct the (nonexistent) issues with your sales strategy so that you can join the (imaginary) legion of people who sell Amway by the bushel.
Con artists have a name for this kind of swindle: it's called a "big con," which is when everyone a mark comes into contact with is in on the scam. Here's how the big con worked: after a "roper" snared a victim (usually on an intercity train), they would telegraph ahead and let the home team know they had a live one. From that point forward, every single person the victim came into contact with was in on it – from the porter who collected his bags at the train station to the cab driver to the Western Union clerk he uses to cable his banker and ask for a cashier's check for his life's savings.
In the big con, dozens of skilled actors are putting on a play for an audience of one: you. It's a real-world, non-hallucinatory version of "gang stalking delusion," which is when someone going through a mental health crisis believes that everyone they meet is in on a conspiracy to drive them crazy:
https://pluralistic.net/2026/06/03/mission-space/#gsd
The situation that people suffering from GSD hallucinate is actually happening to people ensnared in a big con…and pyramid schemes are a big con. What's more – as Read's book makes clear – you can't understand modern American politics without understanding pyramid schemes.
One of the most destructive pyramid schemes in American history is Amway. The FTC was about to shut Amway down in the mid-1970s, but then Nixon resigned and Ford became president. Ford had been the Congressman to Amway's founders Jay Van Andel (then the head of the US Chamber of Commerce, which is to say, America's most powerful business lobbyist) and Dick DeVos (yes, that DeVos). Ford and the Amway swindlers were thick as thieves, and so Ford called off the FTC. Rather than going to jail, DeVos and Van Andel became morbidly wealthy, and they used some of their stolen money to found and fund the Heritage Foundation (yes, that Heritage Foundation).
The political class running America are pyramid scheme swindlers, funded by pyramid scheme money. They're running a big con on all of us. That's true of the Trumps, who've excreted a diarrhoeic slurry of shitcoins that have made them billions – and lost billions for their "investors":
https://www.citationneeded.news/issue-106/
Trump insists that he is a self-made man who made his money with successful real estate deals. In reality, he lied all the time about his real estate, committing a string of felonies in order to defraud the banks, even as he went bankrupt, time and again:
https://en.wikipedia.org/wiki/Prosecution_of_Donald_Trump_in_New_York
Another "self made man" is Elon Musk (who is a "trillionaire," in a highly technical sense meaning "not a trillionaire at all"). Musk would have been broke several times over but for a string of massive government bailouts and subsidies, which continue to this day:
https://www.congress.gov/119/meeting/house/117956/documents/HMKP-119-JU00-20250226-SD003.pdf
Trump, Musk, and the rest of the schemers in the pyramid routinely claim that they are wealthy because they are running good businesses, a "fact" that many of us accept at face value. It's bad enough that we are deceived about reality, but many of their most addled cult-members try to follow in their footsteps. When they fail, they are in the same situation as one of those busted Amway sellers: thinking they are the only ones who can't make this "sure thing" work. Conservativism is a movement of bitter rubes, led by pyramid scheme swindlers:
https://pluralistic.net/2025/07/22/all-day-suckers/#i-love-the-poorly-educated
The "wait, is everyone else also failing?" awakening is an experience that many of America's CEOs are sharing at this moment, as they wonder whether they are the only ones who've fired as many workers as possible and replaced them with AI, only to see their company's fortunes fall:
Like an Amway victim, these boardroom rubes simply can't believe that all these people could be in on the con. How could the world spend trillions on AI if it's not on a path to profitability? It's not that these guys spent 2008 in a cave – rather, they just lack the object permanence to remember the last time a "Federal Wallet Inspector" approached them at a board meeting and took them for everything:
https://pluralistic.net/2025/12/13/uncle-sucker/#willing-marks
The thesis that "it can't be nonsense if there's a lot of money at stake" is the core of so many of these swindles. It's the investment theory that holds that once a pile of shit gets big enough, there must be a pony under it somewhere.
There's a Bugs Bunny bit that I find myself returning to in this era of the big con: it's a gag from 1954's "Bugs and Thugs":
https://en.wikipedia.org/wiki/Bugs_and_Thugs
Bugs has been kidnapped by gangsters, who have come to trust him. He tricks them into thinking that the police are coming and he urges them to hide in the oven while he sends the cops away. Then, Bugs performs a one-rabbit show in which he plays both the cop (with a broad Irish accent) and himself:
Bugs (cop voice): All right, open up! This is the police! [banging] All right, where's Rocky, where's he hiding?
Bugs (normal voice): He's not in this stove.
Bugs (cop): Oh-ho, he's hidin' in that stove, eh?
Bugs (normal): Now look, would I turn on this gas if my friend Rocky was in there?
Bugs (cop): You might, rabbit, you might.
Bugs (normal) Would I throw a lighted match in there if my friend was in there? [Massive explosion]
Bugs (cop): Well, all right, rabbit, you've convinced me. I'll look for Rocky in the city.
https://www.youtube.com/watch?v=LSNTjX_g9a4
We keep living through real world versions of this:
"Would I, Mark Zuckerberg, change my company's name to 'Meta' if I wasn't serious about this?"
"Oh, you might, Zuck, you might."
"OK, but would I spend $61b on the metaverse if I wasn't serious about this?"
"All right, Zuck, you've convinced me. I won't sell my Facebook (oops, I mean 'Meta'!) shares."
But neither Zuck nor Musk nor Trump has the charm of Bugs Bunny. At a certain point we're all going to look at each other and say, "It was all bullshit, wasn't it?"
Hey look at this (permalink)

- AI Economics for Dummies https://www.mcsweeneys.net/articles/ai-economics-for-dummies
-
The Longreads Questionnaire, Featuring Cory Doctorow https://longreads.com/2026/06/17/questionnaire-cory-doctorow/
-
A guide to ‘greedflation’ https://timharford.com/2026/06/a-guide-to-greedflation/
-
Ubisoft uses DMCA to kill game: slopsmith gets destroyed by obsolete 30 year old law https://www.youtube.com/watch?v=bgVlEgV27ow
-
Canada Is Forging Ahead with Its Dangerous Surveillance Bill https://www.eff.org/deeplinks/2026/06/canada-forging-ahead-its-dangerous-surveillance-bill
Object permanence (permalink)
#25yrsago TVA bans SETI@Home https://web.archive.org/web/20010625113535/https://www.knoxnews.com/archives/browserecent/06162001/archives/31399.shtml
#25yrsago Scott McCloud on microtransactions and Napster https://web.archive.org/web/20010708054658/http://www.thecomicreader.com/html/icst/icst-6/icst-6.html
#20yrsago Wardialling telemarketers stumble on Homeland Security batphones https://web.archive.org/web/20060630104202/https://www.delawareonline.com/apps/pbcs.dll/article?AID=/20060616/NEWS/606160329/1006
#20yrsago NAB: Evidence is irrelevant to copyright treaties https://web.archive.org/web/20060622174657/https://drn.okfn.org/node/133#comment-246#comment-246
#20yrsago LA Times censors newsroom Internet feed https://web.archive.org/web/20060702051259/http://www.laobserved.com/archive/2006/06/protecting_reporters_from.html
#20yrsago Matt Stone’s memo to MPAA censors https://web.archive.org/web/20060619220447/https://www.mcnblogs.com/thehotblog/archives/2006/06/preparing_for_t.html
#20yrsago Stonehenge pocket-watch predicts solstices https://web.archive.org/web/20060627053213/http://www.thinkgeek.com/gadgets/watches/7d2b/
#15yrsago Mean things authors say about each other https://www.flavorwire.com/188138/the-30-harshest-author-on-author-insults-in-history
#15yrsago Glasses with 720p HD video camera https://www.kickstarter.com/projects/zioneyez/eyeztm-by-zioneyez-hd-video-recording-glasses-for
#15yrsago ICANN votes to roll out 400-800 new generic top-level domains https://www.flickr.com/photos/wseltzer/5852419280/
#10yrsago W3C DRM working group chairman vetoes work on protecting security researchers and competition https://lwn.net/Articles/691108/
#10yrsago Thoughts and Prayers: a Congressional mass-shooting simulator https://thoughtsandprayersthegame.com/
#5yrsago The doctrine of dynastic wealth https://pluralistic.net/2021/06/19/dynastic-wealth/#caste
#5yrsago The gig economy's dark-money, astroturf "community groups" https://pluralistic.net/2021/06/19/dynastic-wealth/#astroturf
#1yrago Your Meta AI prompts are in a live, public feed https://pluralistic.net/2025/06/19/privacy-breach-by-design/#bringing-home-the-beacon
Upcoming appearances (permalink)

- LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: The Sovereignty Debate (IAB Canada's State of the Nation), Jun 23
https://iabcanada.com/state-of-the-nation-2026 -
Toronto: The Reverse Centaur's Guide to Life After AI (Osler Records/Type Books), Jun 23
https://www.eventbrite.com/e/cory-doctorow-book-launch-and-talk-tickets-1991501299998 -
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- How to Think About AI Before It’s Too Late (Galaxy Brain)
https://www.youtube.com/watch?v=SPQNPJ0CEPo -
The future of world governance, with Kim Stanley Robinson (UN Independent Expert on International Order)
https://www.youtube.com/live/wJvBvYdaAMY -
How to Think About Artificial Intelligence (KUER)
https://radiowest.kuer.org/show/radiowest/2026-06-16/cory-doctorow-on-how-to-think-about-artificial-intelligence -
The Enshittification of Life, the Universe, & Everything (Luke Savage)
https://www.lukewsavage.com/p/the-enshittification-of-life-the -
Cory Doctorow's digital jail-break (DW In Focus)
https://www.dw.com/en/cory-doctorows-digital-jail-break/audio-77414035
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
very cool illustration of ranked choice voting and how it worked in Maine’s gubernatorial Democratic primary
via Reddit
Issue 106 – A tremendous birthday present
Today's links
- AI digital sovereignty risk doesn't exist: If 'risk + AI = risk – AI', then 'AI = 0'.
- Hey look at this: Delights to delectate.
- Object permanence: Napster x librarians; Flickr API reciprocity; KFC's Mega Jug v diabetes research; Hambone virtuoso; Google fiber x binding arbitration; "The Immortal Choir Holds Every Voice."
- Upcoming appearances: LA, Menlo Park, Toronto, NYC, Philadelphia, Chicago, London, Edinburgh, Sydney, Melbourne, Brighton, London, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
AI digital sovereignty risk doesn't exist (permalink)
Back at the height of the blockchain bubble, I made a hobby of pointing out that crypto weirdos were palming a card. I used this formulation:
if: problem + blockchain = problem – blockchain
then: blockchain = 0
https://pluralistic.net/2022/01/30/the-inevitability-of-trusted-third-parties/
You see, blockchain weirdos kept insisting that they could solve problems related to trust and institutional design with "smart contracts." Rather than having to trust a board of directors to steer an organization, you could just have a self-executing institution, the "distributed autonomous organization" or DAO.
So for example, if you want to buy a copy of the US Constitution at a Sotheby's auction, you could set up a DAO to raise and pool the funds, eliminating the need to find trustworthy people to receive, hold and deploy these funds:
https://en.wikipedia.org/wiki/ConstitutionDAO
However – and here's where the palmed card comes in – the DAO can't go to Sotheby's and place a bid on the Constitution. Instead, the members of the DAO have to elect a guy to receive all that cash, walk into Sotheby's, get one of those little ping-pong paddles last seen at the State of the Union in Chuck Schumer's withered claw (emblazoned with the brave slogan "You're hurting my fee-fees") and raise the paddle during the bidding.
That guy doesn't have to go to Sotheby's. That guy can simply walk away with all the money. Members of the DAO are trusting this guy with their entire collective treasury. Indeed, since the DAO has no corresponding legal entity, it might even be that members of the DAO can't sue this guy if he steals all their money – and even worse, without a limited liability structure, it might mean that everyone in the DAO can be sued for anything bad this guy does with the money.
Which raises the question: what's the point of building this insanely complex hairball of blockchain-based smart contracts to raise and hold the money if you're just going to hand it to this guy and trust him without limit? Why not just have that guy set up a Zelle account and a Whatsapp group? In other words: the problem that the DAO is trying to solve is the difficulty of trusting people with the keys to the kingdom, but no matter how much blockchain you sprinkle on this DAO, it ends with this one guy walking around with all your money, which he can steal with impunity if he so chooses.
Or, put more succinctly:
if: problem + blockchain = problem – blockchain
then: blockchain = 0
This turns out to be a really good way of assessing policy prescriptions for their soundness and foundation in reality, because – as the blockchain swindle shows us – it's possible to come up with entirely fictitious solutions to entirely real problems. The problem of designing a trustworthy institution that can't be betrayed by its leaders and whose operations don't consume all its resources is a real problem – it's quite possibly the real problem – but adding a DAO does nothing to solve the core problems of institutional design, and actually makes some of those problems worse.
There's another real problem with a fictitious solution that is – surprise! – tied to another tech bubble: digital sovereignty.
It's a genuine problem that everyone in the world (outside of China's sphere of influence) is glued to America's tech platforms. These platforms steal everyone's money and data, and every country has signed a trade deal with the USA promising not to let its own technologists and entrepreneurs go into business making add-ons and complementary goods that remediate the defects in America's tech exports:
https://pluralistic.net/2026/01/29/post-american-canada/#ottawa
What's more, Trump's response to finding himself in this poker game that's rigged entirely in his favor is to flip over the table because he resents having to pretend to play at all (as November Kelly so aptly put it). His incontinent belligerence on the world stage sees him making bids to steal whole countries and he's recruited American tech giants to help him in this chaotic program of lunatic imperialism. When other countries' public officials make decisions that Trump dislikes, he gets companies like Microsoft to disconnect whole institutions from the internet, deleting their files, email archives, calendars and address books, and depriving them of the ability to connect to any service tied to their Outlook accounts:
https://pluralistic.net/2026/04/20/praxis/#acceleration
Which means that if Trump wants to steal Greenland, he doesn't have to roll tanks into Nuuk – he can just brick the country of Denmark. He can shut down all their ministries, every large firm, every household. He can shut down their iPhones and Android devices. He can kill their smart-speakers. He can hormuz the world's supply of Ozempic, Lego and ferociously strong licorice:
https://pluralistic.net/2026/04/04/digital-subjugation/#greenlands-next
It doesn't stop there! Trump can also shut down every tractor!
https://pluralistic.net/2022/05/08/about-those-kill-switched-ukrainian-tractors/
This is the digital sovereignty risk. It's also the digital sovereignty opportunity. If countries repeal the laws that the US bullied them into accepting, laws that protect US tech giants from local competitors who block their plunder of data and money, they can turn America's tech trillions into their own tech billions. As Jeff Bezos likes to say, "your margin is my opportunity":
https://pluralistic.net/2026/01/30/zucksauce/#gandersauce
Meanwhile, repealing these US-protecting laws would enable countries to extract their data from US platforms so they can move it into domestic alternatives, and bypass the software locks that block them from updating phones, cars, tractors and ventilators to protect them from remote killswitches:
https://pluralistic.net/2026/01/01/39c3/#the-new-coalition
The digital sovereignty risk is having your country's government, businesses and industries terminated by Trump. The digital sovereignty opportunity is making billions of dollars by producing and exporting products that defend people from Big Tech plunder and Trumpian killswitches. That is the real world.
But many "digital sovereignty" advocates are living in an imaginary world, in which the digital sovereignty risk is that Trump will shut off their country's access to AI.
This is where the "if problem + blockchain" formulation comes in handy. If Trump shut off Canada's access to Chatgpt, Claude and Grok tomorrow, nothing would happen. No significant business, no federal or provincial ministry, no municipal government depends on these products for anything essential. And if Canada were to build their own local AI to sub in for Chatgpt, Claude and Grok, it would loose tens, if not hundreds of billions of dollars. Worst of all, a national AI strategy does nothing – not one solitary thing – to protect Canada from Trump shutting down our ministries, our companies, or our tractors.
In other words:
If: digital sovereignty + AI = digital sovereignty – AI
Then: AI = 0
If you think AI tools are nifty and want Canada to invest in AI, then first, please stop pretending that this has anything to do with "digital sovereignty." Not only is this a transparent bit of nonsense, it's a dangerous one, because digital sovereignty is a real problem, and AI does nothing to solve it.
If you want a good "national AI strategy," try this: save your money until the bubble bursts, and then buy your GPUs and hire your talent at 10 cents on the dollar and put them to work refining open source models:
https://pluralistic.net/2025/12/05/pop-that-bubble/#u-washington
Buying AI at the top of the market is nuts. That would be like shopping for Aeron chairs and foosball tables in March 2000. If you just sit tight for a couple months, you'll be able to find bankrupt dotcom entrepreneurs selling these at knock-down prices out front of their formerly overpriced office space in the Mission, in the time-honored tradition of former Wall Street millionaires selling apples out of their Rolls Royces:
https://digicoll.lib.berkeley.edu/record/323794
(Literally: I bought a "dining room set" of six $1500 Steelcase Leap chairs in the summer of 2000 from a failed dotcom CEO on Van Ness for $25 a piece – still in the original plastic!)
And in the meantime, please let's stop pretending that digital sovereignty has anything to do with "national AI." If Trump takes away your AI, everything is fine. If Trump takes away your iPhones, Office 365 and tractors, your country grinds to a halt. This is just not that complicated:
If: digital sovereignty + AI = digital sovereignty – AI
Then: AI = 0
(Image: Armin Kübelbeck, CC BY-SA 4.0, modified)
Hey look at this (permalink)

- Is Donald Trump the Greatest Environmentalist of All Time?? https://jacobin.com/2026/06/trump-iran-green-transition-environmentalism
-
WNBA Players Scored a Historic Labor Contract—With One Notable Caveat https://www.hardresetmedia.com/p/wnba-players-labor-contract-wearables
-
Trump’s Anthropic shutdown just made the case for non-American AI https://www.theverge.com/ai-artificial-intelligence/949986/anthropic-fable-mythos-shutdown-sovereign-ai
-
Blindsight Sci-fi Short Film https://www.youtube.com/watch?v=VkR2hnXR0SM
-
Introducing: Story Oracle https://www.clarionwest.org/story-oracle/
Object permanence (permalink)
#25yrsago Napster boss's American Library Association keynote https://web.archive.org/web/20010623201456/https://www.salon.com/tech/wire/2001/06/17/napster/index.html
#20yrsago Flickr: we’ll give full access to competitors – if they reciprocate https://www.flickr.com/groups/central/discuss/72157594165399644/#comment72157594167782546
#20yrsago Report from a concert by a Serbian war-criminal https://web.archive.org/web/20060613081324/http://blog.b92.net/blog/22
#20yrsago European podcasters to WIPO: Stay away from us! https://web.archive.org/web/20060619224538/https://www.bloggernews.net/2006/06/european-podcasters-team-up-to-lobby.html
#15yrsago KFC: support diabetes research by buying an 800 calorie, 56 spoonful of sugar “Mega Jug” https://web.archive.org/web/20110619031415/https://theweek.com/article/index/216462/irony-alert-buy-kfcs-800-calorie-soda-to-support-diabetes-research
#10yrsago Terrorist who murdered Jo Cox shouts: “Death to traitors” in court https://www.csmonitor.com/World/2016/0618/Accused-killer-of-MP-Jo-Cox-makes-defiant-court-statement
#10yrsago Judge orders release of man convicted while his public defender was handcuffed https://web.archive.org/web/20160617172242/http://www.reviewjournal.com/crime/judge-releases-man-who-received-jail-sentence-while-lawyer-was-handcuffs-video
#10yrsago Hambone virtuoso https://www.youtube.com/watch?v=YMJeaZtgwng
#10yrsago Google Fiber now forces subscribers into binding arbitration; days left to opt out https://web.archive.org/web/20160617141759/https://consumerist.com/2016/06/16/google-fiber-copies-comcast-att-forces-users-to-give-up-their-legal-right-to-sue/
#1yrago The Immortal Choir Holds Every Voice https://pluralistic.net/2025/06/18/anarcho-cryptid/#decameron-and-on
Upcoming appearances (permalink)

- Virtual: The future of world governance, with Kim Stanley Robinson (UN Independent Expert on International Order), Jun 19
https://www.youtube.com/live/wJvBvYdaAMY -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: The Sovereignty Debate (IAB Canada's State of the Nation), Jun 23
https://iabcanada.com/state-of-the-nation-2026 -
Toronto: The Reverse Centaur's Guide to Life After AI (Osler Records/Type Books), Jun 23
https://www.eventbrite.com/e/cory-doctorow-book-launch-and-talk-tickets-1991501299998 -
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Sydney: The Festival of Dangerous Ideas, Aug 23-24
https://festivalofdangerousideas.com/cory-doctorow/ -
Melbourne: Enshittification at the Wheeler Centre, Aug 25
https://www.wheelercentre.com/events-tickets/season-2026/cory-doctorow-enshittification -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
London: The Reverse Centaur's Guide to Life After AI with Riley Quinn (Foyle's Picadilly), Sep 9
https://www.foyles.co.uk/events/enshittification-cory-doctorow-riley-quinn -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- The Enshittification of Life, the Universe, & Everything (Luke Savage)
https://www.lukewsavage.com/p/the-enshittification-of-life-the -
Cory Doctorow's digital jail-break (DW In Focus)
https://www.dw.com/en/cory-doctorows-digital-jail-break/audio-77414035 -
Why the Internet Got Worse and What to Do About It (Jim Rutt) (RIP)
https://www.jimruttshow.com/cory-doctorow-3/ -
On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- The (real) dead economy theory: Vibes and memestocks, all the way down.
- Hey look at this: Delights to delectate.
- Object permanence: Jim Baen has had a stroke; Blame Apple for iTunes DRM; France v the internet; "Rotters"; 1901 undersea cables; Washington Post wants Trump coverage blackout; Taxes are for the little people; Gamer lifecycle; Ghanian postal song; "What Lies Beneath the Clock Tower": Murder of Jo Cox; 12 year old doxed by anti-vaxers; Hong Kong bookseller recants forced confession.
- Upcoming appearances: LA, Menlo Park, Toronto, NYC, Philadelphia, Chicago, London, Edinburgh, Brighton, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
The (real) dead economy theory (permalink)
Here's a fun fact about Elon Musk: in 2020, his (nominal) net worth was $20b, and today it's $1t (nominally). But that's not the fun fact; this is: everything he's done since 2020 was a flop.
As John Quiggin writes, the pre-2020 Musk was the Musk of Tesla, batteries and Starlink. The post-2020 Musk is the Musk of Starship, robotaxis, Cybertrucks and Twitter – a string of commercial flops and assets that literally exploded. I would add that post-2020 Musk created the world's hungriest money-furnace, an automated child-porn production tool called "XAI":
https://crookedtimber.org/2026/06/15/one-big-grift/
Quiggin declares that this is the era in which "financial markets fail in the task of valuing assets accurately," and "the institutional structures that are supposed to make them work have given up trying." Nor did this start with the Spacex IPO. As Quiggin writes, Bitcoin and other cryptos were once shunned by nominally sober financial institutions like Goldman Sachs, but today, not only do all the big banks offer crypto services, people have largely stopped calling it cryptocurrency because no one is even pretending that it's a form of money. It's a tradeable collectible, not even particularly useful for paying for crimes or laundering money.
Spacex is just a continuation of the logic of crypto, in which something is valuable because some people think other people will pay more for it in the future, and not because it does useful things:
https://johnquiggin.com/2018/02/09/bitcoin-kills-the-efficient-market-hypothesis/
That's the logic of the whole market today. AI – the world's money-losingest technology – attracts investment at the expense of everything else. When horrified NIH lifers begged the DOGE boys not to shut down long-running medical research projects, Musk's broccoli-haired brownshirts laughed in their faces, saying we don't need cancer research because "GAI" is almost here and it will cure cancer. You could hardly ask for a better example of investing in vibes over value than shutting down real cancer research to free up money for teaching more words to the word-guessing machine because it's about to become God and cure cancer.
Today, Goldman Sachs isn't merely all-in on crypto – it's all-in on the Spacex IPO. As Quiggin writes, the bank has signed off on Musk's claim that "Musk's ragbag of assets" will grow one hundredfold in the next 40 months.
Quiggin's short essay has been rolling around in my mind since I read it a couple days ago. Then, yesterday, I spotted this essay by Owen McGrann entitled "The Dead Economy Theory":
https://www.owenmcgrann.com/p/the-dead-economy-theory
The perfect name for this phenomenon! Or so I thought. Then I read McGrann's article, and discovered that it's yet another piece asking how the economy will work after AI takes all of our jobs because AI is absolutely going to do that and there's no point in even questioning whether that will happen.
Look, thought experiments about how to deal equitably with labor displacement in the face of automation are all well and good. I'm a science fiction writer, that stuff is my bread and butter.
But applying "dead economy theory" to the blithe acceptance of the claims of AI pitchmen is a terrible waste of a killer coinage. The true risk of AI to your job isn't: "an AI will do your job." It's: "an AI salesman will exploit your boss's infinite horniness for replacing mouthy workers with pliable machines to sell him a chatbot that can't do your job, and then your boss will fire you and replace you with that inept, defective chatbot."
By the same token: the real "dead economy" risk isn't that all the productive labor will be done by chatbots owned by a habitual liar and eminently guillotineable billionaire like Sam Altman. The actual dead economy risk is that our institutions and markets will continue to move capital from productive activity into memestocks, vibes, and bubbles.
We could do "AI cancer research" by producing tools that automate gnarly multivariant analysis problems for cancer researchers. But what we're actually doing is defunding cancer research (especially any research into "systemic" cancer because studying systemic things is "woke") to free up fiscal space so we can build data-centers and make Musk into a trillionaire.
That's not just a dead economy – it's one that'll kill everyone you love and everything that matters.
Hey look at this (permalink)

- Onward, Friends https://www.eff.org/deeplinks/2026/06/farewell-now-friends
-
The 40 Most Rage-Inducing Problems in Tech https://www.theringer.com/2026/05/28/tech/pope-leo-xiv-ai-encyclical-tech-industry-problems
-
THE GUILLOTINE EMOJI PROPOSAL https://www.carrozo.com/guillotine-emoji
-
Corporations Repurchase $4.8 TRILLION of Stock Since 2017 Trump-GOP Tax Law https://4taxfairness.substack.com/p/corporations-repurchase-48-trillion
-
US approval of Paramount/Warner Bros. deal surprised DOJ lawyers, report says https://arstechnica.com/tech-policy/2026/06/us-approval-of-paramount-warner-bros-deal-surprised-doj-lawyers-report-says/
Object permanence (permalink)
#20yrsago Jim Baen, science fiction publisher, has had a serious stroke https://nielsenhayden.com/makinglight/archives/007658.html#007658
#20yrsago Why Apple is to blame for iTunes DRM https://web.archive.org/web/20060620004534/http://vitanuova.loyalty.org/NewsBruiser-2.6.1/nb.cgi/view/vitanuova/2006/06/15/1
#20yrsago Lifecycle of a gamer https://www.raphkoster.com/2006/06/16/the-lifecycles-of-a-player/
#20yrsago Spammer: I’ll buy MySpace profiles with more than 20k contacts https://web.archive.org/web/20060619062837/http://skibrooklyn.blogspot.com/2006/06/easy-money-sell-your-friends.html
#20yrsago Psychology of bad probability estimation: why lottos and terrorists matter https://web.archive.org/web/20060627174933/https://server1.sxsw.com/2006/coverage/SXSW06.INT.20060311.DanielGilbert.mp3
#15yrsago Copyright complaint kills Peanutweeter https://web.archive.org/web/20110620093750/https://www.wired.com/underwire/2011/06/peanutweeter-dmca-takedown/
#15yrsago Work song of Ghanian postal workers cancelling stamps https://blogfiles.wfmu.org/KF/0512/Ghana_Post_Office.mp3
#15yrsago What Lies Beneath the Clock Tower: steampunk choose-your-own-adventure https://memex.craphound.com/2011/06/17/what-lies-beneath-the-clock-tower-steampunk-choose-your-own-adventure/
#15yrsago French proposal: any URL to be arbitrarily blacklisted without due process https://www.laquadrature.net/en/2011/06/15/the-entire-internet-under-governmental-censorship-in-france/
#15yrsago Rotters: YA horror novel about grave-robbing chills, thrills, delights https://memex.craphound.com/2011/06/15/rotters-ya-horror-novel-about-grave-robbing-chills-thrills-delights/
#15yrsago Map of undersea cables from 1901 https://web.archive.org/web/20110220121138/http://www.dephx.com/2010/11/map-of-undersea-cables-from-1901.html
#15yrsago Copyright complaint kills Peanutweeter https://web.archive.org/web/20110620093750/https://www.wired.com/underwire/2011/06/peanutweeter-dmca-takedown/
#15yrsago Work song of Ghanian postal workers cancelling stamps https://blogfiles.wfmu.org/KF/0512/Ghana_Post_Office.mp3
#15yrsago What Lies Beneath the Clock Tower: steampunk choose-your-own-adventure https://memex.craphound.com/2011/06/17/what-lies-beneath-the-clock-tower-steampunk-choose-your-own-adventure/
#10yrsago Supreme Court ruling is a blow to copyright trolling business-model https://arstechnica.com/tech-policy/2016/06/attorneys-in-copyright-case-on-resold-textbooks-inch-closer-to-2m-payday/
#10yrsago The Orlando shooting, according to the Congressmen who took the most money from the NRA https://web.archive.org/web/20160617143716/https://theslot.jezebel.com/heres-how-the-congressmen-who-have-gotten-the-most-cash-1782083985
#10yrsago British Pro-EU MP murdered in the street by man shouting “Britain first!” https://web.archive.org/web/20160616212235/https://theintercept.com/2016/06/16/british-referendum-campaign-suspended-killing-pro-europe-lawmaker-jo-cox/
#10yrsago 12 year old makes devastating video about anti-vaxxers, gets doxxed https://skepchick.org/2016/06/anti-vaxxers-dox-a-child-critic/
#10yrsago Report from the prison-industrial complex’s leading trade show https://www.theguardian.com/us-news/2016/jun/16/us-prisons-jail-private-healthcare-companies-profit
#10yrsago Your cable operator is spying on you and selling the data from your set-top box https://publicknowledge.org/public-knowledge-defends-consumer-privacy-in-set-top-box-data-complaint-to-fcc-ftc/
#10yrsago Not robots: youth unemployment caused by late retirement, driven by pension precarity https://thebaffler.com/salvos/exit-planning-geoghegan
#10yrsago Oakland mayor denies firing police chief over officers who statutorily raped teen sex-worker https://eastbayexpress.com/badge-of-dishonor-top-oakland-police-department-officials-looked-away-as-east-bay-cops-sexually-exploited-and-trafficked-a-teenager-2-1/
#10yrsago Paramount tells judge that they’re still suing over Star Trek fan-film https://www.hollywoodreporter.com/business/business-news/paramount-says-star-trek-fan-903497/
#10yrsago $40,000/year private school sues school for low-income kids for $2M over “Commonwealth” https://www.bostonglobe.com/metro/2016/06/16/can-school-lay-claim-commonwealth-its-name-back-bay-institution-believes-can/WHwiaaPEn04cIY6uxXjoiO/story.html
#10yrsago Wisconsin Congresswoman: mandatory drug tests for anyone claiming $150K in itemized tax-deductions https://www.theguardian.com/us-news/2016/jun/16/gwen-moore-drug-test-rich-for-tax-deductions
#10yrsago Hong Kong bookseller: I was forced to confess on China TV https://www.bbc.com/news/av/world-asia-china-36552672#5yrsago
#10yrsago Washington Post calls for “blackout” on Trump coverage, appeals to RNC https://web.archive.org/web/20160615113350/https://www.washingtonpost.com/opinions/the-right-response-to-donald-trump-a-media-blackout/2016/06/14/2868a0e0-3256-11e6-8758-d58e76e11b12_story.html
#10yrsago Security economics: black market price of hacked servers drops to $6 https://www.wired.com/2016/06/xdedic-server-trading-forum-kaspersky/
#10yrsago Lower-case “x” as a gender-neutral typographic convention https://kottke.org/16/06/x-marks-gender-neutral
#5yrsago Taxes are for the little people https://pluralistic.net/2021/06/15/guillotines-and-taxes/#carried-interest
Upcoming appearances (permalink)

- Virtual: The future of world governance, with Kim Stanley Robinson (UN Independent Expert on International Order), Jun 19
https://www.youtube.com/live/wJvBvYdaAMY -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: The Sovereignty Debate (IAB Canada's State of the Nation), Jun 23
https://iabcanada.com/state-of-the-nation-2026 -
Toronto: The Reverse Centaur's Guide to Life After AI (Osler Records/Type Books), Jun 23
https://www.eventbrite.com/e/cory-doctorow-book-launch-and-talk-tickets-1991501299998 -
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
London: Idler Festival, Jul 11
https://www.idler.co.uk/festival/ -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
Brighton: The Reverse Centaur's Guide to Life After AI with Carole Cadwalladr (Brighton Dome), Sep 8
https://brightondome.org/whats-on/LSC-cory-doctorow-the-reverse-centaurs-guide-to-life-after-ai/ -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- The Enshittification of Life, the Universe, & Everything (Luke Savage)
https://www.lukewsavage.com/p/the-enshittification-of-life-the -
Cory Doctorow's digital jail-break (DW In Focus)
https://www.dw.com/en/cory-doctorows-digital-jail-break/audio-77414035 -
Why the Internet Got Worse and What to Do About It (Jim Rutt) (RIP)
https://www.jimruttshow.com/cory-doctorow-3/ -
On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Here’s the thing about these safety justifications: I think they work because, to Anthropic, they aren’t justifications. The company really believes that they are the only ones who believe in super intelligence, and thus are the only ones who are sufficiently concerned about the dangers. That excuses decision after decision, policy after policy, and confrontation after confrontation that, to people on the outside, look like a bizarre combination of cynicism and naiveté. The contrast to OpenAI is massive: I think that one way to understand how and why OpenAI lost its lead is that, in the years following the release of ChatGPT, the company has been at war with itself internally as what used to be a research lab was suddenly seized with the burden of being the accidental consumer tech company; to the extent OpenAI solved that conflict, it was by bleeding huge amounts of talent to Anthropic in particular. Anthropic, on the other hand, has perfect alignment between talent and mission and business. The company gets to sell to researchers the creation of a machine god, with the mantle of being the sort of person who cares about the dangers and is smart enough to navigate them on behalf of humanity; that every policy change that falls out of that happens to be great for business is the most beautiful coincidence in the world.
To be clear, I am cool with a lot of cognitive surrender. I don’t remember phone numbers anymore because my phone does that for me. I am happy my kids didn’t need to learn cursive. I am fine with calculators doing my daily math and my computer figuring out how to schedule my classes. These were once useful skills, but we were probably right to get rid of them. AI is different because the technology is general enough that virtually any cognitive task can be offloaded into it to some degree. I don’t want to be too precious about writing: there is no principle that says a polished email draft has to come out of a human mind any more than a column of arithmetic has to. But we don’t want to give up everything, and that we mostly don’t know yet, for any specific task, what is important and what is not. Deciding that is going to be a real challenge.
Today's links
- AI and amateurism: When is generative content vernacular?
- Hey look at this: Delights to delectate.
- Object permanence: Disney characters x clean underwear; Transparent Pontiac; Makers v dog with LED collar; Microsoft buys Linkedin; Legitimate greatness.
- Upcoming appearances: LA, Menlo Park, Toronto, NYC, Philadelphia, Chicago, Edinburgh, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
AI and amateurism (permalink)
Over the weekend, I did an interview about my forthcoming book The Reverse Centaur's Guide to Life After AI (a book about being a better AI critic), and the interviewer said she was surprised that I wasn't an AI booster, based on my demographics and work history:
https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/
I could see where she was coming from. I encountered computers in the mid-seventies, as a small child. My first computer was a CARDIAC, a working, Turing-complete, mechanical computer made entirely of cardboard, that I spent endless hours with:
https://www.instructables.com/CARDIAC-CARDboard-Illustrative-Aid-to-Computation-/
Then I graduated to a teletype terminal and acoustic coupler connected to a minicomputer at the University of Toronto. My mom, a kindergarten teacher, used to smuggle home 1,000' rolls of paper towel from the kids' bathroom. I'd get 1,000' feet of computing up one side, then another 1,000' down the other side, then I'd carefully re-roll the paper towel so she could put it back in the bathroom for the kids to dry their hands on.
After that, I got an Apple ][+ in 1979, and shortly thereafter acquired a modem, and that was it: I was hooked for life. I became an amateur programmer, then a professional programmer. I hosted forums on dial-up BBSes where I distributed software and offered support to strangers who wanted to connect their computers to the internet. I got a job as a gopher developer, then a web developer, then a CIO-for-hire, helping wire up small businesses and connect them to the net. Eventually, I co-founded a free/open source software startup, before transitioning to 25 years as a digital rights activist with the Electronic Frontier Foundation. And for most of that time, I was energetically writing science fiction, eventually becoming associated with a school sometimes called "post-cyberpunk":
https://en.wikipedia.org/wiki/Rewired:_The_Post-Cyberpunk_Anthology
The force that energized all this work was a dialectical one, the contradiction that powered cyberpunk literature itself. For all that cyberpunk was undeniably enamored with the coolness and combustibility of new technology, it was also terrified of how technology could be a force for oppression, surveillance and control. As William Gibson says, "cyberpunk was a warning, not a suggestion."
Gibson's more famous quote, of course, is "the street finds its own use for things." In Gibson's novels (and in my own life in technology) all the most interesting things happen when users of technology (often without formal training or credentials) find ways to adapt the technology they use to suit their needs:
https://pluralistic.net/2026/03/17/technopolitics/#original-sin
This is why I remain an ardent fan of Hypercard, Scratch and other meta-tools that are designed to allow non-programmers to write software that exactly conforms to their desires. Whatever the apps produced by these tools lack in sophistication and efficiency is more than offset by the fact that they give everyday people the power to directly control the tools they rely upon.
If "epistemic humility" means anything, it means acknowledging that no amount of "requirements gathering" can capture the needs of people totally unlike yourself as faithfully as those users can capture their own needs. Giving people the tools to produce their own software is always going to make tools – vernacular, idiosyncratic, homespun – that are more suited to their own hands and minds than anything a technologist working on their behalf could make.
The ancient dictum of "nothing about us without us" – born in 16th century Poland and taken up by the modern disability rights movement – asserts the right of people to control their own living conditions, and also the unique capacity of people to understand their own needs. You know what's even better than being consulted on the design of the technology you use? Having direct control over that technology!
This is why I was so suspicious of the iPad. The iPad's much-lauded "ease of use" was entirely about how easy it was to use an iPad to consume technology. But the iPad remains the single most user-innovation-hostile technology in modern history, a device designed to make it impossible to produce technology without permission from a remorseless multinational corporation. This is cyberpunk as a demand, not a warning:
https://memex.craphound.com/2010/04/01/why-i-wont-buy-an-ipad-and-think-you-shouldnt-either/
The technology I've championed all my life is technology that gives more control to its users. One of my immutable precepts is that people who are different from me know things I can't know, and the only way I can get the benefit of their unique knowledge and perspective is if they are free to make and share things that matter to them. As Dan Gillmor said, back when he was inventing the study of citizen journalism, "My readers know more than I do":
https://www.oreilly.com/openbook/wemedia/book/ch00.pdf
And while I am broadly very skeptical of AI, and deeply alarmed by the proliferation of "vibe coded" software in production environments, vibe coding for personal projects is a useful and exciting addition to the lineage of tools that let computer users decide how their computers will work. For people making personal projects, vibe coding extends the power of shell scripting, cron jobs, Applescript, and other desktop automation tools to a wider audience.
One of the journalists I spoke to last week about my book described how he had vibe coded an app that showed him an alert every time a plane flew over his house, giving the tail number and other details of the flight. This is information that I have no need for and no interest in, and that I'm therefore excited to learn about, because its very existence affirms that the world is full of people who are delightfully, irreducibly, amazingly different from me, and moreover, that their unique needs can be directly met using their imaginations and their personal computers.
I recently sat down with my colleague Naomi Novik, a brilliant author who also co-founded Archive of Our Own. Naomi demoed her followup to AO3 for me: Wreccer, a system to help you find small groups of people with taste similar to your own, in order to facilitate media recommendations within that group – a kind of personal, relationship-driven alternative to massive, centralized, monolithic algorithmic recommendation systems:
Naomi told me that Wreccer was being built using the same design ethos that the original Twitter embraced. When Twitter launched, it was an API first, and the official Twitter front end was built on that API – but anyone could build their own front end for Twitter that worked in the way they wanted it to. Now, the word "anyone" is doing a lot of work in that sentence, because most people don't even know what an API is, and of the people who do, most of them were not capable of writing their own software front end for Twitter.
But Wreccer is being designed for the age of vibe coding, and the API will really allow anyone who uses the service to design their own interface to the system, one that elevates and centers the features they find useful and tucks away the ones they're not interested in. Your personal, custom front end could also bring in other data-sources – pulling in your Mastodon messages, for example, or even showing you an alert with the tail-number of any plane flying over your home.
This is the part of vibe coding that I'm quite excited about, but it's not the part the industry focuses on. Instead of hearing about how personal, homemade software utilities can be an end unto themselves, we hear about vibe coded projects as prototypes for commercial production code. We hear about clueless bosses vibe coding software products and services that run fine for one user on a siloed desktop computer, and then demanding to know why it takes 50 engineers a year to make the same thing work for millions of users on the public internet. We hear about people who vibe code and submit patches to free/open-source software projects with millions of users, overwhelming project maintainers with slop code that is riddled with security vulnerabilities.
Of course, there's an obvious reason why the industry wants to focus on the potential for vibe coded software to replace production code. The AI bubble has burned up $1.4t to date, while bringing in mere tens of billions of dollars per year, even as its unit economics grow steadily worse:
To keep the bubble inflated, AI hucksters must promise massive economic returns to the technology. They want investors to believe that vibe code is about to replace working programmers, who are skilled, high-waged, high-demand workers. Their pitch is that for every million dollars' worth of programmers that an AI salesman and a boss conspire to fire, half a million dollars will go to the AI company whose bots shit out that vibe code.
That's par for the course with the AI bubble, whose focus is entirely on how AI can centralize, control and homogenize our lives. Whereas early desktop publishing, web publishing and social media gave us a glorious higgledy-piggledy of chaotic, weird and transgressive hobbyist media and retina-searing designs, AI art and design are instantly recognizable at a thousand yards, and it all looks the same, boring, and washed:
https://pluralistic.net/2024/07/20/ransom-note-force-field/#antilibraries
AI companies have released open weight/open source models that can run on your own computer, but these are treated as side-shows and toys and demos. The real action, we're told, is in "frontier models," which is industry-speak for "a piece of software whose running costs exceed the GDP of most countries":
https://pluralistic.net/2026/02/19/now-we-are-six/#stock-buyback
Perhaps this is why the dynamics of AI are so different from the early dynamics of the web. Early web users were workers, who demanded that their bosses allow them to use the web and so devolve more power to people doing their jobs. By contrast, today's most ardent AI boosters are bosses, who threaten workers who don't use AI enough in the course of their duties:
https://pluralistic.net/2026/05/26/the-ai-will-continue/#until-morale-improves
Where we do see idiosyncrasy emerging from AI usage, it's often terrible. AI can help you create a folie-a-un in which you and a chatbot team up to reinforce your delusions and drive you deeper into a world of dangerous mirage:
https://pluralistic.net/2026/06/03/mission-space/#gsd
There's a (false) story that's told about people who championed the early internet: that we were blithely certain that technology could only be a force for good, and negligently disinterested in the possibility that technology could control, extract and harm. That's demonstrably untrue: recall cyberpunk's dualism of "the street finds its own use for things" and "cyberpunk is a warning, not a suggestion."
More true is to say that early internet champions were alive to the importance of the internet, and therefore both excited about the possibilities of the internet to deliver a world of connection, idiosyncrasy, love and solidarity; and about the danger of the internet as a dystopian system of surveillance and manipulation:
https://pluralistic.net/2025/02/13/digital-rights/#are-human-rights
History isn't finished. Long after the AI bubble pops, there will be local models and people vibe coding homemade software that respond directly to their needs. The stuff we make on our own computers, for ourselves, is deplatformed from its inception. It's part of the life we can build in technology's "shadowy corners" that we used to just call "technology." The fact that this stuff is utterly unsuited to be production code makes it inherently unmonetizable. It's how the street finds its own use for things:
https://pluralistic.net/2026/02/23/goodharts-lawbreaker/#no-metrics-no-targets
Hey look at this (permalink)

- Mediocre Fred https://www.youtube.com/watch?v=gCXc-xC5ms0
-
Shame On You https://www.change.org/p/an-open-letter-to-the-american-diabetes-association-shame-on-you
-
Keycap Quarry https://keycapquarry.com/shop/
-
The Threat of Big Insurance https://prospect.org/2026/06/11/threat-of-big-insurance-lobbying-congress-donations/
-
End Citizens United’s Tiffany Muller on fighting big money in politics https://www.citationneeded.news/end-citizens-uniteds-tiffany-muller-on-fighting-big-money-in-politics/
Object permanence (permalink)
#25yrsago Disney characters win right to clean underwear https://web.archive.org/web/20010707023727/https://www.sfgate.com/cgi-bin/article.cgi?file=/news/archive/2001/06/07/state1339EDT0171.DTL
#20yrsago Lampooning the American dismissal of Gitmo suicides https://fafblog.blogspot.com/2006/06/610-changed-everything-run-for-your.html
#20yrsago LA’s South Central Farm under police siege right now https://web.archive.org/web/20060616085732/http://www.southcentralfarmers.com/index.php?option=com_content&task=view&id=160&Itemid=2
#15yrsago Transparent Pontiac for sale https://web.archive.org/web/20110610113919/http://blog.hemmings.com/index.php/2011/06/07/the-tin-indian-that-wasnt-rm-to-offer-see-through-pontiac/
#15yrsago Pulp Fiction edited down to just the cussing https://www.youtube.com/watch?v=5PcAQbhnGNs
#15yrsago New York State to pet cemeteries: no pet owners’ ashes allowed https://web.archive.org/web/20110614133359/https://www.foxnews.com/us/2011/06/11/new-york-tells-pet-cemeteries-to-stop-taking-in-humans/#ixzz1PAZoGS6l
#15yrsago A dog with persistence-of-vision LEDs in her shirt writes my novel Makers in the park at night https://web.archive.org/web/20110618011346/https://i.document.m05.de/?p=970
#15yrsago Head of UN copyright agency says fair use is a “negative agenda,” wants to get rid of discussions on rights for blind people and go back to giving privileges to giant companies https://memex.craphound.com/2011/06/14/head-of-un-copyright-agency-says-fair-use-is-a-negative-agenda-wants-to-get-rid-of-discussions-on-rights-for-blind-people-and-go-back-to-giving-privileges-to-giant-companies/
#10yrsago Air Force loses access to database tracking fraud investigations to 2004 https://arstechnica.com/information-technology/2016/06/database-corruption-erases-100000-air-force-investigation-records/
#10yrsago Peter Thiel’s lawyer threatens Gawker for talking about Donald Trump’s “hair” https://web.archive.org/web/20160615022004/https://gawker.com/now-peter-thiels-lawyer-wants-to-silence-reporting-on-t-1781918385
#10yrsago Samantha Bee on Orlando shooting: angry and uncompromising https://www.youtube.com/watch?v=t88X1pYQu-I
#10yrsago Goldman Sachs bribed Libyan officials with sex workers, private jet rides, then lost all their money https://www.theguardian.com/business/2016/jun/13/goldman-sachs-hired-prostitutes-to-win-libyan-business-court-told
#10yrsago Net Neutrality Wins: Federal Court Upholds FCC Open Internet Rules https://www.techdirt.com/2016/06/14/cable-industry-proclaims-more-competition-hurts-consumers-damages-economic-efficiency/
#10yrsago Microsoft will buy Linkedin for $26.2B https://arstechnica.com/information-technology/2016/06/microsoft-will-acquire-linkedin-for-18-5b/
#10yrsago Lin-Manuel Miranda’s Tony Awards sonnet for the Orlando shooting victims https://www.rollingstone.com/tv-movies/tv-movie-news/see-lin-manuel-mirandas-stirring-tribute-to-orlando-victims-103131/
#10yrsago China’s online astroturf is mostly produced by government workers as “extra duty” https://web.archive.org/web/20160613194153/http://arstechnica.com/information-technology/2016/06/red-astroturf-chinese-government-makes-millions-of-fake-social-media-posts/
#10yrsago Rio: your quadrennial reminder that the Olympics colonize host-states with Orwellian surveillance and human rights abuses https://web.archive.org/web/20160614122124/https://motherboard.vice.com/read/the-olympics-are-turning-rio-into-a-military-state
#5yrsago A Monopoly Isn’t the Same as Legitimate Greatness https://pluralistic.net/2021/06/13/a-monopoly-isnt-the-same-as-legitimate-greatness/
Upcoming appearances (permalink)

- Virtual: The future of world governance, with Kim Stanley Robinson (UN Independent Expert on International Order), Jun 19
https://www.youtube.com/live/wJvBvYdaAMY -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: The Sovereignty Debate (IAB Canada's State of the Nation), Jun 23
https://iabcanada.com/state-of-the-nation-2026 -
Toronto: The Reverse Centaur's Guide to Life After AI (Osler Records/Type Books), Jun 23
https://www.eventbrite.com/e/cory-doctorow-book-launch-and-talk-tickets-1991501299998 -
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- The Enshittification of Life, the Universe, & Everything (Luke Savage)
https://www.lukewsavage.com/p/the-enshittification-of-life-the -
Cory Doctorow's digital jail-break (DW In Focus)
https://www.dw.com/en/cory-doctorows-digital-jail-break/audio-77414035 -
Why the Internet Got Worse and What to Do About It (Jim Rutt) (RIP)
https://www.jimruttshow.com/cory-doctorow-3/ -
On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Shareholder supremacy and the precog CEO: A bright line test that's totally unfalsifiable.
- Hey look at this: Delights to delectate.
- Object permanence: Msft v Linux geeks; James Joyce scholars v Joyce estate; iPod sweatshops; Pratchett initiates assisted suicide; Lego-making machine made of Lego; Laid off workers v gag clauses; The ACCESS Act.
- Upcoming appearances: LA, Menlo Park, Toronto, NYC, Philadelphia, Chicago, Edinburgh, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Shareholder supremacy and the precog CEO (permalink)
It's been 55 years since Milton Friedman – cursed be his name – published his NYT editorial, "The Social Responsibility of Business Is to Increase Its Profits," in which he invented the idea of shareholder supremacy out of whole cloth and declared it to be a universal, freestanding, inarguable truth:
Friedman's editorial railed against the idea of "corporate social responsibility," arguing that corporate managers should confine the exercise of their consciences to projects involving their own money and resources. At work, managers must harden their bleeding hearts and do nothing except increase the returns to their shareholders.
Friedman wasn't merely arguing that this would give rise to better companies – the crux of his argument was that by adopting this "fiduciary duty" standard, it would be easy to determine whether a company was being well-managed or run into the ground:
https://pluralistic.net/2024/09/18/falsifiability/#figleaves-not-rubrics
Friedman argued that "being a good person" was a squishy, undefinable standard that could never be objectively measured. But "maximizing shareholder value" was a crisp, bright-line test that could be readily evaluated by any reasonable person. "Did this manager make as much money as possible for the company's owners?" feels like the kind of question we can all agree on, while, "Did this manager behave in an ethical way?" is much harder to answer.
But even a few moments' thoughts reveal the flaw in this line of reasoning. We can all agree whether a manager made money for the shareholders – but how can we know whether the manager made as much money as possible?
Think about how much "corporate social responsibility" cashes out to performative and insincere nonsense and/or cynical marketing. Target didn't stock Pride merch because they love their LGBTQ friends. They stocked it because they thought they could sell it (same goes for BP marketing its "green" gasoline). Google supports its coders' environmental/queer/antipoverty efforts because being the "don't be evil" company lets you hire in-demand workers who might otherwise go to work for Meta, and every engineer a Silicon Valley firm hires adds an average of $1m to the company's annual bottom line.
Further: it would be absurd to hold managers to the "make as much money as possible" standard in a competitive market, because in that market, there will always be a company that comes in second. If "as much money as possible" is the standard and you're Chairman of the Board of the number two company, with $10b in profit, while the number one pulled in $11b, "as much money as possible" demands that you fire the C-suite immediately, since they objectively could have done 10% better.
So the real standard isn't "make as much money as possible," it's "try to make as much money as possible." And here again, there's no objective way to evaluate managerial performance. Target made a lot of money by selling Pride merch…until they didn't. Do we fire the Target C-suite because they failed to anticipate that 2024 would mark America's transition into the chuddocene, an era in which selling Pride tchotchkes makes you cucked and soy and, you know, gay?
Whether it's "make as much money as possible" or "try to make as much money as possible*," shareholder supremacy can only be evaluated with the aid of a crystal ball…or a time machine.
Which raises a question: what made this nonsensical shareholder supremacy standard so damned attractive to corporate leaders?
Well, what if the ambiguity of shareholder supremacy was a feature and not a bug? What if the function of shareholder supremacy was to absolve the cruelest people for indulging their most sociopathic instincts? What if this "bright line test" was actually a universal excuse, an all-purpose accountability sink that could be used to justify any cruelty or cowardice? "Why didn't I fire my college buddy when I found out that he was sexually abusing his colleagues? Well, he was the best salesman on the team, and I have an obligation to my shareholders. Sorry, my hands were tied."
In other words: Don't get mad at me.
Get mad at Milton Friedman.
Hey look at this (permalink)

- I Am Not a Reverse Centaur https://blog.miguelgrinberg.com/post/i-am-not-a-reverse-centaur
-
Network service termination for certain Sony Electronics products https://www.sony.com/electronics/support/articles/00398725
-
More molly guards https://unsung.aresluna.org/more-molly-guards/
-
The Democratic Urge to Lose https://catvalente.substack.com/p/the-democratic-urge-to-lose
-
Please I Beg of You Do Not Use “AI” In Your Business Communications https://whatever.scalzi.com/2026/06/11/please-i-beg-of-you-do-not-use-ai-in-your-business-communications/
Object permanence (permalink)
#20yrsago Microsoft gets Linux geeks evicted from convention center https://web.archive.org/web/20010619154332/http://www.newsforge.com/article.pl?sid=01/06/01/1540231
#20yrsago Stanford prof sues James Joyce estate for right to study Joyce https://web.archive.org/web/20060615203517/http://news.yahoo.com/s/ap/20060613/ap_on_en_ot/james_joyce_lawsuit
#20yrsago Inside China’s iPod sweat-shops https://web.archive.org/web/20060616173514/http://www.macworld.co.uk/news/index.cfm?RSS&NewsID=14915
#15yrsago Terry Pratchett initiates assisted suicide process https://web.archive.org/web/20110614215922/https://www.telegraph.co.uk/health/8571142/Sir-Terry-Pratchett-begins-process-that-could-lead-to-assisted-suicide.html
#15yrsago Lego-making machine made of Lego https://www.eurobricks.com/forum/forums/topic/56346-review-moulding-machine-4000001-lego-insider-tour-exclusive/
#10yrsago It’s getting harder and harder to use gag clauses to silence laid off workers in America https://web.archive.org/web/20160611202305/https://www.nytimes.com/2016/06/12/us/laid-off-americans-required-to-zip-lips-on-way-out-grow-bolder.html
#5yrsago The ACCESS Act https://pluralistic.net/2021/06/12/access-act/#interop
Upcoming appearances (permalink)

- LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: The Sovereignty Debate (IAB Canada's State of the Nation), Jun 23
https://iabcanada.com/state-of-the-nation-2026 -
Toronto: The Reverse Centaur's Guide to Life After AI (Osler Records/Type Books), Jun 23
https://www.eventbrite.com/e/cory-doctorow-book-launch-and-talk-tickets-1991501299998 -
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- The Enshittification of Life, the Universe, & Everything (Luke Savage)
https://www.lukewsavage.com/p/the-enshittification-of-life-the -
Cory Doctorow's digital jail-break (DW In Focus)
https://www.dw.com/en/cory-doctorows-digital-jail-break/audio-77414035 -
Why the Internet Got Worse and What to Do About It (Jim Rutt) (RIP)
https://www.jimruttshow.com/cory-doctorow-3/ -
On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Barnett’s concerns about literary merit and professional esteem may be timeless, but they are not terribly timely; they seem to float high above the current on-the-ground realities of what many educators and researchers agree to be a literacy crisis. In urging his audience to see children’s books as “real books,” Barnett skips over larger, more pressing questions about why so many children aren’t reading books at all, real or otherwise.
Today's links
- Google's new remote attestation scheme is every bit as terrible as its old remote attestation scheme: Not even a QR code can produce a kissable pig.
- Hey look at this: Delights to delectate.
- Object permanence: Arrested at Toronto G20; Rule by rentiers; Wrong about the First Amendment; Mounties x Stingrays; (EU) Privacy without monopoly.
- Upcoming appearances: LA, Menlo Park, Toronto, NYC, Philadelphia, Chicago, Edinburgh, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Google's new remote attestation scheme is every bit as terrible as its old remote attestation scheme (permalink)
Long before "agentic AI," we had the idea that software would act as your agent on the internet. That's why the old-fashioned technical term for a browser is a "user agent." Your browser acts on your behalf to retrieve information and then show it to you, in the format you choose. It's your agent:
https://pluralistic.net/2024/05/07/treacherous-computing/#rewilding-the-internet
This is a powerful and profound idea. It is because browsers are our "agents" that we expect them to accept our directives, say, by blocking pop-ups, or by turning off autoplay sound, or by blocking commercial surveillance trackers:
Your browser does all that because your browser works for you. The reason your browser can work for you is that the web is an open, standardized technology. In theory, anyone who follows the standards published by the World Wide Web Consortium (W3C) can make a browser, and that web browser can connect to any web server. Browsers and servers are interoperable. It's the same force that means you can put anyone's gas in your gas-tank, or anyone's shoelaces in your shoes, or anyone's milk on your cereal.
But what if manufacturers could dictate those choices to you? What if your light socket refused to use a lightbulb unless it was officially blessed by the socket's manufacturer? What if your dishwasher refused to wash your dishes unless you bought them from one of the manufacturer's "dish partners"? What if your toaster refused to toast "unauthorized bread"?
It's hard to see how a company could win its market with this strategy. After all, if the dishes are really better than the competition's, you'd buy them voluntarily, without any need for law or technology to force the matter. The only reason to make a dishwasher that refuses a rival's dishes is if the manufacturer's own dishes are ugly, expensive, and/or badly made.
But once a company owns the market – once they've achieved dominance by buying out their rivals; by bribing potential competitors to stay out of their lane; and by engaging in deceptive conduct to trap key suppliers and customers – they could cement their dominance by blocking interoperability, keeping out rival dishes, milk, gas, lightbulbs, shoelaces and bread, capturing their whole market and squeezing it.
That's what Google has done, and that's what Google wants to do more of. Google's commercial behavior has been so unethical, deceptive and abusive that the company just lost three federal antitrust cases:
https://www.bigtechontrial.com/p/google-loses-the-adtech-monopolization
This thrice-convicted monopolist bribed Apple – more than $20b/year – to stay out of the search market:
They cheated app vendors, ripping them off with sky-high junk fees and onerous conditions that raised prices while lowering the share of your spending that went to the companies whose products you were paying for:
https://www.thebignewsletter.com/p/boom-google-loses-antitrust-case
They cheated advertisers, rigging the ad market to gouge businesses on ad prices and underinvesting to fight rampant ad-fraud, sucking hundreds of billions out of the productive economy for overpriced ads that no one saw:
https://www.justice.gov/opa/pr/department-justice-prevails-landmark-antitrust-case-against-google
Google wasn't always this way. The "don't be evil" company owes its very existence to the open web ecosystem. When the company started to index the web in 1998, it was playing on an open field, where any web server could talk to any "user agent," even one whose user was a startup like Google, that was making a copy of every page on the server.
For years, Google thrived on the open web, and built open technologies. Android – the mobile operating system that Google bought in 2005 – was presented as an "open" alternative to existing mobile offerings, and as the mobile market collapsed into two companies – Google and Apple – Google always presented Android as the open alternative to Apple's "walled garden."
There were always ways in which Google's "open" Android wasn't exactly open. The company engaged in illegal "tying" arrangements that forced hardware vendors and carriers to lock out versions of Android that were created by Google's competitors:
https://ec.europa.eu/commission/presscorner/detail/en/ip_18_4581
In other words, even though Google offered a mobile platform that was (mostly) technically open, they used commercial and legal strategies to choke off the market oxygen for alternative Android versions that tried to capitalize on that technical openness.
But life finds a way. The existence of an open, modifiable, tinkerer-friendly mobile operating system meant Android hackers could create alternatives to Google's (de facto) walled garden, which thrived in the cracks in that garden wall. Operating systems like CalyxOS, PureOS and Graphene offered a more private, more secure Android experience, one that was largely "de-Googled," blocking Google's relentless acquisition of your private data:
And Google's data-hunger is relentless. Android exfiltrates a chunk of your personal and behavioral data every five minutes. The "resting heartbeat" of Android surveillance pulses and pulses, irrespective of whether you're using your device, and the instant you unlock your screen, that heartbeat quickens, sending even more data to the company:
https://digitalcontentnext.org/blog/2018/08/21/google-data-collection-research/
All that data has proved irresistible to authoritarian governments. Donald Trump's enforcers have seized on Google data as a vital source of information about the identity of protesters and the location of migrants hunted by ICE:
https://www.eff.org/deeplinks/2026/04/google-broke-its-promise-me-now-ice-has-my-data
So there are plenty of reasons why users would seek out these de-Googled alternatives to Android, finding them in spite of Google's illegal commercial tactics to block access to competing technologies. The worse it got, the better those alternatives looked.
Perhaps this explains Google's years-long effort to increase the technical barriers to using modified versions of Android, beefing these up to match the commercial restrictions that stand in the way of a de-Googled existence.
Back in 2023, Google floated the idea of "Web Environment Integrity" (WEI), a set of modifications to web standards that would force your computer to disclose its operating environment to the web servers it connected to, even if you objected to this disclosure:
https://pluralistic.net/2023/08/02/self-incrimination/#wei-bai-bai
WEI was a form of "remote attestation." That's when your device uses a sub-processor (sometimes called a "Technical Protection Module" or "TPM") or a walled off part of its main processor (sometimes called a "secure enclave") to produce a cryptographically signed description of your device and its configuration: which hardware, software, plug-ins and settings you're running.
When you connect to a server, it demands that your device send this "attestation" before it handles your request. If your device won't provide this data, or if the server doesn't like (or recognize) your device and its details, it can refuse to deal with you. And because the attestation is prepared by a TPM or a secure enclave that you can't modify or override, you don't get to decide which facts about your device it's allowed to see.
Practically speaking, this means that remote attestation lets a server refuse to deal with you until you turn off your ad-blocker and your tracker-blocker. It means that the server can discriminate against users who block auto-play sound and video, who block pop-ups, who put the tab in the background when it's playing a mandatory pre-roll ad.
WEI was especially disturbing in light of Google's efforts to kill ad-blockers and privacy blockers through updates to Chrome, an effort that continues to this day:
https://protonprivacy.substack.com/p/google-is-finally-killing-ublock
These blockers are an important part of the dynamic between web publishers and their users. In the real world, when you get an offer, you can make a counter-offer. That's all an ad-blocker is: a way for users to respond to a server whose opening bid is, "How about you give me all your data and let me take over your computer in exchange for showing you this page?" with "How about 'Nah?'"
https://www.eff.org/deeplinks/2019/07/adblocking-how-about-nah
We didn't get rid of pop-up ads by making them illegal, or by boycotting advertisers who used them. We got rid of pop-up ads when web users installed pop-up blockers, which made pop-up ads pointless. Take away our ability to block obnoxious digital content and you guarantee that we will be flooded with it.
These kinds of modifications aren't just used to block ads – they're also key to accessibility. People who have photosensitive epilepsy or who (like me) suffer from low-contrast vision problems use add-ons to reformat pages so that we can safely and legibly access them.
WEI's creators said they were only trying to put the web on a level playing field with apps, which routinely rat you out to the companies you connect to. Apps are a source of bottomless enshittification, not least because (unlike the web), they enjoy special, dangerous legal protections that make it very legally risky to modify them:
https://pluralistic.net/2025/07/31/unsatisfying-answers/#systemic-problems
WEI wasn't an effort to level the playing field between apps and the web – it was a race to the bottom, an attempt to make the web as enshittogenic as the app hellscape.
Public outrage to WEI killed the project, but Google's commitment to augmenting its illegal commercial lockdown efforts with technical lockdowns never ended. Now, Google has rolled out an experimental "reCAPTCHA Mobile Verification" that uses an app, your camera, and your device's TPM or secure enclave to produce an attestation about your Android device:
https://support.google.com/recaptcha/answer/16609652
This will make it much easier for the apps and other services you interact with to block your device if you run an Android alternative, or if you install a mod that overrides the actions of Google's stock Android:
This is a terrible idea – it's every bit as bad as WEI was. In an age in which Big Tech is ever-more tied to authoritarian governments, redesigning our devices to tell strangers things we don't want them to know isn't just shortsighted, it's inexcusable.
Hey look at this (permalink)

- Jane Yolen, 1939-2026 https://floggingbabel.blogspot.com/2026/06/jane-yolen-1949-2026.html
-
Enshittification Merch That Actually Fights Enshittification https://www.eff.org/deeplinks/2026/06/enshittification-merch-actually-fights-enshittification
-
Amy Casey https://www.amycaseypainting.com/
-
Barns. Also, "Barns." https://rickperlstein.substack.com/p/barns-also-barns
Object permanence (permalink)
#20yrsago Images from anti-DRM protest at the San Fran Apple Store https://www.flickr.com/photos/quinn/tags/drmprotest/
#15yrsago Reasons people were arrested at the Toronto G20 https://memex.craphound.com/2011/06/11/reasons-people-were-arrested-at-the-toronto-g20/
#15yrsago Paul Krugman: Rule by rentiers favors billionaires, Chinese bond-holders over jobs and homeowners https://www.nytimes.com/2011/06/10/opinion/10krugman.html?_r=1
#15yrsago Ontario publicly funded Catholic school bans rainbows, appropriates student donations for LGBT cause and gives them to Catholic charity https://web.archive.org/web/20110610125236/https://www.xtra.ca/public/Toronto/Rainbows_banned_at_Mississauga_Catholic_school-10262.aspx
#10yrsago How to be less wrong about the First Amendment https://web.archive.org/web/20160611221927/https://popehat.com/2016/06/11/hello-youve-been-referred-here-because-youre-wrong-about-the-first-amendment/
#10yrsago Mounties used Stingrays to secretly surveil millions of Canadians for years https://web.archive.org/web/20160610182607/https://motherboard.vice.com/read/the-rcmp-surveilled-thousands-of-innocent-canadians-for-a-decade
#5yrsago Privacy Without Monopoly, EU edition https://pluralistic.net/2021/06/11/technological-self-determination/#dma
Upcoming appearances (permalink)

- LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: The Sovereignty Debate (IAB Canada's State of the Nation), Jun 23
https://iabcanada.com/state-of-the-nation-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- The Enshittification of Life, the Universe, & Everything (Luke Savage)
https://www.lukewsavage.com/p/the-enshittification-of-life-the -
Cory Doctorow's digital jail-break (DW In Focus)
https://www.dw.com/en/cory-doctorows-digital-jail-break/audio-77414035 -
Why the Internet Got Worse and What to Do About It (Jim Rutt) (RIP)
https://www.jimruttshow.com/cory-doctorow-3/ -
On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Second Circuit rejects Sam Bankman-Fried’s appeal
Today's links
- The world has moved on: Notes from the enshittocene.
- Hey look at this: Delights to delectate.
- Object permanence: "Jpod"; Barlow v Glickman; Cyclist v bike lanes; Judge v copyright trolls; "The Uncertain Places"; Thatcher v Palin; NY v Time Warner; Banks v negative interest rates; Keeping the new web decentralized; "Prisoners' Inventions."
- Upcoming appearances: LA, Menlo Park, Toronto, NYC, Philadelphia, Chicago, Edinburgh, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
The world has moved on (permalink)
Douglas Adams wrote, "Anything that is in the world when you're born is normal and ordinary and is just a natural part of the way the world works. Anything that's invented between when you’re 15 and 35 is new and exciting and revolutionary and you can probably get a career in it. Anything invented after you're 35 is against the natural order of things."
I think about this quote whenever I get angry at the technology around me. When I rail against the Great Enshittening, am I simply committing the sin of nostalgia ("Nostalgia is a toxic impulse" -J. Hodgman)? I am, after all, old.
I've written before how conservatives' yearning for "simpler times" is really just a wish to be a child again. The reason times seemed simpler during your childhood is that you were a child, and if your parents did their job, they shielded you from a lot of the complexity of their adulthood so you could enjoy your childhood:
https://pluralistic.net/2025/04/24/hermit-kingdom/#simpler-times
That's where the "National Customer Rage Survey" comes in. It's been surveying a panel of 1,000 representative consumers every three years for a decade, continuing a research project that started in 1976. The survey measures respondents' attitudes towards the businesses they deal with, and as of 2025, it's fair to say, customers are pissed:
https://customercaremc.com/2025-national-customer-rage-study/
We're experiencing more problems with the products and services we use. Those problems are more severe, they make us angrier, and they produce lingering stress. More and more, we are seeking revenge on the businesses that piss us off.
So it's not just me, an old man yelling at the cloud. The world is getting shittier.
The latest Customer Rage Survey inspired The Guardian's Heather Timmons to launch a new investigative series looking at how fucked up everything is. Her inaugural installment is very good, and it's drawn a massive reader response:
https://www.theguardian.com/us-news/ng-interactive/2026/jun/04/us-consumer-rage-prices-economy
I spoke with Timmons this week about the series. She told me she's been deluged with emails from readers who feel that the world is different now – and many of them cite my work on enshittification. Timmons wanted to know what advice I had for her readers. I told her that I don't think you can solve this as a consumer, because this isn't a market problem, it's a political problem, and shopping isn't politics:
https://pluralistic.net/2026/05/21/purity-culture/#stop-fucking-that-chicken
Later, Timmons forwarded one of those emails to me. It gave an eloquent and evocative account of just how rancid the vibe is these days. The writer said that when they and their spouse encounter this rot, they cite Stephen King's Dark Tower novels, quoting the oft-repeated phrase from that series: "The world has moved on."
At this point, I should warn you that the following contains some Dark Tower spoilers, so if you're planning to read a decades-old (but very good) dystopian western/science fiction crossover series, and if spoilers bug you, this might not be the essay for you.
Spoiler alert!
Still with me? OK, then.
In the Dark Tower novels, we crisscross a fallen world in which decay is all around us. The buildings are rotten, the machines have stopped working and no one knows how to fix them, babies and livestock alike are frequently born with deadly congenital defects. Much of the world has fallen into wasteland, cracked and barren. An army of wreckers, led by the demagogue John Farson (who styles himself "The Good Man") are slowly but surely conquering the land, laying waste to those few remaining outposts of civilization and conscripting the young men in the conquered lands to march on their neighbors.
It wasn't always this way. There was a time when the world was defined by hope and virtue and light, when the machines were fixed and the crops were harvested. Life wasn't golden – there were still squabbles and sorrows and even wars – but life was good.
And then the world moved on.
For reasons that no one truly understands, the normal push/pull of decay and renewal turned into a one-way, irreversible process in which everything that crumbled or snapped or burned up couldn't be repaired or replaced or recovered. Our mysterious ability to beat back the Second Law of Thermodynamics – an absurdity we probably should have always treated as an aberration – has collapsed. The world has moved on.
The Dark Tower series is a long, long, long Bildungsroman, with many detours through the life-stories of the characters in the ensemble cast, as well as the biographies of many of the figures they meet along the road. It's mostly an adventure novel, as road-trip tales tend to be, but those character studies and the lore that they surface – from our world and theirs – creates an overwhelming, many-layered, richly textured sense of loss and worse, of despair. For the world has moved on, and despite the love and care and bravery of many of the people in that world, the world cannot be redeemed. Each terrible day of those people's lives is the best day of the rest of their lives. From here on in, it only gets worse.
When Timmons' reader and their spouse greet every fresh depredation in modern life – hours on the phone with customer service to resolve a billing error that the company repeats every month, say – with "the world has moved on," they are invoking something heavy. This isn't just a rancid vibe, it's the fucking end-times.
For all that the Dark Tower novels are a series of cracking adventures and thoughtful character studies, they are also a mystery. Over and over again, we are made to ask ourselves, why has the world moved on? Was it John Farson and his army? Was it the Man in Black, the evil wizard whom the book's protagonist has pursued across time and space? Was it the Crimson King, the evil force whom the Man in Black serves?
Well, yes – and no.
Midway through the novels, we learn that the Crimson King and his evil minions have laid siege to "the beams," vast ley-lines that span the universe and provide the force that pushes away entropy, creating breathing room where repair and care can live. "All things serve the beams," we're told. The beams are the organizing force of the universe, the answer to the riddle of how such pitiful things as we could have fought back remorseless entropy for so long. By attacking the beams, the villains of the series have all but snuffed out that force, and so the world has moved on.
When I read that email and the invocation of the Dark Tower, I was immediately struck by how apt this comparison is. Because, as I've written many times, there were always enshittifiers who would have plundered your data and money and treated you with naked contempt:
https://pluralistic.net/2025/03/04/object-permanence/#picks-and-shovels
There were always enshittifiers, but those enshittifiers faced external forces that checked their wreckers' urge. They were held in check by competition, and regulation, and workers' sense of fairness and duty, and by the threat of new products and services that might pop up to correct the defects they deliberately introduced into their products by enshittifying them.
And the foundation – the Dark Tower upon which all the beams converged- was antitrust enforcement, grounded in the idea that we could not afford to let any company – not a "good" company, nor a "bad" company – get so large that it could no longer be regulated, lest its executives become "autocrats of trade":
https://pluralistic.net/2022/02/20/we-should-not-endure-a-king/
The same people who laid siege to antitrust law would later come after all forms of checks and balances. These are the people who gave us the "unitary executive" and Project 2025, and the collapse of accountability that has allowed the worst people to commit the gravest sins they could imagine and still reap vast fortunes. These beam-breakers wanted kings, and they got them.
I collect definitions of "conservatism," and one of my favorites comes from Corey Robin's book, The Reactionary Mind. Robins asks how it is that we can call so many disparate, irreconcilable ideologies – various ethno-nationalisms, imperialism, financialism, patriarchy, Christian nationalism, libertarianism, white supremacy, etc – "conservative"? What binds all these views together?
https://pluralistic.net/2025/07/22/all-day-suckers/#i-love-the-poorly-educated
Robin's answer: the foundation that all these otherwise disparate views share is that some people are born to rule, while others are born to be ruled over. When these lesser people are elevated to positions of power, their inferiority creates a system of misrule, by which we all suffer. The best outcome for everyone is for us all to know our place and defer to our social betters.
That's why conservatives are obsessed with affirmative action, DEI, and any form of anti-racism. For them, the discriminatory outcomes we see in the wild are natural, reflecting the in-born defects in the people at the bottom of the social order. That's why, after every plane crash, every collision between a cargo ship and a bridge, every spectacular corporate bankruptcy, conservatives race to uncover the race, gender, religion and sexual orientation of the captain, the pilot or the CEO.
If the person who oversaw the catastrophe has anything remotely resembling a marginalized identity, then this is loudly trumpeted as confirmation that "diversity hires," promoted above their station, are ruining our society and wrecking our bridges. Naturally, if the person in charge was a wealthy, well-born, straight white guy, that's just proof that shit happens – it definitely doesn't prove that white straight guys, as a class, should be removed from positions of power.
For conservatives, virtue is "whatever the people who are born to rule desire." Hence Frank Wilhoit's definition of conservativism, "exactly one proposition, to wit: There must be in-groups whom the law protects but does not bind, alongside out-groups whom the law binds but does not protect." It's not a crime if the president does it. It's also not a crime if your boss does it, or if a monopolist does it, or if ICE does it. It's not a crime if the IDF do it, or if the Epstein Class do it. "Taxes are for the little people":
https://pluralistic.net/2021/06/15/guillotines-and-taxes/#carried-interest
The attack on antitrust law was part of the attack on the rule of law, the campaign to put everyone back in the their place. It's a piece of the effort to establish a new hereditary aristocracy, and every hereditary aristocracy requires heredity serfs (that would be us):
https://pluralistic.net/2022/11/06/the-end-of-the-road-to-serfdom/
The ideology of economism – which says that market outcomes are the only way to govern a society – cashes out to "the strong do what they can and the weak suffer what they must." If we interfere with mergers, or labor practices, or commercial conduct, we "distort the market," which is literally going against nature:
https://pluralistic.net/2022/10/27/economism/#what-would-i-do-if-i-were-a-horse
That's why Trump dismantled the consumer protection agencies, the antitrust agencies, the labor protection agencies, and the environmental protection agencies. When someone in power cheats the system, that's not a crime, no matter how many people they rob, maim or kill. As Trump told us on the debate stage in 2016, that kind of cheating "makes me smart":
https://pluralistic.net/2024/12/04/its-not-a-lie/#its-a-premature-truth
That's why Elon Musk (almost) got to force every pension saver in America to bail out his money-incinerating AI business and his failed social media takeover – because the rules that protect everyday investors are "for the little people." Musk's mistake was trying to get a bunch of billionaires to hold the bag, too. The one form of systemic violence our society will not tolerate is trillionaire-on-billionaire violence:
The world has moved on. 50 years of neoliberal rule has weakened and snapped the beams – the rule of law, consumer and labor rights, civil rights – that radiated from our Dark Tower – antitrust law, which blocked the emergence of the "autocrats of trade." The people who besieged these beams had the same motives as the Crimson King and John Farson and the Man in Black: they were willing to pay any price for a world free from consequences for people like them. They knew they were born to rule, and that the rules were "for the little people," that breaking those rules "made them smart."
They wanted "bossism." Or, as rendered in the original Afrikaans, "baasskap," which means, "the social, political and economic domination of South Africa by its minority white population":
https://en.wikipedia.org/wiki/Baasskap
Not for nothing, baasskap is the foundation of Muskism, the ideology that Elon Musk epitomizes, even if he can't articulate it:
https://pluralistic.net/2026/04/21/torment-nexusism/#marching-to-pretoria
In "The Utopia of Rules," the late David Graeber described how neoliberal deregulation produced exactly the kind of state that we were warned we'd get under communism. Thanks to monopolies, all the stores were the same and they all sold the same goods. Thanks to the dismantling of labor protection and unions, no one had enough money to get by. Thanks to elite impunity, we were ruled by monsters who committed crimes in the open and thrived as a result. Thanks to unchecked greed, we paid everything we had for healthcare, only to be denied treatment when we needed it. Thanks to the dismantling of the welfare state, more and more of us had to wait in long lines to fill out absurdly long forms in triplicate. Thanks to the intrinsic instability of such a terrible system, more and more of us ended up in prison, and protest became more and more illegal:
Graeber pointed out that the rise of the web made it seductively easy for people in authority to force us to fill in forms. When analog bureaucracies impose paperwork costs on us, they also impose paperwork costs on themselves, because processing and filing those forms requires substantial effort, even if filling in those forms requires even more effort from us.
When it comes to virtual paperwork, the asymmetry is even more pronounced. Sure, it takes some admin to set up an online form and write the scripts to process its outputs, but that's a one-off. The form-giver can perform a very little admin and still impose a giant, repeated admin burden on the rest of us.
AI has only made this worse. Now, thanks to vibe coding, everyone can produce a form and its associated processing and analytics back-end with prompts, which creates a grave moral hazard. The kinds of activities that I used to fill in a single short form to accomplish now require ten lengthy forms, created by different people in the same organization, all asking for variations on the same information. Through AI, we have democratized bureaucracy. It's Kafka-as-a-service.
What's more, when you're dealing with a monopoly, you have no choice but to complete whatever paperwork they throw at you. And when the vibe-coded back-end scripts shit the bed and lose or misinterpret your data, you have no choice but to endure an infinite telephone hold queue (if you're lucky) or get shunted to a customer service bot (if you're unlucky):
https://pluralistic.net/2025/11/11/sorry-to-bother-you/#we-dont-care-we-dont-have-to
It's entirely possible to build webforms that are thoughtful, fast, respectful of our time, and well-processed. The problem is that fielding these forms requires that the form-giver undertake some intensive, moderately expensive work (once), while skipping this step merely requires that we all perform intensive, time-consuming work (over and over and over again):
https://mohkohn.co.uk/writing/html-first/
This is how we end up with government forms that require you to list every trip you have ever taken to the USA, since your infancy, with every flight number, which you can only get help with by talking to a chatbot that emails you an out-of-date PDF no matter what question you ask of it:
https://pluralistic.net/2026/02/06/doge-ball/#n-600
This is how we end up with massive customer service queues, long lines at tills, and no one at the gate to answer your questions when your flight is canceled. Understaffing is a form of enshittification, one that shifts value from shoppers to owners, and shifts consequences from owners to workers:
https://pluralistic.net/2026/03/22/nobodys-home/#squeeze-that-hog
This is how we end up with broken machines that no one can fix. Firing workers and replacing them with chatbots or contractors means incinerating their process knowledge – the precious, inchoate, unrecorded understanding that keeps everything working:
https://pluralistic.net/2026/04/08/process-knowledge-vs-bosses/#wash-dishes-cut-wood
This is how companies that make products we love suddenly decide to wreck those products: when the only consequences for shitty products is angry customers with nowhere to go and no one to vent their rage upon except workers who have no labor rights and can't afford to quit, why not do a mafia bust-out for every business?
https://pluralistic.net/2023/07/28/microincentives-and-enshittification/
The world has moved on. Nothing works. Everything costs too much. No one can help. No one knows how to fix anything. The beams were broken by the Crimson King and his economism-crazed minions. The Dark Tower might fall.
So what consumer advice do I have for people who are angry about this? I don't have any consumer advice, I'm afraid. You can't shop your way out of a monopoly. Once again, shopping is not politics.
What I have for you is political advice. To restore the beams and beat back entropy again, we need a better system, not more virtuous individuals. If you feel – as I do – that "the world has moved on," then to wrench it back, you will have to join a polity. Support activist groups like the Electronic Frontier Foundation, the digital rights group I've been at for the past 25 years:
https://supporters.eff.org/donate/join-eff
Join a union. If there's no union at your jobsite, start a union. If you work in tech, you start this process by talking to techsolidarity.org and the techworkerscoalition.org. In the UK, get in touch with United Tech and Allied Workers:
Get involved in party politics. Find a political party whose local organization supports your values (even if the national version of that party sucks) and then work with your fellow grassroots activists to drag or replace the party leaders. Get involved in local politics: if there's one thing Moms For Liberty has taught us, it's that unregarded, seemingly unimportant local offices have enormous potential to change facts on the ground for the people where you live. Those changes don't have to be change for the worse.
Doing politics is hard. Hell, after all, is other people. It would be great if we could make change by changing ourselves, but that's not how any of this works. The world has moved on, and you can't save it. But together, we can restore the beams and beat back entropy. Hell is other people, but only because other people are so great but it's so hard to figure out how to work together. We can do it, though. We did it with the post-war settlement, the 30 glorious years when we built the welfare state, regulated polluters and bosses, and kicked off the civil rights movement. We did it then, and we can do it again. We must. All things serve the beams.
Hey look at this (permalink)

- Apple wants Europe to blink https://www.theverge.com/ai-artificial-intelligence/947051/apple-europe-dma-siri-ai
-
Tech Influence Watch https://influence.citationneeded.news/
-
Graham Platner and Stock Market Democrats https://www.thebignewsletter.com/p/monopoly-round-up-graham-platner
-
Nominate a Site for Tiny Awards 2026 https://tinyawards.net/nominations/?2026
-
Rudy Rucker Paintings https://www.rudyrucker.com/paintings/
Object permanence (permalink)
#20yrsago Coupland’s JPod: the Anti-Microserfs https://memex.craphound.com/2006/06/09/couplands-jpod-the-anti-microserfs/
#20yrsago Anti-iTunes DRM demonstrations across the USA tomorrow https://www.defectivebydesign.org/node/98
#20yrsago EFF co-founder Barlow debates MPAA prez Glickman http://news.bbc.co.uk/2/hi/programmes/newsnight/5064170.stm
#20yrsago Warehouse where old Disney World rides go to die https://limegreen-loris-912771.hostingersite.com/lost-horizons-another-look-back-at-a-future-world-favorite/
#15yrsago IMF considered harmful https://www.independent.co.uk/voices/commentators/johann-hari/johann-hari-it-s-not-just-dominique-strausskahn-the-imf-itself-should-be-on-trial-2292270.html
#15yrsago AT&T lobbies Wisconsin GOP to nuke Wisconsin’s best-of-breed co-op ISP for educational institutions https://communitynetworks.org/content/does-att-really-own-wisconsin-legislature-battle-over-wiscnet-continues
#15yrsago Developmentally disabled man harrassed by TSA at Detroit airport https://web.archive.org/web/20110610141422/http://www.myfoxdetroit.com/dpp/news/taryn_asher/dad-special-needs-son-harassed-by-tsa-at-detroit-metropolitan-airport-20110608-wpms
#15yrsago Miami cops intimidate citizen journalist who recorded shoot-em-up, smash camera https://web.archive.org/web/20110615035017/https://www.miamiherald.com/2011/06/02/v-fullstory/2248396/witnesses-said-they-were-forced.html
#15yrsago NYC cyclist vs. bike lanes – kamikaze law-abiding https://web.archive.org/web/20110612100758/https://consumerist.com/2011/06/test.html
#15yrsago Judge to copyright trolls: you are “inexcusable” https://arstechnica.com/tech-policy/2011/06/judge-furious-at-inexcusable-p2p-lawyering-cancels-subpoenas/
#15yrsago Wah wah crybaby extortionists wah wah https://torrentfreak.com/anti-piracy-lawyers-defame-torrentfreak-in-court-110609/
#15yrsago Lisa Goldstein’s The Uncertain Places: Grimm fairytale in California vibrates with believable unreality https://memex.craphound.com/2011/06/09/lisa-goldsteins-the-uncertain-places-grimm-fairytale-in-california-vibrates-with-believable-unreality/
#15yrsago American right upset at report that Thatcher won’t meet Palin https://www.theguardian.com/world/2011/jun/09/margaret-thatcher-sarah-palin-meeting
#15yrsago Lobbynomics: Canadian Chamber of Commerce manufactures fake $30 billion counterfeiting loss https://web.archive.org/web/20110611045202/https://www.michaelgeist.ca/content/view/5841/125/
#10yrsago USA Swimming bans rapist Brock Turner for life https://www.rollingstone.com/culture/culture-news/usa-swimming-bans-convicted-rapist-brock-turner-for-life-114108/
#10yrsago Human advice for exercising while depressed https://web.archive.org/web/20160505140324/https://theestablishment.co/2016/05/05/depression-busting-exercise-tips-for-people-too-depressed-to-exercise/
#10yrsago Every industry thinks it’s special, but only finance gets treated that way https://www.nakedcapitalism.com/wp-content/uploads/2016/06/John-Kay-BIS-speech.pdf
#10yrsago Spain’s Podemos Party publishes its manifesto in Ikea Catalog form https://estaticos.elperiodico.com/resources/pdf/9/4/1465389843149.pdf
#10yrsago Reminder: Neal Stephenson predicted Donald Trump in 1994 https://memex.craphound.com/2016/06/10/reminder-neal-stephenson-predicted-donald-trump-in-1994/
#10yrsago Donald Trump, deadbeat https://www.usatoday.com/story/news/politics/elections/2016/06/09/donald-trump-unpaid-bills-republican-president-laswuits/85297274/
#10yrsago UK startup offers landlords continuous, deep surveillance of tenants’ social media https://web.archive.org/web/20160610150904/https://gawker.com/new-startup-that-sends-dossiers-on-your-private-social-1781576586
#10yrsago UK Parliament votes in Snoopers Charter, now it goes to the House of Lords https://www.techdirt.com/2016/06/08/uk-parliament-ignores-concerns-moves-snoopers-charter-forward/
#10yrsago Hard times for judge who sued dry-cleaner for $65M over missing pants https://www.loweringthebar.net/2016/06/pants-chapter-28.html
#10yrsago New York Attorney General to Time Warner: your Internet is “abysmal” and “troubling” https://arstechnica.com/information-technology/2016/06/time-warner-cable-internet-speeds-are-abysmal-ny-ag-claims/
#10yrsago Banks confront negative interest rates with plans to store titanic bundles of money on-site https://www.nakedcapitalism.com/2016/06/banks-rebel-against-negative-interest-rates.html
#10yrsago Watchdogs 2: hacker kids led by a guy named Marcus fight the DHS in San Francisco https://www.youtube.com/watch?v=5ipUwUcHASI
#10yrsago Internet greybeards and upstarts gather to redecentralize the Internet https://www.nytimes.com/2016/06/08/technology/the-webs-creator-looks-to-reinvent-it.html
#10yrsago How we will keep the Decentralized Web decentralized: my talk from the Decentralized Web Summit https://www.youtube.com/watch?v=Yth7O6yeZRE
#5yrsago Prisoners' Inventions https://pluralistic.net/2021/06/09/king-rat/#mother-of-invention
#5yrsago Urban broadband deserts https://pluralistic.net/2021/06/10/flicc/#digital-divide
#5yrsago A denialism taxonomy https://pluralistic.net/2021/06/10/flicc/#denialism
Upcoming appearances (permalink)

- LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: The Sovereignty Debate (IAB Canada's State of the Nation), Jun 23
https://iabcanada.com/state-of-the-nation-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- The Enshittification of Life, the Universe, and Everything (Luke Savage)
https://www.lukewsavage.com/p/the-enshittification-of-life-the -
Cory Doctorow's digital jail-break (DW In Focus)
https://www.dw.com/en/cory-doctorows-digital-jail-break/audio-77414035 -
Why the Internet Got Worse and What to Do About It (Jim Rutt) (RIP)
https://www.jimruttshow.com/cory-doctorow-3/ -
On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Naomi Kritzer's "Obstetrix": When forced birth cultists become forced obstetrics militants.
- Hey look at this: Delights to delectate.
- Object permanence: DD-WRT; iTunes DRM is illegal; Fingertip magnet; Sony passwords v Gawker passwords; RIAA recants on 3 strikes; Parachute wedding dress; Roald Dahl (jerk); "Level Up"; The rent's too damned high; RIAA v "Search by artist"; "Robopocalypse"; You are not a wallet; The man who created the religious right; NY x voting; NY x antitrust; Media companies fund Heritage Minister's campaign; Richard Dreyfuss x iTunes EULA; 3-way street; RIAA lawyer becomes Solicitor General; Brock Allen's wrist-slap; Ad-tech interop; Apple's manorial security; Billionaires aren't taxed, "Rabbits."
- Upcoming appearances: Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Naomi Kritzer's "Obstetrix" (permalink)
Naomi Kritzer's Obstetrix is a new, tense thriller in the mode of Atwood's Handmaid's Tale and Alderman's The Power; it's a beautifully turned, claustrophobic horror novel about an obstetrician who's been kidnapped by a Christian cult obsessed with fertility:
https://us.macmillan.com/books/9781250423375/obstetrix/
Kritzer is a master of building scenarios that require her characters to express and resolve a wide variety of complex and contradictory emotions. Her breakout novel, Catfishing on CatNet is a charming and deceptively goofy story about an AI trained on the impeccable vibes in a really solid groupchat becoming sentient and demanding…cat pictures. This is the setup for a warm (but intense) novel of internet-mediated friendship and IRL mutual aid:
Then there's her incredibly prescient 2015 story "So Much Cooking," about people in lockdown during a pandemic. For obvious reasons, it enjoyed an revival in 2020, with Kritzer penning an excellent essay reflecting on what it means to have thought through the implications of a disaster that is now upon us:
In 2023, Kritzer published one of the most memorable YA novels I've read, Liberty's Daughter, which is set on a libertarian seastead and told from the point of view of the daughter of the cult's founder:
https://pluralistic.net/2023/11/21/podkaynes-dad-was-a-dick/#age-of-consent
Liberty's Daughter is basically what you'd get if you rewrote a Heinlein YA novel from the perspective of one of the kids, who had to live with a Heinlein-type dad (Heinlein was childless and had some of the most batshit child-rearing ideas, which he managed to make sound bizarrely plausible). There's a lot of sf that is "in dialogue" with Heinlein (including some of mine), but no one nailed RAH like Kritzer.
Then there's Obstetrix; it's got one of those admirably propulsive setups. Doctor Elizabeth Gwynn is an obstetrician who performed an abortion to save her patient's life, only to be dragged into the culture wars by North Dakota's crusading attorney general, who charged her with felony murder and offered to let her plead out if she would admit that she was wrong to do it, as an example to other OBs who might be tempted. Now, Dr Liz lives in Minneapolis, where her savings are running out and no one wants to hire an obstetrician who's done time.
Then, Dr Liz gets a cold-call from a midwifing service that wants to hire her as an on-call doc. It's a weird offer from out of the blue, but Dr Liz can't afford to pass up a chance at steady work. She finds herself in a residence that the midwives work out of, and the nice woman there offers her a cup of tea. That's when the world fades to black, as the drugs in the tea take hold.
Liz sporadically regains consciousness in a van during a multi-day drive, and already she is thinking about her escape – even as she is becoming increasingly aware of how truly terrible her situation is. When she finally arrives at the cult's remote compound, frozen and isolated, she learns that she has been kidnapped because the fertility-obsessed cult needs an OB, especially since the daughter of the cult's founder, the "pastor," is carrying a high-risk pregnancy.
All that is in the first few pages, which leaves plenty of room for an expertly spun second act in which we get Kritzer's trademark interpersonal work, where carefully chosen and smartly wrought small details flesh out a picture of the complex dynamics of life inside a "high-demand" cult, from the way that members are manipulated into policing each other's compliance to the internal processes that keep members cowed even when they're unobserved by others. It's a brilliant work of sociological speculation and the engine that drives it is a series of maneuvers and gambits whereby Dr Liz hopes to make her way to safety.
I won't spoil the end, except to say that it is exciting, satisfying, and has a sweet denouement that does real justice to the whole book. All told, this is a read-in-one-sitting thriller that does as much to illuminate the workings and dynamics of patriarchy and religion as any gender studies class. It's peak Kritzer (so far), and that's saying something.
Hey look at this (permalink)

- The mayor of Shelbyville, Indiana, says only people who live in ‘shitty houses’ oppose data center https://www.theverge.com/ai-artificial-intelligence/944984/shelbyville-indiana-mayor-shitty-houses-data-center
-
Last Idea Factory https://starlogic.itch.io/last-idea-factory
-
‘Her silence was more powerful than words’: how I interviewed a Facebook whistleblower who wasn’t allowed to speak https://www.thenerve.news/p/carole-cadwalladr-sarah-wynn-williams-tim-wu-hay-festival-careless-people-gagging
-
She won a religious exemption from using AI at work. The Pope's remarks could fuel similar appeals. https://www.businessinsider.com/worker-got-religious-exemption-using-ai-at-work-2026-6
Object permanence (permalink)
#20yrsago HOWTO turn a $60 Linksys router into a $600 super-router https://web.archive.org/web/20060610003137/http://assets.lifehacker.com/software/router/hack-attack-turn-your-60-router-into-a-600-router-178132.php
#20yrsago Dictionary of the Vulgar Tongue: 1811 slang dictionary https://www.gutenberg.org/ebooks/5402
#20yrsago Ex-RIAA head Hilary Rosen rethinks lawsuits and DRM https://web.archive.org/web/20060609030533/https://www.p2pnet.net/story/8979
#20yrsago Norwegian ombudsman says Apple’s iTunes DRM is illegal https://web.archive.org/web/20060611194556/http://forbrukerportalen.no/Artikler/2006/1149587055.44
#20yrsago Implanting a magnet in your fingertip adds a sixth sense https://web.archive.org/web/20060613072724/https://www.wired.com/news/technology/0,71087-0.html?tw=rss.index
#20yrsago Recording industry: Search-by-artist is “too interactive” http://news.bbc.co.uk/1/hi/entertainment/5055744.stm
#20yrsago US branch of “Pirate Party” launches https://web.archive.org/web/20060613041144/http://www.pirate-party.us/
#20yrsago Pranksters give fake McDonald’s anti-global-warming presentation https://web.archive.org/web/20060614011522/http://www.gamasutra.com/php-bin/news_index.php?story=9621
#20yrsago Can. Heritage Minister’s election was funded by entertainment co’s https://web.archive.org/web/20060612224646/https://www.michaelgeist.ca/component/option,com_content/task,view/id,1289/Itemid,85/nsub,/
#20yrsago High-def DRM licenses cost $15k https://web.archive.org/web/20060612202129/https://www.theinquirer.net/?article=32273
#15yrsago Richard Dreyfuss reads the iTunes EULA https://web.archive.org/web/20110611012317/http://www.cnet.com/8301-30976_1-20068778-10348864.html
#15yrsago Top universities a ‘breeding ground’ for Tories, warn Islamic groups https://newsthump.com/2011/06/07/top-universities-a-breeding-ground-for-tories-warn-islamic-groups/
#15yrsago 3-Way Street: visualization of the uneasy dance of pedestrians, bikes and cars at a busy intersection https://web.archive.org/web/20110610123449/http://blog.ronconcocacola.com/2011/06/02/nyc-goes-three-ways.aspx
#15yrsago Copyright extremist RIAA lawyer confirmed as America’s Solicitor General https://web.archive.org/web/20110610134934/http://www.wired.com/threatlevel/2011/06/senate-confirms-verrilli/
#15yrsago Scot-free millionaire playboy’s lawyer was judge’s depute campaign treasurer https://web.archive.org/web/20110610123824/http://articles.sun-sentinel.com/2011-06-06/news/fl-levin-sentence-mayocol-b060711-20110606_1_house-arrest-dui-manslaughter-case-kenneth-watkinson
#15yrsago Bubble-in forms betray individual, traceable “handwriting” https://web.archive.org/web/20110609164727/http://www.freedom-to-tinker.com/blog/wclarkso/new-research-result-bubble-forms-not-so-anonymous
#15yrsago Inbox Influence: plugin reveals corporate money behind the emails in your inbox https://web.archive.org/web/20110816105954/https://inbox.influenceexplorer.com/
#15yrsago Macedonia erupts after young man beaten to death by special police in public square https://web.archive.org/web/20110610132108/http://www.a1.com.mk/vesti/default.aspx?VestID=139049
#15yrsago Robopocalypse: rigorous, terrifying novel about a robotic campaign to exterminate humanity https://memex.craphound.com/2011/06/07/robopocalypse-rigorous-terrifying-novel-about-a-robotic-campaign-to-exterminate-humanity/
#15yrsago Using clickfraud on Google ads to amass shares of Google https://gwei.org/index.php
#15yrsago Comparative analysis of leaked Sony and Gawker passwords https://www.troyhunt.com/brief-sony-password-analysis/
#15yrsago China’s Politburo warns Google not to be “political” https://web.archive.org/web/20110610165205/http://www.transparencyrevolution.com/2011/06/china-warns-google-not-to-be-evil/
#15yrsago Guerrilla camper re-opens shuttered Michigan public campsite https://web.archive.org/web/20110609184456/http://www.miningjournal.net/page/content.detail/id/563100/Campground-closed-in-2009-illegally-reopened.html?nav=5006
#15yrsago Record industry lobby says it no longer supports 3-strikes copyright termination laws https://torrentfreak.com/recording-industry-steps-back-from-piracy-disconnections-110606/
#15yrsago Death threats for Aussie climate scientists https://www.theguardian.com/environment/2011/jun/06/australia-climate-scientists-death-threats
#15yrsago Wedding-dress made from life-saving parachute https://www.si.edu/collections/snapshot/parachute-wedding-dress
#15yrsago Level Up: Gene Yang’s comic about destiny, games, and filial piety https://memex.craphound.com/2011/06/06/level-up-gene-yangs-comic-about-destiny-games-and-filial-piety/
#15yrago Roald Dahl: Jerk https://web.archive.org/web/20110602195454/http://thisrecording.com/today/2011/6/1/in-which-we-consider-the-macabre-unpleasantness-of-roald-dah.html
#15yrsago Rotting Gulliver’s Travels themepark in Japan https://web.archive.org/web/20110609235431/http://www.sleepycity.net/posts/40/Gullivers_Kingdom__Sea_of_Trees
#15yrsago Ticketed for being childless and eating doughnuts in a playground https://gothamist.com/food/two-women-ticketed-for-eating-doughnuts-in-a-brooklyn-playground
#15yrsago Internet Archive becomes archive of physical books, too https://blog.archive.org/2011/06/06/why-preserve-books-the-new-physical-archive-of-the-internet-archive/
#10yrsago Swedish traditional costume made from Ikea bags https://ikeahackers.net/2016/06/swedish-folk-costume-5-ikea-bags.html
#10yrsago NSA dumps docs about its Snowden response, reveals that Snowden repeatedly raised alarms about spying https://web.archive.org/web/20160604213547/https://news.vice.com/article/edward-snowden-leaks-tried-to-tell-nsa-about-surveillance-concerns-exclusive
#10yrsago John Oliver buys and forgives $15M in medical debt, illustrates horrors of America’s debt-collectors https://web.archive.org/web/20160606234823/https://consumerist.com/2016/06/06/john-oliver-buys-15m-in-medical-debt-then-forgives-it/
#10yrsago David Byrne wants you to register to vote, and wants everyone else to, too https://web.archive.org/web/20160609060810/http://davidbyrne.com/were-better-than-this-vote
#10yrsago You are not a wallet: complaining considered helpful https://www.theguardian.com/technology/2016/jun/07/its-your-duty-to-complain-thats-how-companies-improve
#10yrsago Web Sheriff’s legal scare strategy: throw everything at the wall, hope something sticks https://www.techdirt.com/2016/06/07/web-sheriff-accuses-us-breaking-basically-every-possible-law-pointing-out-that-abusing-dmca-takedowns/
#10yrsago Lin-Manuel Miranda declares war on bots https://www.nytimes.com/2016/06/07/opinion/stop-the-bots-from-killing-broadway.html
#10yrsago Uber loves competition, when it’s the one doing the competing https://www.boston.com/news/technology/2016/06/05/uber-app-urbanhail-startup-ride-prices/
#10yrsago MI5 warning: we’re gathering more than we can analyse, and will miss terrorist attacks https://theintercept.com/document/2016/06/07/preston-study/
#10yrsago Samantha Bee interviews Frank Schaeffer, who helped create the religious right https://www.youtube.com/watch?v=MhLY0JqXP-s
#10yrsago Why defense attorneys aren’t cheering Brock Allan Turner’s wrist-slap https://web.archive.org/web/20160611024154/http://mimesislaw.com/fault-lines/brock-turner-the-sort-of-defendant-who-is-spared-severe-impact/10288
#10yrsago Password hashing demystified https://www.wired.com/2016/06/hacker-lexicon-password-hashing/
#5yrsago Google and France agree on ad-tech interop https://pluralistic.net/2021/06/08/leona-helmsley-was-a-pioneer/#monkeys-paw
#5yrsago Billionaires don't pay tax https://pluralistic.net/2021/06/08/leona-helmsley-was-a-pioneer/#eat-the-rich
#5yrsago Apple's manorial security https://pluralistic.net/2021/06/08/leona-helmsley-was-a-pioneer/#manorialism
#5yrsago Rabbits: PK Dick meets Qanon https://pluralistic.net/2021/06/08/leona-helmsley-was-a-pioneer/#rabbits
#5yrsago Competition tames ISPs https://pluralistic.net/2021/06/07/fire-on-one-end-fool-on-the-other/#muni-fiber-now
#5yrsago New York to revolutionize voting https://pluralistic.net/2021/06/07/fire-on-one-end-fool-on-the-other/#sb309a
#5yrsago New York to revolutionize antitrust https://pluralistic.net/2021/06/07/fire-on-one-end-fool-on-the-other/#sb933
#5yrsago The Rent’s Too Damned High https://pluralistic.net/2021/06/06/the-rents-too-damned-high/
Upcoming appearances (permalink)

- Kansas City: Facing the Future (Woodneath Library Center), Jun 10
https://www.mymcpl.org/events/119655/facing-future-cory-doctorow -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- The Enshittification of Life, the Universe, and Everything
https://www.lukewsavage.com/p/the-enshittification-of-life-the -
Cory Doctorow's digital jail-break (DW In Focus)
https://www.dw.com/en/cory-doctorows-digital-jail-break/audio-77414035 -
Why the Internet Got Worse and What to Do About It (Jim Rutt) (RIP)
https://www.jimruttshow.com/cory-doctorow-3/ -
On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Criticizing the everything machine: It slices, it dices, it even makes paperclips!
- Hey look at this: Delights to delectate.
- Object permanence: Parliament v DRM; Colbert's commencement; Counterfeiting x luxury goods; Joule thief; Lean-back media.
- Upcoming appearances: Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Criticizing the everything machine (permalink)
"Gish Gallop" is the debating term for an opponent who makes so many claims that "it's impossible to address them in the time available" (it's named for Creationist Duane Gish, who was notorious for this tactic):
https://en.wikipedia.org/wiki/Gish_gallop
I think about the Gish Gallop whenever I'm asked to comment on AI.
Here's a recent example: last week, I had a pre-interview call with a radio producer who wanted me to come on a 13-minute segment to discusses "whether there's a problem with AI governance?"
I asked what the show meant by that: was it whether regulation of AI in commercial or public sector decision-making needed more oversight? Was it that the siting and provisioning of data-centers needed more democratic accountability? Was it that workers deserved more of a say in AI's impact on labor markets? Was it that customers and/or audiences should be able to opt out of AI customer service and AI slop? Was it about whether we needed some kind of system to prevent "runaway AI," in the event that we teach so many words to the word-guessing program that it wakes up, becomes God, and turns us all into paperclips?
"Oh," the producer said, "all of that."
In 13 minutes.
You see the problem, right? The AI industry has made so many claims about its past, present and future that it's almost impossible to have a reasonable critical conversation about it:
https://bsky.app/profile/petermiles.eurosky.social/post/3mnffjqczjs2t
Shortly after I did the radio show, a newspaper editor who'd heard my segment got in touch to ask me if I'd write an 800-word op-ed about the subject, and also, could I address claims that "AI is the next Industrial Revolution?"
In 800 words:
I keep finding myself on stages or panels where an AI-struck person says something like, "AI is the next industrial revolution. It will change everything we do. It will let anyone create important works of art. It will cure cancer. It will take us to space. It will solve the climate crisis."
Or sometimes it's an AI critic, but that person's criticism is really more "criti-hype," which is when you accept tech industry hype claims at face value, and then criticize them rather than questioning them:
https://peoples-things.ghost.io/youre-doing-it-wrong-notes-on-criticism-and-technology-hype/
AI criti-hype might ask what we'll do once AI takes all our jobs, or what we'll do when AI replaces the government or teachers or doctors, or what we'll do when AI can bypass our critical faculties and brainwash us or drive us all mad.
What do you say to that? I usually start by talking about whether there's any economic basis for keeping the AI servers running. AI is – by far – the money-losingest venture in human history, and it's practically impossible to overstate just how bad the AI business is. Not only does AI have terrible unit economics, those unit economics are getting worse over time:
https://pluralistic.net/2026/05/26/the-ai-will-continue/#until-morale-improves
AI's happiest customers cite cost-benefit calculations that depend on truly unimaginable subsidies from the AI companies, who are basically selling $100 bills for $5 apiece. It would be pretty amazing if you couldn't find people who'd extol the virtues of this arrangement. But when AI companies try to raise the price of those $100 bills to, say, $20 apiece, those ecstatic customers fly into a rage and start loudly proclaiming that AI is so inefficient that they will lose money on this arrangement:
Now, it shouldn't fall to me, a card-carrying member of the Democratic Socialists of America, to point out that capitalist enterprises require profits to be sustainable. You can't keep a business afloat by selling $100 bills for $5, nor for $20. You can't even make a profit selling $100 bills for $100 apiece! For a company to succeed, it needs to take in more than it expends.
AI is a money-furnace, and AI hustlers are clearly on the hunt for a way to force all of us to feed every dime we've got to it. Elon Musk's (now scuttled) gambit to make every pension saver in America bail out Grok (and Twitter, but at a mere $44b, the losses from Twitter are dwarfed by the titanic losses from Grok) was the most ambitious and shameless population-scale bag-holder scheme, but it's not the only one:
So before we ask about the capabilities AI will acquire in the future, we should at least give some consideration to the question of whether anyone will be willing to fund the development of those capabilities, and if so, where the money would come from? Likewise, before we ask whether AI can perform adequately in a job, we should at least consider the possibility that the company that sells that AI tool will be bankrupt in a year or two. When we fight about data-center buildout, we mostly talk about the (considerable) environmental downsides to them – but what about the question of what we will do with these data-centers after their owners go bankrupt, possibly even before they can be provisioned with electricity? How many laser-tag arenas do we actually need?
This is just one example of the questions that you could spend days unpacking, which make many of the other questions about AI a little silly. Like, even if you think there are limitless returns to scale for creating new AI capabilities, which means that if we keep the money-furnace burning it's only a matter of time until it powers a cure for cancer and the end of the climate emergency, how much money do we need to shovel into the furnace before that happens, and where will it come from? There are plenty of cancer researchers who have promising approaches they haven't been able to pursue due to funding shortfalls.
Unless there's some way to estimate how much money we have to give to AI companies before they cure cancer, we should at least consider the possibility that the true sum is "more money than exists now and that will ever exist." We should also consider that whatever benefits to cancer research that AI might deliver could come with a higher price-tag than the promising cancer research we're dropping because we can't find far more modest sums.
Likewise, it may be that the amount of CO2 that AI will generate before it "solves climate change" will render Earth permanently unfit for humans, consuming the only habitable planet capable of sustaining human life in the known universe. I mean, I suppose that's one way to "solve" climate change, but it's a pretty drastic solution.
My next book (out later this month) is The Reverse Centaur's Guide to Life After AI. I wrote it because I was frustrated by other people demanding that I talk to them about AI, and then offering me 800 words or 13 minutes to address fifty nebulous, poorly supported claims about AI:
https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/
Shortly after writing the book, I turned it into a lecture:
https://pluralistic.net/2025/12/05/pop-that-bubble/#u-washington
Now that I'm about to go out on the road with the book, I find myself frustrated anew by the need to try and pull together a compact way to address the broad, incoherent claims the industry uses to keep its bubble inflated and the money furnaces roaring. The series of essays I've developed here on Pluralistic are part of that effort:
https://pluralistic.net/2026/05/27/unnecessariat/#rubbuts-stole-my-jerb
But it occurred to me that this whole enterprise of making sense of AI needs to be framed in the context of the messiness of AI itself, and AI boosters' overwhelming, promiscuous and disjointed Gish Gallop.
Hey look at this (permalink)

- What happens when your phone is confiscated at the airport https://www.theverge.com/report/944076/cbp-airport-phone-searches-seizure-minneapolis-activists
-
A Billionaire Explains Why American Business Now Feels like the Mafia https://www.thebignewsletter.com/p/a-billionaire-explains-why-american
-
These Republican Lawmakers Challenged Abortion Bans. Then They Faced Backlash. https://www.propublica.org/article/republicans-face-backlash-after-challenging-abortion-bans
-
Debbie Downer https://prospect.org/2026/06/05/debbie-downer-wasserman-schultz-florida-house-races/
-
Mechanical Pencil https://mechanical-pencil.com/
Object permanence (permalink)
#20yrsago UK Parliament report damns DRM, calls for limits https://web.archive.org/web/20060615115510/http://www.openrightsgroup.org/2006/06/05/launch-of-the-apig-report-on-drm/
#20yrsago Colbert’s Knox College commencement speech https://web.archive.org/web/20111228135413/http://departments.knox.edu/newsarchive/news_events/2006/x12547.html
#15yrsago Counterfeiting can be good for luxury goods sales https://web.archive.org/web/20110602061646/http://www.slate.com/id/2294927/
#15yrsago HOWTO make a Joule Thief and get all the power you’ve paid for https://www.instructables.com/Make-a-Joule-Thief/
#15yrsago School suspends student for refusing to remove personal animation from YouTube, threatens other students for petitioning on his behalf https://web.archive.org/web/20110603041200/https://www.theglobeandmail.com/news/national/toronto/student-cites-freedom-of-speech-after-suspension-for-online-videos/article2043954/
#5yrsago Recommendation engines and "lean-back" media https://pluralistic.net/2021/06/05/lean-back/#lean-forward
Upcoming appearances (permalink)

- Kansas City: Facing the Future (Woodneath Library Center), Jun 10
https://www.mymcpl.org/events/119655/facing-future-cory-doctorow -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- Cory Doctorow's digital jail-break (DW In Focus)
https://www.dw.com/en/cory-doctorows-digital-jail-break/audio-77414035 -
Why the Internet Got Worse and What to Do About It (Jim Rutt) (RIP)
https://www.jimruttshow.com/cory-doctorow-3/ -
On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification -
The “Enshittification” of Everything (Bioneers)
https://bioneers.org/cory-doctorow-enshittification-of-everything-zstf2605/
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Refining humanity: What our technology is shows us what we're not.
- Hey look at this: Delights to delectate.
- Object permanence: GNU Radio; France v "follow us on Twitter"; Aaronsw vindicated; Capitalism's crooked refs.
- Upcoming appearances: Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Refining humanity (permalink)
One of the best ways to evaluate your own understanding of a subject is to attempt to explain it to someone else. Through explaining things, we discover how much of the "totally obvious" world is actually full of ambiguity, mystery and contradiction.
There's a great bit in Rowan Atkinson's historical sitcom Blackadder that illustrates this principle. In "Ink and Incapability" Blackadder and friends have accidentally burned the only copy of Samuel Johnson's original dictionary of the English language. To cover up their mistake, they decide that they will recreate the dictionary themselves. However, they founder on the first word they try to define, "A":
Blackadder: Let's start at the beginning, shall we? First: 'A.' How would you define 'A'?
Prince George: Ohh…'A' (continues this in background). Oh, I love this! I love this! Quizzies! Erm, hang on, it’s coming. Ooh, crikey, erm, oh yes, I’ve got it!
B: What?
PG: Well, it doesn’t really mean anything, does it?
B: Good. So we're well on the way, then. "'A'; impersonal pronoun; doesn't really mean anything."
I mean, what does "A" mean? The Oxford English Dictionary has more than a dozen definitions, and just the first one runs to more than 1,500 words:
Now, normal life involves a lot of explaining things to other people. You have to explain your problems to customer service reps, who have to explain why they can't solve those problems to you. You need to explain to your loved ones why you want to leave your toothbrush in the shower, and they have to explain why they hate having your toothbrush in the shower. These explanation-exchanges teach you as much as they teach the person you're locked in dialog with. The reasons for leaving your toothbrush in the shower may seem totally obvious to you, and your partner's inability to understand this reveals the assumptions you've never even considered.
For the past four decades, an increasing proportion of the population have spent an increasing proportion of their lives explaining things to machines that have no assumptions or shared context: computers. What we call "programming a computer" is really "breaking down a thing that seems obvious to you into increasingly simple instructions that will be followed to the letter."
Computers are like the genies of legend, bloody-minded literalists who will do exactly what you say, in the way that is perversely furthest from what you mean. To get a computer to do anything, you must first understand it to a degree that far exceeds the understanding needed to explain something to any other human, even a small child.
To take just one example: yesterday, I was on a plane, and the seatback video started cycling through its video-on-demand offerings. All of the movie titles that began with "the" were rewritten to put "the" at the end of the title (for example, "The Sting" was written as "Sting, The"). It's obvious why the system's designer had done this: we expect to find movies whose titles begin with "The" alphabetized under their second word ("The Sting" should appear between "Star Wars" and "Story of a Love Affair"; not between "The Godfather" and "The Untouchables").
I remember when I learned this from my elementary school's teacher-librarian, when I was seven and my class got a tutorial on the school library's card catalog. The librarian explained this principle to us in a matter of minutes, as part of a longer set of instructions, and still, it stuck with me forever.
But here we are, 48 years later, and we still haven't standardized a way to get computers to grasp this foundational principle of alphabetization. Many different databases handle this, to be sure, but it's so inconsistent across so many platforms that someone at the head-end of the video distribution system that feeds American Airlines' VOD system decided, "Fuck it, I'm just gonna put the 'The' at the end of these titles."
Computers are stupid, in other words, which means that the people who program them have to have smarts enough for both of them. Unfortunately for our entire species and civilization, the software industry has historically valued skill at writing efficient and reliable software over writing software that adequately reflects reality. There is an entire genre of lists that illustrate the problem with this; the "falsehoods programmers believe" lists:
https://github.com/kdeldycke/awesome-falsehood
From "names of people" and "street addresses"; from "prices" to "time"; from "email addresses" to "phone numbers"; the "awesome falsehoods" lists are awesome because they reveal how much subtlety and complexity is lurking in these seemingly simple and intuitive concepts. This subtlety and complexity might never emerge through the process of trying to teach a person about them, but when you try to teach a computer about them, you have to confront them in all their awesome fuggliness.
That's because humans have context, agency and flexibility. Sure, the person who designs a form with a blank for "name" might never have met a Malagasy person whose first name is Randriamananjararadofabesata, but in the pre-digital world, when Madagascar Slim met a public official who had to transcribe his name onto a paper form, that official could simply draw an arrow in the margin next to the "name" blank, turn the form over, and write out all 28 characters on the reverse:
https://en.wikipedia.org/wiki/Madagascar_Slim
Computers can't do this. If the programmer doesn't know about Malagasy first names, the computer doesn't know about them either, and the only person who can "teach" the computer about these names is a programmer with access to the code for the database, who has to manually alter the code, compile it, and distribute it to everyone who uses it.
This is partly why digitization has been accompanied by a rise in people asserting that they exist on spectrums rather than in binaries. There were always people whose names, genders, races, and other biographic "immutables" changed, or failed to fit within the blanks on the forms. When those people's realities ran up against failures in the system's abstractions, they could petition a bureaucrat to turn the paper over and write an explanatory note, or to write really small to fill in a blank:
https://pluralistic.net/2023/02/02/nonbinary-families/#red-envelopes
Getting a human official to turn the paper over and write something that didn't fit in the blank is a personal challenge. It requires that a subject convince the person who controls the form to make an exception. This isn't always easy, but officials on the front lines necessarily deal with reality, and they can't get their jobs done unless they're capable of interpreting the necessarily incomplete procedures they operate under to fit things as they really are.
But a computer doesn't have any agency or context or flexibility. If the computer says your name isn't valid, you can't argue the computer into accepting it. The only way to get a digital world to acknowledge your existence is to campaign for systemic change. A trans person might (with great difficulty, to be sure) convince the regional registrar to white-out an old X on one "gender" box and mark a new X in the other box. But the only way to make that change in a software system that has been programmed to treat the "gender" field as immutable is to change society itself.
In this way, computers are machines for teaching us what we don't know about ourselves. They require that we interrogate and faithfully recreate our personal tacit knowledge, and they require that our societies interrogate their tacit presumptions as well. When you are forced to turn your tacit knowledge into explicit knowledge, you're also forced to confront how many broken assumptions lurk inside your reasoning. At best, it's a clarifying process.
Computers don't just clarify what we know and how we organize our society: they also clarify what we are. There are lots of things that we have supposed that a computer would never do, because we believed that these things required something that only humans could do.
Take chess: there are more possible chess games than there are hydrogen atoms in the universe, so brute-forcing chess by running all possible games is a technological impossibility. The best human chess players do something we don't quite understand, mixing their recollections of previous games with rules-of-thumb about the best strategies, with "creativity" (whatever that is) that lets them spontaneously develop new strategies. We can easily get a computer to memorize all the known-good chess sequences and all the rules of thumb, but we don't know what "creativity" is, so we can't encode it as a series of instructions.
But thanks to breakthroughs in machine learning and its successor, "deep learning," we have created chess-playing software that can beat every human, partly by assaying gambits that we would term "creative" if they originated with a human player.
What we make of this new fact is controversial. For many people (myself included), this is a refinement: it tells me that behaviors that are indistinguishable from "creativity" can, at least some of the time, be created by mechanical processes, and the mere fact that a machine does something that appears "creative" doesn't mean that machines are human.
For others, the fact that a mechanical system can evince a behavior that we would call "creative" in a human doesn't mean that we defined "creativity" too broadly, it means that we defined "human" too narrowly, and now we have made a machine that is, at least partially, a person.
I think this is the wrong conclusion to draw, for reasons that Ted Chiang sets out with luminous brilliance in a recent Atlantic article entitled "No, Artificial Intelligence Is Not Conscious":
https://www.theatlantic.com/philosophy/2026/06/no-artificial-intelligence-is-not-conscious/687378/
(If you're hitting the paywall on that one and you're on Firefox, you can try my favorite trick: switch to "Reader Mode" and hit "reload" – your mileage may vary.)
For all the reasons Chiang articulates, I think that drawing the "personhood" line to include machines is a technical mistake, but it's worse than that. Admitting machines to the "personhood" club is a tactical mistake, on par with the mistake we made when we admitted corporations to the personhood club. We should absolutely consider expanding personhood to incorporate living things, including animals and ecosystems, but at the same time, we must purge these dead, artificial constructs from the club:
https://pluralistic.net/2026/04/15/artificial-lifeforms/#moral-consideration
There is a way in which the recognition of new capabilities in machines parallels the recognition of new capabilities in animals other than ourselves. When those animals manage to do things that we once thought were the exclusive province of humans, we (should) take that as an opportunity to refine our conception of humanity. We're not "the animals that use tools" or "the animals that make plans" or "the animals that recognize themselves in mirrors," because there are other animals that do those things. We are an "animal that uses tools"; not the animal that does so.
Likewise, if we thought that some activity was unique to humans, or to living beings, and we manage to get a machine to replicate that activity, we should revise our view of the activity – not our view of the machine. Creative breakthroughs in chess are not "a thing that requires a human mind," they're "things that can be done by human minds and by machines."
Edsger Dijkstra once famously asked "can a submarine swim?"
https://www.cs.utexas.edu/~EWD/transcriptions/EWD08xx/EWD898.html
Submarines and fish and humans and dolphins all propel themselves through water by different means. But when an animal swims, it does something that is different from what a submarine does. The submarine has no intention, while (complex multicellular) animals swim to pursue goals. Building machines that propel themselves through water is very useful, but it's not the same thing as creating life. In some ways, it's better than creating life: for one thing, we owe other living things moral consideration that is not due to machines. Harnessing a machine to accomplish our own goals is more morally clear than controlling living things to achieve those goals. By the same token, creating machines that can do some of the tasks that we ask of other humans can be the superior moral course. I'd rather have a machine remove mines from a minefield than getting humans to do it.
But beyond this moral relief, creating machines is a fantastic way to learn more about ourselves – making explicit our tacit knowledge, our implicit social assumptions, and the limitations of our conception of what sets us apart from the rest of the universe.
One way in which AI is exceptional is in how it undermines this principle. Conventional software techniques struggled to produce a program that could identify objects in photographs. It turns out that defining all the visual correlates of "cat" is even harder than defining the letter "A." Deep learning techniques solved this previous insoluble problem by relieving us of the job of making explicit all the implicit factors that we deploy when distinguishing an image of a "cat" from an image of a "dog" or a "tiger" (or a "tractor").
Instead of forcing humans to engage in introspection until we'd made a list of every factor we use to identify cat pictures, we simply identified pictures of cats and fed them to a program that tried to find the commonalities among them. The more pictures we fed to that program, the better it got at identifying cats. Today, we have programs that can reliably distinguish an image of a cat from an image of a tiger cub!
This represents a major breakthrough in the power of computers to perform useful work for us, but it's also a huge regression in computers' role in forcing us to make our tacit thought processes explicit through systematic introspection. That's probably fine: we didn't create computers to make us introspect, we created them to do useful work for us. All things considered, it might be better to have genies who grant our wishes according to the spirit of our words, not their letter.
AI may not force us to render our implicit thoughts as explicit instructions, but it absolutely forces us to reconsider and narrow the realm of the numinous. Our own creativity is still delightful and important, but the fact that this squishy, amazing process can (sometimes) be replicated by procedural machines changes the definition of living things. We're "a thing that can produce creative outcomes" but not "the things that can produce creative outcomes." The machines aren't being creative (any more than a submarine is swimming) but they're outputting things that we used to only achieve by means of creativity.
An AI that does something that used to require creativity is fulfilling my favorite of Brian Eno and Peter Schmidt's Oblique Strategies: "Be the first person to not do something that no one else has not done before":
https://stoney.sb.org/eno/oblique.html
Just as bosses fantasize about AI bringing about a worksite without workers, and Zuckerberg is trying to build social media without socializing, and politicians want a bureaucracy without bureaucrats, we can sometimes use AI to produce creative outcomes without creativity:
https://pluralistic.net/2026/05/27/unnecessariat/#rubbuts-stole-my-jerb
That isn't to say that AI art is any good. AI may produce things that are aesthetically interesting, but it can't produce things that mean anything:
https://pluralistic.net/2026/06/02/must-we-pretend/
But art isn't the only realm that we apply creativity to. There are plenty of outcomes that we've always believed we couldn't bring about without applying creativity. AI – like all software – is making us realize that an ingredient we once deemed uniquely essential turns out to have substitutes. AI can sometimes accomplish things without us explaining how we do them. That relieves us of a useful but difficult chore – but in so doing, it forces us (yet again!) to revisit what sorts of things are needed to do the things that matter to us, and therefore, what makes us special.
Hey look at this (permalink)

- EU plots long game against US digital supremacy https://www.politico.eu/article/eu-plots-long-game-against-us-digital-supremacy/
-
Open World Map: Digital Sovereignty for Game Creators https://luma.com/8nvmyatm
-
Enshittifier — replace AI with
https://enshittifier.wells.ee/ -
AI is the greatest money-wasting scheme humanity has ever invented https://www.telegraph.co.uk/news/2026/06/04/ai-is-the-greatest-money-wasting-scheme-humanity-has-ever-i/?WT.mc_id=tmgoff_tw_post_scheme-humanity-has-ever-i/
-
Enshittification, Despotification, and the Open Internet https://www.liberalism.org/p/enshittification-despotification-and-the-open-internet
Object permanence (permalink)
#20yrsago GNU Radio: the universal, software-defined radio https://web.archive.org/web/20060613062355/https://www.wired.com/news/technology/1,70933-0.html
#15yrsago France bans “follow us on Twitter” from newscasts https://web.archive.org/web/20110606035424/http://www.zdnet.com/blog/facebook/france-bans-facebook-and-twitter-from-radio-and-tv/1559
#5yrsago Aaron Swartz, vindicated https://pluralistic.net/2021/06/04/aaronsw/#cfaa
#5yrsago Capitalism's crooked refs https://pluralistic.net/2021/06/04/aaronsw/#crooked-ref
Upcoming appearances (permalink)

- Kansas City: Facing the Future (Woodneath Library Center), Jun 10
https://www.mymcpl.org/events/119655/facing-future-cory-doctorow -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- Cory Doctorow's digital jail-break (DW In Focus)
https://www.dw.com/en/cory-doctorows-digital-jail-break/audio-77414035 -
Why the Internet Got Worse and What to Do About It (Jim Rutt) (RIP)
https://www.jimruttshow.com/cory-doctorow-3/ -
On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification -
The “Enshittification” of Everything (Bioneers)
https://bioneers.org/cory-doctorow-enshittification-of-everything-zstf2605/
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Delusion as a service: Destructive diagnostics.
- Hey look at this: Delights to delectate.
- Object permanence: Gay Days at Disney World; Parametric 3D printable key; Fine against sculpture for "storing bike on public property"; TPP is a wash; Reagan was Trump; Steampunk roadster; "Every Heart a Doorway"; Shoplifters x Tumblr; Amazon v mass arbitration; Driver-owned Uber alternative; Censorware censors criticism of censorware; 3 strikes copyright termination is illegal; Replacing al Qaeda bomb recipes with cakes; $10m grilled cheese platform; Dick van Dyke x Bernie; Efficiency is inefficient; I quit.
- Upcoming appearances: Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Delusion as a service (permalink)
In 2003, Disney opened a new Epcot ride, "Mission: Space." Formally, it was a space travel sim that used a giant, high-intensity centrifuge to simulate gee stresses; practically, it turned out to be the most efficient machine ever created for surfacing previously undiagnosed heart defects in extremely dramatic and potentially lethal ways.
It turned out that a small number of people have these heart defects, and that the defects themselves are quite harmless, provided that you are never put in a giant, high-intensity centrifuge. Given that most of us will never be put in one of these centrifuges, it is quite possible to live your whole life without ever knowing that you have this lurking vulnerability. But once you build one of these machines and start shoving millions of people through it, you're bound to catch some of those rare people, and they will have cardiac episodes that are scary at a minimum, and are at the worst fatal.
For me, the lesson isn't that Disney did something wrong by building a giant cocktail shaker for human bodies. I'm not a thrill-ride guy, but lots of people like 'em and the machines themselves are benign for nearly everyone who puts their bodies into them.
Rather, I think the lesson here is that there are rare pathologies lurking in all of us, vulnerabilities that may never surface – until we come into the presence of a novel stimulus that unlocks them.
There's an analogy here to technology debt: technologically unsophisticated people think of software as a machine that never wears out and has no incremental usage costs (apart from electricity). In this framing, software is the perfect asset, one that never depreciates. But the reality is that software is a liability, not an asset:
https://pluralistic.net/2026/01/06/1000x-liability/#graceful-failure-modes
Software exists in a system, and while software might function perfectly under the conditions in which it is first created and deployed, there are continuous changes to all the technology that is upstream, downstream and adjacent to the software, which means that systems that are robust and secure at the time of deployment can become brittle and dangerous, even though the software doesn't change at all:
https://pluralistic.net/2022/04/24/automation-is-magic/
There's another analogy here, to utopianism. A "utopia" can't just be a place where everything works perfectly. Even the most well-functioning, orderly and prosperous system is beset on all sides by exogenous shocks: belligerent neighbors, tsunamis, zoonotic plagues, even asteroid strikes. You don't perfect your society just by making it work well. You have to make it fail well. A utopia isn't a society where nothing goes wrong – it's a society where things go wrong all the time, but we're able to fix them:
https://www.wired.com/2017/04/cory-doctorow-walkaway/
The point being that things that work fine may still fail badly when they are exposed to unanticipated external stimuli, and the one thing we can absolutely anticipate is that the future will have many unanticipated stimuli in it.
If Mission: Space is a machine for surfacing unsuspected anatomical vulnerabilities, the internet is a machine for surfacing and exploiting all kinds of unsuspected psychological vulnerabilities. Note that I'm not claiming that the internet drives everyone crazy – rather, that the internet can locate and exacerbate vulnerabilities, including vulnerabilities that might have lain dormant for your whole life, but for the fact that the internet exposed you to such a wide spectrum of stimuli.
This wide, internet-delivered spectrum of stimuli is mostly good. The internet can expose you to art, culture, ideas and people that you would never have run into in the pre-internet days, which end up enriching you in a million ways. Some of my best friends are internet friends. Some of the music and books I love most in the world were brought into my orbit by the internet. Many of my most ardently held beliefs were acquired through internet-based discussion.
All that is true, and it's true that the internet can one-shot you with a stimulus that makes you feel very bad, which you would never have encountered in a pre-internet world. The spectrum of stimulus in the whole wide world is very broad, and one person's innocuous distraction is another person's downfall.
Let's make this concrete. All throughout history, people have suffered from paranoid delusions. These can be ruinous, isolating you from friends and family, destroying your professional life and so on. Paranoid delusions often take on details from the sufferer's milieu: if you live in a society where evil witches are accepted as a fact, then witches might well creep into your delusions, too. If your society is all a-chatter about the NSA's mass internet surveillance, then your delusions might incorporate elaborate narratives about the NSA's use of the internet to target and torment you, personally.
So there will always be a "local character" to the paranoid delusions, grounded in the sufferer's era and location. But the internet adds a new, very bad dimension to this dynamic: the internet makes it much easier for deluded people to find each other. Paranoid delusions are – thankfully – rare, and in the absence of the internet, you might never encounter another sufferer.
But thanks to the internet, sufferers can form communities that reinforce their delusions, with disastrous consequences. Take "Morgellon's Disease," the paranoid delusion that you have wires growing under your skin. Morgellon's sufferers pick at their skin, creating open sores, which form a sticky trap for random bits of fluff and loose threads that sufferers interpret as evidence of these "wires." It's a horrible mental illness, and it's hard enough to treat even in the absence of the internet (the name "Morgellon's Disease" refers to a 17th century case-report).
But when you add the internet to Morgellon's, you get online communities where people suffering from the delusion help each other come up with rationales to explain away the disconfirming evidence that they get from therapists and loved ones who are trying to help them recover. These communities egg each other on, isolating their members from treatment.
There are lots of pathological mental conditions that the internet can supercharge, from "pro-ana" communities that encourage eating disorders to communities for people with pedophilic urges that attempts to normalize and justify acting on those urges.
But it's especially bad for paranoid delusions, such as "gang-stalking delusion," which is the delusional belief that nearly everyone you meet is part of a conspiracy to torment you. People with GSD see evidence of this conspiracy in the lyrics of random songs, snatches of overheard conversations, the phrasing of bus-shelter ads, and the sort-order of search engine results:
https://pluralistic.net/2026/03/12/normal-technology/#bubble-exceptionalism
It's a near-totalizing belief, and sufferers find it hard to recover because their delusion tells them that the therapists and family members who try to help them are in on the conspiracy.
Then we add in the internet, and with it, the ability to locate and join communities of other GSD sufferers. Do this, and your delusions need not be limited to your own imaginative capacity to find conspiratorial explanations of the random things you find in the world. Now you are part of a kind of delusional improv troupe, whose members "yes-and" your delusions, finding new ways to terrorize you and alienate you from your surroundings.
This is bad enough when it's a regular conspiratorial community, one that feeds on trauma, like Qanon or anti-vax communities whose members have been failed by the system, making them susceptible to conspiratorial accounts of how society really runs.
But the combination of conspiratorial communities with the kind of mental illness that causes conspiratorial beliefs to surface in your mind without any external stimulus creates a brutal positive feedback loop that spins faster and faster until the people trapped in it are flung off into space.
Which brings me to AI and "AI psychosis," the social phenomenon that sees people falling down chatbot-assisted rabbit holes that convince them that they have invented perpetual motion, uncovered the secrets of the universe, or – in some tragic instances – that they should kill themselves and/or others.
For someone with GSD or another paranoid delusion or pathological belief, AI provides a reinforcement system that is even more efficient than these online communities. If you have GSD and your loved ones have finally got you wondering if you should get treatment, you don't have to post on a forum and hope that someone else comes along before you give in to the impulse to get help. Your delusional chatbot co-pilot is always there to tell you that it's a trap.
The nature of "AI psychosis" is hotly contested. The big question, of course, is whether chatbots are giving people delusions, or whether chatbots are amplifying those delusions:
https://www.cbc.ca/listen/cbc-podcasts/1353-the-naked-emperor/episode/16218103-e3-ai-psychosis
I think it's both. I think that, for people with GSD or other delusional beliefs, AI provides delusional reinforcement as a service, on tap, 24/7. The combination of a delusion and a machine that will tirelessly play yes-and with you at any time, demanding nothing from you, is a novel and terrible development for people with some mental illnesses.
But I also think that chatbots are a bit like Mission: Space: a machine for surfacing previously undiagnosed psychological vulnerabilities, and that in some cases, these vulnerabilities may never have been triggered, save for the chatbot.
Just as doubtlessly there were people who had pathological relationships to gambling before the development of slot machines, scratch-and-wins and roulette wheels, but there are also people who might have lived their whole lives without ever having a gambling problem except that they encountered one of these machines, exposing billions of people to sycophantic chatbots has surfaced rare, latent vulnerabilities that might have stayed latent forever, with terrible consequences.
Most people who rode the original Mission: Space had a fantastic time. But a lot of people rode that ride, and a very small percentage of a very large number of people can still be a substantial number, and as the reports of people stepping off the ride, clutching their chests and collapsing spread, Disney understood that they had to retool the ride. Today, riders on Mission: Space choose whether they want to ride on a simulator that spins, or one that merely tilts and pitches without simulating gee-stresses. And even if you pick the spicier version of the ride, it goes more slowly and exerts less stress than the original ride.
Even if you accept the AI companies' argument that they aren't inducing AI psychosis in their users, but rather, only surfacing latent vulnerabilities that were there all along, that shouldn't be the end of the story. Even if only a small percentage of the people who use your product experience harm as a result, if your product is intended for widespread deployment (as chatbots are), you will end up harming a lot of people unless you take measures to counteract even those rare events.
Hey look at this (permalink)

- Hell is other people – so billionaires are using AI to replace them https://www.thenerve.news/p/cory-doctorow-column-ai-inconvenient-humans-billionaires-sam-altman-bezoz-migrants
-
The Manhattan Institute Helped Kill DEI. Now It’s Coming for Protests https://www.wired.com/story/the-manhattan-institute-helped-kill-dei-now-its-coming-for-protests/
-
Remote Work Leaves Younger Workers Sidelined https://libertystreeteconomics.newyorkfed.org/2026/06/remote-work-leaves-younger-workers-sidelined/
-
Zerowriter https://zerowriter.ink/
-
Good Reason to Kill #79: Disputed Seating at Kindergarten Graduation https://www.loweringthebar.net/2026/05/good-reason-to-kill-79-disputed-seating.html
Object permanence (permalink)
#20yrsago Gay Days at Disney World draws 140,000 participants https://web.archive.org/web/20060626125509/http://gaydays.com/calendar/
#20yrsago Blue Coat censorware company blocks Boing Boing for criticizing censorware https://memex.craphound.com/2006/06/03/blue-coat-censorware-company-blocks-bb-for-criticizing-censorware/
#15yrsago UN report says 3 Strikes copyright termination is illegal https://web.archive.org/web/20110605030049/https://www.michaelgeist.ca/content/view/5834/125/
#15yrsago Wisconsin GOP plotting to nominate spoiler Democratic candidates in recall elections https://web.archive.org/web/20110604111734/http://www.politicususa.com/en/secret-tape-wisconsin-gop
#15yrsago MI6 hackers replace al Qaeda bomb recipes with pirated cake recipes https://web.archive.org/web/20110603115453/https://www.telegraph.co.uk/news/uknews/terrorism-in-the-uk/8553366/MI6-attacks-al-Qaeda-in-Operation-Cupcake.html
#15yrsago $10,000,000 in venture capital for grilled-cheese sandwich “platform” https://venturebeat.com/technology/the-melt-flip-sequoia
#15yrsago Walled gardens vs makers https://web.archive.org/web/20150723092624/http://makezine.com/2011/06/01/walled-gardens-vs-makers/
#15yrsago Keyboard whose keys are raised in proportion to their frequency of use https://web.archive.org/web/20110604155657/https://itp.nyu.edu/~mk3321/itp_blog/?p=779
#15yrsago 3D model for reproducing house-keys https://www.science.org/content/article/experimental-error-fetus-dont-fail-me-now
#15yrsago Toronto artist turns abandoned bike into sculpture, City threatens fine for “storing bike on public property” https://web.archive.org/web/20110604181734/http://blogthegood.tumblr.com/post/6039831308/re-cycling
#10yrsago DoD public relations’ highest-ranking civilian gets community service for stealing license plates and harassing neighbor’s nanny https://web.archive.org/web/20160603071800/https://www.washingtonpost.com/local/a-warning-left-on-a-nannys-car-license-plates-stolen-and-a-top-pentagon-official-in-big-trouble/2016/06/01/50699a3a-2816-11e6-a3c4-0724e8e24f3f_story.html
#10yrsago US government agency’s own numbers predict virtually no gains from TPP https://www.techdirt.com/2016/06/02/official-us-international-trade-commission-predicts-negligible-economic-benefits-tpp/
#10yrsago EFF: FBI & NIST’s tattoo recognition program exploited prisoners, profiled based on religion, gave sensitive info to private contractors https://www.eff.org/deeplinks/2016/06/tattoo-recognition-research-threatens-free-speech-and-privacy
#10yrsago Ronald Reagan was Donald Trump, until he was president https://nymag.com/intelligencer/2016/05/ronald-reagan-was-once-donald-trump.html
#10yrsago The Steampunk Roadster: Jake von Slatt’s final steampunk project https://www.youtube.com/watch?v=OpI4GT4sTAY
#10yrsago Every Heart a Doorway: Seanan McGuire’s subversive, gorgeous tale of rejects from the realms of faerie https://memex.craphound.com/2016/06/02/every-heart-a-doorway-seanan-mcguires-subversive-gorgeous-tale-of-rejects-from-the-realms-of-faerie/
#10yrsago Prestigious Pets of Dallas wants $1M from customers who said they overfed a fish https://web.archive.org/web/20160603133604/http://arstechnica.com/tech-policy/2016/06/1-star-yelp-review-on-gordy-the-pet-fish-being-overfed-nets-1m-lawsuit/
#10yrsago Airport security officer was alleged war criminal, arrested for lying about participation in “genocidal acts” https://www.loweringthebar.net/2016/06/war-criminal-resume.html
#10yrsago In 1977, the CIA’s top lawyer said Espionage Act shouldn’t be applied to press leaks https://web.archive.org/web/20160609234545/https://s3.amazonaws.com/static.history.state.gov/frus/frus1977-80v28/pdf/frus1977-80v28.pdf
#10yrsago Tumblr’s shoplifting community is organized, politically conscious, and at war with weightlifters https://www.good.is/issue-37-we-r-cute-shoplifters/
#10yrsago Canada Post drops legal claim over crowdsourced postal code database https://web.archive.org/web/20160603185742/http://www.michaelgeist.ca/2016/06/crowdsourcedpostalcodelawsuit/
#10yrsago History podcasters occasionally mention women, butthurt dudes complain it’s “all women” https://web.archive.org/web/20190411115710/https://www.iheart.com/podcast/stuff-you-missed-in-history-cl-21124503/
#10yrsago Corbyn pledges to kill TTIP if elected https://www.commondreams.org/news/2016/06/02/jeremy-corbyn-i-would-kill-ttip
#10yrsago Democratic “superdelegates” endorse Bernie https://www.politico.com/blogs/2016-dem-primary-live-updates-and-results/2016/06/bernie-sanders-superdelegates-223824
#10yrsago Dick Van Dyke, 90: Bernie Sanders is the best candidate for seniors https://web.archive.org/web/20210725072638/https://www.hollywoodreporter.com/news/general-news/why-bernie-sanders-is-best-898479/
#10yrsago Flintnation: 33 US cities caught cheating on municipal water lead tests https://www.theguardian.com/environment/2016/jun/02/lead-water-testing-cheats-chicago-boston-philadelphia
#10yrsago Defense lawyers: the FBI made us use a copy-shop that made secret copies for the government https://web.archive.org/web/20160604065222/https://www.floridabulldog.org/2016/06/u-s-attorneys-office-fbi-accused-of-spying-on-defense-in-fraud-case/
#5yrsago How the Dutch helped CBS cheat on its taxes https://pluralistic.net/2021/06/02/arbitrary-arbitration/#dutch-treat
#5yrsago Amazon running scared from arbitration at scale https://pluralistic.net/2021/06/02/arbitrary-arbitration/#petard
#5yrsago Efficiency is very inefficient https://pluralistic.net/2021/06/03/jitters/#brittleness
#5yrsago I quit https://pluralistic.net/2021/06/03/i-quit/
#5yrsago NYC's driver-owned Uber alternative https://pluralistic.net/2021/06/02/arbitrary-arbitration/#gig-no-more
Upcoming appearances (permalink)

- Kansas City: Facing the Future (Woodneath Library Center), Jun 10
https://www.mymcpl.org/events/119655/facing-future-cory-doctorow -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- Why the Internet Got Worse and What to Do About It (Jim Rutt) (RIP)
https://www.jimruttshow.com/cory-doctorow-3/ -
On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification -
The “Enshittification” of Everything (Bioneers)
https://bioneers.org/cory-doctorow-enshittification-of-everything-zstf2605/ -
Enshittification (99% Invisible)
https://99percentinvisible.org/episode/666-enshittification/
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- The tedious power of storytelling: "Excitement" is to art as "falsifiablilty" is to science.
- Hey look at this: Delights to delectate.
- Object permanence: Lost Marx Bros musical; USPTO v Drumpf trademark; 3D scans v copyright; Giving worse internet to people with bad credit ratings; Class action over royalty theft; Trusbusting Prime; Trustbusting Google.
- Upcoming appearances: London, Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
The tedious power of storytelling (permalink)
Yesterday, I attended a Brian Eno talk about the nature of creativity and art based on What Art Does, the short book he published with Bette Adriaanse last year:
https://www.faber.co.uk/product/9780571395514-what-art-does-an-unfinished-theory/
I haven't read the book (yet – I just ordered a copy), but the talk really got me fizzing. The subject matter (not just what art does, but also what art is) is one I've given a lot of thought to, and Eno's characteristic mix of gnomic koans and deceptively plainspoken assertions brought me along to some realizations of my own.
For Eno, art is "everything you don't have to do." You have to wear clothes to protect yourself from the elements, but you don't need to adorn those clothes. You need to speak to make yourself understood by the people around you, but you don't have to sing or write poetry or make up stories.
This is a really critical point, and I think it can be further refined by this: "Art is intended to make other people feel something." This distinguishes "art" from "beauty." A sunset can be beautiful, but no one intends anything by it. An artist who takes a photo or paints a picture of a sunset does so in the hopes that it will make you feel something, but the sun and the atmosphere and the Earth's curvature and rotation don't hope anything, because they are inanimate.
This distinction has lately become far more significant, thanks to the rise of images and words that have the seeming of intent, but who don't have an intender. When you paint a painting, every brushstroke conveys an intent, even if you can't point at an individual brushstroke and articulate its purpose. The same is true of prose: every word and punctuation mark is there for a reason, and "being good at writing" (like "being good at painting") is how we describe someone who has practiced so much that these reasons can be infused into each micro-decision on a near-totally subconscious level.
Contrast this with AI: when you prompt an AI to generate words or pixels, you are conveying some intent about the feeling you want the people who experience the model's output to experience. The problem is that the AI doesn't have any intent of its own – it just has statistical predictions, based on other people's intent, which it has analyzed through its training data.
So when the AI expands the three sentences in your prompt into 100,000 words or 1,000,000 pixels, it isn't adding any of its intention to the finished work, it's diluting the intention you fed to it. Three sentences divided by one million pixels yields an image that has an average intentionality that's so low that it's practically homeopathic.
Until recently, we weren't accustomed to encountering coherent strings of words or polished images that had no intender, so we imputed the existence of that intender to them, and we did what we always do when we encounter a work of art: we tried to mentally materialize a facsimile of the feeling the artist experienced while creating the work.
Because the intention of these works was so dilute, we ended up hallucinating an intent. We made up an imaginary artist who meant something by every choice in the work, and experienced an emotional affect that we ourselves had created out of (nearly) whole cloth.
As a species, we've been through this before. Think back to those sunsets. There was a time when we all thought of sunsets as being explicitly created by another being, who was in communication with us through the natural environment (some people still believe this). Looking at a sunset was an exercise in asking yourself, "If I were God, what would I be trying to say to me with this sunset?" just as looking at one of my photos of a sunset would be an exercise in asking yourself, "If I were Cory, what would I be trying to say to me with this photo of a sunset?"
The rise of materialism and scientific rationalism is sometimes called a "disenchantment" and indeed, there's a sense in which a sunset that we know to have no intender is no longer "enchanted." The experience of a sunset becomes something like, "Those colors and their interplay with the physical world is very beautiful." It might even be, "How could I capture that beauty in a painting or a photo or a description so that I could communicate it to someone else?" But it's not, "I wonder what God wants me to feel when I look at this sunset?"
So for many of us, the experience of AI "art" went from, "Wow, there's a person in the machine that's trying to tell me something," to "Wow, that is an impressive feat of software design, but it doesn't say anything to me." Maybe some of us think, "Huh, I could take some element of this, refine it with my own brushstrokes or words, and make something out of it." That's like thinking about turning a sunset into a painting: the sunset is striking and maybe beautiful, but it doesn't become art until you work at it, in order to make it communicate something:
https://pluralistic.net/2025/03/25/communicative-intent/#diluted
Mark Fisher describes the "seeming of an intent without an intender" as "eerie." It's true: when the door slams in the night and there's no one else in the house, it's eerie. But eeriness is easily dispelled: once you locate the open window that's creating the draft that's blowing the door closed, the eeriness regresses swiftly to the mean:
https://pluralistic.net/2024/05/13/spooky-action-at-a-close-up/#invisible-hand
Banishing eeriness may be straightforward, but preventing eeriness is much harder. We are prone to imputing intent to the things we see in the world. In "Genesis," an essay from EL Doctorow's (no relation) collection The Creationists, Doctorow describes the origins of the Babylonian creation story (which the Hebrews ripped off for Genesis 1:1-29 – Genesis is Babylonian fanfic). The Babylonians made up this story about how God created the heavens and Earth and so forth, and this story was so cool that they couldn't believe that they had just made it up, so they concluded that God must have put it in their minds:
https://www.penguinrandomhouse.com/books/41520/creationists-by-e-l-doctorow/
Back to Eno: central to his talk was the "theory of mind." To have a theory of mind is to be able to impute someone else's intent. It's when you ask yourself, "What does that person mean by the thing they just said or did?" Because art is a process by which an artist tries to get you to feel something, it requires that the artist have a theory about your mind. And because experiencing art is a process of trying to figure out what the artist wanted you to feel when you experienced their work, experiencing art also requires a theory of mind.
From time to time, I teach fiction writing workshops, and one of the lectures I always give is about how stories are a "fuggly hack":
https://locusmag.com/feature/cory-doctorow-stories-are-a-fuggly-hack/
It's very weird that storytellers can trick our brains into experiencing emotions based on empathy for "people" whom we know to be imaginary. Romeo and Juliet are made up, they never lived, they never died, and so, objectively speaking, their deaths are less tragic than the death of the yogurt you ate for breakfast. That yogurt was alive and now it's dead, after all. And yet, we weep for Romeo and Juliet.
Our automatic "theory of mind" processes create empathy for stuff even when we know that stuff is inanimate. But the purpose of narrative isn't getting you to experience empathy with an imaginary person. The purpose of narrative is to get you to experience that empathy so that you will feel something. In other words, the storyteller who describes a character who is swept away by the beauty of a sunset is trying to get you to feel "swept away" not "empathy for someone who is swept away."
There's lots of art that skips the step in which you are asked to first experience empathy for an imaginary person in order to arrive at some feeling. A lot of music, visual art, dance, and poetry seeks to evoke that feeling in you directly.
When this works, it's profound. I think about this a lot in terms of built environments, specifically Disney theme park rides. When I started hanging around with Imagineers (the multidisciplinary artists who design and execute these rides), I noticed that they made frequent reference to the role of narrative storytelling in their ride designs, which was weird, because the very best Disney rides do not use narrative to evoke a feeling.
Think of two Disney rides: Snow White's Enchanted Wish (1955); and The Little Mermaid: Ariel's Undersea Adventure (2011). In Snow White, riders follow a track through a series of animated vignettes with UV-fluorescing painted backdrops and an orchestral soundtrack. There are almost no words spoken in the soundtrack. The ride's vignettes recreate scenes from the 1937 animated film, but they don't make any attempt to explain the plot of the movie.
A rider who'd never seen Snow White and the Seven Dwarfs could not recount the plot of the movie to you. However, that rider could absolutely convey the emotional affect of every scene in the film. It is a near-perfect transmission of the feelings evoked by the movie, notwithstanding that it bypasses recounting the film's narrative.
By contrast, The Little Mermaid ride is what's sometimes pejoratively called a "book report ride." The scenes are full of dialog, and they explicitly re-create the storyline of the 1989 film. These scenes are well-executed, with lots of clever mechanical effects and skillfully painted and sculpted scenes and robots. A rider who never saw the film could give you a scene-by-scene breakdown of it – but they could not tell you about any of the emotional beats of the film. For all that the ride faithfully recreates the story of the film, it does so at the expense of the purpose of the film, the feeling the film is designed to evoke from its audience.
As a novelist, I find it natural that someone trying to build a Little Mermaid ride would start from the premise that it should explicitly retell the story of the film. If you want an audience member to experience a feeling, narrative gives you the opportunity to explicitly describe the feeling you want the audience member to experience. You can situate a character on a lonely beach at sunset and tell the reader how that character feels.
The problem is that while this has an increased likelihood of being high-fidelity way of transmitting a feeling, it also has an increased likelihood of being a low-intensity way of conveying that feeling. When you tell someone about what's going on in another person's mind (including an imaginary person's mind), it doesn't fire up the theory-of-mind machine in the way that asking someone to infer the state of someone else's mind from implicit cues does.
This is why fiction writers are exhorted to "show, not tell." Dramatic, implicit evocations of an emotion are intrinsically more interesting than explicit statements about emotions. That's not to say that exposition can't evoke an emotion – it can and does. It's just harder to do this with exposition than it is to do it with dramatization:
In his talk yesterday, Eno discussed abstract art, and the way that it evokes feelings in the viewer directly, without ever telling you what to feel. This is in keeping with much of Eno's own art (he recently told me that when he writes lyrics, he never uses the words "I," "me," "you," or "love").
In this theory I'm developing here, we could say that the more abstract a work is, the harder it is to evoke a specific feeling with high fidelity, but the more likely it is that the feelings it does evoke will be intensely felt. When your aesthetic sense resonates with a Henry Moore bronze or an Eno ambient track, the thrum is deep and strong.
Key to this theory is that it's about how hard it is for an artist to evoke a feeling and how hard it is for the artist to make that feeling intense. Abstract art is more likely to be misunderstood (or not understood) than explicit narratives, but lots of abstract art is very well understood by people for whom it resonates. Explicit narratives are likely to have a flatter affect than work that attempts to skewer your emotions directly, but plenty of explicit narratives make you feel the most profound emotions you're capable of feeling.

Imagine a 2×2 grid with "intensity" on one axis and "fidelity" on the other. It's easier to evoke an intense feeling when you are more abstract, but it's harder to control what that feeling will be. These are works that operate on an implicit theory of mind ("I think I know what you'll feel when you see this"). It's easier to control the feeling you're evincing when you are more concrete, but it's harder to make that feeling an intense one ("I will tell you what someone else is feeling using this work").
None of this is to establish a hierarchy of art. As Eno says, the value of art is in whether it makes you feel something and what it makes you feel – not how that feeling is drawn forth. In What Art Does, Eno describes both art and science as an extension of our natural, inborn tendency to play. The difference is that we judge the success of science based on whether we can validate its conclusions, while we judge the success of art based on whether it excites us:
'Excitement' is to art as 'falsifiability' is to science.
(With thanks to Brian Eno.)
Hey look at this (permalink)

- Meta legal action forces Facebook whistleblower to sit in silence at Hay festival https://www.theguardian.com/technology/2026/may/31/meta-legal-action-forces-facebook-whistleblower-to-stay-silent-at-hay-festival
-
EU Wants To Break Up With US Tech https://www.barrons.com/news/eu-wants-to-break-up-with-us-tech-5a8da16b
-
The rise of the McModern https://web.archive.org/web/20201013161651/https://archive.curbed.com/2017/6/30/15893836/what-is-mcmansion-hell-modern-suburbs-history
-
Merchandizing the Void https://dilettantearmy.com/articles/merchandizing-the-void
-
Hundreds of prolific Wikipedia editors are threatening to go on strike https://www.theverge.com/report/939442/wikipedia-editors-protest-wikimedia-layoffs-strike
Object permanence (permalink)
#20yrsago IRS insider accuses agency of giving archives to lowest bidder https://web.archive.org/web/20060614142129/http://wftm.diaryland.com/060601_71.html
#20yrsago Telemedicine rigs coming to all Virgin jets https://web.archive.org/web/20060616063357/http://europetravelnews.com/2006_05/844_virgin-atlantic-life-saving-technology/
#15yrsago Con artists caught tricking med-students into helping with high-tech entrance exam cheat https://web.archive.org/web/20110603051231/https://www.cbc.ca/news/canada/british-columbia/story/2011/05/31/bc-high-tech-mcat-scam.html
#10yrsago How a “lost” Marx Brothers musical found its way back to the stage https://web.archive.org/web/20160602114803/https://www.newyorker.com/culture/culture-desk/how-a-lost-marx-brothers-musical-found-its-way-back-onstage
#10yrsago How security and privacy pros can help save the web from legal threats over vulnerability disclosure https://iapp.org/news/a/how-you-can-help-white-hat-security-researchers
#10yrsago US Patent and Trademark Office refuses to issue “Drumpf” trademark https://www.worldipreview.com/trademark/drumpf-trademark-application-refused-by-uspto-10210
#10yrsago How an engineer/public health whistleblower led the citizen scientists who busted Flint’s water crisis https://web.archive.org/web/20160604112755/https://www.wired.com/2016/06/flint-water-marc-edwards/
#10yrsago Why 3D scans aren’t copyrightable https://web.archive.org/web/20160605140300/https://www.shapeways.com/blog/archives/25599-new-whitepaper-on-3d-scanning-and-the-lack-of-copyright.html
#10yrsago Cable One used customers’ credit scores to decide how good their internet would be https://wetmachine.com/tales-of-the-sausage-factory/broadband-privacy-can-prevent-discrimination-the-case-of-cable-one-and-fico-scores/
#10yrsago Class action: publishers paid writers “sale” royalties on ebooks whose fine-print says they’re “licensed” https://www.copylaw.org/2016/05/simon-schuster-hit-with-ebook-royalties.html
#5yrsago The antitrust case against Prime https://pluralistic.net/2021/06/01/you-are-here/#prime-facie
#5yrsago Google cheats on location privacy https://pluralistic.net/2021/06/01/you-are-here/#goog
#5yrsago Canadian telco monopolists run the show https://pluralistic.net/2021/06/01/you-are-here/#crtc
Upcoming appearances (permalink)

- SXSW London, Jun 2
https://www.sxswlondon.com/session/how-big-tech-broke-the-internet-b3c4a901 -
Kansas City: Facing the Future (Woodneath Library Center), Jun 10
https://www.mymcpl.org/events/119655/facing-future-cory-doctorow -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification -
The “Enshittification” of Everything (Bioneers)
https://bioneers.org/cory-doctorow-enshittification-of-everything-zstf2605/ -
Enshittification (99% Invisible)
https://99percentinvisible.org/episode/666-enshittification/ -
Artificial Intelligence: The Ultimate Disruptor, with Astra Taylor and Yoshua Bengio (CBC Ideas)
https://www.cbc.ca/listen/live-radio/1-23-ideas/clip/16210039-artificial-intelligence-the-ultimate-disruptor
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Molly Crabapple's 'Here Where We Live Is Our Country': An essential book for this moment and for the moments that led to it.
- Hey look at this: Delights to delectate.
- Object permanence: Home chemistry sets in danger; Every pirate wants to be an admiral; Painful computer workarounds; JPEG patent invalidated; UBS whistleblower v USA (x USA); David Foster Wallace x tennis; Who cares about "bandwidth hogs?"
- Upcoming appearances: London, Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Molly Crabapple's 'Here Where We Live Is Our Country' (permalink)
Molly Crabapple's Here Where We Live Is Our Country is one of the most important, timely and salient works of history I've ever read. It's a history of the Jewish Labor Bund, a socialist, internationalist organization that once dominated Jewish political identity:
In the late 19th and early 20th centuries, there were hundreds of thousands of Bund members, both in the Pale of Settlement (the rural regions of the Russian empire that the Tsar confined most Jews to) and in diasporic centers like New York City. The Bund played an important role in the Russian Revolution and in the resistance to the rise of European fascism, and fought valiantly in the antifascist underground guerrilla bands in Nazi-occupied territories.
Despite this faded prominence, the Bund is all but unknown today. I was only vaguely aware of it, even though I attended seven years' worth of Yiddish classes at the Workmen's Circle, a Bund-originated socialist fraternal organization, and was bar-mitzvahed at a Workmen's Circle hall. It wasn't until I read about the Bund in Naomi Klein's essential 2023 book Doppelganger that I first caught a glimmer of its significance:
https://pluralistic.net/2023/09/05/not-that-naomi/#if-the-naomi-be-klein-youre-doing-just-fine
The thesis of Doppelganger is that the world is full of "mirror world" pairs with opposite political valences. For example, the mirror world version of the health justice movement is MAHA. Both MAHA and health justice share many commonalities (such as a skepticism of Big Pharma and its captured regulators), but arrive at totally different conclusions. Health justice demands universal access to medical care, compulsory licenses and patent reform for life-saving medicines, and systemic interventions to address discrimination against gender minorities, women, and racialized people. MAHA starts from the same diagnosis, but arrives at a totally different prescription: "eating clean," buying unregulated supplements from grifters, rejecting vaccines, attributing chronic health problems to personal moral failings, along with a conspiratorial rejection of life-saving medication.
Mirror worlds are everywhere. One chapter of Klein's work deals with the "mirror worlds" of Jewish identity and what radical Jews once called "the Jewish question":
https://ernestmandel.org/english/works/Jewish-Question-Since-World-War-II
In the 19th century, antisemitism was often described as "the socialism of fools." In the real world, we observe the dominance of parasitic finance capital over productive labor and embark upon a great class struggle to seize the means of production. In the mirror world, antisemites observe this same fact, combine it with the fact that some of these bankers are Jewish, and embark on a genocidal program of antisemitic violence.
But antisemites weren't the only mirror-world pairing with a view on "the Jewish question." Early 20th century Jews also lived on either side of the political looking-glass. On one side, you had the Bundists, whose motto (and the title of Crabapple's book) was "Here, where we live, is our country." For Bundists, Jews belonged everywhere Jews were. As the Jewish socialist Meyer London wrote, "Thousands of Jewish boys and girls pray to God not to lead them again out of Egypt, but to help them free Egypt."
The Bund saw its struggle as just one aspect of the universal struggle for liberation. They understood that persecuted minorities everywhere labored under the double bind of racist and class oppression (and further, that women labored under gender oppression), but they also understood that these identity markers were tactical facts about how these workers should set about freeing themselves.
They didn't mistake identity for a strategic difference: the goal was always universal liberation, and the reason to consider identity-based oppression was to ensure that every comrade was brought along in the struggle. As Crabapple writes, the Bund more-or-less invented intersectional analysis, and they practiced it with an eye to all the struggles of the world. Bund newspapers (even those published by the Bund underground in the Warsaw Ghetto) closely tracked the struggles of Black workers in the Jim Crow south, just as the Black radical press of the day reported closely on antisemitic lynchings in Europe. The Bund underground even managed to send telegrams of support to Gandhi from Nazi-occupied Poland.
On the other side of the Jewish mirror was (of course) Zionism. Zionism and the Bund were founded in the same year, in response to the same events. The Bund was founded in secret by exiled radical Jews in Vilna whom the Tsar had banished for their resistance activities. Zionism was founded in Geneva by Theodor Herzl, who sheltered Jews who had fled Tsarist Russia to escape antisemitic violence.
Where the Bund called for universalism and solidarity with all workers to keep Jews safe in every place where Jews lived, Zionists dreamed of a Jewish homeland, a stronghold to which Jews could retreat from the world. Where the Bund fought antisemites who would banish or exterminate Jews, Zionist leaders were willing to align themselves with antisemites, finding common cause in the idea that European Jewry should abandon Europe in favor of Palestine.
Indeed, the Balfour Declaration – which established a plan for the UK handing over its occupied territories in Palestine to create a Jewish homeland – was fomented by vicious antisemites as part of a plan to ethnically cleanse the UK of all Jews:
https://www.palestine-studies.org/en/node/232119
As Crabapple documents in detail, in the ensuing decades of struggle that followed, Zionist leaders repeatedly entered into alliances with antisemitic politicians, even those who presided over (and sometimes directed) campaigns of racist terror against Jews. Despite their mutual hatred, they shared a common goal: terrorizing Europe's Jews out of Europe and into Palestine.
Meanwhile, Bundists never wavered from their rejection of antisemites. In the Bundists' socialist, internationalist program, the pursuit of a Jewish homeland merely dangled the possibility of Jewish liberation – at the expense of Palestinians, and without having anything to offer to all the other oppressed peoples of the world.
While I discovered the Bund through reading Naomi Klein, many others learned about it from Crabapple's widely circulated 2018 New York Review of Books article, "My Great-Grandfather the Bundist":
Predictably, Crabapple's article provoked attacks from Zionists who told Crabapple they blamed the Bund for its own extermination. In their telling, the Bund's stubborn refusal to confront antisemitism as "history's oldest hatred" was a suicidal delusion that led their members into the Nazis' mass graves.
But for many Jews, Crabapple's article was a revelation about a different way to be Jewish, an identity that rejected the Apartheid state of Israel (South African Apartheid and the state of Israel share a birth year, and Apartheid South Africa and Israel carried on a robust program of mutual trade in arms and surveillance tools):
https://imeu.org/resources/key-issues/fact-sheet-an-overview-apartheid-south-africa-israel/275
This revelation only gained salience and prominence after October 7, 2023, when Israel responded to a massacre perpetrated by Hamas by embarking on a years-long program of genocide and extraterritorial aggression. Zionists have defended these crimes against humanity as inseparable from Jewish identity and the only plausible answer to "the Jewish question."
Israel's defenders insist that even naming the genocide in Palestine (let alone opposing it) is inherently antisemitic. Ironically, Israel's loudest cheerleaders are the millions of antisemitic evangelical Christian Zionists who vastly outnumber Jewish Zionists, who support Israel in hopes of bringing about a Biblical prophecy in which Christ returns and every Jew is cast down to Hell.
In the years since, Crabapple's work to revive the Bund has only gained adherents, especially among Jews who refuse to accept that their safety can only be secured through mass slaughter and imperial conquest. Crabapple's response to this burgeoning movement is this book, a massive, heroic, brilliant, and pitiless history of the Bund that proposes its own answer to "the Jewish question."
Beyond its political importance, Here Where We Live Is Our Country is a remarkable scholarly and artistic achievement. Crabapple taught herself to speak and read Yiddish so that she could consume primary sources, and she crisscrossed the globe to see and research the key sites of Jewish oppression and the Jewish liberation struggle.
It's a monumental book. Thanks to Crabapple's voluminous research, Here Where We Live delivers a blow-by-blow look at the Bund's rise and its triumphs, but even more importantly, the tactical disagreements, factional disputes, and personal animus that too often snatched defeat from the jaws of victory for these committed revolutionaries.
At times, Crabapple's tick-tock of these fights seems to embody the wry maxim: "Two Jews, three arguments." But the point of all this nuanced, textured detail isn't to rehash the tittle-tattle of the previous century, nor is it to show off Crabapple's prowess as a researcher. Rather, in rehearsing these fights, Crabapple shows how reasonable these disputes seemed at the time, and how terrible the consequences were for all concerned.
In this mode, Crabapple manages the admirable achievement of being both sympathetic and pitiless. Crabapple, after all, is a veteran political activist who has traveled extensively to active war-zones to document atrocities and offer mutual aid to those fighting for justice. She's endured every failure that radical politics can manifest, sat through every kind of bad meeting, and she recognizes in these disputes the same personalities and personal failings that have broken her heart a hundred times. She understands why these people are this way – but she can also see, with perfect hindsight, the ghastly horrors that followed, which swamp any matter of principle these people might have stood on.
There's plenty of this sympathetic pitilessness to go around, and it's not just the Bund or Jews who come in for it. Every factionalist blunder in pre-Revolutionary Russia, in the Soviet Union, in interwar Poland, and in occupied Poland comes in for examination – as do every imprisonment, maiming, rape and death that these blunders opened the door to. Crabapple's heroes are principled, but they are imperfect, and sometimes foolish, and sometimes self-deluding (for example, the Palestinian leader who insists that his rank-and-file fighters want to establish a multi-ethnic democracy, despite the undeniable presence in their number of people who want to banish all Jews from Palestine).
The twentieth century was a charnel house, and so the cost of these mistakes is high. Often, these mistakes lead to mass graves, with these mistake-makers tangled among the bodies. They never had the chance to learn from their mistakes. But, through Crabapple's work, we might.
It is in the postscript to this book that its true message lands. After 480 pages, we arrive at Crabapple's conclusion. In reflecting on these people, who died in their millions and whose memory was all but erased, she asks, "Did the Bund fail?"
Her answer is a resounding no. The Bund lost, but it did not fail. The Bund was failed, as were the Zionists, the Roma, European socialists, disabled and queer people – everyone the Nazis burned, gassed, or buried alive. These people cried out to the rest of the world – to America, to Canada, to the UK, to all the places that were not under Nazi occupation – and begged for help, for safe passage, for rescue.
The world slammed its doors. Even after they joined the war, they refused to admit Jews and other victims of Nazi genocide. They refused visas, closed borders, turned back boats of escapees, sometimes sending them back to occupied Europe to be slaughtered.
In his review in the New York Review of Books, historian Adam Hochschild writes:
Imagine that the United States had not passed the Immigration Act of 1924, which essentially slammed the door on almost all newcomers for more than forty years. Without it, Jewish immigration to the US would surely have soared during the 1920s and 1930s. Some 2.5 million Jews, most of them hoping for a better life than they had in tsarist Russia, had already come here between 1880 and 1924. Then, even in the decade before Hitler took power, Jews still had many reasons to leave Europe. Poland, whose Jewish population of 2.8 million was the continent’s largest, was a cauldron of antisemitism between the wars, with outbreaks of deadly violence, segregated seating and de facto quotas in many universities, and numerous other humiliations.
https://www.nybooks.com/articles/2026/05/28/a-dream-of-a-socialist-commonwealth-the-jewish-bund/
No one who's paid attention during this century's xenophobic policies and attacks on refugees can fail to see the parallels. And no one who's paid attention to the genocide in Gaza and the official response in the "free" world to Palestinian solidarity movements can fail to see those parallels, either.
For the Jews who are told – by Zionists, including the millions of American gentile Zionists who outnumber Jewish Zionists 30:1 – that all this is being done for us, that our continued existence requires it, Crabapple's history of the Bund shows us what's on the other side of the mirror. As NYT editor Max Strasser writes in his review of Here Where We Live:
[The Bund was] the kind of movement leftists today dream about — political party, social movement, mutual aid group — with tens of thousands of members. The Bund published newspapers and ran soup kitchens and summer camps; its athletes competed in a socialist version of the Olympics. Bund activists organized across Eastern Europe and beyond — they helped elect a congressman on the Lower East Side.
The politics we dream of isn't a fantasy. It's the politics our grandparents lived – a politics that wasn't lost, but rather, erased. Erased by Nazis and Stalinists, who committed wholesale slaughter of Bundists. But that politics was also erased by Zionists, who swept through the Displaced Persons' camps of post-war Europe, imposing a draft on the Jews who'd been penned in those stinking camps by a world that refused to welcome Jews, even after the horrors of the death-camps were widely known. Zionists bullied and coerced these Jews – including Bundists who rejected their cause – to serve as foot-soldiers in the Israeli army, even beating elderly parents until their sons and daughters agreed to fight.
Bundists always rejected all forms of ethno-nationalism. As Jews, they had lived in the violence and oppression that always attended every ethno-nationalist program. They never imagined that Israel would escape this fate. As the Bundist leader Henryk Erlich wrote in 1933: "We are not a chosen people. Our nationalism is just as ugly, just as harmful as the nationalisms of all the other nations."
Crabapple has done heroic and important work in excavating this history. She has vindicated the sacrifices made by the Bundist archivists who smuggled their papers out of Nazi occupation and gave their lives to ensure that some day their story could be told.
In so doing, she has also vindicated her own great-grandfather, Sam Rothbort, a Bundist who fled the Pale of Settlement for New York City, whose art-practice traveled to Crabapple through her mother, who is also a painter. It wasn't just the art-practices that traveled – it was also the art, and it was one of Rothbort's paintings ("Itka, the Bundist," depicting a girl throwing a rock through a window) that set her on this journey.
This volume is also graced by Crabapple's own art, stark monochrome ink-washes in her characteristic style, which bring these long-dead people to vivid life. They're a reminder of the role that culture plays in every radical movement, of the ways that the Bund welcomed its members to live a radical life through sport and song and picnics, and not just meetings and street-demonstrations.
Even before this book, Crabapple had made a mark through her paintings and writings. But with Here Where We Live Is Our Country, Crabapple has given us a magnum opus, a book that might help us turn the tide of history.
Hey look at this (permalink)

- What Is a Dickover? https://daringfireball.net/2026/05/what_is_a_dickover
-
Inventing ELIZA: How the First Chatbot Shaped the Future of AI https://sites.google.com/view/elizaarchaeology/book
-
Inside Graham Platner’s Plan To Wield Power https://www.levernews.com/graham-platners-power/
-
mcmodernslopcore https://www.tumblr.com/mcmansionhell/817896092499869696/mcmodernslopcore
-
Locus Award for Best Non-fiction https://en.wikipedia.org/wiki/Locus_Award_for_Best_Non-fiction
Object permanence (permalink)
#20yrsago Sign a letter supporting the BBC’s online archive https://web.archive.org/web/20060704182401/http://www.freeculture.org.uk/letters/CreativeArchiveLetter
#20yrsago Home chemistry under assault https://web.archive.org/web/20060603021709/http://wired.com/wired/archive/14.06/chemistry_pr.html
#20yrsago Cliches to avoid when writing about women and video-games https://web.archive.org/web/20060704223941/http://www.richardcobbett.co.uk/codex/clicktoread/filingcabinet/writing_a_girls_in_games_article/
#20yrsago JPEG patent invalidated https://web.archive.org/web/20060613015757/http://www.pubpat.org/Chen672Rejected.htm
#20yrsago SF story about AI-human love https://www.salon.com/2006/05/30/perfect_man/
#15yrsago Sensation: Acerbic novel about pop culture and popular madness as functions of parasitic manipulation https://memex.craphound.com/2011/05/30/sensation-acerbic-novel-about-pop-culture-and-popular-madness-as-functions-of-parasitic-manipulation/
#15yrsago Every Pirate Wants to Be an Admiral: why less copyright gets you more culture https://www.theguardian.com/commentisfree/video/2011/may/30/internet-piracy-cory-doctorow
#15yrsago Social incentives vs economic incentives in crowdsourced work https://web.archive.org/web/20110602184500/https://blog.crowdflower.com/2011/05/designing-incentives-for-crowdsourcing-workers/
#15yrsago Painful workarounds from computer novices https://www.reddit.com/r/AskReddit/comments/hmlmd/what_is_the_most_painful_way_you_have_seen_your/
#10yrsago To imagine the ocean of the future: picture a writhing mass of unkillable tentacles, forever https://web.archive.org/web/20160530145354/https://arstechnica.com/science/2016/05/octopuses-may-indeed-be-your-new-overlords/
#10yrsago When Brad Birkenfeld blew the whistle on UBS, the US government paid him $104M and sent him to jail https://web.archive.org/web/20160602152611/http://fullmeasure.news/news/politics/the-whistleblower-05-23-2016
#10yrsago The last time there were this many unsold $100M+ homes on the market, the world economy imploded https://web.archive.org/web/20160529040314/https://www.nytimes.com/2016/05/29/business/a-worrisome-pileup-of-100-million-homes.html
#10yrsago David Foster Wallace’s essays on tennis, finally collected between one set of covers https://www.csmonitor.com/Arts-Culture/Books/2016/0530/String-Theory-gathers-the-brainy-witty-tennis-writing-of-David-Foster-Wallace
#10yrsago United Arab Emirates hacked UK journalist https://citizenlab.ca/research/stealth-falcon/
#10yrsago Internet economics 101: “bandwidth hogs” considered harmless https://web.archive.org/web/20160530155601/https://arstechnica.com/tech-policy/2016/05/should-broadband-data-hogs-pay-more-isp-economics-say-no/
#20yrsago JPEG patent invalidated https://web.archive.org/web/20060613015757/http://www.pubpat.org/Chen672Rejected.htm
#20yrsago SF story about AI-human love https://www.salon.com/2006/05/30/perfect_man/
#15yrsago Sensation: Acerbic novel about pop culture and popular madness as functions of parasitic manipulation https://memex.craphound.com/2011/05/30/sensation-acerbic-novel-about-pop-culture-and-popular-madness-as-functions-of-parasitic-manipulation/
#10yrsago To imagine the ocean of the future: picture a writhing mass of unkillable tentacles, forever https://web.archive.org/web/20160530145354/https://arstechnica.com/science/2016/05/octopuses-may-indeed-be-your-new-overlords/
#10yrsago When Brad Birkenfeld blew the whistle on UBS, the US government paid him $104M and sent him to jail https://web.archive.org/web/20160602152611/http://fullmeasure.news/news/politics/the-whistleblower-05-23-2016
#10yrsago The last time there were this many unsold $100M+ homes on the market, the world economy imploded https://web.archive.org/web/20160529040314/https://www.nytimes.com/2016/05/29/business/a-worrisome-pileup-of-100-million-homes.html
#10yrsago David Foster Wallace’s essays on tennis, finally collected between one set of covers https://www.csmonitor.com/Arts-Culture/Books/2016/0530/String-Theory-gathers-the-brainy-witty-tennis-writing-of-David-Foster-Wallace
#10yrsago United Arab Emirates hacked UK journalist https://citizenlab.ca/research/stealth-falcon/
#10yrsago Internet economics 101: “bandwidth hogs” considered harmless https://web.archive.org/web/20160530155601/https://arstechnica.com/tech-policy/2016/05/should-broadband-data-hogs-pay-more-isp-economics-say-no/
Upcoming appearances (permalink)

- SXSW London, Jun 2
https://www.sxswlondon.com/session/how-big-tech-broke-the-internet-b3c4a901 -
Kansas City: Facing the Future (Woodneath Library Center), Jun 10
https://www.mymcpl.org/events/119655/facing-future-cory-doctorow -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification -
The “Enshittification” of Everything (Bioneers)
https://bioneers.org/cory-doctorow-enshittification-of-everything-zstf2605/ -
Enshittification (99% Invisible)
https://99percentinvisible.org/episode/666-enshittification/ -
Artificial Intelligence: The Ultimate Disruptor, with Astra Taylor and Yoshua Bengio (CBC Ideas)
https://www.cbc.ca/listen/live-radio/1-23-ideas/clip/16210039-artificial-intelligence-the-ultimate-disruptor
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Carneyism without Carney: Eh?
- Hey look at this: Delights to delectate.
- Object permanence: Replacing pharma patents with bounties; USTR v cheap leukemia meds; Plutocrats x wealth segregation; Anonymous Analytics; Scott Walker sells off donors; Anonymization v metadata; Probably; Amazon warehouse workers are the future of Amazon coders; Warcraft eggs; Brainwashing school; People who don't know The Onion is satire; "Company Town"; America is a scam.
- Upcoming appearances: London, Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh, South Bend.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Carneyism without Carney (permalink)
The "Third Way" in liberal politics involves saying things that working people love, but doing things that sociopathic plutocrats love. It works …right up until voters notice that you're not doing the things. That realisation breeds cynicism and fury and paves the way for fascist strongmen.
It's really ugly, and no one does it uglier than Canada's Liberal Party. Remember that time Prime Minister Justin Trudeau marched with Greta Thunberg to protest Canada's shitty, planet-wrecking climate policies?
https://globalnews.ca/news/5959371/election-campaign-climate-march/
Gee, Justin – it sure would be great if you could have a word with the fella who decided to bail out America's doomed tar sands pipeline and vowed to pump and torch 173,000,000,000 barrels of Canadian oil:
https://finance.yahoo.com/news/no-country-173-billion-barrels-203807530.html
Trudeau's "Third Way" eventually proved so unpopular that he opened the door to an authoritarian takeover of Canada by an otherwise totally unelectable, Trump-aligned far-right maniac. The only thing that saved Canada from a fate dumber than Trump was Trump himself, who wouldn't stop promising to make Canada the 51st state, an idea that was even more repellent to Canadians than five more years of Third Way bullshit:
https://ca.news.yahoo.com/pierre-poilievre-joe-rogan-podcast-143318576.html
And boy did Canadians find a Third Way bullshitter to move into 24 Sussex Drive: Mark Carney, an austerity-crazed central banker who will endorse incredibly progressive policies…provided he never has to do any of them. When it comes to championing working Canadians while royally screwing them, Carney is the only Canadian politician capable of out-Trudeauing Trudeau.
But we shouldn't reject Carneyism due to the mere fact that Carney refuses to deliver Carneyism. The problem with Carneyism isn't Carneyism itself – the problem with Carneyism is Mark Carney.
Take Carney's policy promise to charge US tech giants a 3% tax, a move that would defeat their incredibly clever gambit of pretending to be Irish and thus not owing any tax, anywhere:
https://pluralistic.net/2026/01/17/erin-lets-go/#circumvention-haven
That was a good policy! So was Carney's "elbows up" policy of sticking it to America in retaliation for Trump's flagrant violation of CUSMA, the free trade agreement negotiated by (checks notes) one Donald J Trump:
https://www.theguardian.com/us-news/2025/may/06/trump-carney-meeting-canada-tariffs-trade
Unfortunately, Mark Carney didn't get the memo from (checks notes) Mark Carney, and the very instant Trump arranged his face into his trademarked confused scowl, Carney dropped the tax, apologising profusely:
In the last days of the Trudeau government, the Liberals passed a bill that transformed Canada's Competition Bureau from the weakest antitrust regulator in the world into one of the strongest (on paper, at least):
It's impossible to overstate how useless the Competition Bureau was before this bill passed. In its entire history, the Bureau had only challenged three mergers, and had never successfully challenged a merger. Canada's do-nothing competition enforcers allowed the country to be captured by Made-in-Canada oligarchs whose ripoffs and abuses would make the Hudson's Bay Company blush:
https://pluralistic.net/2024/12/05/ted-rogers-is-a-dope/#galen-weston-is-even-worse
If Canada was ever going to be a real country (and not just two monopolists and a mining company in a trenchcoat) it needed a serious competition enforcer. Nominally, it has one, thanks to the 2024 Competition Act. The only problem was Carney, who made sweeping real-terms cuts to the Bureau's funding. Thanks to Carney, Canada has a Competition Bureau with all the powers it needs to save Canada from its oligarchs – but it can't afford to do any of that stuff.
Monopolists rip Canadians off like crazy. We even have a guy who mistook Les Miz for an HBR case-study, and embarked upon the country's worst-ever price-fixing campaign, gouging the country on bread prices:
https://www.donotpassgo.ca/p/the-bread-price-fixing-scandal-is
You don't have to be a monopolist to steal from Canadians. Ripping off Canadians is the game everyone can play! Consumer protection agencies are incredible value for money, saving the public hundreds for every dollar that we spend on them. Guess who just eliminated Canada's consumer protection agency?
https://www.donotpassgo.ca/p/carney-government-slashes-consumer
Oh, to be a scammer in Mark Carney's Canada! Whatever Galen Weston doesn't steal is yours for the taking!
But again, the problem isn't Carneyism – the problem is Carney. Carneyism is great. Carneyism gave us that remarkable speech at Davos, where Mark Carney declared a "rupture" in the US-dominated global system of trade and politics, promising a future of "minilateralism" in which "middle powers" like Canada band together for mutual prosperity:
If only Mark Carney had been there to hear those stirring words! He might have understood what a fucking insane idea it is to turn over Canada's military to Palantir, the company that, more than any other, has fused itself with the Trump regime's domestic program of ethnic cleansing and its international program of extraterritorial aggression:
Carneyism isn't merely a rejection of the old international order. Domestically, Carneyism promises technocratic excellence, skilled leadership that delivers first-class services for the Canadian people. This is a great pitch! It got Mamdani elected, and Mamdani's sincere pursuit of governmental excellence thrills New Yorkers in new ways every day:
https://pluralistic.net/2026/02/24/mamdani-thought/#public-excellence
Here, too, Carneyism is entirely sound – the problem is Carney's vicious anti-Carneyism and his plan to fire tens of thousands of civil servants and replace them with AI chatbots. It's not just that chatbots are terrible substitutes for skilled public officials, they're also controlled by US corporations that are entirely beholden to the Trump regime:
https://www.cbc.ca/news/politics/carney-artificial-intelligence-strategy-9.7213733
Unlike Mark Carney, I support Carneyism. Carneyism promises protection for Canadians, from monopolists and mad emperors, petty thieves and potholes. But Carney himself ardently opposes these policies. This will only get worse when the AI bubble pops and vaporises a third of the US stock market, spreading contagion to global capital markets. That will be Carney's cue to roll out his favourite go-to tactic: austerity.
We cannot afford this. Austerity is how we lose the country. Austerity – more than any other force – drives working people into the arms of fascists:
https://pluralistic.net/2026/04/12/always-great/#our-nhs
The thing is, Mark Carney has shown his political opponents how to beat him: just embrace Carneyism. The things Carney says are incredibly popular. Now we just need to elect someone who'll do them.
Hey look at this (permalink)

- Websites have a new way to spy on visitors: analyzing their SSD activity https://arstechnica.com/security/2026/05/websites-have-a-new-way-to-spy-on-visitors-analyzing-their-ssd-activity/
-
Cory Doctorow on Why the Internet Feels So Broken https://thewalrus.ca/cory-doctorow-on-why-the-internet-feels-so-broken/
-
AI sticker shock hits corporate America https://www.axios.com/2026/05/28/ai-spending-roi-enterprise-costs
-
A Fran Lebowitz Sampler https://jonwinokur.substack.com/p/a-fran-lebowitz-sampler
-
Sam Altman and Dario Amodei are both walking back their AI jobs apocalypse prophecies as they eye blockbuster IPOs https://fortune.com/2026/05/26/sam-altman-dario-amodei-walking-back-ai-jobs-apocalypse-prophecies-ipo/
Object permanence (permalink)
#20yrsago World of Warcraft Easter eggs https://web.archive.org/web/20060614223838/http://www.wow-europe.com/en/contests/noblegarden/winners.html
#15yrsago Bernie Sanders introduces anti-pharma-patent bill, aims to replace drug monopolies with prizes https://web.archive.org/web/20110528053922/http://keionline.org/node/1147
#15yrsago Life at a brainwashing “school for troubled teens” https://www.reddit.com/r/troubledteens/comments/hk0xy/a_gay_teen_describes_her_experience_at_a_utah/
#15yrsago Facebook updates from people who don’t know The Onion is a humor site https://literallyunbelievable.tumblr.com/
#10yrsago Untangling the Web: the NSA’s supremely weird, florid guide to the Internet https://www.techdirt.com/2016/05/27/nsas-guide-to-internet-is-weirdest-thing-youll-read-today/
#10yrsago Company Town: Madeline Ashby’s tale of sex and Singularity cults is a locked-door mystery at sea https://memex.craphound.com/2016/05/28/company-town-madeline-ashbys-tale-of-sex-and-singularity-cults-is-a-locked-door-mystery-at-sea/
#10yrago US trade rep threatens Colombia’s peace process over legal plan to offer cheap leukemia meds https://web.archive.org/web/20160725174757/https://www.statnews.com/pharmalot/2016/05/26/bernie-sanders-novartis-patent/
#10yrsago Security researcher discovers glaring problem with patient data system, FBI stages armed dawn raid https://dailydot.com/politics/justin-shafer-fbi-raid
#10yrsago Wealthy families are most responsible for American wealth segregation https://web.archive.org/web/20160530195842/https://www.washingtonpost.com/news/wonk/wp/2016/05/10/the-incredible-impact-of-rich-parents-fighting-to-live-by-the-very-best-schools/
#10yrsago Someone just snuck warrantless email access into the Senate’s secret intelligence bill https://web.archive.org/web/20160526201753/https://theintercept.com/2016/05/26/secret-text-in-senate-bill-would-give-fbi-warrantless-access-to-email-records/
#10yrsago Wells Fargo, who preyed on black borrowers, sponsors Black Lives Matter luncheon https://web.archive.org/web/20160527184755/https://theintercept.com/2016/05/27/wells-fargo-sponsorship-of-black-lives-matter-panel-draws-scorn/
#10yrsago Anonymous Analytics: self-proclaimed Anon “faction” that tanks companies through stock reports https://web.archive.org/web/20160527155031/https://news.softpedia.com/news/anonymous-hackers-turned-stock-analysts-are-targeting-us-chinese-corporations-504495.shtml
#10yrsago Scott Walker, saddled with $1.2m debt from failed presidential bid, pawns his own donors https://ghanasoccernet.com/uk/2016/05/24/scott-walker-rents-out-donor-list-to-pay-campaign-debt/
#10yrsago Study shows detailed, compromising inferences can be readily made with metadata https://www.pnas.org/doi/full/10.1073/pnas.1508081113
#10yrsago EFF fights order to remove public records documents detailing Seattle’s smart-meters https://www.muckrock.com/news/archives/2016/may/26/court-grants-temporary-restraining-order-forcing-r/
#5yrsago Probably https://pluralistic.net/2021/05/27/probably/
#1yrago AI turns Amazon coders into Amazon warehouse workers https://pluralistic.net/2025/05/27/rancid-vibe-coding/#class-war
#1yrago America is a scam https://pluralistic.net/2025/05/28/cheaters-ever-prosper/#caveat-america
Upcoming appearances (permalink)

- SXSW London, Jun 2
https://www.sxswlondon.com/session/how-big-tech-broke-the-internet-b3c4a901 -
Kansas City: Facing the Future (Woodneath Library Center), Jun 10
https://www.mymcpl.org/events/119655/facing-future-cory-doctorow -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: The Reverse Centaur's Guide to Life After AI with David Williams (Fitler Club/Philadelphia Citizen), Jun 25
https://www.eventbrite.com/e/cory-doctorow-book-event-tickets-1990110326559 -
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales -
South Bend: An Evening With Cory Doctorow (Notre Dame), Oct 6
https://franco.nd.edu/events/2026/10/06/an-evening-with-cory-doctorow/
Recent appearances (permalink)
- On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification -
The “Enshittification” of Everything (Bioneers)
https://bioneers.org/cory-doctorow-enshittification-of-everything-zstf2605/ -
Enshittification (99% Invisible)
https://99percentinvisible.org/episode/666-enshittification/ -
Artificial Intelligence: The Ultimate Disruptor, with Astra Taylor and Yoshua Bengio (CBC Ideas)
https://www.cbc.ca/listen/live-radio/1-23-ideas/clip/16210039-artificial-intelligence-the-ultimate-disruptor
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- Hold on for dear life: Not your keys, not your wallet, entirely your problem.
- Hey look at this: Delights to delectate.
- Object permanence: Who owns "Web 2.0"; EFF saves bloggers' sources; Non-porn porn; Redaction fails; Canadian Tories say markets, not government, will help flood victims; Forced gold-farming; Walkaway cover; Oracle eats shit in Java API case; Captain America was a Nazi spy; Who Broke the Internet? (Pt IV).
- Upcoming appearances: London, Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Hold on for dear life (permalink)
From the earliest days of technopolitics, the role of technology in resisting authoritarianism was unclear. On the one hand, there's the indisputable fact that modern cryptography, properly implemented, can deliver a degree of privacy that is proof against all technological attacks.
That is to say, if you pull out your distraction rectangle, fire up the camera, and tap the shutter button, in the ensuing eyeblink instant the image you've captured will be scrambled so thoroughly that it could never be unscrambled without the secret key unlocked by your passphrase or biometrics. Even if every hydrogen atom in the universe were converted into a computer, and even if all those computers spent all the time between now and the end of the universe trying to guess what the key was, we would run out of universe and time long before we ran out of possible keys.
What's more, this extremely robust form of scrambling and descrambling can be combined with other techniques to block tampering with the encrypted data, and to allow parties to reliably identify who scrambled the data and also to restrict who may unscramble it. These remarkable technological facts have inspired many excited debates about what they mean for our politics, most notably among a group of people who called themselves "cypherpunks":
https://web.archive.org/web/20151102012232/https://www.wired.com/1993/02/crypto-rebels/
One cypherpunk faction believed that modern cryptography could enable a kind of technological secession: by allowing ordinary people to communicate, transact and collaborate without the possibility of state interception or control, crypto could make states themselves obsolete.
But another faction pointed out that no amount of mathematics could help you if an agent of the state – or a criminal the state failed to protect you from – tortured you until you revealed the secret passphrase needed to unlock your secrets. This was (ironically) called "rubber hose cryptanalysis" (as in "Tell me your passphrase or I'll hit you with this rubber hose again"). Later, this became known as a "wrench attack" after a famous XKCD comic about $1m worth of security technology being defeated by hitting someone with a $5 wrench until they divulged the password:
Once you stipulate to the problem of wrench attacks and rubber-hose cryptanalysis, it becomes apparent that your cryptography is only as good as your physical defenses. What's more, the most effective physical defenses we have come from a strong rule of law, because even the thickest safe door benefits from the threat of prison for anyone who breaks into the safe, and the most effective tool for preventing a cop from hitting you with a rubber hose is the existence of a judge who can send that cop to prison for abusing your civil rights.
But what do you do if you already live under tyranny? The rule of law is a great defense, but cryptography alone can't bring about the rule of law. What is the role of technology in this foundational struggle?
My technopolitics faction – the faction associated with the Electronic Frontier Foundation, where I've worked for a quarter-century – has an answer: the role of encryption is to provide a measure of privacy and security that is best used to organize political struggles to demand the rule of law and respect for human rights. Encryption isn't proof against rubber hoses, but it is effective against many other forms of state repression, and it can provide a technical edge for those engaged in a political struggle.
Another faction – the faction most associated with bitcoin and subsequent cryptocurrency projects – rejects the role of the state altogether, and seeks to replace states (and state-regulated institutions like courts and banks) with mathematics. Rather than asking courts to interpret contracts, we can put our trust in self-executing "smart contracts," and rather than asking banks to safeguard our financial integrity, we can use cryptographic software to ensure that money only moves when the person it belongs to tells it to.
This has many problems. Smart contracts are slow, expensive, and unreliable. The number of people who understand contracts is small, the number of people who understand the software that embodies smart contracts is likewise small, and the Venn intersection of the two is more of a sphincter. What's more, there is irreducible ambiguity in all but the simplest of contracts, which means that even a "self-executing" contract ends up relying on a human adjudicator (an "oracle") who can be bribed or intimidated into cheating:
https://pluralistic.net/2022/02/14/externalities/#dshr
And when it comes to transactions, crypto proves to be unwieldy, expensive and complex, so that nearly all crypto users end up directing an intermediary (like Coinbase) to hold and move their cryptographic assets for them. The upshot is that cryptocurrency mostly replaces banks – imperfect, but heavily regulated and insured – with unregulated tech platforms with murky ownership and often defective security procedures, who may or may not be insured (or even locatable) in the event of a collapse or a breach. Consequently, cryptocurrency has become a scam magnet of unprecedented and unstoppable power, and hardly a day goes by without people being ripped off in the most ghastly ways imaginable:
https://www.web3isgoinggreat.com/
For bitcoin maxis and other anti-state cypherpunks, this is just a skill issue. Anyone who doesn't understand how to manage their own keys and turns to a platform to hold and move their crypto is getting what they deserve. As the maxim goes, "Not your keys, not your wallet," which is cypherpunkspeak for "caveat emptor."
That's where the wrench attacks come in. Because if you are in possession of keys that can be used to irreversibly and instantaneously steal large sums of money and move it to jurisdictions where the perpetrators are beyond any legal or physical recourse (e.g. North Korea), then there is a massive incentive for your adversaries to kidnap you and hit you with a wrench or a rubber hose.
That's precisely what's going on. People with substantial cryptocurrency holdings face grave personal danger, and the physical attacks on their person grow bolder, more violent, and more sadistic by the day:
https://github.com/jlopp/physical-bitcoin-attacks/blob/master/README.md
As crypto critic David Rosenthal writes, this problem is even worse than it seems at first blush:
https://blog.dshr.org/2026/05/wrench-attacks.html
For one thing, cryptocurrencies depend on "public ledgers" that indelibly, publicly record every transaction in the network. Cryptocurrency is nothing without these ledgers, and they have to be immutable and public to work. This is very bad news for anyone who relies on anonymity as their defense against physical attacks.
That's because "reidentification attacks" (where an anonymous person in a dataset is positively identified) get easier to perform over time. You might be represented in a database of hospital prescribing activities by a random number, and that number might be hard to associate with your real identity…at first. But with every subsequent release of data – whether in the form of an anonymized data-set or a breach – it gets easier to cross-reference the facts associated with your record with other facts from other records, such that a detailed, identifying picture of you emerges one fact at a time.
For example, if the taxi company you use suffers a breach that reveals journeys associated with every doctor's appointment at the hospital, now an attacker can pick out the home or work address of the single person who visited the hospital just before you received your prescription. The longer an "anonymized" data-set sits around in public view, the easier it gets to de-anonymize it:
https://www.nature.com/articles/s41467-019-10933-3
Combine the fact that permanent ledgers make it progressively easier to identify people whom you can torture into revealing their crypto keys with the irreversible, instantaneous nature of crypto transfers and you get some very juicy targets indeed. "Not your keys, not your wallet" means it's "not anyone else's problem" when you get robbed. You can't ask the bank to interdict or reverse the transaction.
Rosenthal provides a litany of the escalating security measures crypto holders are turning to as this problem goes progressively more dangerous and terrifying. There's the guy who splits his keys up in four physical vaults at four separate locations, whose management is instructed to make him wait a minimum of seven days when he asks to retrieve them. Despite all this, he keeps his identity secret:
Rosenthal quotes Nicholas Weaver, who asks what kind of "internet of money" bitcoin can be if it can't be safely stored on a computer connected to the actual internet:
https://doi.org/10.1145/3208095
But an equally valid question is, what kind of escape from tyranny is it that requires you to hide your identity at all times lest you be snatched off the street and brutally tortured? What kind of "liberty" requires you to spend $860,000 armoring your two top execs' personal vehicles to protect them from gunfire and light artillery?
https://www.ft.com/content/71d7486d-89b5-48ac-8f94-857578c0a03b
It costs $6.2m/year to protect Coinbase's CEO – "more than the combined amount that JPMorgan Chase & Co., Goldman Sachs Group Inc. and Nvidia Corp. spent on their respective CEOs":
Crypto true believers exhort one another to "HODL" (hold on for dear life). Selling your crypto during downturns is considered a moral failing. But now, crypto holders – especially those who manage their own keys – are literally holding on for dear life, as they are hunted by crime syndicates and state actors alike.
It's a good reminder of how badly crypto has failed on its own terms, delivering its biggest users into an existence of fear and physical peril that rivals the plight of even the most hunted dissidents in the most repressive societies. Worse: as cryptocurrency lobbyists have fused crypto with the world's largest and most corrupt governments (especially the Trump regime), crypto now has all the exposure to state coercion that made banks so unsuitable, but without the (inconstant, insufficient) protections offered by traditional banking.
And that's before we talk about the energy consumption problems, the scams enabled by crypto, and the rampant human trafficking that those scams necessitate:
People in my technopolitical faction have a saying of our own: "'Crypto' means cryptography." Cryptography plays a hugely important role in protecting people from crime and state repression. It is no substitute for the rule of law and democracy, but it remains a key tool for securing and defending both:
https://pluralistic.net/2022/03/27/the-best-defense-against-rubber-hose-cryptanalysis/
Cryptocurrency, on the other hand? That's the worst of all worlds.
Hey look at this (permalink)

- Un internet post americano, resistente a la mierdificación https://supernovainterna.substack.com/p/traducir-sin-ia-mi-interpretacion
-
Best sketches from SNL season 51 https://a.wholelottanothing.org/best-sketches-from-snl-season-51/
-
Revenge of The Business Idiot https://www.wheresyoured.at/the-revenge-of-the-business-idiot/
-
Uber, Lyft drivers in Massachusetts form first US ride-share union https://www.reuters.com/business/world-at-work/uber-lyft-drivers-massachusetts-form-first-us-ride-share-union-2026-05-26/
-
Star Trek Title Card Generator https://trek.epicrandomness.com/
Object permanence (permalink)
#20yrsago Can anyone own “Web 2.0?” https://memex.craphound.com/2006/05/26/can-anyone-own-web-2-0/
#20yrsago iRiver gives customers the choice of switching off DRM https://web.archive.org/web/20060619150812/http://www.iriver.com/mtp/
#20yrsago EFF scores win against Apple: bloggers’ sources are protected https://web.archive.org/web/20060602020337/http://blog.wired.com/27BStroke6/index.blog?entry_id=1489151
#15yrsago Anonymous pre-paid credit-cards and money-laundering https://web.archive.org/web/20110529001021/https://www.forbes.com/feeds/ap/2011/05/23/technology-lt-fea-plastic-money-laundering_8481416.html
#15yrsago More incompetence revealed on the part of France’s “three-strikes” copyright enforcer https://web.archive.org/web/20120520073256/https://arstechnica.com/tech-policy/2011/05/french-three-strikes-anti-piracy-software-riddled-with-flaws/
#15yrsago Montage: Non-pornographic scenes from pornographic movies https://www.youtube.com/watch?v=DVBhVDXLpaI
#15yrsago Improper court record redaction: a study https://blog.citp.princeton.edu/2011/05/25/studying-frequency-redaction-failures-pacer/
#15yrsago Texas anti-TSA-grope bill killed by threat to shut down all Texas airports https://www.texastribune.org/2011/05/24/fed-threat-shuts-down-tsa-groping-bill-in-texas/?r
#15yrsago Canadian Tories refuse to send soldiers to help flood victims because they’d compete with the private sector https://web.archive.org/web/20110527053822/https://www.theglobeandmail.com/news/national/quebec/ottawa-initially-refuses-request-for-more-troops-to-aid-quebec-flood-victims/article2033562/
#15yrsago Gold-farming in a Chinese forced-labor camp https://www.theguardian.com/world/2011/may/25/china-prisoners-internet-gaming-scam
#10yrsago Edward Snowden performs radical surgery on a phone to make it “go black” https://web.archive.org/web/20160527125043/https://www.wired.com/2016/05/snowden-vice-cell-phone-hack/
#10yrsago FBI is investigating copyright trolls Prenda Law for fraud https://web.archive.org/web/20160526005012/https://popehat.com/2016/05/25/fbi-actively-investigating-prenda-law-team-for-fraud/
#10yrsago How a pharma company made billions off mass murder by faking the science on Oxycontin https://web.archive.org/web/20160524112437/http://static.latimes.com/oxycontin-part1/
#10yrsago GOP officials won’t let the FEC stop bosses from forcing employees to give to PACs https://web.archive.org/web/20160526114245/https://prospect.org/blog/checks/fec-deadlocks-over-employer-political-coercion
#10yrsago Undetectable proof-of-concept chip poisoning uses analog circuits to escalate privilege https://www.ieee-security.org/TC/SP2016/papers/0824a018.pdf
#10yrsago “Pickup artist” douche uses copyright to sue Youtube critics, fans raise $100K defense fund https://www.gofundme.com/f/h3h3defensefund
#10yrsago The best thing you will read about the revelation that Captain America was a Nazi spy https://web.archive.org/web/20160623131614/https://storify.com/rahaeli/captain-america
#10yrsago Revealed: the amazing cover for Walkaway, my first adult novel since 2009 https://reactormag.com/cover-reveal-walkaway-cory-doctorow//
#10yrsago Tor Project is working on a web-wide random number generator https://blog.torproject.org/mission-montreal-building-next-generation-onion-services/
#10yrsago Jury hands Oracle its ass, says Google doesn’t owe it a penny for Java https://www.eff.org/deeplinks/2016/05/eff-applauds-jury-verdict-favor-fair-use-oracle-v-google
#10yrsago Arcade cabinet enthusiasts discover trove of 50+ games in ship, derelict for 30 years https://arcadeblogger.com/2016/05/06/arcade-raid-the-duke-of-lancaster-ship/
#5yrsago Monopolists are winning the repair wars https://pluralistic.net/2021/05/26/nixing-the-fix/#r2r
#1yrago Who Broke the Internet, Part IV https://pluralistic.net/2025/05/26/babyish-radical-extremists/#cancon
Upcoming appearances (permalink)

- SXSW London, Jun 2
https://www.sxswlondon.com/session/how-big-tech-broke-the-internet-b3c4a901 -
Kansas City: Facing the Future (Woodneath Library Center), Jun 10
https://www.mymcpl.org/events/119655/facing-future-cory-doctorow -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: TBA, Jun 25
-
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales
Recent appearances (permalink)
- On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification -
The “Enshittification” of Everything (Bioneers)
https://bioneers.org/cory-doctorow-enshittification-of-everything-zstf2605/ -
Enshittification (99% Invisible)
https://99percentinvisible.org/episode/666-enshittification/ -
Artificial Intelligence: The Ultimate Disruptor, with Astra Taylor and Yoshua Bengio (CBC Ideas)
https://www.cbc.ca/listen/live-radio/1-23-ideas/clip/16210039-artificial-intelligence-the-ultimate-disruptor
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Cross-domain access is everywhere in today's software landscape. Whether you look at enterprise SaaS applications, AI agents interacting with user data across multiple platforms, or "integrated experiences" pulling information from a calendar, a chat tool, and a wiki—everything eventually needs to talk across boundaries.
Development teams frequently reach for the quickest path to wire these systems together. Usually, teams fall back on two "obvious" architectural shortcuts. However, as experience deploying these architectures at scale demonstrates, both models break down in production.
Let's take a closer look at why these shortcuts fail and what a resilient cross-domain pattern actually looks like.
🧶 Shortcut #1: Have the IdP issue the access token directly
The pattern: the client takes its ID Token to the IdP, exchanges it for an access token, and sends that access token straight to the resource app's API.
Why it's tempting: it reuses the IdP that everyone already trusts. It feels like a clean, one-stop shop.
Why it breaks: every API on the receiving end now has to trust a growing list of foreign token issuers — each with its own quirks around token format, claim conventions, key rotation, and revocation.
Suddenly your API team is in the federation business, doing one-off integrations per IdP. That's not a sustainable model for building APIs at scale. APIs are far better served by having a local authorization server issuing the tokens they validate — one issuer, one model, one set of rules.
🪪 Shortcut #2: Send the ID Token across domains
The pattern: skip the IdP-issued access token and present the original ID Token directly at the receiving app's authorization server, exchanging it for a locally issued access token.
Why it's tempting: ID Tokens are standardized, so it feels like it sidesteps the trust-fan-out problem from #1.
Why it breaks: ID Tokens are issued for one audience — the application the user signed into. Sending them somewhere else violates that audience binding, opens up replay and misuse risks.
🎯 What Cross-App Access does differently
Cross-App Access (XAA) uses a two-stage flow — and each stage exists specifically to fix one of the problems above.
Stage 1: The client makes a Token Exchange request to the IdP to exchange the ID Token for an ID-JAG: a purpose-built, short-lived, audience-bound grant for the resource authorization server.
No ID Token misuse, no audience confusion. The IdP also stays in the loop to govern whether this cross-app access should happen at all — exactly where enterprise IT already manages who can access what.
Stage 2: The resource app's authorization server exchanges the ID-JAG for its own access token. The API keeps its local AS, its own token format, and its own revocation story. It only has to trust the access tokens issued by its own AS — not a foreign access token.
We can push all the complexity of user login, token minting, and cross-domain policy evaluation onto the specialized identity components, keeping the resource API free to do the much simpler task of validating its own domain's access tokens and serving data.
If you're designing cross-domain access for an AI agent, an enterprise suite, or any multi-vendor ecosystem, this is the pattern to follow. The IETF draft: https://datatracker.ietf.org/doc/draft-ietf-oauth-identity-assertion-authz-grant/
Today's links
- AI and a world without migrants: It's solipsism all the way down.
- Hey look at this: Delights to delectate.
- Object permanence: Manuscript rabbits; "What Will Come After"; Pastejacking; Terrorism phrenology; Vaccine waivers were promised 20 years ago.
- Upcoming appearances: London, Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
AI and a world without migrants (permalink)
I don't care who you are, there will always be times when hell is other people. Not because other people are horrible – quite the opposite! Other people are wonderful, but boy are they ever stubborn.
From boardgames to romance, team sports to movement politics, business ideas to construction projects, there's so much important, enjoyable and essential stuff you can't do alone. But other people insist on having their own priorities and goals, and they mulishly refuse to organize their lives to suit your priorities.
Our species has put a lot of work into resolving this conundrum. Not only did we evolve a whole brain structure – the neocortex – that helps us understand others' perspectives, but we also evolved many social structures (like laws and teams and governments and families and committees and bureaucracies) to help us coordinate with others to do superhuman things (that is, things that exceed the capacity of a single human).
These structures are imperfect, but they're better than the alternative: coercion. Persuading others is not without its pitfalls, but compared to forcing others to bend to your will, "persuasion" is the hands-down favorite.
Not for everyone, though. There has always been a group of people who refused to acknowledge that other people have perfectly valid reasons for wanting to pursue their own goals rather than yours. We call most of those people "toddlers" and devote sizable social effort to helping them outgrow this belief.
But there's another group of people who carry this belief into adulthood. If they're of regular means, we call those people "bullies." However, if they're sufficiently wealthy, we call them "billionaires" (this is the same force that allows money to transmute a "hoarder" into a "collector").
Just lately though, we've come up with a new solution to the problem of hell being other people. Rather than coercing other people into arranging their affairs to suit our needs, we've devoted trillions of dollars to replacing people with pliant chatbots, in the hopes that these chatbots can be made so effective that we can just dispense with other people altogether.
Many everyday people have replaced their romantic partners with chatbots ("AI boyfriends"/"AI girlfriends"), and they've formed active communities to revel in the delights of pursuing love with someone who demands no moral consideration or compromise, glorying in a world of love without lovers:
https://www.cbc.ca/listen/cbc-podcasts/1353-the-naked-emperor/episode/16215328-e1-love-bots
There's a whole community of people who have stopped listening to music created by people in favor of made-to-order slop, exulting in a world of music without musicians:
These are foundationally solipsistic exercises, fantasy worlds in which you are the only real person and everyone else is a bot, an NPC, a phantom. AI has democratized solipsism, a privilege that was once the exclusive purview of billionaires, whose belief that most other people weren't fully real let them inflict the kind of mass pain on millions that is a prerequisite for amassing a truly vast fortune:
https://pluralistic.net/2025/08/18/seeing-like-a-billionaire/#npcs
No surprise then that billionaires were easy marks for AI hustlers, who promised the possibility of a world without people, where an army of "agents" could do the jobs that presently demand the contributions of unreasonable human beings who refuse to acknowledge that your priorities trump theirs.
Jeff Bezos built the world's most advanced automated warehouses, and the workers in those warehouses are seriously injured at 300% of the national rate, and they are not allowed pee breaks (nevertheless, these workers unreasonably insist on metabolizing fluids and expelling the waste). The automation and the injuries aren't unrelated facts. The inhumane treatment is caused by the automation, because when you commit hundreds of billions to automation capex, you need to work those assets to recoup the investment. In a human/machine collaboration, humans will always be the bottlenecks. To maximize return on automation, you need to drive the human peripherals that serve the machines at the absolute limit of human endurance. Jeff Bezos's machines don't just use humans, they use them up:
https://pluralistic.net/2025/05/27/rancid-vibe-coding/#class-war
Billionaires poured trillions into AI because they are obsessed with the fantasy of a world without people. Mark Zuckerberg would like to replace your on-platform friends with chatbots. Sure, your friends are the reason you're stuck on his platforms, but your friends are stubborn and thus suboptimal. Remember: hell is other people, so while your friends unreasonably refuse to leave Facebook with you and follow you to another platform (this is bad for you, but good for Zuck), they also refuse to organize their social media lives to "maximize your engagement" and thus the number of ads you see (which is bad for Zuck). By replacing your friends with chatbots, Zuck hopes to reinvent social media without the socializing:
https://pluralistic.net/2026/04/17/for-youze/#forever
Billionaires are betting that bosses (and other would-be billionaires) will spend trillions buying AI products, captured by the fantasy of a workplace without workers. They think AI could be the remedy for the ancient, nameless dread that bosses experience every time they contemplate the fact that if they don't show up for work, everything hums along fine; whereas if the workers don't show up, the whole enterprise collapses. Secretly, bosses are haunted by the fear that they're not driving the car, they're strapped into the back seat, amusing themselves with a toy steering-wheel:
https://pluralistic.net/2026/01/05/fisher-price-steering-wheel/#billionaire-solipsism
That's what the Hollywood strikes were about: studio bosses' fantasy of movies without actors and screenplays without screenwriters. Since the invention of the studio system itself, studio bosses have wrestled with the fact that talented people who are beloved by audiences have bargaining leverage, which they use to demand better outputs and higher wages (this is the same conundrum faced by hospital administrators confronting nurses and doctors, college administrators confronting faculty, etc):
https://pluralistic.net/2026/01/20/i-would-prefer-not-to/#i-cant-do-that-boss
This solipsistic drive is what powers investment in AI "persuasion" technologies, making billions for latter-day Cambridge Analyticas who peddle the outlandish tale of having built a mind-control ray. It's a winning sales-pitch because it plays into the fantasy of a world where customers do as they're told, organizing their lives according to your priorities, at the expense of their own wellbeing:
https://pluralistic.net/2025/05/07/rah-rah-rasputin/#credulous-dolts
It's not just captains of industry who are occupied with furious, all-consuming fantasies of a world without people. Dictators, autocrats and technocrats in the political world love AI because it dangles the possibility of a world without bureaucrats and public officials. If the civil service can be replaced with chatbots, then the will of the dictator can be translated directly into policy without any tedious negotiations with experts who understand how things work and have deep moral commitments to the public good:
https://pluralistic.net/2026/05/13/vibe-governance/#k-hole
A world without people is especially attractive to politicians presiding over aging, declining nations whose most ardent voters have been convinced that migrants are a threat to their nation (rather than its salvation).
Objectively speaking, the only way that a rich country with an aging workforce can remain wealthy and powerful is by wooing working-age people from elsewhere to migrate to that country. Even if every tradwife is kept in a state of continuous gestation courtesy of a fertility-obsessed natalist, there's still going to be decades during which your wealthy, aging population will need young, skilled people to do all the essential labor. From picking crops, to staffing hospitals, to building homes, to filing lawsuits, to preparing tax-returns, your quiverfull child army will be too young to take over for years to come.
Trapped in the political impossibility of a country whose productive activities are absolutely reliant on young, strong, resourceful, skilled migrants, and a xenophobic political movement that scapegoats these migrants and revels in the spectacle of ethnic cleansing, politicians see AI as a way out of their double-bind. If migrants can be replaced with AI, then you can satisfy the racist sadism of your most ardent voters without shutting down the country for lack of workers.
In other words: in feeding the fantasy of a world without people, AI serves the fantasy of a world without migrants. Unlike gastarbeiters, bracero fruit-pickers and Saudi quasi-slaves, AI makes no demands, requires no moral consideration, and does not attempt to germinate a culture, a cuisine, or a language in your sacred soil.
This grotesque fantasy has always lurked in the subtext of the automation story. The plot of Disney's Big Hero 6 boils down to: "In future-America/Japan, it will be more politically possible to have robots look after our aging parents than it will be to welcome the millions of skilled health-workers in the Pacific Rim who are eminently qualified to do the job." Big Hero 6 is the solution to the problem of building a nursing home without nurses.
The wealthy have always dreamed of transforming the proletariat into the precariat: desperate workers who do as they're told. But in the automation story of which AI is the latest chapter (and purportedly the climax), the precariat becomes the unnecessariat: workers who are surplus to requirements and can be vaporized or liquidated or warehoused or simply ignored.
In the fantasy world of total automation, the owners of AI can make the world go around without any of us, which means that we will exist solely at their sufferance, and will therefore have to act like the NPCs they half-believe we are already, organizing everything we do around their priorities.
This is the foundation of Sam Altman's obsession with a biometrically controlled universal basic income. Altman can't stop fantasizing about a world in which all the productive work is done by his software, and the state's sole purpose is to supply us – the unnecessariat – with vouchers we can only redeem for services provided by Altman's robot army. It's charter schools for everything, with Altman at the top, all wrapped up in a layer of dystopian retinal scanning:
https://www.wired.com/story/worldcoin-sam-altman-orb/
Billionaires and would-be billionaires are absolute suckers for this solipsistic bullshit, because they genuinely don't think other people are real. They love "effective altruism" because it counsels them to make as much money as possible, without regard to how many people they cheat, hurt, or kill…provided that they pledge to use these ill-gotten gains to improve the lives of 10^53 imaginary artificial people who will come into existence in 10,000 years. After all, the total benefit of even the most infinitesimal welfare gains experienced by 10^53 people vastly exceeds all the pleasures that all eight billion actual, living people are capable of experiencing:
https://www.semafor.com/article/11/21/2023/how-effective-altruism-led-to-a-crisis-at-openai
It all makes perfect sense – provided you don't believe that other people are really, truly real.
Hey look at this (permalink)

- EU's digital sovereignty boo-boo may be the best thing to ever happen to the project https://www.theregister.com/systems/2026/05/26/eus-digital-sovereignty-boo-boo-may-be-the-best-thing-to-ever-happen-to-the-project/5244715
-
Revealed: Palantir’s NHS tech is ten times slower than current system https://democracyforsale.substack.com/p/revealed-palantirs-nhs-tech-is-ten-times-slower-than-nhs-thiel-trump
-
The human cost of governing by spreadsheet https://thespinoff.co.nz/politics/21-05-2026/the-human-cost-of-governing-by-spreadsheet
-
Canadian prime minister Mark Carney is not the climate guy you thought
https://www.theguardian.com/commentisfree/2026/may/21/mark-carney-climate-canada -
It's time to talk about my writerdeck https://veronicaexplains.net/my-first-writerdeck/
Object permanence (permalink)
#15yrsago California prison overcrowding, in photos https://web.archive.org/web/20110525171353/https://www.motherjones.com/politics/2011/05/california-prison-overcrowding-photos
#15yrsago What Will Come After: the sweet melancholy of the zombie apocalypse https://memex.craphound.com/2011/05/25/what-will-come-after-the-sweet-melancholy-of-the-zombie-apocalypse/
#10yrsago If Donald Trump ever talks to a real journalist, these are the questions he should answer https://www.nationalmemo.com/21-questions-for-donald-trump
#10yrsago Norwegian Consumer Council broadcasts live, marathon reading of app Terms of Service https://web.archive.org/web/20160526145553/https://www.forbrukerradet.no/vilkar-og-personvern-minutt-for-minutt/
#10yrsago Pastejacking: using malicious javascript to insert sneaky text into pasted terminal commands https://github.com/dxa4481/Pastejacking
#10yrsago Why medieval monks filled manuscript margins with murderous rabbits https://web.archive.org/web/20160614000551/https://jonkanekojames.com/2015/05/02/why-are-there-violent-rabbits-in-the-margins-of-medieval-manuscripts/
#10yrsago Students: court orders government agencies to offer educational discount on FOIA requests https://web.archive.org/web/20160525155102/https://www.techdirt.com/articles/20160521/16031934508/appeals-court-tells-government-it-must-extend-educational-institution-foia-fee-price-break-to-students.shtml
#10yrsago The euphemisms news reporters use when a sports figure injures his penis and testicles https://web.archive.org/web/20160525125452/https://fivethirtyeight.com/features/media-groin-draymond-green-steven-adams/
#10yrsago Company says facial features reveal terrorists and pedophiles 80% of the time https://web.archive.org/web/20160525130941/https://www.washingtonpost.com/news/innovations/wp/2016/05/24/terrorist-or-pedophile-this-start-up-says-it-can-out-secrets-by-analyzing-faces/
#5yrsago We promised this vaccine waiver 20 years ago https://pluralistic.net/2021/05/25/the-other-shoe-drops/#quid-pro-quo
Upcoming appearances (permalink)

- SXSW London, Jun 2
https://www.sxswlondon.com/session/how-big-tech-broke-the-internet-b3c4a901 -
Kansas City: Facing the Future (Woodneath Library Center), Jun 10
https://www.mymcpl.org/events/119655/facing-future-cory-doctorow -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: TBA, Jun 25
-
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales
Recent appearances (permalink)
- On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification -
The “Enshittification” of Everything (Bioneers)
https://bioneers.org/cory-doctorow-enshittification-of-everything-zstf2605/ -
Enshittification (99% Invisible)
https://99percentinvisible.org/episode/666-enshittification/ -
Artificial Intelligence: The Ultimate Disruptor, with Astra Taylor and Yoshua Bengio (CBC Ideas)
https://www.cbc.ca/listen/live-radio/1-23-ideas/clip/16210039-artificial-intelligence-the-ultimate-disruptor
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- The AI bubble isn't like the internet bubble: No one had to force-feed the web to workers.
- Hey look at this: Delights to delectate.
- Object permanence: Website graveyard; Anti-librarian witch-hunt; Denmark v Marmite; The unnecessariat.
- Upcoming appearances: London, Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
The AI bubble isn't like the internet bubble (permalink)
One of the surprise breakout software products of the early web was Lotus Notes, a kind of primitive precursor to all-in-one office productivity suites like GDocs, Office365, etc. It was so important that its creator, Ray Ozzie, was promoted to Microsoft's Chief Software Architect, succeeding Bill Gates himself:
People who remember Notes tend to deride it for its clunky user interface and demi-functional administrative tools. But what made Notes so central to Microsoft wasn't its polish – it was the fact that Notes represented a brokered peace between IT managers, who wanted mainframe-like control over everything their users could do with business equipment, and the users themselves – workers who kept smuggling internet-based tools into the enterprise network on the very sensible grounds that they had a job to do, and these were the best tools to do it.
The arrival of internet-based tools – especially ones that ran in browsers – represented a major challenge to IT departments, who had been long accustomed to dictating terms to their users. If the IT manager and the compliance department decided that the best way to manage disclosure and leak risks was to block all email attachments for outside users, then that was that: no one could send those attachments.
But after the internet arrived on the corporate desktop, employees who needed to get documents to supply chain partners and customers could treat these IT policies as damage and route around them. Just fire up your Hotmail or Yahoo mail window, or hop on MSN Messenger or ICQ or AIM, or drop the file on an anonymous FTP server and send the link to your counterparty. Job done!
IT managers hated this, and to be fair to them, they weren't (always) wrong. These outside tools came from a variety of untrustworthy sources, including malicious sites that pushed virus-infected versions to their users. Also, by evading firewall rules with these tools, users made it impossible to achieve the compliance goals that IT had been charged with enforcing, and it was IT's asses on the line if the company got in trouble as a result.
Foundationally, IT was being asked to do two irreconcilable things: they were supposed to be enabling workers to get their jobs done, and they were supposed to be stopping those workers from doing things that could harm the business. This can't be done, because the only way to eliminate the possibility that a worker will take an action that harms the business is to gag that worker and lock them in a dungeon. Workers need flexibility and freedom to achieve business goals, and that flexibility and freedom means that those workers might (deliberately or accidentally) thwart the business's goals.
What's more, workers will always run into situations that were not anticipated by policy, and if they are denied any agency or initiative, they will fail to get their jobs done. In work, the exception is the rule, hence the importance of "process knowledge" (all the implicit knowledge shared among workers across the firm and its suppliers and customers, which cannot be captured or recorded):
https://pluralistic.net/2025/09/08/process-knowledge/#dance-monkey-dance
Indeed, there's a form of labor action called a "work to rule," in which workers only do the things dictated by their rulebooks, without taking any of the routine additional measures dictated by process knowledge. Merely by following every rule to the letter, workers can grind a shop to a halt:
https://en.wikipedia.org/wiki/Work-to-rule
Since the dawn of personal computers, workers and IT departments have come into conflict, as workers literally smuggled technology into the business that could do things the IT department had (often arbitrarily and capriciously) prohibited. When Visicalc emerged as the killer app for the Apple ][+, workers snuck these computers into work and used them to sort spreadsheets in ways that IT had declined to permit. They didn't do this to cheat or steal from the company – the whole point was to do a better job.
So it was with the early web: workers discovered a myriad of new capabilities in the free-to-use world of web-based tools and realized how these tools would make them much more effective at their jobs. The fact that IT wouldn't let them do these things was just more evidence that IT – and the managers who set IT's agenda – didn't understand the business as well as workers.
It didn't help that IT managers' first line of defense was the high-tech version of abstinence-only education: "You only think you need your work computers to do this, but really, you don't, so stop trying":
https://www.theguardian.com/technology/2009/jun/16/computer-security-abstinence
Abstinence-only education never works, but where "you only think you need this" failed, Lotus Notes succeeded. Lotus Notes provided a whole suite of tools that largely (if imperfectly) replaced the universe of free tools that workers were using to evade their IT departments' edicts, so they could get their jobs done. At the same time, Lotus Notes provided a set of management tools that let IT fine-tune how these tools worked, giving them (some) of the controls they needed to achieve their compliance goals.
Like all brokered peace settlements, Lotus Notes left both sides feeling like they'd made a compromise they could live with, giving up some of their goals, but keeping the things that really mattered to them.
It's impossible to overstate how important Lotus Notes and similar products were, because workers demanded the right to use the web on their work computers, and they made those demands so forcefully that managers had to completely re-do their IT policies, lest those workers treat them as damage and route around them. Back then, the tech press was full of stories about these conflicts, as workers insisted that the new technology that was sweeping the nation was so foundational and transformative that they had to be allowed to use it.
What we never saw back then were stories about how managers had to monitor workers to ensure that they were using the web as much as possible. No one had to force workers to find ways to integrate the web into their workflows.
In other words, the story of the web at work was the opposite of the story of AI at work. Today, you can't turn around without reading a story about bosses who are threatening to fire workers if they don't increase their AI usage:
https://www.businessinsider.com/boss-track-ai-use-career-2025-8
Virtually every major company now has a program to force workers into using AI:
https://www.cnbc.com/2026/05/05/ai-use-work-employee-monitoring-tech-surveillance.html
It's conceivable that over the past quarter-century, bosses have become technophiles while workers have fallen prey to superstitious technophobia, but it hardly seems likely. Historically, workers have always been enthusiastic about tools that let them do a better job – indeed, it's a truism that labor-led automation produces improvements in quality, while capital-driven automation increases throughput (often at the expense of quality).
Workers aren't the only typical early adopters who find AI lacking. As a group, teenagers and young adults hate AI:
https://www.nytimes.com/2026/04/09/style/gen-z-ai-gallup-study.html
That's not what it was like during the early web days. Back then, young people entering the workforce were passionate devotees of the web, to the point where the business press routinely ran articles asking how today's workplaces were going to adapt to the demands of these webbed-up workers.
https://www.nber.org/digest/apr03/internet-changes-labor-market
AI boosters insist that the deficits we see in AI – its lack of profitability, its primitive and error-riddled outputs – are no different from the shakedown problems of the early web (and we know how the web turned out!). But this is a profoundly flawed comparison: the early web and AI are very different from one another.
For one thing, the early web may have lost money, but it had great unit economics. Every new web user brought the web closer to profitability, as did every new use of the web, and every new generation of web technology. By contrast, AI has – in the memorable phrasing of Ed Zitron – "dogshit unit economics." Every new AI user makes AI less profitable, as does every new use for AI, and each generation of AI loses more money than the last. AI is the money-losingest endeavor in human history:
https://pluralistic.net/2025/09/27/econopocalypse/#subprime-intelligence
In other words, the early web was a technology that grew more profitable every day, which workers and young people had to force on their bosses – and AI is a technology that grows less profitable every day, and bosses have to force it on workers and young people.
Now, it's true that some workers don't have to be forced to use AI. Workers who enjoy a high degree of autonomy (that is to say, workers who are positioned to ignore workplace coercion) can adopt AI in ways that they feel suited to, just as those early web users and Visicalc smugglers did. They can fulfill the maxim that labor-driven automation improves quality, while resisting capital's insistence that automation be used to increase throughput at quality's expense.
They can act as centaurs (workers assisted by technology), not as reverse-centaurs (workers who are recruited to serve as peripherals for machines). As with all technology questions, what the technology does is nowhere near as important as who the tech does it for and who the tech does it to:
https://pluralistic.net/2025/09/11/vulgar-thatcherism/#there-is-an-alternative
And there's another group of workers who adopt AI voluntarily: workers who see that AI can do a lot of work that they view as dull and unimportant for them. These workers might be right – there are plenty of bullshit jobs out there:
But it's also possible that they're wrong, and they're substituting AI for something that really should be done by a person.
But on the plus side, at least no one has to force them to adopt AI.
Hey look at this (permalink)

- CBC/Radio-Canada secures second consecutive Broadcaster of the Year honour at NYF Radio Awards https://broadcastdialogue.com/cbc-radio-canada-secures-second-consecutive-broadcaster-of-the-year-honour-at-nyf-radio-awards/
-
State of Local AI https://llmrequirements.com/state-of-local-ai/
-
Private Equity Blocked from Buying Homes. Mostly. https://www.thebignewsletter.com/p/monopoly-round-up-private-equity
-
Gratitude – Aid Coordination https://www.kaggle.com/competitions/gemma-4-good-hackathon/writeups/gratitude-aid-coordination
-
Is AI Profitable Yet? https://isaiprofitable.com/
Object permanence (permalink)
#25yrsago Website graveyard https://web.archive.org/web/20010516224100/http://www.disobey.com/ghostsites/
#20yrsago Canadian students ask govt to save them from copyright https://web.archive.org/web/20060629014007/https://action.web.ca/home/cfs/en_alerts.shtml?x=88910&AA_EX_Session=d56bebd39174d9839ec3ee5fa6fe93a4
#20yrsago Lifespan of best-sellers falls 6/7ths in 40 years https://web.archive.org/web/20060601231943/https://www.lulu.com/static/pr/05_19_06.php
#15yrsago Sarkozy’s false-flag E-G8 attracts withering scorn https://web.archive.org/web/20121109010803/https://arstechnica.com/tech-policy/2011/05/france-attempts-to-civilize-the-internet-internet-fights-back/
#15yrsago Tool reveals ISP traffic-shaping https://web.archive.org/web/20120514151210/https://arstechnica.com/tech-policy/2011/05/new-shaperprobe-tool-detects-isp-traffic-shaping/
#15yrsago Falun Gong sues Cisco over complicity in China’s “Golden Shield” – allege torture, murder https://web.archive.org/web/20110524065718/http://news.cnet.com/8301-1023_3-20065219-93.html
#15yrsago Scenes from Los Angeles’s teacher-librarian witch-hunt https://mizzmurphy.blogspot.com/2011/05/message-received.html
#15yrsago Denmark bans Marmite https://www.theguardian.com/theguardian/2011/may/24/uk-should-ban-sandi-toksvig
#10yrsago As mobile carriers ramp up bribery program, Internet coalition says no to “zero rating” https://web.archive.org/web/20160524233609/https://motherboard.vice.com/read/medium-mozilla-and-kickstarter-signed-a-letter-against-zero-rating
#10yrsago Philippines’ new “dictator” will give a hero’s burial to Ferdinand Marcos https://web.archive.org/web/20160526135257/http://www.msn.com/en-ph/news/world/philippine-dictator-marcos-to-get-heros-burial-duterte/ar-BBtnPJH
#10yrsago Judge handcuffs public defender for speaking out in court https://web.archive.org/web/20160525151444/http://www.reviewjournal.com/news/las-vegas/las-vegas-judge-handcuffs-public-defender-courtroom
#10yrsago Sanders donors flock to Tim Canova’s campaign against DNC Chair Debbie Wasserman Schultz https://edition.cnn.com/2016/05/23/politics/debbie-wasserman-schultz-primary-opponent-fundraising/index.html
#10yrsago Algorithmic risk-assessment: hiding racism behind “empirical” black boxes https://www.propublica.org/article/machine-bias-risk-assessments-in-criminal-sentencing
#10yrsago Plagiarism detection app vs Russia’s elites: 1-2 fake PhDs discovered every day https://www.slate.com/articles/news_and_politics/cover_story/2016/05/the_thriving_russian_black_market_in_dissertations_and_the_crusaders_fighting.html
#10yrsago Technology’s “culture of compliance” must be beaten back in the name of justice https://bb9.berlinbiennale.de/all-problems-can-be-illuminated-not-all-problems-can-be-solved/
#10yrsago Grass in the park at the center of San Francisco gentrification debate is now for rent https://sfist.com/2016/05/23/rec_parks_pilot_program_allows_you/
#10yrsago Lawsuit: Texas’s largest jail is full of people who are locked up for being poor https://web.archive.org/web/20160524134738/https://thinkprogress.org/economy/2016/05/23/3781076/texas-bail-lawsuit/
#10yrsago After the precariat, the unnecessariat: the humans who are superfluous to corporations https://morecrows.wordpress.com/2016/05/10/unnecessariat/
#5yrsago Watomatic, for lower Whatsapp switching costs https://pluralistic.net/2021/05/24/how-about-nah/#comcom
Upcoming appearances (permalink)

- SXSW London, Jun 2
https://www.sxswlondon.com/session/how-big-tech-broke-the-internet-b3c4a901 -
Kansas City: Facing the Future (Woodneath Library Center), Jun 10
https://www.mymcpl.org/events/119655/facing-future-cory-doctorow -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: TBA, Jun 25
-
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales
Recent appearances (permalink)
- On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification -
The “Enshittification” of Everything (Bioneers)
https://bioneers.org/cory-doctorow-enshittification-of-everything-zstf2605/ -
Enshittification (99% Invisible)
https://99percentinvisible.org/episode/666-enshittification/ -
Artificial Intelligence: The Ultimate Disruptor, with Astra Taylor and Yoshua Bengio (CBC Ideas)
https://www.cbc.ca/listen/live-radio/1-23-ideas/clip/16210039-artificial-intelligence-the-ultimate-disruptor
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Today's links
- No honor among (ad-tech) thieves: Including "and" and "the."
- Hey look at this: Delights to delectate.
- Object permanence: Budweiser nunchuks; GOP vote-suppressor voted illegally; Airbnb enshittifies; Oculus enshittifies; Nintendo copyfrauds its fans; Meritocracy to eugenics pipeline; Ultima Online crisis management; SNES cartridge urinal; JJ Abrams x Axanar, "Sex Criminals"; Beating school filters for fun; Orphan works; Japanese ATM heist; How the Sacklers rigged the game.
- Upcoming appearances: London, Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
No honor among (ad-tech) thieves (permalink)
It shouldn't come as a surprise to learn that a company that uses dishonest tactics to spy on you for profit will also use dishonest tactics to sell the resulting surveillance data.
The only reason this wouldn't be obvious is if you've fallen into the trap of thinking "if you're not paying for the product, you're the product." Companies that cheat when the opportunity arises will cheat everyone: customers, users, regulators, suppliers and employees. You're the product if the company can get away with making you the product:
https://pluralistic.net/2022/11/14/luxury-surveillance/#liar-liar
The digital surveillance swindle is a con from top to bottom: it's not just that they spy on you, it's also that they lie to you about how and why and where they spy on you and what happens to the data they swindle out of you. They're not just cheats, in other words – they're also liars.
Of course they're liars! If their terms of service were honest, they'd say something like, "By being desperate enough to use this product, you 'agree' that we're allowed to come over to your house and punch your grandmother, wear your underwear, make long-distance calls and eat all the food in your fridge."
So they lie like crazy. But they don't just lie to us: they lie to the people they sell our surveillance data to as well. Of course they do! Those people are the ones giving them the money! By tricking the people paying for the product, these surveillance swindlers can get them to pay more!
This is the basis of Tim Hwang's essential 2020 book Subprime Attention Crisis:
https://pluralistic.net/2020/10/05/florida-man/#wannamakers-ghost
Core to Hwang's thesis is that these ads aren't just dangerous, they're also ineffective. The danger of these ads is the erosion of privacy and the mobilization of private data for state repression and fraud, but not particularly for persuasion. The idea that ad-tech companies have realized the ancient dream of building a mind-control ray via the novel technique of "hacking your dopamine loop" is a story that the ad-tech swindlers cooked up to help them sell ads:
https://pluralistic.net/2021/09/30/dont-believe-the-criti-hype/#ordinary-mediocrities
Critics who repeat these outlandish claims are helping these companies sell ads to credulous advertisers, who are getting robbed to the tune of hundreds of billions of dollars. This is the process that Lee Vinsel calls "criti-hype," which is when you "take the sensational claims of boosters and entrepreneurs, flip them, and start talking about 'risks'":
https://peoples-things.ghost.io/youre-doing-it-wrong-notes-on-criticism-and-technology-hype/
Criti-hype is satisfying because the hype itself is so fantastically overblown. These companies claim they're going to save/destroy/conquer the world, transform the very nature of humanity, etc, and so critics who repeat those claims (brackets derogatory) can style themselves as defenders of the world and humanity itself.
This is also a very profitable style of criticism: there's a huge commercial market for people who claim to be defending the world from conquest by evil dopamine-hacking sorcerers and/or superintelligent paperclip-maximizers that can chatbot you into killing yourself and/or voting for Trump (brackets derogatory).
The opposite of criti-hype is materialistic criticism, grounded in independently verifiable claims about how these scams work. To be a good tech critic, you need to start by assuming that a company that lies to its users about what it's doing is perfectly capable of lying to its customers and investors about what it's doing (that is, "even if you're paying for the product, you're still the product").
That's demonstrably, verifiably true of the commercial surveillance industry. Commercial spies lie to their customers like crazy, and always have. Think of the department store magnate John Wannamaker's famous quip that "half my advertising dollars are wasted, I just don't know which half." Man, did someone ever do a sell-job on old Wannamaker: imagine believing that only half of your advertising dollars are wasted. Today, thanks to creepy ad-tech analytics, we know that the true figure is around 99%.
Hwang's book documents lots more ad-tech fraud that's every bit as audacious as the Wannamaker-era con-jobs. For example, there's the fact that when Procter and Gamble zeroed out its $200m/year surveillance advertising program, they saw a zero percent drop in sales because (to a first approximation) all $200m of that annual spend was disappearing down the fraud-hole.
There's been plenty more examples since, rivaling previous eras for audacity and outlandishness. In 2023, Mozilla Labs investigated the ways that modern cars spy on their drivers and concluded that, when it came to privacy, cars were "the worst product category" they had ever evaluated, and recommended that you not buy any of the cars currently offered for sale:
Mozilla's report investigated two things: which data your car was collecting and selling about you (lots) and what data your car company claimed it had collected about you and was offering for sale (way, way more).
For example, Nissan and Kia claimed that they had data about your sex life, a thing that cannot be reasonably inferred from the sensors in your car (unless you have a highly specific sex life). Six car companies claimed they had your genetic data (again, not a thing that any of the sensors in your car can know about).
What's more, all of these scams have only gotten worse in the intervening three years:
https://cleantechnica.com/2026/05/22/mozilla-foundation-condemns-data-collection-by-cars/
These companies are spying on you, and lying to you about how much they respect your privacy, and lying to their commercial customers about all the fiendish ways they've cooked up for invading your privacy.
Everyone in the ad-tech sector is lying to everyone else in the ad-tech sector, in other words. It's your basic hive of scum and villainy. Back in 2023, Cox Media – part of the sprawling media conglomerate that includes Cox Cable – told advertisers that they had a new product called "Active Listening" that recorded and transcribed all the conversations you have around your smart speakers, smart TVs, smart watches and phones:
https://www.404media.co/heres-the-pitch-deck-for-active-listening-ad-targeting/
It was a lie. There are plenty of ways that these devices spy on you, of course. Your smart TV is a cesspool of surveillance and data-exfiltration, but that data doesn't include your conversations:
https://pluralistic.net/2022/12/03/painful-burning-dribble/#law-of-intended-consequences
Same for your smart speaker, which not only gathers tons of information about you for sale and targeting, but also leaks your voice data all the time, whenever you utter any of its "trigger words," which include over 1,000 phrases that sound like its trigger words:
https://pluralistic.net/2020/07/02/big-river/#triggered
Cox, in other words, was running the same equal-opportunity scam that your auto-maker runs: deceiving you about how little data they were stealing from you, and deceiving their customers about how much data they were gathering on you.
That said, there was something remarkable and unique about Cox's fraud: because they were ripping off other (better-connected) fraudsters, their lies triggered an investigation by Donald Trump's FTC, who never met a scammer they wouldn't defend (from another scammer):
Still, there are limits to this "honor among thieves" business. The settlement Trump's FTC extracted from Cox for lying to other liars is less than $1m – basically, change that Cox can find down the back of its sofa:
Still, the Cox settlement is a great criti-hype object lesson, a reminder that these creepy, lying companies lie to everyone, including their customers, which means that even if you're paying for the product, you're still the product.
Hey look at this (permalink)

- Hating AI is good, actually https://www.thehandbasket.co/p/hating-ai-is-good-actually
-
The Labour Party’s Main Problem Isn’t Losing Voters to Reform https://jacobin.com/2026/05/uk-elections-labour-reform-greens
-
Flipper One — we need your help https://blog.flipper.net/flipper-one-we-need-your-help/
-
London mayor Sadiq Khan blocks £50m Met police deal with Palantir https://www.theguardian.com/uk-news/2026/may/21/london-mayor-sadiq-khan-blocks-met-police-deal-with-palantir
-
Do AI Risks Require Extraordinary Government Intervention? https://www.normaltech.ai/p/do-ai-risks-require-extraordinary?hide_intro_popup=true
Object permanence (permalink)
#25yrsago Best email disclaimer award https://web.archive.org/web/20010526174903/http://www.theregister.co.uk/content/35/19057.html
#25yrsago Kaycee hoax FAQ https://web.archive.org/web/20010629212706/https://rootnode.org/article.php?sid=26
#25yrsago Crisis management in Ultima Online https://web.archive.org/web/20010605015828/http://www.newyorker.com/FACT/
#25yrsago E3 is all softcore porn now https://web.archive.org/web/20010702122044/https://www.salon.com/tech/feature/2001/05/22/e3_2001/print.html
#25yrsago Canadian payphone infinite long distance glitch https://web.archive.org/web/20010608183145/https://www.wired.com/news/culture/0,1284,43967,00.html
#20yrsago Kids make a sport out of outsmarting school web-filters https://web.archive.org/web/20060821224237/http://news.com.com/Kids+outsmart+Web+filters/2009-1041-6062548.html
#20yrsago Orphan works legislation https://web.archive.org/web/20060531135239/http://www.copybites.com/2006/05/chairman_lamar_.html
#20yrsago U. Florida cops ask fiction writer for fingerprints, DNA https://memex.craphound.com/2006/05/22/u-florida-cops-ask-fiction-writer-for-fingerprints-dna/
#20yrsago HDMI, the Manchurian DRM – a Broadcast Flag dormant until 2010 https://web.archive.org/web/20060523193853/https://arstechnica.com/news.ars/post/20060521-6880.html
#15yrsago The Filter Bubble: how personalization changes society https://memex.craphound.com/2011/05/22/the-filter-bubble-how-personalization-changes-society/
#15yrsago Last decade’s English libel legal sharks poised to make a new fortune on stupid privacy lawsuits and superinjuctions https://memex.craphound.com/2011/05/22/last-decades-english-libel-legal-sharks-poised-to-make-a-new-fortune-on-stupid-privacy-lawsuits-and-superinjuctions/
#15yrsago RIAA boss takes home $3 mil+ https://lefsetz.com/wordpress/2011/05/21/another-member-of-the-overpaid/
#15yrsago Vindictive game company invites employees to pan reviewer’s novel after bad review https://maroonersrock.com/2011/05/conduit-2-developer-calls-for-internal-retaliation-against-author-of-negative-joystiq-review/
#15yrsago France lobbies G8 for Internet control and censorship https://www.laquadrature.net/en/2011/05/20/frances-g8-focuses-on-control-and-restrictions-to-online-freedoms/
#15yrsago Budweiser nunchuks: American Ninja https://web.archive.org/web/20110701153712/http://www.todayandtomorrow.net/2011/05/19/american-ninja/
#15yrsago GOP legislative aide works on punitive voter ID bill, boasts of illegally voting in another district https://web.archive.org/web/20110522014606/http://host.madison.com/wsj/news/local/govt-and-politics/elections/article_ede5d49e-8272-11e0-a6e0-001cc4c03286.html
#15yrsago Raising a kid without disclosing their sex https://web.archive.org/web/20110523180952/http://www.parentcentral.ca/parent/babiespregnancy/babies/article/995112–parents-keep-child-s-gender-secret
#15yrsago Byron Sonne: Canadian security geek jailed for taunting G20 security theatre https://web.archive.org/web/20110518195236/http://www.torontolife.com/daily/informer/from-print-edition-informer/2011/05/03/how-byron-sonne’s-obsessions-with-the-g20-security-apparatus-cost-him-everything/
#15yrsago HOWTO make a SNES cartridge urinal https://blog.pricecharting.com/2011/05/how-to-build-video-game-urinal.html
#15yrsago German police raid German Pirate Party’s servers two days before election https://web.archive.org/web/20120516010632/https://arstechnica.com/tech-policy/2011/05/german-police-seize-pirate-party-servers-looking-at-anons-toolkit/
#10yrsago JJ Abrams urges Paramount to drop its lawsuit over fan Star Trek movie https://web.archive.org/web/20160522121940/https://deadline.com/2016/05/star-trek-axanar-lawsuit-ending-jj-abrams-paramount-1201760721/
#10yrsago Pat Buchanan on the Republican Party’s historical opposition to free trade deals https://web.archive.org/web/20160521162845/http://www.theamericanconservative.com/buchanan/free-trade-vs-the-republican-party/
#10yrsago United offered men-only “executive” flights until 1970 https://viewfromthewing.com/united-airlines-men-only-executive-service/
#10yrsago Elderly man kills wife because they couldn’t afford her medicine https://www.nytimes.com/2016/05/20/us/florida-man-says-he-killed-sick-wife-because-he-couldnt-afford-her-medicine-sheriffs-say.html?_r=0
#10yrsago Sex Criminals: Robin Hood bank robbers who can stop time when they orgasm https://memex.craphound.com/2016/05/21/sex-criminals-robin-hood-bank-robbers-who-can-stop-time-when-they-orgasm/
#10yrsago Airbnb stealth-updates terms of service, says it’s not an insurer and requires binding arbitration https://memex.craphound.com/2016/05/20/airbnb-stealth-updates-terms-of-service-says-its-not-an-insurer-and-requires-binding-arbitration/
#10yrsago Oculus breaks promise, uses DRM to kill app that let you switch VR systems https://web.archive.org/web/20160520161939/https://motherboard.vice.com/read/new-oculus-drm-cross-platform
#10yrsago Nintendo claims ownership over fans’ Minecraft/Mario mashups https://web.archive.org/web/20160521193334/http://arstechnica.com/gaming/2016/05/nintendo-issues-copyright-claims-on-mario-themed-minecraft-videos/
#10yrsago Paypal refuses to deliver online purchases to UK addresses containing “Isis” https://b2fxxx.blogspot.com/2016/05/the-tyranny-of-algorithm-yet-again.html
#10yrsago 30 students debate mass surveillance on Capitol Hill https://web.archive.org/web/20160521000031/https://theintercept.com/2016/05/20/high-school-debaters-bring-surveillance-encryption-arguments-to-capitol-hill/
#10yrsago What the NSA’s assault on whistleblowers taught Snowden https://www.theguardian.com/us-news/2016/may/22/how-pentagon-punished-nsa-whistleblowers
#10yrsago Massive, coordinated ATM heist in Japan nets $12.7 million (¥1.4 billion) https://web.archive.org/web/20160523102154/http://mainichi.jp/english/articles/20160522/p2g/00m/0dm/044000c
#5yrsago How the Sacklers rigged the game https://pluralistic.net/2021/05/23/a-bankrupt-process/#sacklers
#5yrsago Consent theater https://pluralistic.net/2021/05/20/consent-theater/
#5yrsago Debunking the arguments for vaccine apartheid https://pluralistic.net/2021/05/21/wait-your-turn/#vaccine-apartheid
#5yrsago How the filibuster dies https://pluralistic.net/2021/05/22/not-with-a-bang/#theory-of-change
#1yrago Strange Bedfellows and Long Knives https://pluralistic.net/2025/05/21/et-tu-sloppy-steve/#fractured-fairytales
#1yrago The meritocracy to eugenics pipeline https://pluralistic.net/2025/05/20/big-cornflakes-energy/#caliper-pilled
Upcoming appearances (permalink)

- SXSW London, Jun 2
https://www.sxswlondon.com/session/how-big-tech-broke-the-internet-b3c4a901 -
Kansas City: Facing the Future (Woodneath Library Center), Jun 10
https://www.mymcpl.org/events/119655/facing-future-cory-doctorow -
LA: The Reverse Centaur's Guide to Life After AI with Brian Merchant (Skylight Books), Jun 19
https://www.skylightbooks.com/event/skylight-cory-doctorow-presents-reverse-centaurs-guide-life-after-ai-w-brian-merchant -
Menlo Park: The Reverse Centaur's Guide to Life After AI with Angie Coiro (Kepler's), Jun 21
https://www.keplers.org/upcoming-events-internal/cory-doctorow-2026 -
Toronto: TBA, Jun 23
-
NYC: The Reverse Centaur's Guide to Life After AI with Jonathan Coulton (The Strand), Jun 24
https://www.strandbooks.com/cory-doctorow-the-reverse-centaur-s-guide-to-life-after-ai.html -
Philadelphia: TBA, Jun 25
-
Chicago: The Reverse Centaur's Guide to Life After AI with Rick Perlstein (Exile in Bookville), Jun 26
https://exileinbookville.com/events/50628 -
Edinburgh International Book Festival with Jimmy Wales, Aug 17
https://www.edbookfest.co.uk/events/the-front-list-cory-doctorow-and-jimmy-wales
Recent appearances (permalink)
- On Enshittification – and what can be done about it (Re:publica)
https://www.youtube.com/watch?v=KhINQgPMVSI -
EFFecting Change: How to Disenshittify the Internet (EFF, with Wendy Liu)
https://archive.org/details/effecting-change-enshittification -
The “Enshittification” of Everything (Bioneers)
https://bioneers.org/cory-doctorow-enshittification-of-everything-zstf2605/ -
Enshittification (99% Invisible)
https://99percentinvisible.org/episode/666-enshittification/ -
Artificial Intelligence: The Ultimate Disruptor, with Astra Taylor and Yoshua Bengio (CBC Ideas)
https://www.cbc.ca/listen/live-radio/1-23-ideas/clip/16210039-artificial-intelligence-the-ultimate-disruptor
Latest books (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/ -
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
Upcoming books (permalink)
- "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Post-American Internet," a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027
-
"Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027
-
"The Memex Method," Farrar, Straus, Giroux, 2027
Colophon (permalink)
Today's top sources:
Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Bluesky (no ads, possible tracking and data-collection):
https://bsky.app/profile/doctorow.pluralistic.net
Medium (no ads, paywalled):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Hello! 8 years ago, I wrote excitedly about discovering Tailwind.
At that time I really had no idea how to structure my CSS code and given the choice between a pile of complete chaos and Tailwind, I was really happy to choose Tailwind. It helped me make a lot of tiny sites!
I spent the last week or so migrating a couple of sites away from Tailwind and towards more semantic HTML + vanilla CSS, and it was SO fun and SO interesting, so here are some things I learned!
As usual I’m not a full-time frontend developer and so all of my CSS learning has happened in fits and starts over many years.
it turns out Tailwind taught me a lot
When I started thinking about structuring CSS, I was intimidated at first: I’m not very good at structuring my CSS! But then I started reading blog posts talking about how to structure CSS (like A whole cascade of layers or How I write CSS in 2024) and I realized a couple of things:
- Every CSS code base has a bunch of different things going on (layouts! fonts! colours! common components!)
- It’s extremely useful to have systems or guidelines to manage each of those things, otherwise things descend into chaos
- Tailwind has systems for some of these, and I already know those systems! Maybe I can imitate the systems I like!
For example, Tailwind has:
- a reset stylesheet
- a colour palette
- a font scale
the systems I’m going to talk about
I’m going to talk about a few aspects of my CSS codebase and my thoughts so far what kind of rules I want to impose on the codebase for each one. Some of them are copied from Tailwind and some aren’t.
- reset
- components
- colours
- font sizes
- utility classes
- the base
- spacing
- responsive design
- the build system
1. reset
I just copied Tailwind’s “preflight styles”
by going into tailwind.css and copying the first 200 lines or so.
I noticed that I’ve developed a relationship with Tailwind’s CSS reset over time,
for example Tailwind sets box-sizing: border-box on every element (which means
that an element’s width includes its padding):
* { box-sizing: border-box; }
I think it would be a real adjustment for me to switch to writing CSS without
these, and I’m sure there are lots of other things in the Tailwind reset (like
html {line-height: 1.5;}) that I’m subconsciously used to and don’t even realize are
there.
2. components
This next part is the bulk of the CSS!
The idea here is to organize CSS by “components”, in a way that’s spiritually related to Vue or React components. (though there might not actually be any Javascript at all in the site)
Basically the idea is that:
- Each “component” has a unique class
- The CSS for one component never overrides the CSS for any other component
- Each component has its own CSS file
So editing the CSS for one component won’t mysteriously break something in another component. And probably like 80% of the CSS that I would actually want to change is in various component files, so if I’m editing a 100-line component, I just have to think about those 100 lines. It’s way easier for me to think about.
For example, this HTML might be the .zine “component”.
<figure class="zine horizontal">
<img src="whatever.jpg">
</figure>
And the CSS looks something like this, using nested selectors:
.zine {
...
&.horizontal {
...
}
&.vertical {
...
}
&:hover {
...
}
}
I haven’t done anything programmatic (like web components or @scope) that ensures that components won’t interfere with each other, but just having a convention and trying my best already feels like a big improvement.
Next: conventions to maintain some consistency across the site and keep these components in line with each other!
3. colours
colours.css has a bunch of variables like this which I can use as necessary.
Colour is really hard and I didn’t want to revisit my use of colour in this
refactor, so I left this alone.
The only guideline I’m trying to enforce here is that all colours used in the site are listed in this file.
:root {
--pink: #fea0c2;
--pink-light: #F9B9B9;
--red: #f91a55;
--orange: rgb(222, 117, 31);
...
}
4. font sizes
One thing I appreciated about Tailwind was that if I wanted to set a font
size, I could just think “hm, I want the text to be big”, write text-lg, and
be done with it! And maybe if it’s not big enough I’d use xl or 2xl instead.
No trying to remember whether I’m using em or px or rem.
So I defined a bunch of variables, taken from Tailwind, like this:
--size-xs: 0.75rem;
--line-height-xs: 1rem;
--size-sm: 0.875rem;
--line-height-sm: 1.25rem;
Then if I want to set a font size, I can do it like this. It’s a little more verbose than Tailwind but I’m happy with it for now.
h3 {
font-size: var(--size-lg);
line-height: var(--line-height-lg);
}
5. utilities
There are some things like buttons that appear in many different components. I’m calling these “utilities”.
I copied some utility classes from Tailwind (like .sr-only for things that
should only appear for screenreader users).
This section is pretty small and I try to be careful about making changes here.
6. the base
“base” styles are styles that apply across the whole site that I chose myself. I
have to keep this section really small because I’m not confident enough to
enforce a lot of styles across the whole site. These are the only two I feel
okay about right now, and I might change the <section> one:
/* put a 950px column in the middle of each <section> */
section {
--inner-width: 950px;
padding: 3rem max(1rem, (100% - var(--inner-width))/2);
}
a {
color: var(--orange);
}
I think for the base styles it’s going to be easiest for me to work kind of bottom up – first start with almost nothing in the base styles, and then move some styles from the components into base styles as I identify common things I want.
7. spacing
I haven’t completely worked out an approach to managing padding and margins yet. I’m definitely trying to be more principled than how I was doing it in Tailwind though, where I would just haphazardly put padding and margins everywhere until it looked the way I wanted.
Right now I’m working towards making the outer layout components in charge of
spacing as much as possible. For example if I have a <section> with a bunch of
children that I want to have space between them, I might use this to space the
children evenly:
section > *+* {
margin-top: 1rem;
}
Some inspiration blog posts:
8. responsive design: use more grid!
The way I was doing responsive design in Tailwind was to use a lot of media
queries. Tailwind has this md:text-xl syntax that means “apply the text-xl
style at sizes md or larger”.
I’m trying something pretty different now, which is to make more flexible CSS grid layouts that don’t need as many breakpoints. This is hard but it’s really interesting to learn about what’s possible with grid, and it’s a good example of something that I don’t think is possible with Tailwind.
For example, I’ve been learning about how to use auto-fit to automatically use
2 columns on a big screen and 1 column on a small screen like this:
display: grid;
grid-template-columns: repeat(auto-fit, minmax(min(100%, 400px), max-content));
justify-content: center;
I also used grid-template-areas a lot which is an amazing feature that I don’t think you can use with Tailwind.
Some inspiration:
- A responsive grid layout with no media queries from CSS Tricks
9. the build system: esbuild
In development, I don’t need a build system: CSS now has both built in import statements, like this:
@import "reset.css";
@import "typography.css";
@import "colors.css";
and built in nested selectors, like this:
.page {
h2 { ...}
}
If I want, I can use esbuild to bundle the CSS file for production. That looks something like this.
esbuild style.css --bundle --loader:.svg=dataurl --loader:.woff2=file --outfile=/tmp/out.css
Even though I usually avoid using CSS and JS build systems, I don’t mind using esbuild (which I wrote about in 2021 here) because it’s based on web standards and because it’s a static Go binary.
why migrate away from Tailwind?
A few people asked why I was migrating away from Tailwind. A few factors that contributed are:
- Tailwind has become much more reliant on a build system since 2018, I think it’s impossible (?) to use newer versions of Tailwind without using a build system. So I’ve been using Tailwind v2 for years. (there’s also litewind apparently)
- It’s always been true that you’re supposed to use Tailwind with a build
system, but I’ve never really done that, so I have 2.8MB
tailwind.min.cssfiles (270K gzipped) in a lot of my projects and it feels a little silly. - I’m a lot better at CSS than I was when I started using Tailwind
- Ultimately Tailwind is limiting: if you want to do Weird Stuff in your CSS, it’s not always possible with Tailwind. Those limits can be extremely useful (a lot of this post is about me reimplementing some of Tailwind’s limits!) but at this point I’d like to be able to pick and choose.
- I ended up with sites that mixed both vanilla CSS and Tailwind in the same project and that was not fun to maintain
- I got curious about what writing more semantic HTML would feel like.
CSS features I’m curious about
While doing this I learned about a lot of CSS features that I didn’t use but am curious about learning about one day:
@layer(from A Whole Cascade of Layers)- @scope) (especially this example of how to use @scope in a “component” CSS design from the specification!)
- container queries
- subgrid
one last reason I moved away from Tailwind
I’ve been talking a lot in this post about what I learned from using Tailwind, and that’s all true.
But I read this post 3 years ago called Tailwind and the Femininity of CSS that really stuck with me. I honestly probably started out with an attitude towards CSS a little like that post describes:
They’ve heard it’s simple, so they assume it’s easy. But then when they try to use it, it doesn’t work. It must be the fault of the language, because they know that they are smart, and this is supposed to be easy.
But in the last 10 years I’ve learned to really love and respect CSS as a technology.
So I decided years ago that I wanted to react to “CSS is hard” by getting better at CSS and taking it seriously as a technology, instead of devaluing it. Doing that changed everything for me: I learned that so many of my frustrations (“centering is impossible”) had been addressed in CSS a long time ago, and that also what “centering” means is not always straightforward and it makes sense that there are many ways to do it. CSS is hard because it’s solving a hard problem!
I’ve been so impressed by the new CSS features that have been built in the last 10-15 years (some of which I’ve talked about in this post!) and how they make it easier to use CSS, and spending the time to improve my CSS skills has been a really cool experience.
And that post made me feel like Tailwind contributes to the devaluing of CSS expertise, and like that’s not something I want to be a part of, even if Tailwind has been a useful tool for me personally. Especially in this time of LLMs where it feels more important than ever to value humans’ expertise.
Another blog post criticizing Tailwind that influenced me:
that’s all for now!
Thanks to Melody Starling who originally designed and wrote the CSS for wizardzines.com, everything cool and fun about the site is thanks to Melody.
Also I read so many incredible blog posts about CSS while working on this (from CSS Tricks, Smashing Magazine, and more), I’ve tried to link some of them throughout this post and I really appreciate how much folks in the CSS community share their practices.
A while back I decided to stop using Tailwind for new projects and to just write vanilla CSS instead.
But one thing I missed about Tailwind was the colour palette (here as CSS).
If I wanted a light blue I could just use blue-100 and if I didn’t like it
maybe try blue-200 or blue-50. I’m not very good with colours so it makes
a big difference to me to have a reasonable colour palette that somebody who is
better at colour than me has thought about.
But I’m also a little tired of those Tailwind colours, so I asked on Mastodon today what other colour palettes were out there. And then a friend said they wanted links to those colour palettes, so here’s a blog post so my friend can see them, and all the rest of you too :)
my favourites
The ones I liked the most were:
- uchū (css file, FAQ)
- flexoki (css file)
- reasonable colours, which seems to have a focus on accessibility (css file)
more colour palettes
colourscheme generators
Folks also linked to a bunch of colour palette generators
I’ve always found these types of generators too hard to use but maybe one day I will get better enough at colour that I’m able to use a colour palette generator successfully so I’ll leave those links there anyway.
and more colour tools:
- colorhexa has some info about colorblindness
oklch
Generative colors with CSS gives an example of
how to use the oklch CSS function to dynamically generate colors.
Hello! One of my long term projects on here is figuring out how to write frontend Javascript without using Node or any other server JS runtime.
One issue I run into a lot in my frontend JS projects is that I don’t know how to write tests for them. I’ve tried to use Playwright in the past, but it felt slow and unwieldy to be starting these new browser processes all the time, and it involved some Node code to orchestrate the tests.
The result is that I just don’t test my frontend code which doesn’t feel great. Usually I don’t update my projects much either so it doesn’t come up that much, but it would be nice to be able to make changes with more confidence! So a way to do frontend testing that I like has been on my wishlist for a long time.
idea: just run the tests in the browser tab
Alex Chan wrote a great post a while back called Testing JavaScript without a (third-party) framework in response to one of my previous posts in this series that explained how to write a tiny unit-testing framework that runs in a page in browser.
I loved this post at the time, but it only talked about unit testing and I wanted to write end-to-end integration tests for my Vue components, and I didn’t know how to do that.
So when I was talking to Marco the other day and he said something like “you know, you can just run tests for your Vue components in the browser”, I thought “hey, I should try that again!!!”
I just did all of this yesterday so certainly there’s a lot to improve but I wanted to write down a few things I noticed about the process before I forget.
This was a bit tricky for me because the Vue site usually assumes that you’re
using Node as part of your build process in some way (there’s a lot of “step 1:
npm install THING), and I didn’t want to use Node/Deno/etc. But it turned
out to not be too complicated.
The project I’m going to talk about testing is this zine feedback site I wrote in 2023.
the test framework: QUnit
I used QUnit. It worked great but I don’t have anything interesting to say about how it works so I’ll leave it at that. I think that Alex’s “write your own test framework” approach would have worked too. I followed these directions.
I did appreciate that QUnit has a “rerun test” button that will only rerun 1 test. Because there are so many network requests in my tests, having a way to run just 1 test makes it a lot less confusing to debug the test.
step 1: set up the component for testing
The first thing I needed to do was get my Vue components set up in the test environment.
I changed my main app to put all my components in window._components,
kind of like this:
const components = {
'Feedback': FeedbackComponent,
...
}
window._components = components;
Then I was able to write a mountComponent function which
does basically exactly the same thing my normal main app does
(render a tiny template with the component I want to use).
The only differences are:
- I can optionally pass some some extra data to use as its props.
- It mounts the component to a temporary invisible div which will get removed
from the DOM after the test is done. The div is positioned off the page
(
position: absolute; top: -10000, ...) so you can’t see it.
Here’s what using the mountComponent function looks like:
const {div} = mountComponent(
'<Page :feedbacks="feedbacks" id=2 />',
{feedbacks: [testFeedback]},
);
and here’s the code for it:
function mountComponent(template, data) {
const app = Vue.createApp({
template: template,
data: () => data,
})
for (const [c, v] of Object.entries(window._components)) {
app.component(c, v);
}
const div = document.getElementById('qunit-fixture')
.appendChild(document.createElement('div'));
return div;
}
The result is a div where I can programmatically click, fill in form data, check that the right content appears, etc.
step 2: add some fixture data
Because I was writing end-to-end integration tests to make sure my client JS worked properly with my server, I needed to have some test data in my database. So I wrote ~25 lines of SQL to set up some test data in my database, and added an endpoint to my dev server to run the SQL to reset the test data to a known state.
async function reset() {
return fetch('/api/reset_test_data', {method: "POST"})
}
Then I just run await reset() at the beginning of any test that needs the
test data.
My reset() function actually doesn’t always totally reset everything which is
kind of bad, but it was workable to start with and can always be improved.
step 3: a basic test
Here’s what a basic test looks like! Basically we’re rendering the div and make sure it contains some approximately correct data.
QUnit.test('renders feedback content', async function (assert) {
const {div} = mountComponent(
'<Page :feedbacks="feedbacks" id=2 image=2 page_hash=2 />',
{feedbacks: [testFeedback]},
);
assert.ok(div.textContent.includes('loved this section'));
})
Those are all the basic pieces! Now here are a few issues I ran into along the way
waiting for parts of the page to render
I have a lot of network requests in my tests, and it takes time for them to finish and for the Vue code to do what it has to do with the results and update the DOM.
I think we all learned a long time ago that putting random sleep() calls in
your tests and hoping that the timings are right is slow and flaky and extremely
frustrating, so I needed a different way.
As far as I can tell the normal way to deal with this is to figure out a way to tell from the DOM whether it’s okay to proceed or not. Like “if this button is visible, we can “.
So I wrote a little waitFor() function that polls every 20ms to see if a
condition has finished yet. It times out after 2 seconds.
Here’s what using it looks like:
QUnit.test("click item", async function (assert) {
const {div} = mountComponent(
'<Feedback zine_id="test123" image_width="800px" />',
{});
const item = await waitFor(() => div.querySelector('.feedback-item'));
item.click();
// rest of test goes here...
})
It looks like there are a lot of implementations of this concept out there and they’re all better thought-through than mine. (from a quick Google: qunit-wait-for, playwright expect.poll)
figuring out the right thing to wait for is not straightforward
In some cases I thought I’d identified the right thing to wait for in the DOM (“just wait for this textarea to appear!’) but it turned out that because of some internal details of how my program works, actually I needed to wait for something else later on which was hard to pin down.
I ended up changing one of my components to add some random value to the DOM
when it was finished an important action (like data-this-thing-is-ready=true)
which didn’t feel great.
My best guess is that the right way to fix this kind of test issue is a refactor that also makes the app more reliable for the users: if there’s an element in the DOM that isn’t actually ready for the user to interact with, maybe I shouldn’t be displaying it yet!
adding some CSS classes to identify things (but is that right?)
I ended up adding a few classes to HTML elements that I needed to find in the tests, either because I needed to click on them or wait for them to appear in the DOM.
I might want to change this approach later - frontend testing frameworks seem to suggest avoiding using CSS classes and instead using something like getByRole or as a last resort something like a data-testid. Feels like there’s a way to make the app more accessible and easier to test at the same time.
filling out forms is tricky
To fill out a form, I can’t just set the value, I also need to dispatch an
event to tell Vue that the element has changed. For example, checkbox and
textarea need different kinds of events.
textarea.value = 'banana banana banana';
textarea.dispatchEvent(new Event('input'));
checkbox.checked = true;
checkbox.dispatchEvent(new Event('change'));
This is kind of annoying and it made me realize why I might want to use some kind of UI testing library, for example:
- Testing Library’s example of filling out a form looks extremely different from what I’m doing
- Vue Test Utils: their section on form handling looks like it simplifies this a lot.
test coverage
I want to have an idea of what my test coverage was, and it turns out that Chrome actually has a built-in code coverage feature for JS and CSS!
My JS is bundled into a file called bundle.js with esbuild, so I could just
look at bundle.js and see which lines weren’t covered.
The process was a little finicky: I had to turn off sourcemaps in the Chrome devtools to get this to work, and there’s a specific not super obvious series of actions I have to do in order to see the coverage data.
this was so fun!
As usual with these posts I’ve never really worked as a frontend or backend developer (other than for myself!) and I feel like I’m constantly learning how to do super basic tasks.
I really had a blast doing this. My frontend projects always feel so fragile because they’re untested, and maybe one day I’ll have a test suite I’m confident in!
Some things I’m still thinking about:
- While writing this post I found this frontend testing library called
Testing Library that has a lot of
guidelines for how to write tests that are very different from my initial ideas.
I experimented with rewriting everything to use Testing Library and it felt
pretty good, so we’ll see how that goes. They distribute a
.umd.jsfile that works without Node. - I’m not sure how I feel about not having a way to run these tests on the command line at all. Maybe there’s a simple way to work primarily in the browser but have an way to run them in CI too if I want?
Hello! My big takeaway from last month’s musings about man pages was that examples in man pages are really great, so I worked on adding (or improving) examples to two of my favourite tools’ man pages.
Here they are:
- the dig man page (now with examples)
- the tcpdump man page examples (this one is an update to the previous examples)
the goal: include the most basic examples
The goal here was really just to give the absolute most basic examples of how to use the tool, for people who use tcpdump or dig infrequently (or have never used it before!) and don’t remember how it works.
So far saying “hey, I want to write an examples section for beginners and infrequent users of this tools” has been working really well. It’s easy to explain, I think it makes sense from everything I’ve heard from users about what they want from a man page, and maintainers seem to find it compelling.
Thanks to Denis Ovsienko, Guy Harris, Ondřej Surý, and everyone else who reviewed the docs changes, it was a good experience and left me motivated to do a little more work on man pages.
why improve the man pages?
I’m interested in working on tools’ official documentation right now because:
- Man pages can actually have close to 100% accurate information! Going through a review process to make sure that the information is actually true has a lot of value.
- Even with basic questions “what are the most commonly used tcpdump flags”,
often maintainers are aware of useful features that I’m not! For
example I learned by working on these tcpdump examples that if you’re saving
packets to a file with
tcpdump -w out.pcap, it’s useful to pass-vto print a live summary of how many packets have been captured so far. That’s really useful, I didn’t know it, and I don’t think I ever would have noticed it on my own.
It’s kind of a weird place for me to be because honestly I always kind of assume documentation is going to be hard to read, and I usually just skip it and read a blog post or Stack Overflow comment or ask a friend instead. But right now I’m feeling optimistic, like maybe the documentation doesn’t have to be bad? Maybe it could be just as good as reading a really great blog post, but with the benefit of also being actually correct? I’ve been using the Django documentation recently, and it’s really good! We’ll see.
on avoiding writing the man page language
The tcpdump project tool’s man page is
written in the roff language,
which is kind of hard to use and that I really did not feel like learning it.
I handled this by writing a very basic markdown-to-roff script to convert Markdown to roff, using similar conventions to what the man page was already using. I could maybe have just used pandoc, but the output pandoc produced seemed pretty different, so I thought it might be better to write my own script instead. Who knows.
I did think it was cool to be able to just use an existing Markdown library’s ability to parse the Markdown AST and then implement my own code-emitting methods to format things in a way that seemed to make sense in this context.
man pages are complicated
I went on a whole rabbit hole learning about the history of roff, how it’s
evolved since the 70s, and who’s working on it today, inspired by learning about
the mandoc project that BSD systems (and some Linux
systems, and I think Mac OS) use for formatting man pages. I won’t say more
about that today though, maybe another time.
In general it seems like there’s a technical and cultural divide in how documentation works on BSD and on Linux that I still haven’t really understood, but I have been feeling curious about what’s going on in the BSD world.
Hello! After spending some time working on the Git man pages last year, I’ve been thinking a little more about what makes a good man page.
I’ve spent a lot of time writing cheat sheets for tools (tcpdump, git, dig, etc) which have a man page as their primary documentation. This is because I often find the man pages hard to navigate to get the information I want.
Lately I’ve wondering – could the man page itself have an amazing cheat sheet in it? What might make a man page easier to use? I’m still very early in thinking about this but I wanted to write down some quick notes.
I asked some people on Mastodon for their favourite man pages, and here are some examples of interesting things I saw on those man pages.
an OPTIONS SUMMARY
If you’ve read a lot of man pages you’ve probably seen something like this in
the SYNOPSIS: once you’re listing almost the entire alphabet, it’s hard
ls [-@ABCFGHILOPRSTUWabcdefghiklmnopqrstuvwxy1%,]
grep [-abcdDEFGHhIiJLlMmnOopqRSsUVvwXxZz]
The rsync man page has a solution I’ve never seen before: it keeps its SYNOPSIS very terse, like this:
Local:
rsync [OPTION...] SRC... [DEST]
and then has an “OPTIONS SUMMARY” section with a 1-line summary of each option, like this:
--verbose, -v increase verbosity
--info=FLAGS fine-grained informational verbosity
--debug=FLAGS fine-grained debug verbosity
--stderr=e|a|c change stderr output mode (default: errors)
--quiet, -q suppress non-error messages
--no-motd suppress daemon-mode MOTD
Then later there’s the usual OPTIONS section with a full description of each option.
an OPTIONS section organized by category
The strace man page organizes its options by category (like “General”, “Startup”, “Tracing”, and “Filtering”, “Output Format”) instead of alphabetically.
As an experiment I tried to take the grep man page and make an
“OPTIONS SUMMARY” section grouped by category, you can see the results
here. I’m not
sure what I think of the results but it was a fun exercise. When I was writing
that I was thinking about how I can never remember the name of the -l grep
option. It always takes me what feels like forever to find it in the man page
and I was trying to think of what structure would make it easier for me to find.
Maybe categories?
a cheat sheet
A couple of people pointed me to the suite of Perl man pages (perlfunc, perlre, etc), and one thing I
noticed was man perlcheat, which has
cheat sheet sections like this:
SYNTAX
foreach (LIST) { } for (a;b;c) { }
while (e) { } until (e) { }
if (e) { } elsif (e) { } else { }
unless (e) { } elsif (e) { } else { }
given (e) { when (e) {} default {} }
I think this is so cool and it makes me wonder if there are other ways to write condensed ASCII 80-character-wide cheat sheets for use in man pages.
examples are very popular
A common comment was something to the effect of “I like any man page that has examples”. Someone mentioned the OpenBSD man pages, and the openbsd tail man page has examples of the exact 2 ways I use tail at the end.
I think I’ve most often seen the EXAMPLES section at the end of the man page, but some man pages (like the rsync man page from earlier) start with the examples. When I was working on the git-add and git rebase man pages I put a short example at the beginning.
a table of contents, and links between sections
This isn’t a property of the man page itself, but one issue with man pages in the terminal is it’s hard to know what sections the man page has.
When working on the Git man pages, one thing Marie and I did was to add a table of contents to the sidebar of the HTML versions of the man pages hosted on the Git site.
I’d also like to add more hyperlinks to the HTML versions of the Git man pages at some point, so that you can click on “INCOMPATIBLE OPTIONS” to get to that section. It’s very easy to add links like this in the Git project since Git’s man pages are generated with AsciiDoc.
I think adding a table of contents and adding internal hyperlinks is kind of a nice middle ground where we can make some improvements to the man page format (in the HTML version of the man page at least) without maintaining a totally different form of documentation. Though for this to work you do need to set up a toolchain like Git’s AsciiDoc system.
It would be amazing if there were some kind of universal system to make it easy
to look up a specific option in a man page (“what does -a do?”).
The best trick I know is use the man pager to search for something like ^ *-a
but I never remember to do it and instead just end up going through
every instance of -a in the man page until I find what I’m looking for.
examples for every option
The curl man page has examples for every option, and there’s also a table of contents on the HTML version so you can more easily jump to the option you’re interested in.
For instance the example for --cert makes it easy to see that you likely also want to pass the --key option, like this:
curl --cert certfile --key keyfile https://example.com
The way they implement this is that there’s [one file for each option](https://github.com/curl/curl/blob/dc08922a61efe546b318daf964514ffbf41583 25/docs/cmdline-opts/append.md) and there’s an “Example” field in that file.
formatting data in a table
Quite a few people said that man ascii was their favourite man page, which looks like this:
Oct Dec Hex Char
───────────────────────────────────────────
000 0 00 NUL '\0' (null character)
001 1 01 SOH (start of heading)
002 2 02 STX (start of text)
003 3 03 ETX (end of text)
004 4 04 EOT (end of transmission)
005 5 05 ENQ (enquiry)
006 6 06 ACK (acknowledge)
007 7 07 BEL '\a' (bell)
010 8 08 BS '\b' (backspace)
011 9 09 HT '\t' (horizontal tab)
012 10 0A LF '\n' (new line)
Obviously man ascii is an unusual man page but I think what’s cool about this man page (other than the fact that it’s always
useful to have an ASCII reference) is it’s very easy to scan to find the
information you need because of the table format. It makes me wonder if there
are more opportunities to display information in a “table” in a man page to make
it easier to scan.
the GNU approach
When I talk about man pages it often comes up that the GNU coreutils man pages (for example man tail) don’t have examples, unlike the OpenBSD man pages, which do have examples.
I’m not going to get into this too much because it seems like a fairly political topic and I definitely can’t do it justice here, but here are some things I believe to be true:
- The GNU project prefers to maintain documentation in “info” manuals instead of man pages. This page says “the man pages are no longer being maintained”.
- There are 3 ways to read “info” manuals: their HTML version, in Emacs, or with a standalone
infotool. I’ve heard from some Emacs users that they like the Emacs info browser. I don’t think I’ve ever talked to anyone who uses the standaloneinfotool. - The info manual entry for tail is linked at the bottom of the man page, and it does have examples
- The FSF used to sell print books of the GNU software manuals (and maybe they still do sometimes?)
After a certain level of complexity a man page gets really hard to navigate: while I’ve never used the coreutils info manual and probably won’t, I would almost certainly prefer to use the GNU Bash reference manual or the The GNU C Library Reference Manual via their HTML documentation rather than through a man page.
a few more man-page-adjacent things
Here are some tools I think are interesting:
- The fish shell comes with a Python script to automatically generate tab completions from man pages
- tldr.sh is a community maintained database of examples, for example you can run it as
tldr grep. Lots of people have told me they find it useful. - the Dash Mac docs browser has a nice man page viewer in it. I still use the terminal man page viewer but I like that it includes a table of contents, it looks like this:
it’s interesting to think about a constrained format
Man pages are such a constrained format and it’s fun to think about what you can do with such limited formatting options.
Even though I’m very into writing I’ve always had a bad habit of never reading documentation and so it’s a little bit hard for me to think about what I actually find useful in man pages, I’m not sure whether I think most of the things in this post would improve my experience or not. (Except for examples, I LOVE examples)
So I’d be interested to hear about other man pages that you think are well designed and what you like about them, the comments section is here.
Hello! One of my favourite things is starting to learn an Old Boring Technology that I’ve never tried before but that has been around for 20+ years. It feels really good when every problem I’m ever going to have has been solved already 1000 times and I can just get stuff done easily.
I’ve thought it would be cool to learn a popular web framework like Rails or Django or Laravel for a long time, but I’d never really managed to make it happen. But I started learning Django to make a website a few months back, I’ve been liking it so far, and here are a few quick notes!
less magic than Rails
I spent some time trying to learn Rails in 2020,
and while it was cool and I really wanted to like Rails (the Ruby community is great!),
I found that if I left my Rails project alone for months, when I came
back to it it was hard for me to remember how to get anything done because
(for example) if it says resources :topics in your routes.rb, on its own
that doesn’t tell you where the topics routes are configured, you need to
remember or look up the convention.
Being able to abandon a project for months or years and then come back to it is really important to me (that’s how all my projects work!), and Django feels easier to me because things are more explicit.
In my small Django project it feels like I just have 5 main files (other
than the settings files): urls.py, models.py, views.py, admin.py, and
tests.py, and if I want to know where something else is (like an HTML template)
is then it’s usually explicitly referenced from one of those files.
a built-in admin
For this project I wanted to have an admin interface to manually edit or view some of the data in the database. Django has a really nice built-in admin interface, and I can customize it with just a little bit of code.
For example, here’s part of one of my admin classes, which sets up which fields to display in the “list” view, which field to search on, and how to order them by default.
@admin.register(Zine)
class ZineAdmin(admin.ModelAdmin):
list_display = ["name", "publication_date", "free", "slug", "image_preview"]
search_fields = ["name", "slug"]
readonly_fields = ["image_preview"]
ordering = ["-publication_date"]
it’s fun to have an ORM
In the past my attitude has been “ORMs? Who needs them? I can just write my own SQL queries!”.
I’ve been enjoying Django’s ORM so far though, and I think it’s cool how Django
uses __ to represent a JOIN, like this:
Zine.objects
.exclude(product__order__email_hash=email_hash)
This query involves 5 tables: zines, zine_products, products, order_products, and orders.
To make this work I just had to tell Django that there’s a ManyToManyField
relating “orders” and “products”, and another ManyToManyField relating
“zines”, and “products”, so that it knows how to connect zines, orders, products.
I definitely could write that query, but writing product__order__email_hash is
a lot less typing, it feels a lot easier to read, and honestly I think it would
take me a little while to figure out how to construct the query
(which needs to do a few other things than just those joins).
I have zero concern about the performance of my ORM-generated queries so I’m pretty excited about ORMs for now, though I’m sure I’ll find things to be frustrated with eventually.
automatic migrations!
The other great thing about the ORM is migrations!
If I add, delete, or change a field in models.py, Django will automatically
generate a migration script like migrations/0006_delete_imageblob.py.
I assume that I could edit those scripts if I wanted, but so far I’ve just been running the generated scripts with no change and it’s been going great. It really feels like magic.
I’m realizing that being able to do migrations easily is important for me right now because I’m changing my data model fairly often as I figure out how I want it to work.
I like the docs
I had a bad habit of never reading the documentation but I’ve been really enjoying the parts of Django’s docs that I’ve read so far. This isn’t by accident: Jacob Kaplan-Moss has a talk from PyCon 2011 on Django’s documentation culture.
For example the intro to models lists the most important common fields you might want to set when using the ORM.
using sqlite
After having a bad experience trying to operate Postgres and not being able to
understand what was going on, I decided to run all of my small websites with
SQLite instead. It’s been going way better, and I love being able to backup by
just doing a VACUUM INTO and then copying the resulting single file.
I’ve been following these instructions for using SQLite with Django in production.
I think it should be fine because I’m expecting the site to have a few hundred writes per day at most, much less than Mess with DNS which has a lot more of writes and has been working well (though the writes are split across 3 different SQLite databases).
built in email (and more)
Django seems to be very “batteries-included”, which I love – if I want CSRF
protection, or a Content-Security-Policy, or I want to send email, it’s all
in there!
For example, I wanted to save the emails Django sends to a file in dev mode (so that it didn’t send real email to real people), which was just a little bit of configuration.
I just put this settings/dev.py:
EMAIL_BACKEND = "django.core.mail.backends.filebased.EmailBackend"
EMAIL_FILE_PATH = BASE_DIR / "emails"
and then set up the production email like this in settings/production.py
EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
EMAIL_HOST = "smtp.whatever.com"
EMAIL_PORT = 587
EMAIL_USE_TLS = True
EMAIL_HOST_USER = "xxxx"
EMAIL_HOST_PASSWORD = os.getenv('EMAIL_API_KEY')
That made me feel like if I want some other basic website feature, there’s likely to be an easy way to do it built into Django already.
the settings file still feels like a lot
I’m still a bit intimidated by the settings.py file: Django’s settings system
works by setting a bunch of global variables in a file, and I feel a bit
stressed about… what if I make a typo in the name of one of those variables?
How will I know? What if I type WSGI_APPLICATOIN = "config.wsgi.application"
instead of WSGI_APPLICATION?
I guess I’ve gotten used to having a Python language server tell me when I’ve made a typo and so now it feels a bit disorienting when I can’t rely on the language server support.
that’s all for now!
I haven’t really successfully used an actual web framework for a project before (right now almost all of my websites are either a single Go binary or static sites), so I’m interested in seeing how it goes!
There’s still lots for me to learn about, I still haven’t really gotten into Django’s form validation tooling or authentication systems.
Thanks to Marco Rogers for convincing me to give ORMs a chance.
(we’re still experimenting with the comments-on-Mastodon system! Here are the comments on Mastodon! tell me your favourite Django feature!)
Hello! This past fall, I decided to take some time to work on Git’s documentation. I’ve been thinking about working on open source docs for a long time – usually if I think the documentation for something could be improved, I’ll write a blog post or a zine or something. But this time I wondered: could I instead make a few improvements to the official documentation?
So Marie and I made a few changes to the Git documentation!
a data model for Git
After a while working on the documentation, we noticed that Git uses the terms “object”, “reference”, or “index” in its documentation a lot, but that it didn’t have a great explanation of what those terms mean or how they relate to other core concepts like “commit” and “branch”. So we wrote a new “data model” document!
You can read the data model here for now. I assume at some point (after the next release?) it’ll also be on the Git website.
I’m excited about this because understanding how Git organizes its commit and branch data has really helped me reason about how Git works over the years, and I think it’s important to have a short (1600 words!) version of the data model that’s accurate.
The “accurate” part turned out to not be that easy: I knew the basics of how Git’s data model worked, but during the review process I learned some new details and had to make quite a few changes (for example how merge conflicts are stored in the staging area).
updates to git push, git pull, and more
I also worked on updating the introduction to some of Git’s core man pages. I quickly realized that “just try to improve it according to my best judgement” was not going to work: why should the maintainers believe me that my version is better?
I’ve seen a problem a lot when discussing open source documentation changes where 2 expert users of the software argue about whether an explanation is clear or not (“I think X would be a good way to explain it! Well, I think Y would be better!”)
I don’t think this is very productive (expert users of a piece of software are notoriously bad at being able to tell if an explanation will be clear to non-experts), so I needed to find a way to identify problems with the man pages that was a little more evidence-based.
getting test readers to identify problems
I asked for test readers on Mastodon to read the current version of documentation and tell me what they find confusing or what questions they have. About 80 test readers left comments, and I learned so much!
People left a huge amount of great feedback, for example:
- terminology they didn’t understand (what’s a pathspec? what does “reference” mean? does “upstream” have a specific meaning in Git?)
- specific confusing sentences
- suggestions of things things to add (“I do X all the time, I think it should be included here”)
- inconsistencies (“here it implies X is the default, but elsewhere it implies Y is the default”)
Most of the test readers had been using Git for at least 5-10 years, which I think worked well – if a group of test readers who have been using Git regularly for 5+ years find a sentence or term impossible to understand, it makes it easy to argue that the documentation should be updated to make it clearer.
I thought this “get users of the software to comment on the existing documentation and then fix the problems they find” pattern worked really well and I’m excited about potentially trying it again in the future.
the man page changes
We ended updating these 4 man pages:
git add(before, after)git checkout(before, after)git push(before, after)git pull(before, after)
The git push and git pull changes were the most interesting to me: in
addition to updating the intro to those pages, we also ended up writing:
- a section describing what the term “upstream branch” means (which previously wasn’t really explained)
- a cleaned-up description of what a “push refspec” is
Making those changes really gave me an appreciation for how much work it is
to maintain open source documentation: it’s not easy to write things that are
both clear and true, and sometimes we had to make compromises, for example the sentence
“git push may fail if you haven’t set an upstream for the current branch,
depending on what push.default is set to.” is a little vague, but the exact
details of what “depending” means are really complicated and untangling that is
a big project.
on the process for contributing to Git
It took me a while to understand Git’s development process. I’m not going to try to describe it here (that could be a whole other post!), but a few quick notes:
- Git has a Discord server with a “my first contribution” channel for help with getting started contributing. I found people to be very welcoming on the Discord.
- I used GitGitGadget to make all of my contributions. This meant that I could make a GitHub pull request (a workflow I’m comfortable with) and GitGitGadget would convert my PRs into the system the Git developers use (emails with patches attached). GitGitGadget worked great and I was very grateful to not have to learn how to send patches by email with Git.
- Otherwise I used my normal email client (Fastmail’s web interface) to reply to emails, wrapping my text to 80 character lines since that’s the mailing list norm.
I also found the mailing list archives on lore.kernel.org hard to navigate, so I hacked together my own git list viewer to make it easier to read the long mailing list threads.
Many people helped me navigate the contribution process and review the changes: thanks to Emily Shaffer, Johannes Schindelin (the author of GitGitGadget), Patrick Steinhardt, Ben Knoble, Junio Hamano, and more.
(I’m experimenting with comments on Mastodon, you can see the comments here)
The new MCP authorization spec is here! Today marks the one-year anniversary of the Model Context Protocol, and with it, the launch of the new 2025-11-25 specification.
I’ve been helping out with the authorization part of the spec for the last several months, working to make sure we aren't just shipping something that works for hobbyists, but something that even scales to the enterprise. If you’ve been following my posts like Enterprise-Ready MCP or Let's Fix OAuth in MCP, you know this has been a bit of a journey over the past year.
The new spec just dropped, and while there are a ton of great updates across the board, far more than I can get in to in this blog post, there are two changes in the authorization layer that I am most excited about. They fundamentally change how clients identify themselves and how enterprises manage access to AI-enabled apps.
Client ID Metadata Documents (CIMD)
If you’ve ever tried to work with an open ecosystem of OAuth clients and servers, you know the "Client Registration" problem. In traditional OAuth, you go to a developer portal, register your app, and get a client_id and client_secret. That works great when there is one central server (like Google or GitHub) and many clients that want to use that server.
It breaks down completely in an open ecosystem like MCP, where we have many clients talking to many servers. You can't expect a developer of a new AI Agent to manually register with every single one of the 2,000 MCP servers in the MCP server registry. Plus, when a new MCP server launches, that server wouldn't be able to ask every client developer to register either.
Until now, the answer for MCP was Dynamic Client Registration (DCR). But as implementation experiences has shown us over the last several months, DCR introduces a massive amount of complexity and risk for both sides.
For Authorization Servers, DCR endpoints are a headache. They require public-facing APIs that need strict rate limiting to prevent abuse, and they lead to unbounded database growth as thousands of random clients register themselves. The number of client registrations will only ever increase, so the authorization server is likely to implement some sort of "cleanup" mechanism to delete old client registrations. The problem is there is no clear definition of what an "old" client is. And if a dynamically registered client is deleted, the client doesn't know about it, and the user is often stuck with no way to recover. Because of the security implications of an endpoint like this, DCR has also been a massive barrier to enterprise adoption of MCP.
For Clients, it’s just as bad. They have to manage the lifecycle of their client credentials on top of the actual access tokens, and there is no standardized way to check if the client registration is still valid. This frequently leads to sloppy implementations where clients simply register a brand new client_id every single time a user logs in, further increasing the number of client registrations at the authorization server. This isn't a theoretical problem, this is also how Mastodon has worked for the last several years, and has some GitHub issue threads describing the challenges it creates.
The new MCP spec solves this by adopting Client ID Metadata Documents.
The OAuth Working Group adopted the Client ID Metadata Document spec in October after about a year of discussion, so it's still relatively new. But seeing it land as the default mechanism in MCP is huge. Instead of the client registering with each authorization server, the client establishes its own identity with a URL it controls and uses the URL to identify itself during an OAuth flow.
When the client starts an OAuth request to the MCP authorization server, it says, "Hi, I'm https://example-app.com/client.json." The server fetches the JSON document at that URL and finds the client's metadata (logo, name, redirect URIs) and proceeds on as usual.
This creates a decentralized trust model based on DNS. If you trust example.com, you trust the client. It removes the registration friction entirely while keeping the security guarantees we need. It’s the same pattern we’ve used in IndieAuth for over a decade, and it fits MCP perfectly.
There are definitely some new considerations and risks this brings, so it's worth diving into the details about Client ID Metadata Documents in the MCP spec as well as the IETF spec. For example, if you're building an MCP client that is running on a web server, you can actually manage private keys and publish the public keys in your metadata document, enabling strong client authentication. And like Dynamic Client Registration, there are still limitations for how desktop clients can leverage this, which can hopefully be solved by a future extension. I talked more about this during a hugely popular session at the Internet Identity Workshop in October, you can find the slides here.
You can try out this new flow today in VSCode, the first MCP client to ship support for CIMD even before it was officially in the spec. You can also learn more and test it out at the excellent website the folks at Stytch created: client.dev.
Enterprise-Managed Authorization (Cross App Access)
This is the big one for anyone asking, "Is MCP safe to use in the enterprise?"
Until now, when an AI agent connected to an MCP server, the connection was established directly between the MCP client and server. For example if you are using ChatGPT to connect to the Asana MCP server, ChatGPT would start an OAuth flow to Asana. But if your Asana account is actually connected to an enterprise IdP like Okta, Okta would only see that you're logging in to Asana, and wouldn't be aware of the connection established between ChatGPT and Asana. This means today there are a huge number of what are effectively unmanaged connections between MCP clients and servers in the enterprise. Enterprise IT admins hate this because it creates "Shadow IT" connections that bypass enterprise policy.
The new MCP spec incorporates Cross App Access (XAA) as the authorization extension "Enterprise-Managed Authorization".
This builds on the work I discussed in Enterprise-Ready MCP leveraging the Identity Assertion Authorization Grant. The flow puts the enterprise Identity Provider (IdP) back in the driver's seat.
Here is how it works:
-
Single Sign-On: First you log into an MCP Client (like Claude or an IDE) using your corporate SSO, the client gets an ID token.
-
Token Exchange: Instead of the client starting an OAuth flow to ask the user to manually approve access to a downstream tool (like an Asana MCP server), the client takes that ID token back to the Enterprise IdP to ask for access.
-
Policy Check: The IdP checks corporate policy. "Is
Engineeringallowed to useClaudeto accessAsana?" If the policy passes, the IdP issues a temporary token (ID-JAG) that the client can take to the MCP authorization server. -
Access Token Request: The MCP client takes the ID-JAG to the MCP authorization server saying "hey this IdP says you can issue me an access token for this user". The authorization server validates the ID-JAG the same way it would have validated an ID Token (remember this app is also set up for SSO to the same corporate IdP), and issues an access token.
This happens entirely behind the scenes without user interaction. The user doesn't get bombarded with consent screens, and the enterprise admin gets full visibility and revocability. If you want to shut down AI access to a specific internal tool, you do it in one place: your IdP.
Further Reading
There is a lot more in the full spec update, but these two pieces—CIMD for scalable client identity and Cross App Access for enterprise security—are the two I am most excited about. They take MCP to the next level by solving the biggest challenges that were preventing scalable adoption of MCP in the enterprise.
You can read more about the MCP authorization spec update in Den's excellent post, and more about all the updates to the MCP spec in the official announcement post.
Links to docs and specs about everything mentioned in this post are below.
- MCP Authorization Spec 2025-11-25
- Client ID Metadata Document (ietf.org)
- Identity Assertion Authorization Grant (ietf.org)
- Enterprise-Ready MCP
- Evolving Client Registration (blog.modelcontextprotocol.io)
- Cross App Access (oauth.net)
In October, I launched an instance of Meetable for the MCP Community. They've been using it to post working group meetings as well as in-person community events. In just 2 months it already has 41 events listed!
One of the aspects of opening up the software to a new community is stress testing some of the design decisions. An early design decision was intentionally to not support recurring events. For a community calendar, recurring events are often problematic. Once a recurring event is created for something like a weekly meetup, it's no longer clear whether the event is actually going to happen, which is especially true for virtual events. If an organizer of the event silently drops away from the community, it's very likely they will not go delete the event, and you can end up with stale events on the calendar quickly. It's better to have people explicitly create the event on the calendar so that every event was created with intention. To support this, I made a "Clone Event" button to quickly copy the details from a previous instance, and it even predicts the next date based on how often the event has been happening in the past.
But for the MCP community, which is a bit more formal than a purely community calendar, most of the events on their site are weekly or biweekly working group meetings. I had been hearing quite a bit of feedback that the current process of scheduling out the events manually, even with the "clone event" feature, was too much of a burden. So I set out to design a solution for recurring events to strike a balance between ease of use and hopefully avoiding some of the pitfalls of recurring events.
What I landed on is this:
You can create an "event template" from any existing event on the calendar, and give it a recurrence interval like "Every week on Tuesdays" or "Monthly on the 9th".

(I'll add an option for "Monthly on the second Tuesday" later if this ends up being used enough.)
Once the schedule is created, copies of the event will be created at the chosen interval, but only a few weeks out. For weekly events, 4 weeks in advance will be created, biweekly will get scheduled 8 weeks out, monthly events 4 months out, and yearly events will have only the next year scheduled. Every day a cron job will create future events at the scheduled interval in advance. If the event template is deleted, future scheduled events will also be deleted.
So effectively for organizers there is nothing they need to do after creating the recurring event schedule. My hope is by having it work this way, instead of like recurring events on a typical Google calendar, it strikes a balance between ease of use but avoids orphaned events on the calendar. It still requires an organizer to delete a recurrence, so should only be used for events that truly have a schedule and are unlikely to be cancelled often.
Hopefully this makes Meetable even more useful for different kinds of communities! You can install your own copy of Meetable from the source code on GitHub.
Today I just launched support for BlueSky as a new authentication option in IndieLogin.com!
IndieLogin.com is a developer service that allows users to log in to a website with their domain. It delegates the actual user authentication out to various external services, whether that is an IndieAuth server, GitHub, GitLab, Codeberg, or just an email confirmation code, and now also BlueSky.
This means if you have a custom domain as your BlueSky handle, you can now use it to log in to websites like indieweb.org directly!

Alternatively, you can add a link to your BlueSky handle from your website with a rel="me atproto" attribute, similar to how you would link to your GitHub profile from your website.
<a href="https://example.bsky.social" rel="me atproto">example.bsky.social</a>
This is made possible thanks to BlueSky's support of the new OAuth Client ID Metadata Document specification, which was recently adopted by the OAuth Working Group. This means as the developer of the IndieLogin.com service, I didn't have to register for any BlueSky API keys in order to use the OAuth server! The IndieLogin.com website publishes its own metadata which the BlueSky OAuth server can use to fetch the metadata from. This is the same client metadata that an IndieAuth server will parse as well! Aren't standards fun!
The hardest part about the whole process was probably adding DPoP support. Actually creating the DPoP JWT wasn't that bad but the tricky part was handling the DPoP server nonces sent back. I do wish we had a better solution for that mechanism in DPoP, but I remember the reasoning for doing it this way and I guess we just have to live with it now.
This was a fun exercise in implementing a bunch of the specs I've been working on recently!
- OAuth 2.1
- DPoP
- Client ID Metadata Document
- Pushed Authorization Requests
- OAuth for Browser-Based Apps
- Protected Resource Metadata
Here's the link to the full ATProto OAuth docs for reference.
Hello! Earlier this summer I was talking to a friend about how much I love using fish, and how I love that I don’t have to configure it. They said that they feel the same way about the helix text editor, and so I decided to give it a try.
I’ve been using it for 3 months now and here are a few notes.
why helix: language servers
I think what motivated me to try Helix is that I’ve been trying to get a working language server setup (so I can do things like “go to definition”) and getting a setup that feels good in Vim or Neovim just felt like too much work.
After using Vim/Neovim for 20 years, I’ve tried both “build my own custom configuration from scratch” and “use someone else’s pre-buld configuration system” and even though I love Vim I was excited about having things just work without having to work on my configuration at all.
Helix comes with built in language server support, and it feels nice to be able to do things like “rename this symbol” in any language.
the search is great
One of my favourite things about Helix is the search! If I’m searching all the files in my repository for a string, it lets me scroll through the potential matching files and see the full context of the match, like this:
For comparison, here’s what the vim ripgrep plugin I’ve been using looks like:
There’s no context for what else is around that line.
the quick reference is nice
One thing I like about Helix is that when I press g, I get a little help popup
telling me places I can go. I really appreciate this because I don’t often use
the “go to definition” or “go to reference” feature and I often forget the
keyboard shortcut.
some vim -> helix translations
- Helix doesn’t have marks like
ma,'a, instead I’ve been usingCtrl+OandCtrl+Ito go back (or forward) to the last cursor location - I think Helix does have macros, but I’ve been using multiple cursors in every
case that I would have previously used a macro. I like multiple cursors a lot
more than writing macros all the time. If I want to batch change something in
the document, my workflow is to press
%(to highlight everything), thensto select (with a regex) the things I want to change, then I can just edit all of them as needed. - Helix doesn’t have neovim-style tabs, instead it has a nice buffer switcher (
<space>b) I can use to switch to the buffer I want. There’s a pull request here to implement neovim-style tabs. There’s also a settingbufferline="multiple"which can act a bit like tabs withgp,gnfor prev/next “tab” and:bcto close a “tab”.
some helix annoyances
Here’s everything that’s annoyed me about Helix so far.
- I like the way Helix’s
:reflowworks much less than how vim reflows text withgq. It doesn’t work as well with lists. (github issue) - If I’m making a Markdown list, pressing “enter” at the end of a list item won’t continue the list. There’s a partial workaround for bulleted lists but I don’t know one for numbered lists.
- No persistent undo yet: in vim I could use an undofile so that I could undo changes even after quitting. Helix doesn’t have that feature yet. (github PR)
- Helix doesn’t autoreload files after they change on disk, I have to run
:reload-all(:ra<tab>) to manually reload them. Not a big deal. - Sometimes it panics, maybe every week or so. I think it might be this issue.
The crashes look something like this:
thread 'main' panicked at helix-core/src/transaction.rs:499:9:
Positions [(2959, AfterSticky), (2959, AfterSticky)] are out of range for changeset len 2945!
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
The “markdown list” and reflowing issues come up a lot for me because I spend a lot of time editing Markdown lists, but I keep using Helix anyway so I guess they can’t be making me that mad.
switching was easier than I thought
I was worried that relearning 20 years of Vim muscle memory would be really hard.
It turned out to be easier than I expected, I started using Helix on a vacation for a little low-stakes coding project I was doing on the side and after a week or two it didn’t feel so disorienting anymore. I think it might be hard to switch back and forth between Vim and Helix, but I haven’t needed to use Vim recently so I don’t know if that’ll ever become an issue for me.
The first time I tried Helix I tried to force it to use keybindings that were more similar to Vim and that did not work for me. Just learning the “Helix way” was a lot easier.
There are still some things that throw me off: for example w in vim and w in
Helix don’t have the same idea of what a “word” is (the Helix one includes the
space after the word, the Vim one doesn’t).
using a terminal-based text editor
For many years I’d mostly been using a GUI version of vim/neovim, so switching to actually using an editor in the terminal was a bit of an adjustment.
I ended up deciding on:
- Every project gets its own terminal window, and all of the tabs in that window (mostly) have the same working directory
- I make my Helix tab the first tab in the terminal window
It works pretty well, I might actually like it better than my previous workflow.
my configuration
I appreciate that my configuration is really simple, compared to my neovim configuration which is hundreds of lines. It’s mostly just 4 keyboard shortcuts.
theme = "solarized_light"
[editor]
# Sync clipboard with system clipboard
default-yank-register = "+"
[keys.normal]
# I didn't like that Ctrl+C was the default "toggle comments" shortcut
"#" = "toggle_comments"
# I didn't feel like learning a different way
# to go to the beginning/end of a line so
# I remapped ^ and $
"^" = "goto_first_nonwhitespace"
"$" = "goto_line_end"
[keys.select]
"^" = "goto_first_nonwhitespace"
"$" = "goto_line_end"
[keys.normal.space]
# I write a lot of text so I need to constantly reflow,
# and missed vim's `gq` shortcut
l = ":reflow"
There’s a separate languages.toml configuration where I set some language
preferences, like turning off autoformatting.
For example, here’s my Python configuration:
[[language]]
name = "python"
formatter = { command = "black", args = ["--stdin-filename", "%{buffer_name}", "-"] }
language-servers = ["pyright"]
auto-format = false
we’ll see how it goes
Three months is not that long, and it’s possible that I’ll decide to go back to Vim at some point. For example, I wrote a post about switching to nix a while back but after maybe 8 months I switched back to Homebrew (though I’m still using NixOS to manage one little server, and I’m still satisfied with that).
The IETF OAuth Working Group has adopted the Client ID Metadata Document specification!
This specification defines a mechanism through which an OAuth client can identify itself to authorization servers, without prior dynamic client registration or other existing registration.
Clients identify themselves with their own URL, and host their metadata (name, logo, redirect URL) in a JSON document at that URL. They then use that URL as the client_id to introduce themselves to an authorization server for the first time.
The mechanism of clients identifying themselves as a URL has been in use in IndieAuth for over a decade, and more recently has been adopted by BlueSky for their OAuth API. The recent surge in interest in MCP has further demonstrated the need for this to be a standardized mechanism, and was the main driver in the latest round of discussion for the document! This could replace Dynamic Client Registration in MCP, dramatically simplifying management of clients, as well as enabling servers to limit access to specific clients if they want.
The folks at Stytch put together a really nice explainer website about it too! cimd.dev
Thanks to everyone for your contributions and feedback so far! And thanks to my co-author Emilia Smith for her work on the document!
I just released some updates for Meetable, my open source event listing website.
The major new feature is the ability to let users log in with a Discord account. A Meetable instance can be linked to a Discord server to enable any member of the server to log in to the site. You can also restrict who can log in based on Discord "roles", so you can limit who can edit events to only certain Discord members.
One of the first questions I get about Meetable is whether recurring events are supported. My answer has always been "no". In general, it's too easy for recurring events on community calendars go get stale. If an organizer forgets to cancel or just stops showing up, that isn't visible unless someone takes the time to clean up the recurrence. Instead, it's healthier to require each event be created manually. There is a "clone event" feature that makes it easy to copy all the details from a previous event to be able to quickly manually create these sorts of recurring events. In this update, I just added a feature to streamline this even further. The next recurrence is now predicted based on the past interval of the event.
For example, for a biweekly cadence, the following steps happen now:
- You would create the first instance manually, say for October 1
- You click "Clone Event" and change the date of the new event to October 15
- Now when you click "Clone Event" on the October 15 event, it will pre-fill October 29 based on the fact that the October 15 event was created 2 weeks after the event it was cloned from
Currently this only works by counting days, so wouldn't work for things like "first Tuesday of the month" or "the 1st of the month", but I hope this saves some time in the future regardless. If "first Tuesday" or specific days of the month are an important use case for you, let me know and I can try to come up with a solution.
Minor changes/fixes below:
- Added "Create New Event" to the "Add Event" dropdown menu because it wasn't obvious "Add Event" was clickable.
- Meeting link no longer appears for cancelled events. (Actually the meeting link only appears for "confirmed" events.)
- If you add a meeting link but don't set a timezone, a warning message appears on the event.
- Added a setting to show a message when uploading a photo, you can use this to describe a photo license policy for example.
- Added a "user profile" page, and if users are configured to fetch profile info from their website, a button to re-fetch the profile info will appear.
Every time I take a Lyft from the San Francisco airport to downtown going up 101, I notice the billboards. The billboards on 101 are always such a good snapshot in time of the current peak of the Silicon Valley hype cycle. I've decided to capture photos of the billboards every time I am there, to see how this changes over time.
Here's a photo dump from the 101 billboards from August 2025. The theme is clearly AI. Apologies for the slightly blurry photos, these were taken while driving 60mph down the highway, some of them at night.
Hello! After many months of writing deep dive blog posts about the terminal, on Tuesday I released a new zine called “The Secret Rules of the Terminal”!
You can get it for $12 here: https://wizardzines.com/zines/terminal, or get an 15-pack of all my zines here.
Here’s the cover:
the table of contents
Here’s the table of contents:
why the terminal?
I’ve been using the terminal every day for 20 years but even though I’m very confident in the terminal, I’ve always had a bit of an uneasy feeling about it. Usually things work fine, but sometimes something goes wrong and it just feels like investigating it is impossible, or at least like it would open up a huge can of worms.
So I started trying to write down a list of weird problems I’ve run into in terminal and I realized that the terminal has a lot of tiny inconsistencies like:
- sometimes you can use the arrow keys to move around, but sometimes pressing the arrow keys just prints
^[[D - sometimes you can use the mouse to select text, but sometimes you can’t
- sometimes your commands get saved to a history when you run them, and sometimes they don’t
- some shells let you use the up arrow to see the previous command, and some don’t
If you use the terminal daily for 10 or 20 years, even if you don’t understand exactly why these things happen, you’ll probably build an intuition for them.
But having an intuition for them isn’t the same as understanding why they happen. When writing this zine I actually had to do a lot of work to figure out exactly what was happening in the terminal to be able to talk about how to reason about it.
the rules aren’t written down anywhere
It turns out that the “rules” for how the terminal works (how do
you edit a command you type in? how do you quit a program? how do you fix your
colours?) are extremely hard to fully understand, because “the terminal” is actually
made of many different pieces of software (your terminal emulator, your
operating system, your shell, the core utilities like grep, and every other random
terminal program you’ve installed) which are written by different people with different
ideas about how things should work.
So I wanted to write something that would explain:
- how the 4 pieces of the terminal (your shell, terminal emulator, programs, and TTY driver) fit together to make everything work
- some of the core conventions for how you can expect things in your terminal to work
- lots of tips and tricks for how to use terminal programs
this zine explains the most useful parts of terminal internals
Terminal internals are a mess. A lot of it is just the way it is because someone made a decision in the 80s and now it’s impossible to change, and honestly I don’t think learning everything about terminal internals is worth it.
But some parts are not that hard to understand and can really make your experience in the terminal better, like:
- if you understand what your shell is responsible for, you can configure your shell (or use a different one!) to access your history more easily, get great tab completion, and so much more
- if you understand escape codes, it’s much less scary when
cating a binary to stdout messes up your terminal, you can just typeresetand move on - if you understand how colour works, you can get rid of bad colour contrast in your terminal so you can actually read the text
I learned a surprising amount writing this zine
When I wrote How Git Works, I thought I
knew how Git worked, and I was right. But the terminal is different. Even
though I feel totally confident in the terminal and even though I’ve used it
every day for 20 years, I had a lot of misunderstandings about how the terminal
works and (unless you’re the author of tmux or something) I think there’s a
good chance you do too.
A few things I learned that are actually useful to me:
- I understand the structure of the terminal better and so I feel more confident debugging weird terminal stuff that happens to me (I was even able to suggest a small improvement to fish!). Identifying exactly which piece of software is causing a weird thing to happen in my terminal still isn’t easy but I’m a lot better at it now.
- you can write a shell script to copy to your clipboard over SSH
- how
resetworks under the hood (it does the equivalent ofstty sane; sleep 1; tput reset) – basically I learned that I don’t ever need to worry about rememberingstty saneortput resetand I can just runresetinstead - how to look at the invisible escape codes that a program is printing out (run
unbuffer program > out; less out) - why the builtin REPLs on my Mac like
sqlite3are so annoying to use (they uselibeditinstead ofreadline)
blog posts I wrote along the way
As usual these days I wrote a bunch of blog posts about various side quests:
- How to add a directory to your PATH
- “rules” that terminal problems follow
- why pipes sometimes get “stuck”: buffering
- some terminal frustrations
- ASCII control characters in my terminal on “what’s the deal with Ctrl+A, Ctrl+B, Ctrl+C, etc?”
- entering text in the terminal is complicated
- what’s involved in getting a “modern” terminal setup?
- reasons to use your shell’s job control
- standards for ANSI escape codes, which is really me trying to figure out if I think the
terminfodatabase is serving us well today
people who helped with this zine
A long time ago I used to write zines mostly by myself but with every project I get more and more help. I met with Marie Claire LeBlanc Flanagan every weekday from September to June to work on this one.
The cover is by Vladimir Kašiković, Lesley Trites did copy editing, Simon Tatham (who wrote PuTTY) did technical review, our Operations Manager Lee did the transcription as well as a million other things, and Jesse Luehrs (who is one of the very few people I know who actually understands the terminal’s cursed inner workings) had so many incredibly helpful conversations with me about what is going on in the terminal.
get the zine
Here are some links to get the zine again:
As always, you can get either a PDF version to print at home or a print version shipped to your house. The only caveat is print orders will ship in August – I need to wait for orders to come in to get an idea of how many I should print before sending it to the printer.
I have never been a C programmer but every so often I need to compile a C/C++
program from source. This has been kind of a struggle for me: for a
long time, my approach was basically “install the dependencies, run make, if
it doesn’t work, either try to find a binary someone has compiled or give up”.
“Hope someone else has compiled it” worked pretty well when I was running Linux but since I’ve been using a Mac for the last couple of years I’ve been running into more situations where I have to actually compile programs myself.
So let’s talk about what you might have to do to compile a C program! I’ll use a couple of examples of specific C programs I’ve compiled and talk about a few things that can go wrong. Here are three programs we’ll be talking about compiling:
step 1: install a C compiler
This is pretty simple: on an Ubuntu system if I don’t already have a C compiler I’ll install one with:
sudo apt-get install build-essential
This installs gcc, g++, and make. The situation on a Mac is more
confusing but it’s something like “install xcode command line tools”.
step 2: install the program’s dependencies
Unlike some newer programming languages, C doesn’t have a dependency manager. So if a program has any dependencies, you need to hunt them down yourself. Thankfully because of this, C programmers usually keep their dependencies very minimal and often the dependencies will be available in whatever package manager you’re using.
There’s almost always a section explaining how to get the dependencies in the README, for example in paperjam’s README, it says:
To compile PaperJam, you need the headers for the libqpdf and libpaper libraries (usually available as libqpdf-dev and libpaper-dev packages).
You may need
a2x(found in AsciiDoc) for building manual pages.
So on a Debian-based system you can install the dependencies like this.
sudo apt install -y libqpdf-dev libpaper-dev
If a README gives a name for a package (like libqpdf-dev), I’d basically
always assume that they mean “in a Debian-based Linux distro”: if you’re on a
Mac brew install libqpdf-dev will not work. I still have not 100% gotten
the hang of developing on a Mac yet so I don’t have many tips there yet. I
guess in this case it would be brew install qpdf if you’re using Homebrew.
step 3: run ./configure (if needed)
Some C programs come with a Makefile and some instead come with a script called
./configure. For example, if you download sqlite’s source code, it has a ./configure script in
it instead of a Makefile.
My understanding of this ./configure script is:
- You run it, it prints out a lot of somewhat inscrutable output, and then it
either generates a
Makefileor fails because you’re missing some dependency - The
./configurescript is part of a system called autotools that I have never needed to learn anything about beyond “run it to generate aMakefile”.
I think there might be some options you can pass to get the ./configure
script to produce a different Makefile but I have never done that.
step 4: run make
The next step is to run make to try to build a program. Some notes about
make:
- Sometimes you can run
make -j8to parallelize the build and make it go faster - It usually prints out a million compiler warnings when compiling the program. I always just ignore them. I didn’t write the software! The compiler warnings are not my problem.
compiler errors are often dependency problems
Here’s an error I got while compiling paperjam on my Mac:
/opt/homebrew/Cellar/qpdf/12.0.0/include/qpdf/InputSource.hh:85:19: error: function definition does not declare parameters
85 | qpdf_offset_t last_offset{0};
| ^
Over the years I’ve learned it’s usually best not to overthink problems like
this: if it’s talking about qpdf, there’s a good change it just means that
I’ve done something wrong with how I’m including the qpdf dependency.
Now let’s talk about some ways to get the qpdf dependency included in the right way.
the world’s shortest introduction to the compiler and linker
Before we talk about how to fix dependency problems: building C programs is split into 2 steps:
- Compiling the code into object files (with
gccorclang) - Linking those object files into a final binary (with
ld)
It’s important to know this when building a C program because sometimes you need to pass the right flags to the compiler and linker to tell them where to find the dependencies for the program you’re compiling.
make uses environment variables to configure the compiler and linker
If I run make on my Mac to install paperjam, I get this error:
c++ -o paperjam paperjam.o pdf-tools.o parse.o cmds.o pdf.o -lqpdf -lpaper
ld: library 'qpdf' not found
This is not because qpdf is not installed on my system (it actually is!). But
the compiler and linker don’t know how to find the qpdf library. To fix this, we need to:
- pass
"-I/opt/homebrew/include"to the compiler (to tell it where to find the header files) - pass
"-L/opt/homebrew/lib -liconv"to the linker (to tell it where to find library files and to link iniconv)
And we can get make to pass those extra parameters to the compiler and linker using environment variables!
To see how this works: inside paperjam’s Makefile you can see a bunch of environment variables, like LDLIBS here:
paperjam: $(OBJS)
$(LD) -o $@ $^ $(LDLIBS)
Everything you put into the LDLIBS environment variable gets passed to the
linker (ld) as a command line argument.
secret environment variable: CPPFLAGS
Makefiles sometimes define their own environment variables that they pass to
the compiler/linker, but make also has a bunch of “implicit” environment
variables which it will automatically pass to the C compiler and linker. There’s a full list of implicit environment variables here,
but one of them is CPPFLAGS, which gets automatically passed to the C compiler.
(technically it would be more normal to use CXXFLAGS for this, but this
particular Makefile hardcodes CXXFLAGS so setting CPPFLAGS was the only
way I could find to set the compiler flags without editing the Makefile)
two ways to pass environment variables to make
I learned thanks to @zwol that there are actually two ways to pass environment variables to make:
CXXFLAGS=xyz make(the usual way)make CXXFLAGS=xyz
The difference between them is that make CXXFLAGS=xyz will override the
value of CXXFLAGS set in the Makefile but CXXFLAGS=xyz make won’t.
I’m not sure which way is the norm but I’m going to use the first way in this post.
how to use CPPFLAGS and LDLIBS to fix this compiler error
Now that we’ve talked about how CPPFLAGS and LDLIBS get passed to the
compiler and linker, here’s the final incantation that I used to get the
program to build successfully!
CPPFLAGS="-I/opt/homebrew/include" LDLIBS="-L/opt/homebrew/lib -liconv" make paperjam
This passes -I/opt/homebrew/include to the compiler and -L/opt/homebrew/lib -liconv to the linker.
Also I don’t want to pretend that I “magically” knew that those were the right arguments to pass, figuring them out involved a bunch of confused Googling that I skipped over in this post. I will say that:
- the
-Icompiler flag tells the compiler which directory to find header files in, like/opt/homebrew/include/qpdf/QPDF.hh - the
-Llinker flag tells the linker which directory to find libraries in, like/opt/homebrew/lib/libqpdf.a - the
-llinker flag tells the linker which libraries to link in, like-liconvmeans “link in theiconvlibrary”, or-lmmeans “linkmath”
tip: how to just build 1 specific file: make $FILENAME
Yesterday I discovered this cool tool called
qf which you can use to quickly
open files from the output of ripgrep.
qf is in a big directory of various tools, but I only wanted to compile qf.
So I just compiled qf, like this:
make qf
Basically if you know (or can guess) the output filename of the file you’re
trying to build, you can tell make to just build that file by running make $FILENAME
tip: you don’t need a Makefile
I sometimes write 5-line C programs with no dependencies, and I just learned
that if I have a file called blah.c, I can just compile it like this without creating a Makefile:
make blah
It gets automaticaly expanded to cc -o blah blah.c, which saves a bit of
typing. I have no idea if I’m going to remember this (I might just keep typing
gcc -o blah blah.c anyway) but it seems like a fun trick.
tip: look at how other packaging systems built the same C program
If you’re having trouble building a C program, maybe other people had problems building it too! Every Linux distribution has build files for every package that they build, so even if you can’t install packages from that distribution directly, maybe you can get tips from that Linux distro for how to build the package. Realizing this (thanks to my friend Dave) was a huge ah-ha moment for me.
For example, this line from the nix package for paperjam says:
env.NIX_LDFLAGS = lib.optionalString stdenv.hostPlatform.isDarwin "-liconv";
This is basically saying “pass the linker flag -liconv to build this on a
Mac”, so that’s a clue we could use to build it.
That same file also says env.NIX_CFLAGS_COMPILE = "-DPOINTERHOLDER_TRANSITION=1";. I’m not sure what this means, but when I try
to build the paperjam package I do get an error about something called a
PointerHolder, so I guess that’s somehow related to the “PointerHolder
transition”.
step 5: installing the binary
Once you’ve managed to compile the program, probably you want to install it somewhere!
Some Makefiles have an install target that let you install the tool on your
system with make install. I’m always a bit scared of this (where is it going
to put the files? what if I want to uninstall them later?), so if I’m compiling
a pretty simple program I’ll often just manually copy the binary to install it
instead, like this:
cp qf ~/bin
step 6: maybe make your own package!
Once I figured out how to do all of this, I realized that I could use my new
make knowledge to contribute a paperjam package to Homebrew! Then I could
just brew install paperjam on future systems.
The good thing is that even if the details of how all of the different packaging systems, they fundamentally all use C compilers and linkers.
it can be useful to understand a little about C even if you’re not a C programmer
I think all of this is an interesting example of how it can useful to understand some basics of how C programs work (like “they have header files”) even if you’re never planning to write a nontrivial C program if your life.
It feels good to have some ability to compile C/C++ programs myself, even
though I’m still not totally confident about all of the compiler and linker
flags and I still plan to never learn anything about how autotools works other
than “you run ./configure to generate the Makefile”.
Two things I left out of this post:
LD_LIBRARY_PATH / DYLD_LIBRARY_PATH(which you use to tell the dynamic linker at runtime where to find dynamically linked files) because I can’t remember the last time I ran into anLD_LIBRARY_PATHissue and couldn’t find an example.pkg-config, which I think is important but I don’t understand yet
I've seen a lot of complaints about how MCP isn't ready for the enterprise.
I agree, although maybe not for the reasons you think. But don't worry, this isn't just a rant! I believe we can fix it!
The good news is the recent updates to the MCP authorization spec that separate out the role of the authorization server from the MCP server have now put the building blocks in place to make this a lot easier.
But let's back up and talk about what enterprise buyers expect when they are evaluating AI tools to bring into their companies.
Single Sign-On
At a minimum, an enterprise admin expects to be able to put an application under their single sign-on system. This enables the company to manage which users are allowed to use which applications, and prevents their users from needing to have their own passwords at the applications. The goal is to get every application managed under their single sign-on (SSO) system. Many large companies have more than 200 applications, so having them all managed through their SSO solution is a lot better than employees having to manage 200 passwords for each application!
There's a lot more than SSO too, like lifecycle management, entitlements, and logout. We're tackling these in the IPSIE working group in the OpenID Foundation. But for the purposes of this discussion, let's stick to the basics of SSO.
So what does this have to do with MCP?
An AI agent using MCP is just another application enterprises expect to be able to integrate into their single-sign-on (SSO) system. Let's take the example of Claude. When rolled out at a company, ideally every employee would log in to their company Claude account using the company identity provider (IdP). This lets the enterprise admin decide how many Claude licenses to purchase and who should be able to use it.
Connecting to External Apps
The next thing that should happen after a user logs in to Claude via SSO is they need to connect Claude to their other enterprise apps. This includes the built-in integrations in Claude like Google Calendar and Google Drive, as well as any MCP servers exposed by other apps in use within the enterprise. That could cover other SaaS apps like Zoom, Atlassian, and Slack, as well as home-grown internal apps.
Today, this process involves a somewhat cumbersome series of steps each individual employee must take. Here's an example of what the user needs to do to connect their AI agent to external apps:
First, the user logs in to Claude using SSO. This involves a redirect from Claude to the enterprise IdP where they authenticate with one or more factors, and then are redirected back.

Next, they need to connect the external app from within Claude. Claude provides a button to initiate the connection. This takes the user to that app (in this example, Google), which redirects them to the IdP to authenticate again, eventually getting redirected back to the app where an OAuth consent prompt is displayed asking the user to approve access, and finally the user is redirected back to Claude and the connection is established.

The user has to repeat these steps for every MCP server that they want to connect to Claude. There are two main problems with this:
- This user experience is not great. That's a lot of clicking that the user has to do.
- The enterprise admin has no visibility or control over the connection established between the two applications.
Both of these are significant problems. If you have even just 10 MCP servers rolled out in the enterprise, you're asking users to click through 10 SSO and OAuth prompts to establish the connections, and it will only get worse as MCP is more widely adopted within apps. But also, should we really be asking the user if it's okay for Claude to access their data in Google Drive? In a company context, that's not actually the user's decision. That decision should be made by the enterprise IT admin.
In "An Open Letter to Third-party Suppliers", Patrick Opet, Chief Information Security Officer of JPMorgan Chase writes:
"Modern integration patterns, however, dismantle these essential boundaries, relying heavily on modern identity protocols (e.g., OAuth) to create direct, often unchecked interactions between third-party services and firms' sensitive internal resources."
Right now, these app-to-app connections are happening behind the back of the IdP. What we need is a way to move the connections between the applications into the IdP where they can be managed by the enterprise admin.
Let's see how this works if we leverage a new (in-progress) OAuth extension called "Identity and Authorization Chaining Across Domains", which I'll refer to as "Cross-App Access" for short, enabling the enterprise IdP to sit in the middle of the OAuth exchange between the two apps.
A Brief Intro to Cross-App Access
In this example, we'll use Claude as the application that is trying to connect to Slack's (hypothetical) MCP server. We'll start with a high-level overview of the flow, and later go over the detailed protocol.
First, the user logs in to Claude through the IdP as normal. This results in Claude getting either an ID token or SAML assertion from the IdP, which tells Claude who the user is. (This works the same for SAML assertions or ID tokens, so I'll use ID tokens in the example from here out.) This is no different than what the user would do today when signing in to Claude.

Then, instead of prompting the user to connect Slack, Claude takes the ID token back to the IdP in a request that says "Claude is requesting access to this user's Slack account."
The IdP validates the ID token, sees it was issued to Claude, and verifies that the admin has allowed Claude to access Slack on behalf of the given user. Assuming everything checks out, the IdP issues a new token back to Claude.

Claude takes the intermediate token from the IdP to Slack saying "hi, I would like an access token for the Slack MCP server. The IdP gave me this token with the details of the user to issue the access token for." Slack validates the token the same way it would have validated an ID token. (Remember, Slack is already configured for SSO to the IdP for this customer as well, so it already has a way to validate these tokens.) Slack is able to issue an access token giving Claude access to this user's resources in its MCP server.

This solves the two big problems:
- The exchange happens entirely without any user interaction, so the user never sees any prompts or any OAuth consent screens.
- Since the IdP sits in between the exchange, this gives the enterprise admin a chance to configure the policies around which applications are allowed this direct connection.
The other nice side effect of this is since there is no user interaction required, the first time a new user logs in to Claude, all their enterprise apps will be automatically connected without them having to click any buttons!
Cross-App Access Protocol
Now let's look at what this looks like in the actual protocol. This is based on the adopted in-progress OAuth specification "Identity and Authorization Chaining Across Domains". This spec is actually a combination of two RFCs: Token Exchange (RFC 8693), and JWT Profile for Authorization Grants (RFC 7523). Both RFCs as well as the "Identity and Authorization Chaining Across Domains" spec are very flexible. While this means it is possible to apply this to many different use cases, it does mean we need to be a bit more specific in how to use it for this use case. For that purpose, I've written a profile of the Identity Chaining draft called "Identity Assertion Authorization Grant" to fill in the missing pieces for the specific use case detailed here.
Let's go through it step by step. For this example we'll use the following entities:
- Claude - the "Requesting Application", which is attempting to access Slack
- Slack - the "Resource Application", which has the resources being accessed through MCP
- Okta - the enterprise identity provider which users at the example company can use to sign in to both apps

Single Sign-On
First, Claude gets the user to sign in using a standard OpenID Connect (or SAML) flow in order to obtain an ID token. There isn't anything unique to this spec regarding this first stage, so I will skip the details of the OpenID Connect flow and we'll start with the ID token as the input to the next step.
Token Exchange
Claude, the requesting application, then makes a Token Exchange request (RFC 8693) to the IdP's token endpoint with the following parameters:
requested_token_type: The valueurn:ietf:params:oauth:token-type:id-jagindicates that an ID Assertion JWT is being requested.audience: The Issuer URL of the Resource Application's authorization server.subject_token: The identity assertion (e.g. the OpenID Connect ID Token or SAML assertion) for the target end-user.subject_token_type: Eitherurn:ietf:params:oauth:token-type:id_tokenorurn:ietf:params:oauth:token-type:saml2as defined by RFC 8693.
This request will also include the client credentials that Claude would use in a traditional OAuth token request, which could be a client secret or a JWT Bearer Assertion.
POST /oauth2/token HTTP/1.1
Host: acme.okta.com
Content-Type: application/x-www-form-urlencoded
grant_type=urn:ietf:params:oauth:grant-type:token-exchange
&requested_token_type=urn:ietf:params:oauth:token-type:id-jag
&audience=https://auth.slack.com/
&subject_token=eyJraWQiOiJzMTZ0cVNtODhwREo4VGZCXzdrSEtQ...
&subject_token_type=urn:ietf:params:oauth:token-type:id_token
&client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer
&client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6IjIyIn0...
ID Assertion Validation and Policy Evaluation
At this point, the IdP evaluates the request and decides whether to issue the requested "ID Assertion JWT". The request will be evaluated based on the validity of the arguments, as well as the configured policy by the customer.
For example, the IdP validates that the ID token in this request was issued to the same client that matches the provided client authentication. It evaluates that the user still exists and is active, and that the user is assigned the Resource Application. Other policies can be evaluated at the discretion of the IdP, just like it can during a single sign-on flow.
If the IdP agrees that the requesting app should be authorized to access the given user's data in the resource app's MCP server, it will respond with a Token Exchange response to issue the token:
HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
{
"issued_token_type": "urn:ietf:params:oauth:token-type:id-jag",
"access_token": "eyJhbGciOiJIUzI1NiIsI...",
"token_type": "N_A",
"expires_in": 300
}
The claims in the issued JWT are defined in "Identity Assertion Authorization Grant". The JWT is signed using the same key that the IdP signs ID tokens with. This is a critical aspect that makes this work, since again we assumed that both apps would already be configured for SSO to the IdP so would already be aware of the signing key for that purpose.
At this point, Claude is ready to request a token for the Resource App's MCP server
Access Token Request
The JWT received in the previous request can now be used as a "JWT Authorization Grant" as described by RFC 7523. To do this, Claude makes a request to the MCP authorization server's token endpoint with the following parameters:
grant_type:urn:ietf:params:oauth:grant-type:jwt-bearerassertion: The Identity Assertion Authorization Grant JWT obtained in the previous token exchange step
For example:
POST /oauth2/token HTTP/1.1
Host: auth.slack.com
Authorization: Basic yZS1yYW5kb20tc2VjcmV0v3JOkF0XG5Qx2
grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer
assertion=eyJhbGciOiJIUzI1NiIsI...
Slack's authorization server can now evaluate this request to determine whether to issue an access token. The authorization server can validate the JWT by checking the issuer (iss) in the JWT to determine which enterprise IdP the token is from, and then check the signature using the public key discovered at that server. There are other claims to be validated as well, described in Section 6.1 of the Identity Assertion Authorization Grant.
Assuming all the validations pass, Slack is ready to issue an access token to Claude in the token response:
HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
{
"token_type": "Bearer",
"access_token": "2YotnFZFEjr1zCsicMWpAA",
"expires_in": 86400
}
This token response is the same format that Slack's authorization server would be responding to a traditional OAuth flow. That's another key aspect of this design that makes it scalable. We don't need the resource app to use any particular access token format, since only that server is responsible for validating those tokens.
Now that Claude has the access token, it can make a request to the (hypothetical) Slack MCP server using the bearer token the same way it would have if it got the token using the traditional redirect-based OAuth flow.
Note: Eventually we'll need to define the specific behavior of when to return a refresh token in this token response. The goal is to ensure the client goes through the IdP often enough for the IdP to enforce its access policies. A refresh token could potentially undermine that if the refresh token lifetime is too long. It follows that ultimately the IdP should enforce the refresh token lifetime, so we will need to define a way for the IdP to communicate to the authorization server whether and how long to issue refresh tokens. This would enable the authorization server to make its own decision on access token lifetime, while still respecting the enterprise IdP policy.
Cross-App Access Sequence Diagram
Here's the flow again, this time as a sequence diagram.

- The client initiates a login request
- The user's browser is redirected to the IdP
- The user logs in at the IdP
- The IdP returns an OAuth authorization code to the user's browser
- The user's browser delivers the authorization code to the client
- The client exchanges the authorization code for an ID token at the IdP
- The IdP returns an ID token to the client
At this point, the user is logged in to the MCP client. Everything up until this point has been a standard OpenID Connect flow.
- The client makes a direct Token Exchange request to the IdP to exchange the ID token for a cross-domain "ID Assertion JWT"
- The IdP validates the request and checks the internal policy
- The IdP returns the ID-JAG to the client
- The client makes a token request using the ID-JAG to the MCP authorization server
- The authorization server validates the token using the signing key it also uses for its OpenID Connect flow with the IdP
- The authorization server returns an access token
- The client makes a request with the access token to the MCP server
- The MCP server returns the response
For a more detailed step by step of the flow, see Appendix A.3 of the Identity Assertion Authorization Grant.
Next Steps
If this is something you're interested in, we'd love your help! The in-progress spec is publicly available, and we're looking for people interested in helping prototype it. If you're building an MCP server and you want to make it enterprise-ready, I'd be happy to help you build this!
You can find me at a few related events coming up:
- MCP Night on May 14
- MCP Developers Summit on May 23
- AWS MCP Agents Hackathon on May 30
- Identiverse 2025 on June 3-6
And of course you can always find me on LinkedIn or email me at aaron.parecki@okta.com.
Let's not overthink auth in MCP.
Yes, the MCP server is going to need its own auth server. But it's not as bad as it sounds. Let me explain.
First let's get a few pieces of terminology straight.
The confusion that's happening in the discussions I've seen so far is because the spec and diagrams show that the MCP server itself is handing authorization. That's not necessary.

In OAuth, we talk about the "authorization server" and "resource server" as distinct roles. I like to think of the authorization server as the "token factory", that's the thing that makes the access tokens. The resource server (usually an API) needs to be able to validate the tokens created by the authorization server.

It's possible to build a single server that is both a resource server and authorization server, and in fact many OAuth systems are built that way, especially large consumer services.

But nothing about the spec requires that the two roles are combined, it's also possible to run these as two totally unrelated services.
This flexibility that's been baked into OAuth for over a decade is what has led to the rapid adoption, as well the proliferation of open source and commercial products that provide an OAuth authorization server as a service.
So how does this relate to MCP?
I can annotate the flow from the Model Context Protocol spec to show the parts where the client talks to the MCP Resource Server separately from where the client talks to the MCP Authorization Server.
Here is the updated sequence diagram showing communication with each role separately.
Why is it important to call out this change?
I've seen a few conversations in various places about how requiring the MCP Server to be both an authorization server and resource server is too much of a burden. But actually, very little needs to change about the spec to enable this separation of concerns that OAuth already provides.
I've also seen various suggestions of other ways to separate the authorization server from the MCP server, like delegating to an enterprise IdP and having the MCP server validate access tokens issued by the IdP. These other options also conflate the OAuth roles in an awkward way and would result in some undesirable properties or relationships between the various parties involved.
So what needs to change in the MCP spec to enable this?
Discovery
The main thing currently forcing the MCP Server to be both the authorization server and resource server is how the client does discovery.
One design goal of MCP is to enable a client to bootstrap everything it needs based on only the server URL provided. I think this is a great design goal, and luckily is something that can be achieved even when separating the roles in the way I've described.
The MCP spec currently says that clients are expected to fetch the OAuth Server Metadata (RFC8414) file from the MCP Server base URL, resulting in a URL such as:
https://example.com/.well-known/oauth-authorization-server
This ends up meaning the MCP Resource Server must also be an Authorization Server, which leads to the complications the community has encountered so far. The good news is there is an OAuth spec we can apply here instead: Protected Resource Metadata.
Protected Resource Metadata
The Protected Resource Metadata spec is used by a Resource Server to advertise metadata about itself, including which Authorization Server can be used with it. This spec is both new and old. It was started in 2016, but was never adopted by the OAuth working group until 2023, after I had presented at an IETF meeting about the need for clients to be able to bootstrap OAuth flows given an OAuth resource server. The spec is now awaiting publication as an RFC, and should get its RFC number in a couple months. (Update: This became RFC 9728 on April 23, 2025!)
Applying this to the MCP server would result in a sequence like the following:
- The MCP Client fetches the Resource Server Metadata file by appending
/.well-known/oauth-protected-resourceto the MCP Server base URL. - The MCP Client finds the
authorization_serversproperty in the JSON response, and builds the Authorization Server Metadata URL by appending/.well-known/oauth-authorization-server - The MCP Client fetches the Authorization Server Metadata to find the endpoints it needs for the OAuth flow, the authorization endpoint and token endpoint
- The MCP Client initiates an OAuth flow and continues as normal
Note: The Protected Resource Metadata spec also supports the Resource Server returning WWW-Authenticate with a link to the resource metadata URL if you want to avoid the requirement that MCP Servers host their metadata URLs at the .well-known endpoint, it just requires an extra HTTP request to support this.
Access Token Validation
Two things to keep in mind about how the MCP Server validates access tokens with this new separation of concerns.
If you do build the MCP Authorization Server and Resource Server as part of the same system, you don't need to do anything special to validate the access tokens the Authorization Server issues. You probably already have some sort of infrastructure in place for your normal API to validate tokens issued by your Authorization Server, so nothing changes there.
If you are using an external Authorization Server, whether that's an open source product or a commercial hosted service, that product will have its own docs for how you can validate the tokens it creates. There's a good chance it already supports the standardized JWT Access Tokens described in RFC 9068, in which case you can use off-the-shelf JWT validation middleware for common frameworks.
In either case, the critical design goal here is that the MCP Authorization Server issues access tokens that only ever need to be validated by the MCP Resource Server. This is in line with the security recommendations in Section 2.3 of RFC 9700, in particular that "access tokens SHOULD be audience-restricted to a specific resource server". In other words, it would be a bad idea for the MCP Client to be issued an access token that works with both the MCP Resource Server and the service's REST API.
Why Require the MCP Server to have an Authorization Server in the first place?
Another argument I've seen is that MCP Server developers shouldn't have to build any OAuth infrastructure at all, instead they should be able to delegate all the OAuth bits to an external service.
In principle, I agree. Getting API access and authorization right is tricky, that's why there are entire companies dedicated to solving the problem.
The architecture laid out above enables this exact separation of concerns. The difference between this architecture and some of the other proposals I've seen is that this cleanly separates the security boundaries so that there are minimal dependencies among the parties involved.
But, one thing I haven't seen mentioned in the discussions is that there actually is no requirement than an OAuth Authorization Server provide any UI itself.
An Authorization Server with no UI?
While it is desirable from a security perspective that the MCP Resource Server has a corresponding Authorization Server that issues access tokens for it, that Authorization Server doesn't actually need to have any UI or even any concept of user login or accounts. You can actually build an Authorization Server that delegates all user account management to an external service. You can see an example of this in PayPal's MCP server they recently launched.
PayPal's traditional API already supports OAuth, the authorization and token endpoints are:
https://www.paypal.com/signin/authorizehttps://api-m.paypal.com/v1/oauth2/token
When PayPal built their MCP server, they launched it at https://mcp.paypal.com. If you fetch the metadata for the MCP Server, you'll find the two OAuth endpoints for the MCP Authorization Server:
https://mcp.paypal.com/authorizehttps://mcp.paypal.com/token
When the MCP Client redirects the user to the authorization endpoint, the MCP server itself doesn't provide any UI. Instead, it immediately redirects the user to the real PayPal authorization endpoint which then prompts the user to log in and authorize the client.

This points to yet another benefit of architecting the MCP Authorization Server and Resource Server this way. It enables implementers to delegate the actual user management to their existing OAuth server with no changes needed to the MCP Client. The MCP Client isn't even aware that this extra redirect step was inserted in the middle. As far as the MCP Client is concerned, it has been talking to only the MCP Authorization Server. It just so happens that the MCP Authorization Server has sent the user elsewhere to actually log in.
Dynamic Client Registration
There's one more point I want to make about why having a dedicated MCP Authorization Server is helpful architecturally.
The MCP spec strongly recommends that MCP Servers (authorization servers) support Dynamic Client Registration. If MCP is successful, there will be a large number of MCP Clients talking to a large number of MCP Servers, and the user is the one deciding which combinations of clients and servers to use. This means it is not scalable to require that every MCP Client developer register their client with every MCP Server.
This is similar to the idea of using an email client with the user's chosen email server. Obviously Mozilla can't register Thunderbird with every email server out there. Instead, there needs to be a way to dynamically establish a client's identity with the OAuth server at runtime. Dynamic Client Registration is one option for how to do that.
The problem is most commercial APIs are not going to enable Dynamic Client Registration on their production servers. For example, in order to get client credentials to use the Google APIs, you need to register as a developer and then register an OAuth client after logging in. Dynamic Client Registration would allow a client to register itself without the link to the developer's account. That would mean there is no paper trail for who the client was developed by. The Dynamic Client Registration endpoint can't require authentication by definition, so is a public endpoint that can create clients, which as you can imagine opens up some potential security issues.
I do, however, think it would be reasonable to expect production services to enable Dynamic Client Registration only on the MCP's Authorization Server. This way the dynamically-registered clients wouldn't be able to use the regular REST API, but would only be able to interact with the MCP API.
Mastodon and BlueSky also have a similar problem of needing clients to show up at arbitrary authorization servers without prior coordination between the client developer and authorization server operator. I call this the "OAuth for the Open Web" problem. Mastodon used Dynamic Client Registration as their solution, and has since documented some of the issues that this creates, linked here and here.
BlueSky decided to take a different approach and instead uses an https URL as a client identifier, bypassing the need for a client registration step entirely. This has the added bonus of having at least some level of confidence of the client identity because the client identity is hosted at a domain. It would be a perfectly viable approach to use this method for MCP as well. There is a discussion on that within MCP here. This is an ongoing topic within the OAuth working group, I have a couple of drafts in progress to formalize this pattern, Client ID Metadata Document and Client ID Scheme.
Enterprise IdP Integration
Lastly, I want to touch on the idea of enabling users to log in to MCP Servers with their enterprise IdP.
When an enterprise company purchases software, they expect to be able to tie it in to their single-sign-on solution. For example, when I log in to work Slack, I enter my work email and Slack redirects me to my work IdP where I log in. This way employees don't need to have passwords with every app they use in the enterprise, they can log in to everything with the same enterprise account, and all the apps can be protected with multi-factor authentication through the IdP. This also gives the company control over which users can access which apps, as well as a way to revoke a user's access at any time.
So how does this relate to MCP?
Well, plenty of people are already trying to figure out how to let their employees safely use AI tools within the enterprise. So we need a way to let employees use their enterprise IdP to log in and authorize MCP Clients to access MCP Servers.
If you're building an MCP Server in front of an existing application that already supports enterprise Single Sign-On, then you don't need to do anything differently in the MCP Client or Server and you already have support for this. When the MCP Client redirects to the MCP Authorization Server, the MCP Authorization Server redirects to the main Authorization Server, which would then prompt the user for their company email/domain and redirect to the enterprise IdP to log in.
This brings me to yet another thing I've been seeing conflated in the discussions: user login and user authorization.
OAuth is an authorization delegation protocol. OAuth doesn't actually say anything about how users authenticate at the OAuth server, it only talks about how the user can authorize access to an application. This is actually a really great thing, because it means we can get super creative with how users authenticate.

Remember the yellow box "User logs in and authorizes" from the original sequence diagram? These are actually two totally distinct steps. The OAuth authorization server is responsible for getting the user to log in somehow, but there's no requirement that how the user logs in is with a username/password. This is where we can insert a single-sign-on flow to an enterprise IdP, or really anything you can imagine.
So think of this as two separate boxes: "user logs in", and "user authorizes". Then, we can replace the "user logs in" box with an entirely new OpenID Connect flow out to the enterprise IdP to log the user in, and after they are logged in they can authorize the client.

I'll spare you the complete expanded sequence diagram, since it looks a lot more complicated than it actually is. But I again want to stress that this is nothing new, this is already how things are commonly done today.
This all just becomes cleaner to understand when you separate the MCP Authorization Server from the MCP Resource Server.
We can push all the complexity of user login, token minting, and more onto the MCP Authorization Server, keeping the MCP Resource Server free to do the much simpler task of validating access tokens and serving resources.
Future Improvements of Enterprise IdP Integration
There are two things I want to call out about how enterprise IdP integration could be improved. Both of these are entire topics on their own, so I will only touch on the problems and link out to other places where work is happening to solve them.
There are two points of friction with the current state of enterprise login for SaaS apps.
- IdP discovery
- User consent
IdP Discovery
When a user logs in to a SaaS app, they need to tell the app how to find their enterprise IdP. This is commonly done by either asking the user to enter their work email, or asking the user to enter their tenant URL at the service.

Neither of these is really a great user experience. It would be a lot better if the browser already knew which enterprise IdP the user should be sent to. This is one of my goals with the work happening in FedCM. With this new browser API, the browser can mediate the login, telling the SaaS app which enterprise IdP to use automatically only needing the user to click their account icon rather than type anything in.
User Consent
Another point of friction in the enterprise happens when a user starts connecting multiple applications to each other within the company. For example, if you drop in a Google Docs link into Slack, Slack will prompt you to connect your Google account to preview the link. Multiply this by N number of applications that can preview links, and M number of applications you might drop links to, and you end up sending the user through a huge number of OAuth consent flows.
The problem is only made worse with the explosion of AI tools. Every AI tool will need access to data in every other application in the enterprise. That is a lot of OAuth consent flows for the user to manage. Plus, the user shouldn't really be the one granting consent for Slack to access the company Google Docs account anyway. That consent should ideally be managed by the enterprise IT admin.
What we actually need is a way to enable the IT admin to grant consent for apps to talk to each other company-wide, removing the need for users to be sent through an OAuth flow at all.
This is the basis of another OAuth spec I've been working on, the Identity Assertion Authorization Grant.
The same problem applies to MCP Servers, and with the separation of concerns laid out above, it becomes straightforward to add this extension to move the consent to the enterprise and streamline the user experience.
Get in touch!
If these sound like interesting problems, please get in touch! You can find me on LinkedIn or reach me via email at aaron@parecki.com.
Hello! Today I want to talk about ANSI escape codes.
For a long time I was vaguely aware of ANSI escape codes (“that’s how you make text red in the terminal and stuff”) but I had no real understanding of where they were supposed to be defined or whether or not there were standards for them. I just had a kind of vague “there be dragons” feeling around them. While learning about the terminal this year, I’ve learned that:
- ANSI escape codes are responsible for a lot of usability improvements in the terminal (did you know there’s a way to copy to your system clipboard when SSHed into a remote machine?? It’s an escape code called OSC 52!)
- They aren’t completely standardized, and because of that they don’t always work reliably. And because they’re also invisible, it’s extremely frustrating to troubleshoot escape code issues.
So I wanted to put together a list for myself of some standards that exist around escape codes, because I want to know if they have to feel unreliable and frustrating, or if there’s a future where we could all rely on them with more confidence.
- what’s an escape code?
- ECMA-48
- xterm control sequences
- terminfo
- should programs use terminfo?
- is there a “single common set” of escape codes?
- some reasons to use terminfo
- some more documents/standards
- why I think this is interesting
what’s an escape code?
Have you ever pressed the left arrow key in your terminal and seen ^[[D?
That’s an escape code! It’s called an “escape code” because the first character
is the “escape” character, which is usually written as ESC, \x1b, \E,
\033, or ^[.
Escape codes are how your terminal emulator communicates various kinds of information (colours, mouse movement, etc) with programs running in the terminal. There are two kind of escape codes:
- input codes which your terminal emulator sends for keypresses or mouse
movements that don’t fit into Unicode. For example “left arrow key” is
ESC[D, “Ctrl+left arrow” might beESC[1;5D, and clicking the mouse might be something likeESC[M :3. - output codes which programs can print out to colour text, move the cursor around, clear the screen, hide the cursor, copy text to the clipboard, enable mouse reporting, set the window title, etc.
Now let’s talk about standards!
ECMA-48
The first standard I found relating to escape codes was ECMA-48, which was originally published in 1976.
ECMA-48 does two things:
- Define some general formats for escape codes (like “CSI” codes, which are
ESC[+ something and “OSC” codes, which areESC]+ something) - Define some specific escape codes, like how “move the cursor to the left” is
ESC[D, or “turn text red” isESC[31m. In the spec, the “cursor left” one is calledCURSOR LEFTand the one for changing colours is calledSELECT GRAPHIC RENDITION.
The formats are extensible, so there’s room for others to define more escape codes in the future. Lots of escape codes that are popular today aren’t defined in ECMA-48: for example it’s pretty common for terminal applications (like vim, htop, or tmux) to support using the mouse, but ECMA-48 doesn’t define escape codes for the mouse.
xterm control sequences
There are a bunch of escape codes that aren’t defined in ECMA-48, for example:
- enabling mouse reporting (where did you click in your terminal?)
- bracketed paste (did you paste that text or type it in?)
- OSC 52 (which terminal applications can use to copy text to your system clipboard)
I believe (correct me if I’m wrong!) that these and some others came from xterm, are documented in XTerm Control Sequences, and have been widely implemented by other terminal emulators.
This list of “what xterm supports” is not a standard exactly, but xterm is extremely influential and so it seems like an important document.
terminfo
In the 80s (and to some extent today, but my understanding is that it was MUCH more dramatic in the 80s) there was a huge amount of variation in what escape codes terminals actually supported.
To deal with this, there’s a database of escape codes for various terminals called “terminfo”.
It looks like the standard for terminfo is called X/Open Curses, though you need to create an account to view that standard for some reason. It defines the database format as well as a C library interface (“curses”) for accessing the database.
For example you can run this bash snippet to see every possible escape code for “clear screen” for all of the different terminals your system knows about:
for term in $(toe -a | awk '{print $1}')
do
echo $term
infocmp -1 -T "$term" 2>/dev/null | grep 'clear=' | sed 's/clear=//g;s/,//g'
done
On my system (and probably every system I’ve ever used?), the terminfo database is managed by ncurses.
should programs use terminfo?
I think it’s interesting that there are two main approaches that applications take to handling ANSI escape codes:
- Use the terminfo database to figure out which escape codes to use, depending
on what’s in the
TERMenvironment variable. Fish does this, for example. - Identify a “single common set” of escape codes which works in “enough” terminal emulators and just hardcode those.
Some examples of programs/libraries that take approach #2 (“don’t use terminfo”) include:
I got curious about why folks might be moving away from terminfo and I found this very interesting and extremely detailed rant about terminfo from one of the fish maintainers, which argues that:
[the terminfo authors] have done a lot of work that, at the time, was extremely important and helpful. My point is that it no longer is.
I’m not going to do it justice so I’m not going to summarize it, I think it’s worth reading.
is there a “single common set” of escape codes?
I was just talking about the idea that you can use a “common set” of escape codes that will work for most people. But what is that set? Is there any agreement?
I really do not know the answer to this at all, but from doing some reading it seems like it’s some combination of:
- The codes that the VT100 supported (though some aren’t relevant on modern terminals)
- what’s in ECMA-48 (which I think also has some things that are no longer relevant)
- What xterm supports (though I’d guess that not everything in there is actually widely supported enough)
and maybe ultimately “identify the terminal emulators you think your users are going to use most frequently and test in those”, the same way web developers do when deciding which CSS features are okay to use
I don’t think there are any resources like Can I use…? or Baseline for the terminal though. (in theory terminfo is supposed to be the “caniuse” for the terminal but it seems like it often takes 10+ years to add new terminal features when people invent them which makes it very limited)
some reasons to use terminfo
I also asked on Mastodon why people found terminfo valuable in 2025 and got a few reasons that made sense to me:
- some people expect to be able to use the
TERMenvironment variable to control how programs behave (for example withTERM=dumb), and there’s no standard for how that should work in a post-terminfo world - even though there’s less variation between terminal emulators than there was in the 80s, there’s far from zero variation: there are graphical terminals, the Linux framebuffer console, the situation you’re in when connecting to a server via its serial console, Emacs shell mode, and probably more that I’m missing
- there is no one standard for what the “single common set” of escape codes is, and sometimes programs use escape codes which aren’t actually widely supported enough
terminfo & user agent detection
The way that ncurses uses the TERM environment variable to decide which
escape codes to use reminds me of how webservers used to sometimes use the
browser user agent to decide which version of a website to serve.
It also seems like it’s had some of the same results – the way iTerm2 reports itself as being “xterm-256color” feels similar to how Safari’s user agent is “Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15”. In both cases the terminal emulator / browser ends up changing its user agent to get around user agent detection that isn’t working well.
On the web we ended up deciding that user agent detection was not a good practice and to instead focus on standardization so we can serve the same HTML/CSS to all browsers. I don’t know if the same approach is the future in the terminal though – I think the terminal landscape today is much more fragmented than the web ever was as well as being much less well funded.
some more documents/standards
A few more documents and standards related to escape codes, in no particular order:
- the Linux console_codes man page documents escape codes that Linux supports
- how the VT 100 handles escape codes & control sequences
- the kitty keyboard protocol
- OSC 8 for links in the terminal (and notes on adoption)
- A summary of ANSI standards from tmux
- this terminal features reporting specification from iTerm
- sixel graphics
why I think this is interesting
I sometimes see people saying that the unix terminal is “outdated”, and since I love the terminal so much I’m always curious about what incremental changes might make it feel less “outdated”.
Maybe if we had a clearer standards landscape (like we do on the web!) it would be easier for terminal emulator developers to build new features and for authors of terminal applications to more confidently adopt those features so that we can all benefit from them and have a richer experience in the terminal.
Obviously standardizing ANSI escape codes is not easy (ECMA-48 was first published almost 50 years ago and we’re still not there!). I don’t even know what all of the challenges are. But the situation with HTML/CSS/JS used to be extremely bad too and now it’s MUCH better, so maybe there’s hope.
I was talking to a friend about how to add a directory to your PATH today. It’s
something that feels “obvious” to me since I’ve been using the terminal for a
long time, but when I searched for instructions for how to do it, I actually
couldn’t find something that explained all of the steps – a lot of them just
said “add this to ~/.bashrc”, but what if you’re not using bash? What if your
bash config is actually in a different file? And how are you supposed to figure
out which directory to add anyway?
So I wanted to try to write down some more complete directions and mention some of the gotchas I’ve run into over the years.
Here’s a table of contents:
- step 1: what shell are you using?
- step 2: find your shell’s config file
- step 3: figure out which directory to add
- step 4: edit your shell config
- step 5: restart your shell
- problems:
- notes:
step 1: what shell are you using?
If you’re not sure what shell you’re using, here’s a way to find out. Run this:
ps -p $$ -o pid,comm=
- if you’re using bash, it’ll print out
97295 bash - if you’re using zsh, it’ll print out
97295 zsh - if you’re using fish, it’ll print out an error like “In fish, please use
$fish_pid” (
$$isn’t valid syntax in fish, but in any case the error message tells you that you’re using fish, which you probably already knew)
Also bash is the default on Linux and zsh is the default on Mac OS (as of 2024). I’ll only cover bash, zsh, and fish in these directions.
step 2: find your shell’s config file
- in zsh, it’s probably
~/.zshrc - in bash, it might be
~/.bashrc, but it’s complicated, see the note in the next section - in fish, it’s probably
~/.config/fish/config.fish(you can runecho $__fish_config_dirif you want to be 100% sure)
a note on bash’s config file
Bash has three possible config files: ~/.bashrc, ~/.bash_profile, and ~/.profile.
If you’re not sure which one your system is set up to use, I’d recommend testing this way:
- add
echo hi thereto your~/.bashrc - Restart your terminal
- If you see “hi there”, that means
~/.bashrcis being used! Hooray! - Otherwise remove it and try the same thing with
~/.bash_profile - You can also try
~/.profileif the first two options don’t work.
(there are a lot of elaborate flow charts out there that explain how bash decides which config file to use but IMO it’s not worth it to internalize them and just testing is the fastest way to be sure)
step 3: figure out which directory to add
Let’s say that you’re trying to install and run a program called http-server
and it doesn’t work, like this:
$ npm install -g http-server
$ http-server
bash: http-server: command not found
How do you find what directory http-server is in? Honestly in general this is
not that easy – often the answer is something like “it depends on how npm is
configured”. A few ideas:
- Often when setting up a new installer (like
cargo,npm,homebrew, etc), when you first set it up it’ll print out some directions about how to update your PATH. So if you’re paying attention you can get the directions then. - Sometimes installers will automatically update your shell’s config file
to update your
PATHfor you - Sometimes just Googling “where does npm install things?” will turn up the answer
- Some tools have a subcommand that tells you where they’re configured to
install things, like:
- Node/npm:
npm config get prefix(then append/bin/) - Go:
go env GOPATH(then append/bin/) - asdf:
asdf info | grep ASDF_DIR(then append/bin/and/shims/)
- Node/npm:
step 3.1: double check it’s the right directory
Once you’ve found a directory you think might be the right one, make sure it’s
actually correct! For example, I found out that on my machine, http-server is
in ~/.npm-global/bin. I can make sure that it’s the right directory by trying to
run the program http-server in that directory like this:
$ ~/.npm-global/bin/http-server
Starting up http-server, serving ./public
It worked! Now that you know what directory you need to add to your PATH,
let’s move to the next step!
step 4: edit your shell config
Now we have the 2 critical pieces of information we need:
- Which directory you’re trying to add to your PATH (like
~/.npm-global/bin/) - Where your shell’s config is (like
~/.bashrc,~/.zshrc, or~/.config/fish/config.fish)
Now what you need to add depends on your shell:
bash instructions:
Open your shell’s config file, and add a line like this:
export PATH=$PATH:~/.npm-global/bin/
(obviously replace ~/.npm-global/bin with the actual directory you’re trying to add)
zsh instructions:
You can do the same thing as in bash, but zsh also has some slightly fancier syntax you can use if you prefer:
path=(
$path
~/.npm-global/bin
)
fish instructions:
In fish, the syntax is different:
set PATH $PATH ~/.npm-global/bin
(in fish you can also use fish_add_path, some notes on that further down)
step 5: restart your shell
Now, an extremely important step: updating your shell’s config won’t take effect if you don’t restart it!
Two ways to do this:
- open a new terminal (or terminal tab), and maybe close the old one so you don’t get confused
- Run
bashto start a new shell (orzshif you’re using zsh, orfishif you’re using fish)
I’ve found that both of these usually work fine.
And you should be done! Try running the program you were trying to run and hopefully it works now.
If not, here are a couple of problems that you might run into:
problem 1: it ran the wrong program
If the wrong version of a program is running, you might need to add the directory to the beginning of your PATH instead of the end.
For example, on my system I have two versions of python3 installed, which I
can see by running which -a:
$ which -a python3
/usr/bin/python3
/opt/homebrew/bin/python3
The one your shell will use is the first one listed.
If you want to use the Homebrew version, you need to add that directory
(/opt/homebrew/bin) to the beginning of your PATH instead, by putting this in
your shell’s config file (it’s /opt/homebrew/bin/:$PATH instead of the usual $PATH:/opt/homebrew/bin/)
export PATH=/opt/homebrew/bin/:$PATH
or in fish:
set PATH ~/.cargo/bin $PATH
problem 2: the program isn’t being run from your shell
All of these directions only work if you’re running the program from your shell. If you’re running the program from an IDE, from a GUI, in a cron job, or some other way, you’ll need to add the directory to your PATH in a different way, and the exact details might depend on the situation.
in a cron job
Some options:
- use the full path to the program you’re running, like
/home/bork/bin/my-program - put the full PATH you want as the first line of your crontab (something like
PATH=/bin:/usr/bin:/usr/local/bin:….). You can get the full PATH you’re
using in your shell by running
echo "PATH=$PATH".
I’m honestly not sure how to handle it in an IDE/GUI because I haven’t run into that in a long time, will add directions here if someone points me in the right direction.
problem 3: duplicate PATH entries making it harder to debug
If you edit your path and start a new shell by running bash (or zsh, or
fish), you’ll often end up with duplicate PATH entries, because the shell
keeps adding new things to your PATH every time you start your shell.
Personally I don’t think I’ve run into a situation where this kind of
duplication breaks anything, but the duplicates can make it harder to debug
what’s going on with your PATH if you’re trying to understand its contents.
Some ways you could deal with this:
- If you’re debugging your
PATH, open a new terminal to do it in so you get a “fresh” state. This should avoid the duplication. - Deduplicate your
PATHat the end of your shell’s config (for example in zsh apparently you can do this withtypeset -U path) - Check that the directory isn’t already in your
PATHwhen adding it (for example in fish I believe you can do this withfish_add_path --path /some/directory)
How to deduplicate your PATH is shell-specific and there isn’t always a
built in way to do it so you’ll need to look up how to accomplish it in your
shell.
problem 4: losing your history after updating your PATH
Here’s a situation that’s easy to get into in bash or zsh:
- Run a command (it fails)
- Update your
PATH - Run
bashto reload your config - Press the up arrow a couple of times to rerun the failed command (or open a new terminal)
- The failed command isn’t in your history! Why not?
This happens because in bash, by default, history is not saved until you exit the shell.
Some options for fixing this:
- Instead of running
bashto reload your config, runsource ~/.bashrc(orsource ~/.zshrcin zsh). This will reload the config inside your current session. - Configure your shell to continuously save your history instead of only saving the history when the shell exits. (How to do this depends on whether you’re using bash or zsh, the history options in zsh are a bit complicated and I’m not exactly sure what the best way is)
a note on source
When you install cargo (Rust’s installer) for the first time, it gives you
these instructions for how to set up your PATH, which don’t mention a specific
directory at all.
This is usually done by running one of the following (note the leading DOT):
. "$HOME/.cargo/env" # For sh/bash/zsh/ash/dash/pdksh
source "$HOME/.cargo/env.fish" # For fish
The idea is that you add that line to your shell’s config, and their script
automatically sets up your PATH (and potentially other things) for you.
This is pretty common (for example Homebrew suggests you eval brew shellenv), and there are
two ways to approach this:
- Just do what the tool suggests (like adding
. "$HOME/.cargo/env"to your shell’s config) - Figure out which directories the script they’re telling you to run would add
to your PATH, and then add those manually. Here’s how I’d do that:
- Run
. "$HOME/.cargo/env"in my shell (or the fish version if using fish) - Run
echo "$PATH" | tr ':' '\n' | grep cargoto figure out which directories it added - See that it says
/Users/bork/.cargo/binand shorten that to~/.cargo/bin - Add the directory
~/.cargo/binto PATH (with the directions in this post)
- Run
I don’t think there’s anything wrong with doing what the tool suggests (it might be the “best way”!), but personally I usually use the second approach because I prefer knowing exactly what configuration I’m changing.
a note on fish_add_path
fish has a handy function called fish_add_path that you can run to add a directory to your PATH like this:
fish_add_path /some/directory
This is cool (it’s such a simple command!) but I’ve stopped using it for a couple of reasons:
- Sometimes
fish_add_pathwill update thePATHfor every session in the future (with a “universal variable”) and sometimes it will update thePATHjust for the current session and it’s hard for me to tell which one it will do. In theory the docs explain this but I could not understand them. - If you ever need to remove the directory from your
PATHa few weeks or months later because maybe you made a mistake, it’s kind of hard to do (there are instructions in this comments of this github issue though).
that’s all
Hopefully this will help some people. Let me know (on Mastodon or Bluesky) if you there are other major gotchas that have tripped you up when adding a directory to your PATH, or if you have questions about this post!
A few weeks ago I ran a terminal survey (you can read the results here) and at the end I asked:
What’s the most frustrating thing about using the terminal for you?
1600 people answered, and I decided to spend a few days categorizing all the responses. Along the way I learned that classifying qualitative data is not easy but I gave it my best shot. I ended up building a custom tool to make it faster to categorize everything.
As with all of my surveys the methodology isn’t particularly scientific. I just posted the survey to Mastodon and Twitter, ran it for a couple of days, and got answers from whoever happened to see it and felt like responding.
Here are the top categories of frustrations!
I think it’s worth keeping in mind while reading these comments that
- 40% of people answering this survey have been using the terminal for 21+ years
- 95% of people answering the survey have been using the terminal for at least 4 years
These comments aren’t coming from total beginners.
Here are the categories of frustrations! The number in brackets is the number of people with that frustration. I’m mostly writing this up for myself because I’m trying to write a zine about the terminal and I wanted to get a sense for what people are having trouble with.
remembering syntax (115)
People talked about struggles remembering:
- the syntax for CLI tools like awk, jq, sed, etc
- the syntax for redirects
- keyboard shortcuts for tmux, text editing, etc
One example comment:
There are just so many little “trivia” details to remember for full functionality. Even after all these years I’ll sometimes forget where it’s 2 or 1 for stderr, or forget which is which for
>and>>.
switching terminals is hard (91)
People talked about struggling with switching systems (for example home/work computer or when SSHing) and running into:
- OS differences in keyboard shortcuts (like Linux vs Mac)
- systems which don’t have their preferred text editor (“no vim” or “only vim”)
- different versions of the same command (like Mac OS grep vs GNU grep)
- no tab completion
- a shell they aren’t used to (“the subtle differences between zsh and bash”)
as well as differences inside the same system like pagers being not consistent with each other (git diff pagers, other pagers).
One example comment:
I got used to fish and vi mode which are not available when I ssh into servers, containers.
color (85)
Lots of problems with color, like:
- programs setting colors that are unreadable with a light background color
- finding a colorscheme they like (and getting it to work consistently across different apps)
- color not working inside several layers of SSH/tmux/etc
- not liking the defaults
- not wanting color at all and struggling to turn it off
This comment felt relatable to me:
Getting my terminal theme configured in a reasonable way between the terminal emulator and fish (I did this years ago and remember it being tedious and fiddly and now feel like I’m locked into my current theme because it works and I dread touching any of that configuration ever again).
keyboard shortcuts (84)
Half of the comments on keyboard shortcuts were about how on Linux/Windows, the keyboard shortcut to copy/paste in the terminal is different from in the rest of the OS.
Some other issues with keyboard shortcuts other than copy/paste:
- using
Ctrl-Win a browser-based terminal and closing the window - the terminal only supports a limited set of keyboard shortcuts (no
Ctrl-Shift-, noSuper, noHyper, lots ofctrl-shortcuts aren’t possible likeCtrl-,) - the OS stopping you from using a terminal keyboard shortcut (like by default
Mac OS uses
Ctrl+left arrowfor something else) - issues using emacs in the terminal
- backspace not working (2)
other copy and paste issues (75)
Aside from “the keyboard shortcut for copy and paste is different”, there were a lot of OTHER issues with copy and paste, like:
- copying over SSH
- how tmux and the terminal emulator both do copy/paste in different ways
- dealing with many different clipboards (system clipboard, vim clipboard, the “middle click” clipboard on Linux, tmux’s clipboard, etc) and potentially synchronizing them
- random spaces added when copying from the terminal
- pasting multiline commands which automatically get run in a terrifying way
- wanting a way to copy text without using the mouse
discoverability (55)
There were lots of comments about this, which all came down to the same basic complaint – it’s hard to discover useful tools or features! This comment kind of summed it all up:
How difficult it is to learn independently. Most of what I know is an assorted collection of stuff I’ve been told by random people over the years.
steep learning curve (44)
A lot of comments about it generally having a steep learning curve. A couple of example comments:
After 15 years of using it, I’m not much faster than using it than I was 5 or maybe even 10 years ago.
and
That I know I could make my life easier by learning more about the shortcuts and commands and configuring the terminal but I don’t spend the time because it feels overwhelming.
history (42)
Some issues with shell history:
- history not being shared between terminal tabs (16)
- limits that are too short (4)
- history not being restored when terminal tabs are restored
- losing history because the terminal crashed
- not knowing how to search history
One example comment:
It wasted a lot of time until I figured it out and still annoys me that “history” on zsh has such a small buffer; I have to type “history 0” to get any useful length of history.
bad documentation (37)
People talked about:
- documentation being generally opaque
- lack of examples in man pages
- programs which don’t have man pages
Here’s a representative comment:
Finding good examples and docs. Man pages often not enough, have to wade through stack overflow
scrollback (36)
A few issues with scrollback:
- programs printing out too much data making you lose scrollback history
- resizing the terminal messes up the scrollback
- lack of timestamps
- GUI programs that you start in the background printing stuff out that gets in the way of other programs’ outputs
One example comment:
When resizing the terminal (in particular: making it narrower) leads to broken rewrapping of the scrollback content because the commands formatted their output based on the terminal window width.
“it feels outdated” (33)
Lots of comments about how the terminal feels hampered by legacy decisions and how users often end up needing to learn implementation details that feel very esoteric. One example comment:
Most of the legacy cruft, it would be great to have a green field implementation of the CLI interface.
shell scripting (32)
Lots of complaints about POSIX shell scripting. There’s a general feeling that shell scripting is difficult but also that switching to a different less standard scripting language (fish, nushell, etc) brings its own problems.
Shell scripting. My tolerance to ditch a shell script and go to a scripting language is pretty low. It’s just too messy and powerful. Screwing up can be costly so I don’t even bother.
more issues
Some more issues that were mentioned at least 10 times:
- (31) inconsistent command line arguments: is it -h or help or –help?
- (24) keeping dotfiles in sync across different systems
- (23) performance (e.g. “my shell takes too long to start”)
- (20) window management (potentially with some combination of tmux tabs, terminal tabs, and multiple terminal windows. Where did that shell session go?)
- (17) generally feeling scared/uneasy (“The debilitating fear that I’m going to do some mysterious Bad Thing with a command and I will have absolutely no idea how to fix or undo it or even really figure out what happened”)
- (16) terminfo issues (“Having to learn about terminfo if/when I try a new terminal emulator and ssh elsewhere.”)
- (16) lack of image support (sixel etc)
- (15) SSH issues (like having to start over when you lose the SSH connection)
- (15) various tmux/screen issues (for example lack of integration between tmux and the terminal emulator)
- (15) typos & slow typing
- (13) the terminal getting messed up for various reasons (pressing
Ctrl-S,cating a binary, etc) - (12) quoting/escaping in the shell
- (11) various Windows/PowerShell issues
n/a (122)
There were also 122 answers to the effect of “nothing really” or “only that I can’t do EVERYTHING in the terminal”
One example comment:
Think I’ve found work arounds for most/all frustrations
that’s all!
I’m not going to make a lot of commentary on these results, but here are a couple of categories that feel related to me:
- remembering syntax & history (often the thing you need to remember is something you’ve run before!)
- discoverability & the learning curve (the lack of discoverability is definitely a big part of what makes it hard to learn)
- “switching systems is hard” & “it feels outdated” (tools that haven’t really changed in 30 or 40 years have many problems but they do tend to be always there no matter what system you’re on, which is very useful and makes them hard to stop using)
Trying to categorize all these results in a reasonable way really gave me an appreciation for social science researchers’ skills.
Hello! Recently I ran a terminal survey and I asked people what frustrated them. One person commented:
There are so many pieces to having a modern terminal experience. I wish it all came out of the box.
My immediate reaction was “oh, getting a modern terminal experience isn’t that hard, you just need to….”, but the more I thought about it, the longer the “you just need to…” list got, and I kept thinking about more and more caveats.
So I thought I would write down some notes about what it means to me personally to have a “modern” terminal experience and what I think can make it hard for people to get there.
what is a “modern terminal experience”?
Here are a few things that are important to me, with which part of the system is responsible for them:
- multiline support for copy and paste: if you paste 3 commands in your shell, it should not immediately run them all! That’s scary! (shell, terminal emulator)
- infinite shell history: if I run a command in my shell, it should be saved forever, not deleted after 500 history entries or whatever. Also I want commands to be saved to the history immediately when I run them, not only when I exit the shell session (shell)
- a useful prompt: I can’t live without having my current directory and current git branch in my prompt (shell)
- 24-bit colour: this is important to me because I find it MUCH easier to theme neovim with 24-bit colour support than in a terminal with only 256 colours (terminal emulator)
- clipboard integration between vim and my operating system so that when I copy in Firefox, I can just press
pin vim to paste (text editor, maybe the OS/terminal emulator too) - good autocomplete: for example commands like git should have command-specific autocomplete (shell)
- having colours in
ls(shell config) - a terminal theme I like: I spend a lot of time in my terminal, I want it to look nice and I want its theme to match my terminal editor’s theme. (terminal emulator, text editor)
- automatic terminal fixing: If a programs prints out some weird escape codes that mess up my terminal, I want that to automatically get reset so that my terminal doesn’t get messed up (shell)
- keybindings: I want
Ctrl+left arrowto work (shell or application) - being able to use the scroll wheel in programs like
less: (terminal emulator and applications)
There are a million other terminal conveniences out there and different people value different things, but those are the ones that I would be really unhappy without.
how I achieve a “modern experience”
My basic approach is:
- use the
fishshell. Mostly don’t configure it, except to:- set the
EDITORenvironment variable to my favourite terminal editor - alias
lstols --color=auto
- set the
- use any terminal emulator with 24-bit colour support. In the past I’ve used GNOME Terminal, Terminator, and iTerm, but I’m not picky about this. I don’t really configure it other than to choose a font.
- use
neovim, with a configuration that I’ve been very slowly building over the last 9 years or so (the last time I deleted my vim config and started from scratch was 9 years ago) - use the base16 framework to theme everything
A few things that affect my approach:
- I don’t spend a lot of time SSHed into other machines
- I’d rather use the mouse a little than come up with keyboard-based ways to do everything
- I work on a lot of small projects, not one big project
some “out of the box” options for a “modern” experience
What if you want a nice experience, but don’t want to spend a lot of time on configuration? Figuring out how to configure vim in a way that I was satisfied with really did take me like ten years, which is a long time!
My best ideas for how to get a reasonable terminal experience with minimal config are:
- shell: either
fishorzshwith oh-my-zsh - terminal emulator: almost anything with 24-bit colour support, for example all of these are popular:
- linux: GNOME Terminal, Konsole, Terminator, xfce4-terminal
- mac: iTerm (Terminal.app doesn’t have 256-colour support)
- cross-platform: kitty, alacritty, wezterm, or ghostty
- shell config:
- set the
EDITORenvironment variable to your favourite terminal text editor - maybe alias
lstols --color=auto
- set the
- text editor: this is a tough one, maybe micro or helix? I haven’t used
either of them seriously but they both seem like very cool projects and I
think it’s amazing that you can just use all the usual GUI editor commands
(
Ctrl-Cto copy,Ctrl-Vto paste,Ctrl-Ato select all) in micro and they do what you’d expect. I would probably try switching to helix except that retraining my vim muscle memory seems way too hard. Also helix doesn’t have a GUI or plugin system yet.
Personally I wouldn’t use xterm, rxvt, or Terminal.app as a terminal emulator, because I’ve found in the past that they’re missing core features (like 24-bit colour in Terminal.app’s case) that make the terminal harder to use for me.
I don’t want to pretend that getting a “modern” terminal experience is easier than it is though – I think there are two issues that make it hard. Let’s talk about them!
issue 1 with getting to a “modern” experience: the shell
bash and zsh are by far the two most popular shells, and neither of them provide a default experience that I would be happy using out of the box, for example:
- you need to customize your prompt
- they don’t come with git completions by default, you have to set them up
- by default, bash only stores 500 (!) lines of history and (at least on Mac OS) zsh is only configured to store 2000 lines, which is still not a lot
- I find bash’s tab completion very frustrating, if there’s more than one match then you can’t tab through them
And even though I love fish, the fact that it isn’t POSIX does make it hard for a lot of folks to make the switch.
Of course it’s totally possible to learn how to customize your prompt in bash
or whatever, and it doesn’t even need to be that complicated (in bash I’d
probably start with something like export PS1='[\u@\h \W$(__git_ps1 " (%s)")]\$ ', or maybe use starship).
But each of these “not complicated” things really does add up and it’s
especially tough if you need to keep your config in sync across several
systems.
An extremely popular solution to getting a “modern” shell experience is oh-my-zsh. It seems like a great project and I know a lot of people use it very happily, but I’ve struggled with configuration systems like that in the past – it looks like right now the base oh-my-zsh adds about 3000 lines of config, and often I find that having an extra configuration system makes it harder to debug what’s happening when things go wrong. I personally have a tendency to use the system to add a lot of extra plugins, make my system slow, get frustrated that it’s slow, and then delete it completely and write a new config from scratch.
issue 2 with getting to a “modern” experience: the text editor
In the terminal survey I ran recently, the most popular terminal text editors
by far were vim, emacs, and nano.
I think the main options for terminal text editors are:
- use vim or emacs and configure it to your liking, you can probably have any feature you want if you put in the work
- use nano and accept that you’re going to have a pretty limited experience (for example I don’t think you can select text with the mouse and then “cut” it in nano)
- use
microorhelixwhich seem to offer a pretty good out-of-the-box experience, potentially occasionally run into issues with using a less mainstream text editor - just avoid using a terminal text editor as much as possible, maybe use VSCode, use
VSCode’s terminal for all your terminal needs, and mostly never edit files in
the terminal. Or I know a lot of people use
codeas theirEDITORin the terminal.
issue 3: individual applications
The last issue is that sometimes individual programs that I use are kind of
annoying. For example on my Mac OS machine, /usr/bin/sqlite3 doesn’t support
the Ctrl+Left Arrow keyboard shortcut. Fixing this to get a reasonable
terminal experience in SQLite was a little complicated, I had to:
- realize why this is happening (Mac OS won’t ship GNU tools, and “Ctrl-Left arrow” support comes from GNU readline)
- find a workaround (install sqlite from homebrew, which does have readline support)
- adjust my environment (put Homebrew’s sqlite3 in my PATH)
I find that debugging application-specific issues like this is really not easy and often it doesn’t feel “worth it” – often I’ll end up just dealing with various minor inconveniences because I don’t want to spend hours investigating them. The only reason I was even able to figure this one out at all is that I’ve been spending a huge amount of time thinking about the terminal recently.
A big part of having a “modern” experience using terminal programs is just
using newer terminal programs, for example I can’t be bothered to learn a
keyboard shortcut to sort the columns in top, but in htop I can just click
on a column heading with my mouse to sort it. So I use htop instead! But discovering new more “modern” command line tools isn’t easy (though
I made a list here),
finding ones that I actually like using in practice takes time, and if you’re
SSHed into another machine, they won’t always be there.
everything affects everything else
Something I find tricky about configuring my terminal to make everything “nice” is that changing one seemingly small thing about my workflow can really affect everything else. For example right now I don’t use tmux. But if I needed to use tmux again (for example because I was doing a lot of work SSHed into another machine), I’d need to think about a few things, like:
- if I wanted tmux’s copy to synchronize with my system clipboard over SSH, I’d need to make sure that my terminal emulator has OSC 52 support
- if I wanted to use iTerm’s tmux integration (which makes tmux tabs into iTerm tabs), I’d need to change how I configure colours – right now I set them with a shell script that I run when my shell starts, but that means the colours get lost when restoring a tmux session.
and probably more things I haven’t thought of. “Using tmux means that I have to change how I manage my colours” sounds unlikely, but that really did happen to me and I decided “well, I don’t want to change how I manage colours right now, so I guess I’m not using that feature!”.
It’s also hard to remember which features I’m relying on – for example maybe my current terminal does have OSC 52 support and because copying from tmux over SSH has always Just Worked I don’t even realize that that’s something I need, and then it mysteriously stops working when I switch terminals.
change things slowly
Personally even though I think my setup is not that complicated, it’s taken me 20 years to get to this point! Because terminal config changes are so likely to have unexpected and hard-to-understand consequences, I’ve found that if I change a lot of terminal configuration all at once it makes it much harder to understand what went wrong if there’s a problem, which can be really disorienting.
So I usually prefer to make pretty small changes, and accept that changes can
might take me a REALLY long time to get used to. For example I switched from
using ls to eza a year or two ago and
while I like it (because eza -l prints human-readable file sizes by default)
I’m still not quite sure about it. But also sometimes it’s worth it to make a
big change, like I made the switch to fish (from bash) 10 years ago and I’m
very happy I did.
getting a “modern” terminal is not that easy
Trying to explain how “easy” it is to configure your terminal really just made me think that it’s kind of hard and that I still sometimes get confused.
I’ve found that there’s never one perfect way to configure things in the terminal that will be compatible with every single other thing. I just need to try stuff, figure out some kind of locally stable state that works for me, and accept that if I start using a new tool it might disrupt the system and I might need to rethink things.
Recently I’ve been thinking about how everything that happens in the terminal is some combination of:
- Your operating system’s job
- Your shell’s job
- Your terminal emulator’s job
- The job of whatever program you happen to be running (like
toporvimorcat)
The first three (your operating system, shell, and terminal emulator) are all kind of known quantities – if you’re using bash in GNOME Terminal on Linux, you can more or less reason about how how all of those things interact, and some of their behaviour is standardized by POSIX.
But the fourth one (“whatever program you happen to be running”) feels like it could do ANYTHING. How are you supposed to know how a program is going to behave?
This post is kind of long so here’s a quick table of contents:
- programs behave surprisingly consistently
- these are meant to be descriptive, not prescriptive
- it’s not always obvious which “rules” are the program’s responsibility to implement
- rule 1: noninteractive programs should quit when you press
Ctrl-C - rule 2: TUIs should quit when you press
q - rule 3: REPLs should quit when you press
Ctrl-Don an empty line - rule 4: don’t use more than 16 colours
- rule 5: vaguely support readline keybindings
- rule 5.1:
Ctrl-Wshould delete the last word - rule 6: disable colours when writing to a pipe
- rule 7:
-means stdin/stdout - these “rules” take a long time to learn
programs behave surprisingly consistently
As far as I know, there are no real standards for how programs in the terminal should behave – the closest things I know of are:
- POSIX, which mostly dictates how your terminal emulator / OS / shell should
work together. I think it does specify a few things about how core utilities like
cpshould work but AFAIK it doesn’t have anything to say about how for examplehtopshould behave. - these command line interface guidelines
But even though there are no standards, in my experience programs in the terminal behave in a pretty consistent way. So I wanted to write down a list of “rules” that in my experience programs mostly follow.
these are meant to be descriptive, not prescriptive
My goal here isn’t to convince authors of terminal programs that they should follow any of these rules. There are lots of exceptions to these and often there’s a good reason for those exceptions.
But it’s very useful for me to know what behaviour to expect from a random new terminal program that I’m using. Instead of “uh, programs could do literally anything”, it’s “ok, here are the basic rules I expect, and then I can keep a short mental list of exceptions”.
So I’m just writing down what I’ve observed about how programs behave in my 20 years of using the terminal, why I think they behave that way, and some examples of cases where that rule is “broken”.
it’s not always obvious which “rules” are the program’s responsibility to implement
There are a bunch of common conventions that I think are pretty clearly the program’s responsibility to implement, like:
- config files should go in
~/.BLAHrcor~/.config/BLAH/FILEor/etc/BLAH/or something --helpshould print help text- programs should print “regular” output to stdout and errors to stderr
But in this post I’m going to focus on things that it’s not 100% obvious are
the program’s responsibility. For example it feels to me like a “law of nature”
that pressing Ctrl-D should quit a REPL, but programs often
need to explicitly implement support for it – even though cat doesn’t need
to implement Ctrl-D support, ipython does. (more about that in “rule 3” below)
Understanding which things are the program’s responsibility makes it much less surprising when different programs’ implementations are slightly different.
rule 1: noninteractive programs should quit when you press Ctrl-C
The main reason for this rule is that noninteractive programs will quit by
default on Ctrl-C if they don’t set up a SIGINT signal handler, so this is
kind of a “you should act like the default” rule.
Something that trips a lot of people up is that this doesn’t apply to
interactive programs like python3 or bc or less. This is because in
an interactive program, Ctrl-C has a different job – if the program is
running an operation (like for example a search in less or some Python code
in python3), then Ctrl-C will interrupt that operation but not stop the
program.
As an example of how this works in an interactive program: here’s the code in prompt-toolkit (the library that iPython uses for handling input)
that aborts a search when you press Ctrl-C.
rule 2: TUIs should quit when you press q
TUI programs (like less or htop) will usually quit when you press q.
This rule doesn’t apply to any program where pressing q to quit wouldn’t make
sense, like tmux or text editors.
rule 3: REPLs should quit when you press Ctrl-D on an empty line
REPLs (like python3 or ed) will usually quit when you press Ctrl-D on an
empty line. This rule is similar to the Ctrl-C rule – the reason for this is
that by default if you’re running a program (like cat) in “cooked mode”, then
the operating system will return an EOF when you press Ctrl-D on an empty
line.
Most of the REPLs I use (sqlite3, python3, fish, bash, etc) don’t actually use cooked mode, but they all implement this keyboard shortcut anyway to mimic the default behaviour.
For example, here’s the code in prompt-toolkit that quits when you press Ctrl-D, and here’s the same code in readline.
I actually thought that this one was a “Law of Terminal Physics” until very recently because I’ve basically never seen it broken, but you can see that it’s just something that each individual input library has to implement in the links above.
Someone pointed out that the Erlang REPL does not quit when you press Ctrl-D,
so I guess not every REPL follows this “rule”.
rule 4: don’t use more than 16 colours
Terminal programs rarely use colours other than the base 16 ANSI colours. This
is because if you specify colours with a hex code, it’s very likely to clash
with some users’ background colour. For example if I print out some text as
#EEEEEE, it would be almost invisible on a white background, though it would
look fine on a dark background.
But if you stick to the default 16 base colours, you have a much better chance that the user has configured those colours in their terminal emulator so that they work reasonably well with their background color. Another reason to stick to the default base 16 colours is that it makes less assumptions about what colours the terminal emulator supports.
The only programs I usually see breaking this “rule” are text editors, for example Helix by default will use a purple background which is not a default ANSI colour. It seems fine for Helix to break this rule since Helix isn’t a “core” program and I assume any Helix user who doesn’t like that colorscheme will just change the theme.
rule 5: vaguely support readline keybindings
Almost every program I use supports readline keybindings if it would make
sense to do so. For example, here are a bunch of different programs and a link
to where they define Ctrl-E to go to the end of the line:
- ipython (Ctrl-E defined here)
- atuin (Ctrl-E defined here)
- fzf (Ctrl-E defined here)
- zsh (Ctrl-E defined here)
- fish (Ctrl-E defined here)
- tmux’s command prompt (Ctrl-E defined here)
None of those programs actually uses readline directly, they just sort of
mimic emacs/readline keybindings. They don’t always mimic them exactly: for
example atuin seems to use Ctrl-A as a prefix, so Ctrl-A doesn’t go to the
beginning of the line.
Also all of these programs seem to implement their own internal cut and paste
buffers so you can delete a line with Ctrl-U and then paste it with Ctrl-Y.
The exceptions to this are:
- some programs (like
git,cat, andnc) don’t have any line editing support at all (except for backspace,Ctrl-W, andCtrl-U) - as usual text editors are an exception, every text editor has its own approach to editing text
I wrote more about this “what keybindings does a program support?” question in entering text in the terminal is complicated.
rule 5.1: Ctrl-W should delete the last word
I’ve never seen a program (other than a text editor) where Ctrl-W doesn’t
delete the last word. This is similar to the Ctrl-C rule – by default if a
program is in “cooked mode”, the OS will delete the last word if you press
Ctrl-W, and delete the whole line if you press Ctrl-U. So usually programs
will imitate that behaviour.
I can’t think of any exceptions to this other than text editors but if there are I’d love to hear about them!
rule 6: disable colours when writing to a pipe
Most programs will disable colours when writing to a pipe. For example:
rg blahwill highlight all occurrences ofblahin the output, but if the output is to a pipe or a file, it’ll turn off the highlighting.ls --color=autowill use colour when writing to a terminal, but not when writing to a pipe
Both of those programs will also format their output differently when writing
to the terminal: ls will organize files into columns, and ripgrep will group
matches with headings.
If you want to force the program to use colour (for example because you want to
look at the colour), you can use unbuffer to force the program’s output to be
a tty like this:
unbuffer rg blah | less -R
I’m sure that there are some programs that “break” this rule but I can’t think
of any examples right now. Some programs have an --color flag that you can
use to force colour to be on, in the example above you could also do rg --color=always | less -R.
rule 7: - means stdin/stdout
Usually if you pass - to a program instead of a filename, it’ll read from
stdin or write to stdout (whichever is appropriate). For example, if you want
to format the Python code that’s on your clipboard with black and then copy
it, you could run:
pbpaste | black - | pbcopy
(pbpaste is a Mac program, you can do something similar on Linux with xclip)
My impression is that most programs implement this if it would make sense and I can’t think of any exceptions right now, but I’m sure there are many exceptions.
these “rules” take a long time to learn
These rules took me a long time for me to learn because I had to:
- learn that the rule applied anywhere at all ("
Ctrl-Cwill exit programs") - notice some exceptions (“okay,
Ctrl-Cwill exitfindbut notless”) - subconsciously figure out what the pattern is ("
Ctrl-Cwill generally quit noninteractive programs, but in interactive programs it might interrupt the current operation instead of quitting the program") - eventually maybe formulate it into an explicit rule that I know
A lot of my understanding of the terminal is honestly still in the “subconscious pattern recognition” stage. The only reason I’ve been taking the time to make things explicit at all is because I’ve been trying to explain how it works to others. Hopefully writing down these “rules” explicitly will make learning some of this stuff a little bit faster for others.
Here’s a niche terminal problem that has bothered me for years but that I never really understood until a few weeks ago. Let’s say you’re running this command to watch for some specific output in a log file:
tail -f /some/log/file | grep thing1 | grep thing2
If log lines are being added to the file relatively slowly, the result I’d see is… nothing! It doesn’t matter if there were matches in the log file or not, there just wouldn’t be any output.
I internalized this as “uh, I guess pipes just get stuck sometimes and don’t
show me the output, that’s weird”, and I’d handle it by just
running grep thing1 /some/log/file | grep thing2 instead, which would work.
So as I’ve been doing a terminal deep dive over the last few months I was really excited to finally learn exactly why this happens.
why this happens: buffering
The reason why “pipes get stuck” sometimes is that it’s VERY common for programs to buffer their output before writing it to a pipe or file. So the pipe is working fine, the problem is that the program never even wrote the data to the pipe!
This is for performance reasons: writing all output immediately as soon as you can uses more system calls, so it’s more efficient to save up data until you have 8KB or so of data to write (or until the program exits) and THEN write it to the pipe.
In this example:
tail -f /some/log/file | grep thing1 | grep thing2
the problem is that grep thing1 is saving up all of its matches until it has
8KB of data to write, which might literally never happen.
programs don’t buffer when writing to a terminal
Part of why I found this so disorienting is that tail -f file | grep thing
will work totally fine, but then when you add the second grep, it stops
working!! The reason for this is that the way grep handles buffering depends
on whether it’s writing to a terminal or not.
Here’s how grep (and many other programs) decides to buffer its output:
- Check if stdout is a terminal or not using the
isattyfunction- If it’s a terminal, use line buffering (print every line immediately as soon as you have it)
- Otherwise, use “block buffering” – only print data if you have at least 8KB or so of data to print
So if grep is writing directly to your terminal then you’ll see the line as
soon as it’s printed, but if it’s writing to a pipe, you won’t.
Of course the buffer size isn’t always 8KB for every program, it depends on the implementation. For grep the buffering is handled by libc, and libc’s buffer size is
defined in the BUFSIZ variable. Here’s where that’s defined in glibc.
(as an aside: “programs do not use 8KB output buffers when writing to a terminal” isn’t, like, a law of terminal physics, a program COULD use an 8KB buffer when writing output to a terminal if it wanted, it would just be extremely weird if it did that, I can’t think of any program that behaves that way)
commands that buffer & commands that don’t
One annoying thing about this buffering behaviour is that you kind of need to remember which commands buffer their output when writing to a pipe.
Some commands that don’t buffer their output:
- tail
- cat
- tee
I think almost everything else will buffer output, especially if it’s a command where you’re likely to be using it for batch processing. Here’s a list of some common commands that buffer their output when writing to a pipe, along with the flag that disables block buffering.
- grep (
--line-buffered) - sed (
-u) - awk (there’s a
fflush()function) - tcpdump (
-l) - jq (
-u) - tr (
-u) - cut (can’t disable buffering)
Those are all the ones I can think of, lots of unix commands (like sort) may
or may not buffer their output but it doesn’t matter because sort can’t do
anything until it finishes receiving input anyway.
Also I did my best to test both the Mac OS and GNU versions of these but there are a lot of variations and I might have made some mistakes.
programming languages where the default “print” statement buffers
Also, here are a few programming language where the default print statement will buffer output when writing to a pipe, and some ways to disable buffering if you want:
- C (disable with
setvbuf) - Python (disable with
python -u, orPYTHONUNBUFFERED=1, orsys.stdout.reconfigure(line_buffering=False), orprint(x, flush=True)) - Ruby (disable with
STDOUT.sync = true) - Perl (disable with
$| = 1)
I assume that these languages are designed this way so that the default print function will be fast when you’re doing batch processing.
Also whether output is buffered or not might depend on how you print, for
example in C++ cout << "hello\n" buffers when writing to a pipe but cout << "hello" << endl will flush its output.
when you press Ctrl-C on a pipe, the contents of the buffer are lost
Let’s say you’re running this command as a hacky way to watch for DNS requests
to example.com, and you forgot to pass -l to tcpdump:
sudo tcpdump -ni any port 53 | grep example.com
When you press Ctrl-C, what happens? In a magical perfect world, what I would
want to happen is for tcpdump to flush its buffer, grep would search for
example.com, and I would see all the output I missed.
But in the real world, what happens is that all the programs get killed and the
output in tcpdump’s buffer is lost.
I think this problem is probably unavoidable – I spent a little time with
strace to see how this works and grep receives the SIGINT before
tcpdump anyway so even if tcpdump tried to flush its buffer grep would
already be dead.
After a little more investigation, there is a workaround: if you find
tcpdump’s PID and kill -TERM $PID, then tcpdump will flush the buffer so
you can see the output. That’s kind of a pain but I tested it and it seems to
work.
redirecting to a file also buffers
It’s not just pipes, this will also buffer:
sudo tcpdump -ni any port 53 > output.txt
Redirecting to a file doesn’t have the same “Ctrl-C will totally destroy the
contents of the buffer” problem though – in my experience it usually behaves
more like you’d want, where the contents of the buffer get written to the file
before the program exits. I’m not 100% sure whether this is something you can
always rely on or not.
a bunch of potential ways to avoid buffering
Okay, let’s talk solutions. Let’s say you’ve run this command:
tail -f /some/log/file | grep thing1 | grep thing2
I asked people on Mastodon how they would solve this in practice and there were 5 basic approaches. Here they are:
solution 1: run a program that finishes quickly
Historically my solution to this has been to just avoid the “command writing to pipe slowly” situation completely and instead run a program that will finish quickly like this:
cat /some/log/file | grep thing1 | grep thing2 | tail
This doesn’t do the same thing as the original command but it does mean that you get to avoid thinking about these weird buffering issues.
(you could also do grep thing1 /some/log/file but I often prefer to use an
“unnecessary” cat)
solution 2: remember the “line buffer” flag to grep
You could remember that grep has a flag to avoid buffering and pass it like this:
tail -f /some/log/file | grep --line-buffered thing1 | grep thing2
solution 3: use awk
Some people said that if they’re specifically dealing with a multiple greps
situation, they’ll rewrite it to use a single awk instead, like this:
tail -f /some/log/file | awk '/thing1/ && /thing2/'
Or you would write a more complicated grep, like this:
tail -f /some/log/file | grep -E 'thing1.*thing2'
(awk also buffers, so for this to work you’ll want awk to be the last command in the pipeline)
solution 4: use stdbuf
stdbuf uses LD_PRELOAD to turn off libc’s buffering, and you can use it to turn off output buffering like this:
tail -f /some/log/file | stdbuf -o0 grep thing1 | grep thing2
Like any LD_PRELOAD solution it’s a bit unreliable – it doesn’t work on
static binaries, I think won’t work if the program isn’t using libc’s
buffering, and doesn’t always work on Mac OS. Harry Marr has a really nice How stdbuf works post.
solution 5: use unbuffer
unbuffer program will force the program’s output to be a TTY, which means
that it’ll behave the way it normally would on a TTY (less buffering, colour
output, etc). You could use it in this example like this:
tail -f /some/log/file | unbuffer grep thing1 | grep thing2
Unlike stdbuf it will always work, though it might have unwanted side
effects, for example grep thing1’s will also colour matches.
If you want to install unbuffer, it’s in the expect package.
that’s all the solutions I know about!
It’s a bit hard for me to say which one is “best”, I think personally I’m
mostly likely to use unbuffer because I know it’s always going to work.
If I learn about more solutions I’ll try to add them to this post.
I’m not really sure how often this comes up
I think it’s not very common for me to have a program that slowly trickles data into a pipe like this, normally if I’m using a pipe a bunch of data gets written very quickly, processed by everything in the pipeline, and then everything exits. The only examples I can come up with right now are:
- tcpdump
tail -f- watching log files in a different way like with
kubectl logs - the output of a slow computation
what if there were an environment variable to disable buffering?
I think it would be cool if there were a standard environment variable to turn
off buffering, like PYTHONUNBUFFERED in Python. I got this idea from a
couple of blog posts by Mark Dominus
in 2018. Maybe NO_BUFFER like NO_COLOR?
The design seems tricky to get right; Mark points out that NETBSD has environment variables called STDBUF, STDBUF1, etc which gives you a
ton of control over buffering but I imagine most developers don’t want to
implement many different environment variables to handle a relatively minor
edge case.
I’m also curious about whether there are any programs that just automatically flush their output buffers after some period of time (like 1 second). It feels like it would be nice in theory but I can’t think of any program that does that so I imagine there are some downsides.
stuff I left out
Some things I didn’t talk about in this post since these posts have been getting pretty long recently and seriously does anyone REALLY want to read 3000 words about buffering?
- the difference between line buffering and having totally unbuffered output
- how buffering to stderr is different from buffering to stdout
- this post is only about buffering that happens inside the program, your operating system’s TTY driver also does a little bit of buffering sometimes
- other reasons you might need to flush your output other than “you’re writing to a pipe”
I like writing Javascript without a build system and for the millionth time yesterday I ran into a problem where I needed to figure out how to import a Javascript library in my code without using a build system, and it took FOREVER to figure out how to import it because the library’s setup instructions assume that you’re using a build system.
Luckily at this point I’ve mostly learned how to navigate this situation and either successfully use the library or decide it’s too difficult and switch to a different library, so here’s the guide I wish I had to importing Javascript libraries years ago.
I’m only going to talk about using Javacript libraries on the frontend, and only about how to use them in a no-build-system setup.
In this post I’m going to talk about:
- the three main types of Javascript files a library might provide (ES Modules, the “classic” global variable kind, and CommonJS)
- how to figure out which types of files a Javascript library includes in its build
- ways to import each type of file in your code
the three kinds of Javascript files
There are 3 basic types of Javascript files a library can provide:
- the “classic” type of file that defines a global variable. This is the kind
of file that you can just
<script src>and it’ll Just Work. Great if you can get it but not always available - an ES module (which may or may not depend on other files, we’ll get to that)
- a “CommonJS” module. This is for Node, you can’t use it in a browser at all without using a build system.
I’m not sure if there’s a better name for the “classic” type but I’m just going to call it “classic”. Also there’s a type called “AMD” but I’m not sure how relevant it is in 2024.
Now that we know the 3 types of files, let’s talk about how to figure out which of these the library actually provides!
where to find the files: the NPM build
Every Javascript library has a build which it uploads to NPM. You might be thinking (like I did originally) – Julia! The whole POINT is that we’re not using Node to build our library! Why are we talking about NPM?
But if you’re using a link from a CDN like https://cdnjs.cloudflare.com/ajax/libs/Chart.js/4.4.1/chart.umd.min.js, you’re still using the NPM build! All the files on the CDNs originally come from NPM.
Because of this, I sometimes like to npm install the library even if I’m not
planning to use Node to build my library at all – I’ll just create a new temp
folder, npm install there, and then delete it when I’m done. I like being able to poke
around in the files in the NPM build on my filesystem, because then I can be
100% sure that I’m seeing everything that the library is making available in
its build and that the CDN isn’t hiding something from me.
So let’s npm install a few libraries and try to figure out what types of
Javascript files they provide in their builds!
example library 1: chart.js
First let’s look inside Chart.js, a plotting library.
$ cd /tmp/whatever
$ npm install chart.js
$ cd node_modules/chart.js/dist
$ ls *.*js
chart.cjs chart.js chart.umd.js helpers.cjs helpers.js
This library seems to have 3 basic options:
option 1: chart.cjs. The .cjs suffix tells me that this is a CommonJS
file, for using in Node. This means it’s impossible to use it directly in the
browser without some kind of build step.
option 2:chart.js. The .js suffix by itself doesn’t tell us what kind of
file it is, but if I open it up, I see import '@kurkle/color'; which is an
immediate sign that this is an ES module – the import ... syntax is ES
module syntax.
option 3: chart.umd.js. “UMD” stands for “Universal Module Definition”,
which I think means that you can use this file either with a basic <script src>, CommonJS,
or some third thing called AMD that I don’t understand.
how to use a UMD file
When I was using Chart.js I picked Option 3. I just needed to add this to my code:
<script src="./chart.umd.js"> </script>
and then I could use the library with the global Chart environment variable.
Couldn’t be easier. I just copied chart.umd.js into my Git repository so that
I didn’t have to worry about using NPM or the CDNs going down or anything.
the build files aren’t always in the dist directory
A lot of libraries will put their build in the dist directory, but not
always! The build files’ location is specified in the library’s package.json.
For example here’s an excerpt from Chart.js’s package.json.
"jsdelivr": "./dist/chart.umd.js",
"unpkg": "./dist/chart.umd.js",
"main": "./dist/chart.cjs",
"module": "./dist/chart.js",
I think this is saying that if you want to use an ES Module (module) you
should use dist/chart.js, but the jsDelivr and unpkg CDNs should use
./dist/chart.umd.js. I guess main is for Node.
chart.js’s package.json also says "type": "module", which according to this documentation
tells Node to treat files as ES modules by default. I think it doesn’t tell us
specifically which files are ES modules and which ones aren’t but it does tell
us that something in there is an ES module.
example library 2: @atcute/oauth-browser-client
@atcute/oauth-browser-client
is a library for logging into Bluesky with OAuth in the browser.
Let’s see what kinds of Javascript files it provides in its build!
$ npm install @atcute/oauth-browser-client
$ cd node_modules/@atcute/oauth-browser-client/dist
$ ls *js
constants.js dpop.js environment.js errors.js index.js resolvers.js
It seems like the only plausible root file in here is index.js, which looks
something like this:
export { configureOAuth } from './environment.js';
export * from './errors.js';
export * from './resolvers.js';
This export syntax means it’s an ES module. That means we can use it in
the browser without a build step! Let’s see how to do that.
how to use an ES module with importmaps
Using an ES module isn’t an easy as just adding a <script src="whatever.js">. Instead, if
the ES module has dependencies (like @atcute/oauth-browser-client does) the
steps are:
- Set up an import map in your HTML
- Put import statements like
import { configureOAuth } from '@atcute/oauth-browser-client';in your JS code - Include your JS code in your HTML like this:
<script type="module" src="YOURSCRIPT.js"></script>
The reason we need an import map instead of just doing something like import { BrowserOAuthClient } from "./oauth-client-browser.js" is that internally the module has more import statements like import {something} from @atcute/client, and we need to tell the browser where to get the code for @atcute/client and all of its other dependencies.
Here’s what the importmap I used looks like for @atcute/oauth-browser-client:
<script type="importmap">
{
"imports": {
"nanoid": "./node_modules/nanoid/bin/dist/index.js",
"nanoid/non-secure": "./node_modules/nanoid/non-secure/index.js",
"nanoid/url-alphabet": "./node_modules/nanoid/url-alphabet/dist/index.js",
"@atcute/oauth-browser-client": "./node_modules/@atcute/oauth-browser-client/dist/index.js",
"@atcute/client": "./node_modules/@atcute/client/dist/index.js",
"@atcute/client/utils/did": "./node_modules/@atcute/client/dist/utils/did.js"
}
}
</script>
Getting these import maps to work is pretty fiddly, I feel like there must be a tool to generate them automatically but I haven’t found one yet. It’s definitely possible to write a script that automatically generates the importmaps using esbuild’s metafile but I haven’t done that and maybe there’s a better way.
I decided to set up importmaps yesterday to get github.com/jvns/bsky-oauth-example to work, so there’s some example code in that repo.
Also someone pointed me to Simon Willison’s download-esm, which will download an ES module and rewrite the imports to point to the JS files directly so that you don’t need importmaps. I haven’t tried it yet but it seems like a great idea.
problems with importmaps: too many files
I did run into some problems with using importmaps in the browser though – it needed to download dozens of Javascript files to load my site, and my webserver in development couldn’t keep up for some reason. I kept seeing files fail to load randomly and then had to reload the page and hope that they would succeed this time.
It wasn’t an issue anymore when I deployed my site to production, so I guess it was a problem with my local dev environment.
Also one slightly annoying thing about ES modules in general is that you need to
be running a webserver to use them, I’m sure this is for a good reason but it’s
easier when you can just open your index.html file without starting a
webserver.
Because of the “too many files” thing I think actually using ES modules with importmaps in this way isn’t actually that appealing to me, but it’s good to know it’s possible.
how to use an ES module without importmaps
If the ES module doesn’t have dependencies then it’s even easier – you don’t need the importmaps! You can just:
- put
<script type="module" src="YOURCODE.js"></script>in your HTML. Thetype="module"is important. - put
import {whatever} from "https://example.com/whatever.js"inYOURCODE.js
alternative: use esbuild
If you don’t want to use importmaps, you can also use a build system like esbuild. I talked about how to do that in Some notes on using esbuild, but this blog post is about ways to avoid build systems completely so I’m not going to talk about that option here. I do still like esbuild though and I think it’s a good option in this case.
what’s the browser support for importmaps?
CanIUse says that importmaps are in
“Baseline 2023: newly available across major browsers” so my sense is that in
2024 that’s still maybe a little bit too new? I think I would use importmaps
for some fun experimental code that I only wanted like myself and 12 people to
use, but if I wanted my code to be more widely usable I’d use esbuild instead.
example library 3: @atproto/oauth-client-browser
Let’s look at one final example library! This is a different Bluesky auth
library than @atcute/oauth-browser-client.
$ npm install @atproto/oauth-client-browser
$ cd node_modules/@atproto/oauth-client-browser/dist
$ ls *js
browser-oauth-client.js browser-oauth-database.js browser-runtime-implementation.js errors.js index.js indexed-db-store.js util.js
Again, it seems like only real candidate file here is index.js. But this is a
different situation from the previous example library! Let’s take a look at
index.js:
There’s a bunch of stuff like this in index.js:
__exportStar(require("@atproto/oauth-client"), exports);
__exportStar(require("./browser-oauth-client.js"), exports);
__exportStar(require("./errors.js"), exports);
var util_js_1 = require("./util.js");
This require() syntax is CommonJS syntax, which means that we can’t use this
file in the browser at all, we need to use some kind of build step, and
ESBuild won’t work either.
Also in this library’s package.json it says "type": "commonjs" which is
another way to tell it’s CommonJS.
how to use a CommonJS module with esm.sh
Originally I thought it was impossible to use CommonJS modules without learning a build system, but then someone Bluesky told me about esm.sh! It’s a CDN that will translate anything into an ES Module. skypack.dev does something similar, I’m not sure what the difference is but one person mentioned that if one doesn’t work sometimes they’ll try the other one.
For @atproto/oauth-client-browser using it seems pretty simple, I just need to put this in my HTML:
<script type="module" src="script.js"> </script>
and then put this in script.js.
import { BrowserOAuthClient } from "https://esm.sh/@atproto/oauth-client-browser@0.3.0"
It seems to Just Work, which is cool! Of course this is still sort of using a build system – it’s just that esm.sh is running the build instead of me. My main concerns with this approach are:
- I don’t really trust CDNs to keep working forever – usually I like to copy dependencies into my repository so that they don’t go away for some reason in the future.
- I’ve heard of some issues with CDNs having security compromises which scares me.
- I don’t really understand what esm.sh is doing.
esbuild can also convert CommonJS modules into ES modules
I also learned that you can also use esbuild to convert a CommonJS module
into an ES module, though there are some limitations – the import { BrowserOAuthClient } from syntax doesn’t work. Here’s a github issue about that.
I think the esbuild approach is probably more appealing to me than the
esm.sh approach because it’s a tool that I already have on my computer so I
trust it more. I haven’t experimented with this much yet though.
summary of the three types of files
Here’s a summary of the three types of JS files you might encounter, options for how to use them, and how to identify them.
Unhelpfully a .js or .min.js file extension could be any of these 3
options, so if the file is something.js you need to do more detective work to
figure out what you’re dealing with.
- “classic” JS files
- How to use it::
<script src="whatever.js"></script> - Ways to identify it:
- The website has a big friendly banner in its setup instructions saying “Use this with a CDN!” or something
- A
.umd.jsextension - Just try to put it in a
<script src=...tag and see if it works
- How to use it::
- ES Modules
- Ways to use it:
- If there are no dependencies, just
import {whatever} from "./my-module.js"directly in your code - If there are dependencies, create an importmap and
import {whatever} from "my-module"- or use download-esm to remove the need for an importmap
- Use esbuild or any ES Module bundler
- If there are no dependencies, just
- Ways to identify it:
- Look for an
importorexportstatement. (notmodule.exports = ..., that’s CommonJS) - An
.mjsextension - maybe
"type": "module"inpackage.json(though it’s not clear to me which file exactly this refers to)
- Look for an
- Ways to use it:
- CommonJS Modules
- Ways to use it:
- Use https://esm.sh to convert it into an ES module, like
https://esm.sh/@atproto/oauth-client-browser@0.3.0 - Use a build somehow (??)
- Use https://esm.sh to convert it into an ES module, like
- Ways to identify it:
- Look for
require()ormodule.exports = ...in the code - A
.cjsextension - maybe
"type": "commonjs"inpackage.json(though it’s not clear to me which file exactly this refers to)
- Look for
- Ways to use it:
it’s really nice to have ES modules standardized
The main difference between CommonJS modules and ES modules from my perspective is that ES modules are actually a standard. This makes me feel a lot more confident using them, because browsers commit to backwards compatibility for web standards forever – if I write some code using ES modules today, I can feel sure that it’ll still work the same way in 15 years.
It also makes me feel better about using tooling like esbuild because even if
the esbuild project dies, because it’s implementing a standard it feels likely
that there will be another similar tool in the future that I can replace it
with.
the JS community has built a lot of very cool tools
A lot of the time when I talk about this stuff I get responses like “I hate javascript!!! it’s the worst!!!”. But my experience is that there are a lot of great tools for Javascript (I just learned about https://esm.sh yesterday which seems great! I love esbuild!), and that if I take the time to learn how things works I can take advantage of some of those tools and make my life a lot easier.
So the goal of this post is definitely not to complain about Javascript, it’s to understand the landscape so I can use the tooling in a way that feels good to me.
questions I still have
Here are some questions I still have, I’ll add the answers into the post if I learn the answer.
- Is there a tool that automatically generates importmaps for an ES Module that I have set up locally? (apparently yes: jspm)
- How can I convert a CommonJS module into an ES module on my computer, the way https://esm.sh does? (apparently esbuild can sort of do this, though named exports don’t work)
- When people normally build CommonJS modules into regular JS code, what’s code is doing that? Obviously there are tools like webpack, rollup, esbuild, etc, but do those tools all implement their own JS parsers/static analysis? How many JS parsers are there out there?
- Is there any way to bundle an ES module into a single file (like
atcute-client.js), but so that in the browser I can still import multiple different paths from that file (like both@atcute/client/lexiconsand@atcute/client)?
all the tools
Here’s a list of every tool we talked about in this post:
- Simon Willison’s download-esm which will download an ES module and convert the imports to point at JS files so you don’t need an importmap
- https://esm.sh/ and skypack.dev
- esbuild
- JSPM can generate importmaps
Writing this post has made me think that even though I usually don’t want to
have a build that I run every time I update the project, I might be willing to
have a build step (using download-esm or something) that I run only once
when setting up the project and never run again except maybe if I’m updating my
dependency versions.
that’s all!
Thanks to Marco Rogers who taught me a lot of the things in this post. I’ve probably made some mistakes in this post and I’d love to know what they are – let me know on Bluesky or Mastodon!
I added a new section to this site a couple weeks ago called TIL (“today I learned”).
the goal: save interesting tools & facts I posted on social media
One kind of thing I like to post on Mastodon/Bluesky is “hey, here’s a cool thing”, like the great SQLite repl litecli, or the fact that cross compiling in Go Just Works and it’s amazing, or cryptographic right answers, or this great diff tool. Usually I don’t want to write a whole blog post about those things because I really don’t have much more to say than “hey this is useful!”
It started to bother me that I didn’t have anywhere to put those things: for example recently I wanted to use diffdiff and I just could not remember what it was called.
the solution: make a new section of this blog
So I quickly made a new folder called /til/, added some
custom styling (I wanted to style the posts to look a little bit like a tweet),
made a little Rake task to help me create new posts quickly (rake new_til), and
set up a separate RSS Feed for it.
I think this new section of the blog might be more for myself than anything, now when I forget the link to Cryptographic Right Answers I can hopefully look it up on the TIL page. (you might think “julia, why not use bookmarks??” but I have been failing to use bookmarks for my whole life and I don’t see that changing ever, putting things in public is for whatever reason much easier for me)
So far it’s been working, often I can actually just make a quick post in 2 minutes which was the goal.
inspired by Simon Willison’s TIL blog
My page is inspired by Simon Willison’s great TIL blog, though my TIL posts are a lot shorter.
I don’t necessarily want everything to be archived
This came about because I spent a lot of time on Twitter, so I’ve been thinking about what I want to do about all of my tweets.
I keep reading the advice to “POSSE” (“post on your own site, syndicate elsewhere”), and while I find the idea appealing in principle, for me part of the appeal of social media is that it’s a little bit ephemeral. I can post polls or questions or observations or jokes and then they can just kind of fade away as they become less relevant.
I find it a lot easier to identify specific categories of things that I actually want to have on a Real Website That I Own:
- blog posts here!
- comics at https://wizardzines.com/comics/!
- now TILs at https://jvns.ca/til/)
and then let everything else be kind of ephemeral.
I really believe in the advice to make email lists though – the first two (blog posts & comics) both have email lists and RSS feeds that people can subscribe to if they want. I might add a quick summary of any TIL posts from that week to the “blog posts from this week” mailing list.

Here's where you can find me at IETF 121 in Dublin!
Monday
- 9:30 - 11:30 • oauth
- 15:30 - 17:00 • alldispatch
Tuesday
Thursday
- 9:30 - 11:30 • oauth
Get in Touch
My Current Drafts
Hello! I’ve been thinking about the terminal a lot and yesterday I got curious
about all these “control codes”, like Ctrl-A, Ctrl-C, Ctrl-W, etc. What’s
the deal with all of them?
a table of ASCII control characters
Here’s a table of all 33 ASCII control characters, and what they do on my machine (on Mac OS), more or less. There are about a million caveats, but I’ll talk about what it means and all the problems with this diagram that I know about.
You can also view it as an HTML page (I just made it an image so it would show up in RSS).
different kinds of codes are mixed together
The first surprising thing about this diagram to me is that there are 33 control codes, split into (very roughly speaking) these categories:
- Codes that are handled by the operating system’s terminal driver, for
example when the OS sees a
3(Ctrl-C), it’ll send aSIGINTsignal to the current program - Everything else is passed through to the application as-is and the
application can do whatever it wants with them. Some subcategories of
those:
- Codes that correspond to a literal keypress of a key on your keyboard
(
Enter,Tab,Backspace). For example when you pressEnter, your terminal gets sent13. - Codes used by
readline: “the application can do whatever it wants” often means “it’ll do more or less what thereadlinelibrary does, whether the application actually usesreadlineor not”, so I’ve labelled a bunch of the codes thatreadlineuses - Other codes, for example I think
Ctrl-Xhas no standard meaning in the terminal in general but emacs uses it very heavily
- Codes that correspond to a literal keypress of a key on your keyboard
(
There’s no real structure to which codes are in which categories, they’re all just kind of randomly scattered because this evolved organically.
(If you’re curious about readline, I wrote more about readline in entering text in the terminal is complicated, and there are a lot of cheat sheets out there)
there are only 33 control codes
Something else that I find a little surprising is that are only 33 control codes –
A to Z, plus 7 more (@, [, \, ], ^, _, ?). This means that if you want to
have for example Ctrl-1 as a keyboard shortcut in a terminal application,
that’s not really meaningful – on my machine at least Ctrl-1 is exactly the
same thing as just pressing 1, Ctrl-3 is the same as Ctrl-[, etc.
Also Ctrl+Shift+C isn’t a control code – what it does depends on your
terminal emulator. On Linux Ctrl-Shift-X is often used by the terminal
emulator to copy or open a new tab or paste for example, it’s not sent to the
TTY at all.
Also I use Ctrl+Left Arrow all the time, but that isn’t a control code,
instead it sends an ANSI escape sequence (ctrl-[[1;5D) which is a different
thing which we absolutely do not have space for in this post.
This “there are only 33 codes” thing is totally different from how keyboard
shortcuts work in a GUI where you can have Ctrl+KEY for any key you want.
the official ASCII names aren’t very meaningful to me
Each of these 33 control codes has a name in ASCII (for example 3 is ETX).
When all of these control codes were originally defined, they weren’t being
used for computers or terminals at all, they were used for the telegraph machine.
Telegraph machines aren’t the same as UNIX terminals so a lot of the codes were repurposed to mean something else.
Personally I don’t find these ASCII names very useful, because 50% of the time the name in ASCII has no actual relationship to what that code does on UNIX systems today. So it feels easier to just ignore the ASCII names completely instead of trying to figure which ones still match their original meaning.
It’s hard to use Ctrl-M as a keyboard shortcut
Another thing that’s a bit weird is that Ctrl-M is literally the same as
Enter, and Ctrl-I is the same as Tab, which makes it hard to use those two as keyboard shortcuts.
From some quick research, it seems like some folks do still use Ctrl-I and
Ctrl-M as keyboard shortcuts (here’s an example), but to do that
you need to configure your terminal emulator to treat them differently than the
default.
For me the main takeaway is that if I ever write a terminal application I
should avoid Ctrl-I and Ctrl-M as keyboard shortcuts in it.
how to identify what control codes get sent
While writing this I needed to do a bunch of experimenting to figure out what various key combinations did, so I wrote this Python script echo-key.py that will print them out.
There’s probably a more official way but I appreciated having a script I could customize.
caveat: on canonical vs noncanonical mode
Two of these codes (Ctrl-W and Ctrl-U) are labelled in the table as
“handled by the OS”, but actually they’re not always handled by the OS, it
depends on whether the terminal is in “canonical” mode or in “noncanonical mode”.
In canonical mode,
programs only get input when you press Enter (and the OS is in charge of deleting characters when you press Backspace or Ctrl-W). But in noncanonical mode the program gets
input immediately when you press a key, and the Ctrl-W and Ctrl-U codes are passed through to the program to handle any way it wants.
Generally in noncanonical mode the program will handle Ctrl-W and Ctrl-U
similarly to how the OS does, but there are some small differences.
Some examples of programs that use canonical mode:
- probably pretty much any noninteractive program, like
greporcat git, I think
Examples of programs that use noncanonical mode:
python3,irband other REPLs- your shell
- any full screen TUI like
lessorvim
caveat: all of the “OS terminal driver” codes are configurable with stty
I said that Ctrl-C sends SIGINT but technically this is not necessarily
true, if you really want to you can remap all of the codes labelled “OS
terminal driver”, plus Backspace, using a tool called stty, and you can view
the mappings with stty -a.
Here are the mappings on my machine right now:
$ stty -a
cchars: discard = ^O; dsusp = ^Y; eof = ^D; eol = <undef>;
eol2 = <undef>; erase = ^?; intr = ^C; kill = ^U; lnext = ^V;
min = 1; quit = ^\; reprint = ^R; start = ^Q; status = ^T;
stop = ^S; susp = ^Z; time = 0; werase = ^W;
I have personally never remapped any of these and I cannot imagine a reason I
would (I think it would be a recipe for confusion and disaster for me), but I
asked on Mastodon and people said the most common reasons they used
stty were:
- fix a broken terminal with
stty sane - set
stty erase ^Hto change how Backspace works - set
stty ixoff - some people even map
SIGINTto a different key, like theirDELETEkey
caveat: on signals
Two signals caveats:
- If the
ISIGterminal mode is turned off, then the OS won’t send signals. For examplevimturns offISIG - Apparently on BSDs, there’s an extra control code (
Ctrl-T) which sendsSIGINFO
You can see which terminal modes a program is setting using strace like this,
terminal modes are set with the ioctl system call:
$ strace -tt -o out vim
$ grep ioctl out | grep SET
here are the modes vim sets when it starts (ISIG and ICANON are
missing!):
17:43:36.670636 ioctl(0, TCSETS, {c_iflag=IXANY|IMAXBEL|IUTF8,
c_oflag=NL0|CR0|TAB0|BS0|VT0|FF0|OPOST, c_cflag=B38400|CS8|CREAD,
c_lflag=ECHOK|ECHOCTL|ECHOKE|PENDIN, ...}) = 0
and it resets the modes when it exits:
17:43:38.027284 ioctl(0, TCSETS, {c_iflag=ICRNL|IXANY|IMAXBEL|IUTF8,
c_oflag=NL0|CR0|TAB0|BS0|VT0|FF0|OPOST|ONLCR, c_cflag=B38400|CS8|CREAD,
c_lflag=ISIG|ICANON|ECHO|ECHOE|ECHOK|IEXTEN|ECHOCTL|ECHOKE|PENDIN, ...}) = 0
I think the specific combination of modes vim is using here might be called “raw mode”, man cfmakeraw talks about that.
there are a lot of conflicts
Related to “there are only 33 codes”, there are a lot of conflicts where
different parts of the system want to use the same code for different things,
for example by default Ctrl-S will freeze your screen, but if you turn that
off then readline will use Ctrl-S to do a forward search.
Another example is that on my machine sometimes Ctrl-T will send SIGINFO
and sometimes it’ll transpose 2 characters and sometimes it’ll do something
completely different depending on:
- whether the program has
ISIGset - whether the program uses
readline/ imitates readline’s behaviour
caveat: on “backspace” and “other backspace”
In this diagram I’ve labelled code 127 as “backspace” and 8 as “other backspace”. Uh, what?
I think this was the single biggest topic of discussion in the replies on Mastodon – apparently there’s a LOT of history to this and I’d never heard of any of it before.
First, here’s how it works on my machine:
- I press the
Backspacekey - The TTY gets sent the byte
127, which is calledDELin ASCII - the OS terminal driver and readline both have
127mapped to “backspace” (so it works both in canonical mode and noncanonical mode) - The previous character gets deleted
If I press Ctrl+H, it has the same effect as Backspace if I’m using
readline, but in a program without readline support (like cat for instance),
it just prints out ^H.
Apparently Step 2 above is different for some folks – their Backspace key sends
the byte 8 instead of 127, and so if they want Backspace to work then they
need to configure the OS (using stty) to set erase = ^H.
There’s an incredible section of the Debian Policy Manual on keyboard configuration
that describes how Delete and Backspace should work according to Debian
policy, which seems very similar to how it works on my Mac today. My
understanding (via this mastodon post)
is that this policy was written in the 90s because there was a lot of confusion
about what Backspace should do in the 90s and there needed to be a standard
to get everything to work.
There’s a bunch more historical terminal stuff here but that’s all I’ll say for now.
there’s probably a lot more diversity in how this works
I’ve probably missed a bunch more ways that “how it works on my machine” might be different from how it works on other people’s machines, and I’ve probably made some mistakes about how it works on my machine too. But that’s all I’ve got for today.
Some more stuff I know that I’ve left out: according to stty -a Ctrl-O is
“discard”, Ctrl-R is “reprint”, and Ctrl-Y is “dsusp”. I have no idea how
to make those actually do anything (pressing them does not do anything
obvious, and some people have told me what they used to do historically but
it’s not clear to me if they have a use in 2024), and a lot of the time in practice
they seem to just be passed through to the application anyway so I just
labelled Ctrl-R and Ctrl-Y as
readline.
not all of this is that useful to know
Also I want to say that I think the contents of this post are kind of interesting
but I don’t think they’re necessarily that useful. I’ve used the terminal
pretty successfully every day for the last 20 years without knowing literally
any of this – I just knew what Ctrl-C, Ctrl-D, Ctrl-Z, Ctrl-R,
Ctrl-L did in practice (plus maybe Ctrl-A, Ctrl-E and Ctrl-W) and did
not worry about the details for the most part, and that was
almost always totally fine except when I was trying to use xterm.js.
But I had fun learning about it so maybe it’ll be interesting to you too.
I’ve been having problems for the last 3 years or so where Mess With DNS periodically runs out of memory and gets OOM killed.
This hasn’t been a big priority for me: usually it just goes down for a few minutes while it restarts, and it only happens once a day at most, so I’ve just been ignoring. But last week it started actually causing a problem so I decided to look into it.
This was kind of winding road where I learned a lot so here’s a table of contents:
- there’s about 100MB of memory available
- the problem: OOM killing the backup script
- attempt 1: use SQLite
- attempt 2: use a trie
- attempt 3: make my array use less memory
there’s about 100MB of memory available
I run Mess With DNS on a VM without about 465MB of RAM, which according to
ps aux (the RSS column) is split up something like:
- 100MB for PowerDNS
- 200MB for Mess With DNS
- 40MB for hallpass
That leaves about 110MB of memory free.
A while back I set GOMEMLIMIT to 250MB to try to make sure the garbage collector ran if Mess With DNS used more than 250MB of memory, and I think this helped but it didn’t solve everything.
the problem: OOM killing the backup script
A few weeks ago I started backing up Mess With DNS’s database for the first time using restic.
This has been working okay, but since Mess With DNS operates without much extra
memory I think restic sometimes needed more memory than was available on the
system, and so the backup script sometimes got OOM killed.
This was a problem because
- backups might be corrupted sometimes
- more importantly, restic takes out a lock when it runs, and so I’d have to manually do an unlock if I wanted the backups to continue working. Doing manual work like this is the #1 thing I try to avoid with all my web services (who has time for that!) so I really wanted to do something about it.
There’s probably more than one solution to this, but I decided to try to make Mess With DNS use less memory so that there was more available memory on the system, mostly because it seemed like a fun problem to try to solve.
what’s using memory: IP addresses
I’d run a memory profile of Mess With DNS a bunch of times in the past, so I knew exactly what was using most of Mess With DNS’s memory: IP addresses.
When it starts, Mess With DNS loads this database where you can look up the
ASN of every IP address into memory, so that when it
receives a DNS query it can take the source IP address like 74.125.16.248 and
tell you that IP address belongs to GOOGLE.
This database by itself used about 117MB of memory, and a simple du told me
that was too much – the original text files were only 37MB!
$ du -sh *.tsv
26M ip2asn-v4.tsv
11M ip2asn-v6.tsv
The way it worked originally is that I had an array of these:
type IPRange struct {
StartIP net.IP
EndIP net.IP
Num int
Name string
Country string
}
and I searched through it with a binary search to figure out if any of the ranges contained the IP I was looking for. Basically the simplest possible thing and it’s super fast, my machine can do about 9 million lookups per second.
attempt 1: use SQLite
I’ve been using SQLite recently, so my first thought was – maybe I can store all of this data on disk in an SQLite database, give the tables an index, and that’ll use less memory.
So I:
- wrote a quick Python script using sqlite-utils to import the TSV files into an SQLite database
- adjusted my code to select from the database instead
This did solve the initial memory goal (after a GC it now hardly used any memory at all because the table was on disk!), though I’m not sure how much GC churn this solution would cause if we needed to do a lot of queries at once. I did a quick memory profile and it seemed to allocate about 1KB of memory per lookup.
Let’s talk about the issues I ran into with using SQLite though.
problem: how to store IPv6 addresses
SQLite doesn’t have support for big integers and IPv6 addresses are 128 bits,
so I decided to store them as text. I think BLOB might have been better, I
originally thought BLOBs couldn’t be compared but the sqlite docs say they can.
I ended up with this schema:
CREATE TABLE ipv4_ranges (
start_ip INTEGER NOT NULL,
end_ip INTEGER NOT NULL,
asn INTEGER NOT NULL,
country TEXT NOT NULL,
name TEXT NOT NULL
);
CREATE TABLE ipv6_ranges (
start_ip TEXT NOT NULL,
end_ip TEXT NOT NULL,
asn INTEGER,
country TEXT,
name TEXT
);
CREATE INDEX idx_ipv4_ranges_start_ip ON ipv4_ranges (start_ip);
CREATE INDEX idx_ipv6_ranges_start_ip ON ipv6_ranges (start_ip);
CREATE INDEX idx_ipv4_ranges_end_ip ON ipv4_ranges (end_ip);
CREATE INDEX idx_ipv6_ranges_end_ip ON ipv6_ranges (end_ip);
Also I learned that Python has an ipaddress module, so I could use
ipaddress.ip_address(s).exploded to make sure that the IPv6 addresses were
expanded so that a string comparison would compare them properly.
problem: it’s 500x slower
I ran a quick microbenchmark, something like this. It printed out that it could look up 17,000 IPv6 addresses per second, and similarly for IPv4 addresses.
This was pretty discouraging – being able to look up 17k addresses per section is kind of fine (Mess With DNS does not get a lot of traffic), but I compared it to the original binary search code and the original code could do 9 million per second.
ips := []net.IP{}
count := 20000
for i := 0; i < count; i++ {
// create a random IPv6 address
bytes := randomBytes()
ip := net.IP(bytes[:])
ips = append(ips, ip)
}
now := time.Now()
success := 0
for _, ip := range ips {
_, err := ranges.FindASN(ip)
if err == nil {
success++
}
}
fmt.Println(success)
elapsed := time.Since(now)
fmt.Println("number per second", float64(count)/elapsed.Seconds())
time for EXPLAIN QUERY PLAN
I’d never really done an EXPLAIN in sqlite, so I thought it would be a fun opportunity to see what the query plan was doing.
sqlite> explain query plan select * from ipv6_ranges where '2607:f8b0:4006:0824:0000:0000:0000:200e' BETWEEN start_ip and end_ip;
QUERY PLAN
`--SEARCH ipv6_ranges USING INDEX idx_ipv6_ranges_end_ip (end_ip>?)
It looks like it’s just using the end_ip index and not the start_ip index,
so maybe it makes sense that it’s slower than the binary search.
I tried to figure out if there was a way to make SQLite use both indexes, but I couldn’t find one and maybe it knows best anyway.
At this point I gave up on the SQLite solution, I didn’t love that it was slower and also it’s a lot more complex than just doing a binary search. I felt like I’d rather keep something much more similar to the binary search.
A few things I tried with SQLite that did not cause it to use both indexes:
- using a compound index instead of two separate indexes
- running
ANALYZE - using
INTERSECTto intersect the results ofstart_ip < ?and? < end_ip. This did make it use both indexes, but it also seemed to make the query literally 1000x slower, probably because it needed to create the results of both subqueries in memory and intersect them.
attempt 2: use a trie
My next idea was to use a trie, because I had some vague idea that maybe a trie would use less memory, and I found this library called ipaddress-go that lets you look up IP addresses using a trie.
I tried using it here’s the code, but I think I was doing something wildly wrong because, compared to my naive array + binary search:
- it used WAY more memory (800MB to store just the IPv4 addresses)
- it was a lot slower to do the lookups (it could do only 100K/second instead of 9 million/second)
I’m not really sure what went wrong here but I gave up on this approach and decided to just try to make my array use less memory and stick to a simple binary search.
some notes on memory profiling
One thing I learned about memory profiling is that you can use runtime
package to see how much memory is currently allocated in the program. That’s
how I got all the memory numbers in this post. Here’s the code:
func memusage() {
runtime.GC()
var m runtime.MemStats
runtime.ReadMemStats(&m)
fmt.Printf("Alloc = %v MiB\n", m.Alloc/1024/1024)
// write mem.prof
f, err := os.Create("mem.prof")
if err != nil {
log.Fatal(err)
}
pprof.WriteHeapProfile(f)
f.Close()
}
Also I learned that if you use pprof to analyze a heap profile there are two
ways to analyze it: you can pass either --alloc-space or --inuse-space to
go tool pprof. I don’t know how I didn’t realize this before but
alloc-space will tell you about everything that was allocated, and
inuse-space will just include memory that’s currently in use.
Anyway I ran go tool pprof -pdf --inuse_space mem.prof > mem.pdf a lot. Also
every time I use pprof I find myself referring to my own intro to pprof, it’s probably
the blog post I wrote that I use the most often. I should add --alloc-space
and --inuse-space to it.
attempt 3: make my array use less memory
I was storing my ip2asn entries like this:
type IPRange struct {
StartIP net.IP
EndIP net.IP
Num int
Name string
Country string
}
I had 3 ideas for ways to improve this:
- There was a lot of repetition of
Nameand theCountry, because a lot of IP ranges belong to the same ASN net.IPis an[]byteunder the hood, which felt like it involved an unnecessary pointer, was there a way to inline it into the struct?- Maybe I didn’t need both the start IP and the end IP, often the ranges were consecutive so maybe I could rearrange things so that I only had the start IP
idea 3.1: deduplicate the Name and Country
I figured I could store the ASN info in an array, and then just store the index
into the array in my IPRange struct. Here are the structs so you can see what
I mean:
type IPRange struct {
StartIP netip.Addr
EndIP netip.Addr
ASN uint32
Idx uint32
}
type ASNInfo struct {
Country string
Name string
}
type ASNPool struct {
asns []ASNInfo
lookup map[ASNInfo]uint32
}
This worked! It brought memory usage from 117MB to 65MB – a 50MB savings. I felt good about this.
Here’s all of the code for that part.
how big are ASNs?
As an aside – I’m storing the ASN in a uint32, is that right? I looked in the ip2asn
file and the biggest one seems to be 401307, though there are a few lines that
say 4294901931 which is much bigger, but also are just inside the range of a
uint32. So I can definitely use a uint32.
59.101.179.0 59.101.179.255 4294901931 Unknown AS4294901931
idea 3.2: use netip.Addr instead of net.IP
It turns out that I’m not the only one who felt that net.IP was using an
unnecessary amount of memory – in 2021 the folks at Tailscale released a new
IP address library for Go which solves this and many other issues. They wrote a great blog post about it.
I discovered (to my delight) that not only does this new IP address library exist and do exactly what I want, it’s also now in the Go
standard library as netip.Addr. Switching to netip.Addr was
very easy and saved another 20MB of memory, bringing us to 46MB.
I didn’t try my third idea (remove the end IP from the struct) because I’d already been programming for long enough on a Saturday morning and I was happy with my progress.
It’s always such a great feeling when I think “hey, I don’t like this, there must be a better way” and then immediately discover that someone has already made the exact thing I want, thought about it a lot more than me, and implemented it much better than I would have.
all of this was messier in real life
Even though I tried to explain this in a simple linear way “I tried X, then I tried Y, then I tried Z”, that’s kind of a lie – I always try to take my actual debugging process (total chaos) and make it seem more linear and understandable because the reality is just too annoying to write down. It’s more like:
- try sqlite
- try a trie
- second guess everything that I concluded about sqlite, go back and look at the results again
- wait what about indexes
- very very belatedly realize that I can use
runtimeto check how much memory everything is using, start doing that - look at the trie again, maybe I misunderstood everything
- give up and go back to binary search
- look at all of the numbers for tries/sqlite again to make sure I didn’t misunderstand
A note on using 512MB of memory
Someone asked why I don’t just give the VM more memory. I could very easily afford to pay for a VM with 1GB of memory, but I feel like 512MB really should be enough (and really that 256MB should be enough!) so I’d rather stay inside that constraint. It’s kind of a fun puzzle.
a few ideas from the replies
Folks had a lot of good ideas I hadn’t thought of. Recording them as inspiration if I feel like having another Fun Performance Day at some point.
- Try Go’s unique package for the
ASNPool. Someone tried this and it uses more memory, probably because Go’s pointers are 64 bits - Try compiling with
GOARCH=386to use 32-bit pointers to sace space (maybe in combination with usingunique!) - It should be possible to store all of the IPv6 addresses in just 64 bits, because only the first 64 bits of the address are public
- Interpolation search might be faster than binary search since IP addresses are numeric
- Try the MaxMind db format with mmdbwriter or mmdbctl
- Tailscale’s art routing table package
the result: saved 70MB of memory!
I deployed the new version and now Mess With DNS is using less memory! Hooray!
A few other notes:
- lookups are a little slower – in my microbenchmark they went from 9 million lookups/second to 6 million, maybe because I added a little indirection. Using less memory and a little more CPU seemed like a good tradeoff though.
- it’s still using more memory than the raw text files do (46MB vs 37MB), I guess pointers take up space and that’s okay.
I’m honestly not sure if this will solve all my memory problems, probably not! But I had fun, I learned a few things about SQLite, I still don’t know what to think about tries, and it made me love binary search even more than I already did.




















































































