I'm on a 20+ city book tour for my new novel PICKS AND SHOVELS. Catch me in PITTSBURGH in TOMORROW (May 15) at WHITE WHALE BOOKS, and in PDX on Jun 20 at BARNES AND NOBLE with BUNNIE HUANG. More tour dates (London, Manchester) here.
Something's very different in tech. Once upon a time, every bad choice by tech companies â taking away features, locking out mods or plugins, nerfing the API â was countered, nearly instantaneously, by someone writing a program that overrode that choice.
Bad clients would be muscled aside by third-party clients. Locked bootloaders would be hacked and replaced. Code that confirmed you were using OEM parts, consumables or adapters would be found and nuked from orbit. Weak APIs would be replaced with muscular, unofficial APIs built out of unstoppable scrapers running on headless machines in some data-center. Every time some tech company erected a 10-foot enshittifying fence, someone would show up with an 11-foot disenshittifying ladder.
Those 11-foot ladders represented the power of interoperability, the inescapable bounty of the Turing-complete, universal von Neumann machine, which, by definition, is capable of running every valid program. Specifically, they represented the power of adversarial interoperability â when someone modifies a technology against its manufacturer's wishes. Adversarial interoperability is the origin story of today's tech giants, from Microsoft to Apple to Google:
But adversarial interop has been in steady decline for the past quarter-century. These big companies moved fast and broke things, but no one is returning the favor. If you ask the companies what changed, they'll just smirk and say that they're better at security than the incumbents they disrupted. The reason no one's hacked up a third-party iOS App Store is that Apple's security team is just so fucking 1337 that no one can break their shit.
I think this is nonsense. I think that what's really going on is that we've made it possible for companies to design their technologies in such a way that any attempt at adversarial interop is illegal.
"Anticircumvention" laws like Section 1201 of the 1998 Digital Millennium Copyright Act make bypassing any kind of digital lock (AKA "Digital Rights Management" or "DRM") very illegal. Under DMCA, just talking about how to remove a digital lock can land you in prison for 5 years. I tell the story of this law's passage in "Understood: Who Broke the Internet," my new podcast series for the CBC:
For a quarter century, tech companies have aggressively lobbied and litigated to expand the scope of anticircumvention laws. At the same time, companies have come up with a million ways to wrap their products in digital locks that are a crime to break.
Digital locks let Chamberlain, a garage-door opener monopolist block all third-party garage-door apps. Then, Chamberlain stuck ads in its app, so you have to watch an ad to open your garage-door:
These companies built 11-foot ladders to get over their competitors' 10-foot walls, and then they kicked the ladder away. Once they were secure atop their walls, they committed enshittifying sins their fallen adversaries could only dream of.
I've been campaigning to abolish anticircumvention laws for the past quarter-century, and I've noticed a curious pattern. Whenever these companies stand to lose their legal protections, they freak out and spend vast fortunes to keep those protections intact. That's weird, because it strongly implies that their locks don't work. A lock that works works, whether or not it's illegal to break that lock. The reason Signal encryption works is that it's working encryption. The legal status of breaking Signal's encryption has nothing to do with whether it works. If Signal's encryption was full of technical flaws but it was illegal to point those flaws out, you'd be crazy to trust Signal.
Signal does get involved in legal fights, of course, but the fights it gets into are ones that require Signal to introduce defects in its encryption â not fights over whether it is legal to disclose flaws in Signal or exploit them:
But tech companies that rely on digital locks manifestly act like their locks don't work and they know it. When the tech and content giants bullied the W3C into building DRM into 2 billion users' browsers, they categorically rejected any proposal to limit their ability to destroy the lives of people who broke that DRM, even if it was only to add accessibility or privacy to video:
The thing is, if the lock works, you don't need the legal right to destroy the lives of people who find its flaws, because it works.
Do digital locks work? Can they work? I think the answer to both questions is a resounding no. The design theory of a digital lock is that I can provide you with an encrypted file that your computer has the keys to. Your computer will access those keys to decrypt or sign a file, but only under the circumstances that I have specified. Like, you can install an app when it comes from my app store, but not when it comes from a third party. Or you can play back a video in one kind of browser window, but not in another one. For this to work, your computer has to hide a cryptographic key from you, inside a device you own and control. As I pointed out more than a decade ago, this is a fool's errand:
After all, you or I might not have the knowledge and resources to uncover the keys' hiding place, but someone does. Maybe that someone is a person looking to go into business selling your customers the disenshittifying plugin that unfucks the thing you deliberately broke. Maybe it's a hacker-tinkerer, pursuing an intellectual challenge. Maybe it's a bored grad student with a free weekend, an electron-tunneling microscope, and a seminar full of undergrads looking for a project.
The point is that hiding secrets in devices that belong to your adversaries is very bad security practice. No matter how good a bank safe is, the bank keeps it in its vault â not in the bank-robber's basement workshop.
For a hiding-secrets-in-your-adversaries'-device plan to work, the manufacturer has to make zero mistakes. The adversary â a competitor, a tinkerer, a grad student â only has to find one mistake and exploit it. This is a bedrock of security theory: attackers have an inescapable advantage.
So I think that DRM doesn't work. I think DRM is a legal construct, not a technical one. I think DRM is a kind of magic Saran Wrap that manufacturers can wrap around their products, and, in so doing, make it a literal jailable offense to use those products in otherwise legal ways that their shareholders don't like. As Jay Freeman put it, using DRM creates a new law called "Felony Contempt of Business Model." It's a law that has never been passed by any legislature, but is nevertheless enforceable.
In the 25 years I've been fighting anticircumvention laws, I've spoken to many government officials from all over the world about the opportunity that repealing their anticircumvention laws represents. After all, Apple makes $100b/year by gouging app makers for 30 cents on ever dollar. Allow your domestic tech sector to sell the tools to jailbreak iPhones and install third party app stores, and you can convert Apple's $100b/year to a $100m/year business for one of your own companies, and the other $999,900,000,000 will be returned to the world's iPhone owners as a consumer surplus.
But every time I pitched this, I got the same answer: "The US Trade Representative forced us to pass this law, and threatened us with tariffs if we didn't pass it." Happy Liberation Day, people â every country in the world is now liberated from the only reason to keep this stupid-ass law on their books:
One of the questions I've been getting repeatedly from policy wonks, activists and officials is, "Is it even possible to jailbreak modern devices?" They want to know if companies like Apple, Tesla, Google, Microsoft, and John Deere have created unbreakable digital locks. Obviously, this is an important question, because if these locks are impregnable, then getting rid of the law won't deliver the promised benefits.
It's true that there aren't as many jailbreaks as we used to see. When a big project like Nextcloud â which is staffed up with extremely accomplished and skilled engineers â gets screwed over by Google's app store, they issue a press-release, not a patch:
These hacks are incredibly ambitious! How ambitious? How about a class break for every version of iOS as well as an unpatchable hardware attack on 8 years' worth of Apple bootloaders?
Now, maybe it's the case at all the world's best hackers are posting free code under pseudonyms. Maybe all the code wizards working for venture backed tech companies that stand to make millions through clever reverse engineering are just not as mad skilled as teenagers who want an ad-free Insta and that's why they've never replicated the feat.
Or maybe it's because teenagers and anonymous hackers are just about the only people willing to risk a $500,000 fine and 5-year prison sentence. In other words, maybe the thing that protects DRM is law, not code. After all, when Polish security researchers revealed the existence of secret digital locks that the train manufacturer Newag used to rip off train operators for millions of euros, Newag dragged them into court:
Tech companies are the most self-mythologizing industry on the planet, beating out even the pharma sector in boasting about their prowess and good corporate citizenship. They swear that they've made a functional digital lockâŚbut they sure act like the only thing those locks do is let them sue people who reveal their workings.
If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
â Live Streamingâ Interactive Chatâ Private Showsâ HD Qualityâ Free Actions
Free to watch ⢠No registration required ⢠HD streaming
I'm on a tour with my new book Enshittification: catch me next in Los Angeles, Calgary and San Francisco! Full schedule here.
Even though he's the darkest of clouds, Trump has some deeply weird silver linings, formed out of a combination of his self-owning isolationism and blunt aggression.
In my quarter-century as a digital activist, I've had cause to work in more than 30 countries. Wherever I went, I'd meet with policymakers about the rules they should be thinking about in order to make their technology work better for their countries. Every single time, they'd agree politely with me, but insist that making any kind of tech-improving rules was impossible, because the US trade representative would kick their teeth in if they tried.
For all of this century, the USTR has been one of the greatest global impediments to a better world, hopping from country to country, demanding policies that would protect American tech firms from foreign competitors â especially the kind of competitor who would improve on American tech products by protecting users' privacy, consumer rights or labor rights while they used them.
The most glaring example of this are "anticircumvention laws." Under these laws, it's illegal to modify any technology that has any kind of anti-modification defenses. In other words, if the manufacturer draws a kind of virtual dotted line around part of the product's software and labels it, "Do not look inside this box," then it becomes illegal to do so, even if you're trying to do something that's otherwise legal.
That means that if your printer is designed to reject generic ink, you can't change the code that verifies the ink cartridge. There's no law that says, "You have to buy your ink from the same company that sold you your printer," but if HP adds any kind of anti-modification measure to its ink-checking code, then disabling that code becomes a serious crime.
Now, these laws are obviously an invitation to mischief. They are used to prevent independent repair of everything from tractors to cars to phones to games consoles to ventilators. They're used to stop you from blocking ads or surveillance on your phone or "smart" TV. They keep you locked into manufacturers' app stores, payment systems and other add-ons, which means that you are constantly being ripped off with junk fees, and you can't install the software of your choosing, including software that will help you avoid being kidnapped by masked thugs and sent to a secret torture prison:
The US passed the first of these laws in 1998, when Bill Clinton signed the Digital Millennium Copyright Act. As the ink was still drying on Clinton's signature, the US trade rep started racing around the world, demanding that America's trading partners adopt their own version of the law:
As these laws were adopted around the world, US tech giants were given carte blanche to extract more money and data from their global users. American users were getting ripped off too, of course (they were the first victims of Big Tech), but at least the US stock market reaped the benefit of Big Tech's incredibly lucrative scams. But for America's trading partners, anticircumvention was an entirely losing proposition: their people got ripped off for their data and their money, and their tech companies couldn't go into business selling products to disenshittify America's cash-and-data extraction machines.
So why did America's trading partners agree to anticircumvention law? Well, that was down to the tender ministrations of the US trade rep. Countries that didn't pass anticircumvention were threatened with US tariffs.
I used to occasionally guest-lecture at an international relations grad program at the Central European University in Budapest, and one summer, I had a student who had served as the information minister to a Central American country while the US was negotiating the Central American Free Trade Agreement (CAFTA). This student described getting a phone call from their country's chief negotiator who said, "I know you told me not to budge on anticircumvention, but the USTR tells me that if we don't give them this, they will block our agricultural exports. I'm sorry." Country by country, the world fell into line.
When someone tells you, "You'd better do what I say or I'm going to burn your house down," and then they burn your house down, you'd be an absolute sucker if you kept up your part of the bargain.
I find it absolutely bizarre that the USTR spent decades racing around the world, getting every country on earth to sign up to "America First" policies by threatening them with tariffs, and then Trump actually imposed the tariffs anyway, which has opened up the space for every country to get rid of those America First policies.
Of course, that's not all Trump has done. He's also made it abundantly clear that he considers America's (former) allies to be geopolitical and economic competitors, and that US tech is one of the primary weapons he will use to wage war on the world. He got Canadian Prime Minister Mark Carney to cave on taxing Big Tech, which means that they'll be able to go on cheating on their taxes, while Canadian companies won't be able to, which means Canada's tech sector will never be able to compete:
https://www.bbc.com/news/articles/cd0vv2pe7ydo
Trump has also ordered the EU to scrap its new tech antitrust laws, the Digital Markets Act and the Digital Services Act, which aim to open up space for European competitors to US tech:
But more than that, Trump and US tech have teamed up to attack and deplatform public officials that Trump has beef with. Take Karim Khan, chief prosecutor of the International Criminal Court in the Hague. Khan swore out a criminal complaint and arrest warrant for the gĂŠnocidaire Benjamin Netanyahu, and Trump sanctioned Khan. Then, Microsoft cut off Khan's access to his account, nuking his email, calendar, address book and files:
For officials all over the world, the message couldn't be clearer: Trump sees you as the enemy, and he will use American tech companies to cut you off at the knees if you don't roll over for him.
Enter the Eurostack. This is an initiative from the EU that seeks to fund and deploy open source equivalents to the platforms that the European public, its businesses and its governments are currently locked into:
Thus far, Eurostack's focus has been on building those Made-in-the-EU alternatives to the US tech stack, and on financing data-center rollout. But very shortly, Eurostack advocates are going to hit a wall.
Escaping from US Big Tech isn't merely a matter of having another service to move your data and interactions to. You also have to have a way to transition from the old, US service to the new Eurostack equivalent.
No government ministry, no business, no individual is going to manually copy-and-paste thousands (or millions) of documents out of Microsoft, Apple or Google's cloud into the Eurostack. No one is going to individually move all the edit histories, email chains, and file permissions over. These files and data-structures are essential to the people who created them, and they often contain sensitive information and compliance data that is illegal to delete.
Sure, the EU could try to order American Big Tech companies to create export tools so that Europeans can easily retrieve their data in formats that can be faithfully imported into Eurostack services, but we can already see how that will play out.
Last year's Digital Markets Act contains a modest set of "interoperability" requirements that require big US companies like Apple to open up their platforms to rival app stores and payment processors. Apple's monopoly over iPhone apps is a big deal â it lets the company structure the market for software in Europe, without any accountability or limits, and Apple extracts a 30% tax on every euro that changes hands via an iOS app. Globally, Apple makes more than $100b/year from this "app tax."
When the EU passed a law aimed at halting this racket, Apple lost its mind. First, they proposed a "solution" to this that was so onerous and tortured that it was a kind of sick joke:
Now, Apple has filed 18 legal challenges to any interoperability mandate under the DMA:
https://eur-lex.europa.eu/eli/C/2025/5213/oj/eng
If this is how an American tech company responds to a small-potatoes order to give Europeans more choice over how they use their own devices and data, imagine what these US giants will do if the EU orders them to open up their platforms so people can leave altogether!
The only plausible path from US Big Tech to the Eurostack runs straight through anticircumvention. The EU needs to repeal Article 6 of the Copyright Directive, a law it passed at the behest of the US Trade Representative, to protect the rent-extraction tactics of American tech companies. We need to make it legal for European technologists to reverse-engineer the American tech platforms' websites and apps so that Europeans can get their data out of America's tech silos and into open, sovereign, privacy-respecting, consumer rights-preserving, worker-protecting Eurostack versions.
Building the Eurostack without thinking about migration tools is a recipe for disappointment. It's like building housing for East GermansâŚin West Berlin, without sparing a thought for how those East Germans are going to get to the new apartment blocks.
The good news is, there's no reason to keep Article 6 of the Copyright Directive on the books. The law has always been a wreck. It's one of the primary barriers to Right to Repair: companies now build devices with "access controls" on their parts. Even after you install a new part into a device, it won't start working until the manufacturer's representative unlocks it (for a hefty fee). Under anticircumvention laws like EUCD Article 6, it's illegal to bypass these locks.
What's more, the digital locks that EUCD 6 protects are almost all to be found in American products. Only a handful of EU manufacturers rely on these, and they use them to in terrible ways. Volkswagen used the fact that it was illegal to reverse-engineer its engines to disguise the fact that it was cheating on its emissions tests, and the resulting "Dieselgate" scandal killed thousands of Europeans:
Newag, a Polish train manufacturer, boobytraps the trains they sell. When these trains sense that they have been taken to a competitor's train-yard for maintenance, they render themselves inoperable. Newag then charges thousands of euros to remotely "repair" their own sabotage. When this was revealed by a team of independent security researchers, Newag used claims under EUCD 6 in an attempt to intimidate them into silence:
Mercedes won't let you unlock your new car's full acceleration capability unless you pay them a monthly subscription fee, and any mechanic who tries to bypass this and give you your whole engine's capability violates EUCD 6. BMW won't let you use the feature that auto-dims your high-beams when there's oncoming traffic, and once again, that can't be fixed by another company because of EUCD 6:
Any business that relies on EUCD 6 is garbage and should be killed with fire. The global champions of this legal sabotage are all American, but the EU companies that copied their business models are also trash and the EU should be terminating them with extreme prejudice.
It's pretty remarkable that we've forgotten about the kind of reverse-engineering that EUCD 6 bans. This used to be totally normal. Providing tools to move data from one system to another â without permission from your old vendor â is a completely legitimate business.
The only reason we forgot that this stuff existed is that the US trade rep spent 25 years lobotomizing us all, threatening us with tariffs if we dared to do anything that disrupted American Big Tech. With those companies, it's always "disruption for thee, never for me."
In a few short months, Trump has sown the seeds of the destruction of one of the most world's pernicious "America First" systems. Now, it's in the EU's power to send it to a long-overdue grave.
"Mr Cook, Mr Nadella, Mr Ellison, Mr Pichai â tear down that wall!"
If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
Antiusurpation and the road to disenshittification
THIS WEEKEND (November 8-10), I'll be in TUCSON, AZ: I'm the GUEST OF HONOR at the TUSCON SCIENCE FICTION CONVENTION.
Nineties kids had a good reason to be excited about the internet's promise of disintermediation: the gatekeepers who controlled our access to culture, politics, and opportunity were crooked as hell, and besides, they sucked.
For a second there, we really did get a lot of disintermediation, which created a big, weird, diverse pluralistic space for all kinds of voices, ideas, identities, hobbies, businesses and movements. Lots of these were either deeply objectionable or really stupid, or both, but there was also so much cool stuff on the old, good internet.
Then, after about ten seconds of sheer joy, we got all-new gatekeepers, who were at least as bad, and even more powerful, than the old ones. The net became Tom Eastman's "Five giant websites, each filled with screenshots of the other four." Culture, politics, finance, news, and especially power have been gathered into the hands of unaccountable, greedy, and often cruel intermediaries.
Oh, also, we had an election.
This isn't an election post. I have many thoughts about the election, but they're still these big, unformed blobs of anger, fear and sorrow. Experience teaches me that the only way to get past this is to just let all that bad stuff sit for a while and offgas its most noxious compounds, so that I can handle it safely and figure out what to do with it.
While I wait that out, I'm just getting the job done. Chop wood, carry water. I've got a book to write, Enshittification, for Farar, Straus, Giroux's MCD Books, and it's very nearly done:
Compartmentalizing my anxieties and plowing that energy into productive work isn't necessarily the healthiest coping strategy, but it's not the worst, either. It's how I wrote nine books during the covid lockdowns.
And sometimes, when you're not staring directly at something, you get past the tunnel vision that makes it impossible to see its edges, fracture lines, and weak points.
So I'm working on the book. It's a book about platforms, because enshittification is a phenomenon that is most visible and toxic on platforms. Platforms are intermediaries, who connect buyers and sellers, creators and audiences, workers and employers, politicians and voters, activists and crowds, as well as families, communities, and would-be romantic partners.
There's a reason we keep reinventing these intermediaries: they're useful. Like, it's technically possible for a writer to also be their own editor, printer, distributor, promoter and sales-force:
But without middlemen, those are the only writers we'll get. The set of all writers who have something to say that I want to read is much larger than the set of all writers who are capable of running their own publishing operation.
The problem isn't middlemen: the problem is powerful middlemen. When an intermediary gets powerful enough to usurp the relationship between the parties on either side of the transaction, everything turns to shit:
A dating service that faces pressure from competition, regulation, interoperability and a committed workforce will try as hard as it can to help you find Your Person. A dating service that buys up all its competitors, cows its workforce, captures its regulators and harnesses IP law to block interoperators will redesign its service so that you keep paying forever, and never find love:
Multiply this a millionfold, in every sector of our complex, high-tech world where we necessarily rely on skilled intermediaries to handle technical aspects of our lives that we can't â or shouldn't â manage ourselves. That world is beholden to predators who screw us and screw us and screw us, jacking up our rents:
(Maybe this is a post about the election after all?)
The difference between a helpmeet and a parasite is power. If we want to enjoy the benefits of intermediaries without the risks, we need policies that keep middlemen weak. That's the opposite of the system we have now.
Take interoperability and IP law. Interoperability (basically, plugging new things into existing things) is a really powerful check against powerful middlemen. If you rely on an ad-exchange to fund your newsgathering and they start ripping you off, then an interoperable system that lets you use a different exchange will not only end the rip off â it'll make it less likely to happen in the first place because the ad-tech platform will be afraid of losing your business:
Interoperability means that when Amazon rips off audiobook authors to the tune of $100m, those authors can pull their books from Amazon and sell them elsewhere and know that their listeners can move their libraries over to a different app:
But interoperability has been in retreat for 40 years, as IP law has expanded to criminalize otherwise normal activities, so that middlemen can use IP rights to protect themselves from their end-users and business customers:
https://locusmag.com/2020/09/cory-doctorow-ip/
That's what I mean when I say that "IP" is "any law that lets a business reach beyond its own walls and control the actions of its customers, competitors and critics."
For example, there's a pernicious law 1998 US law that I write about all the time, Section 1201 of the Digital Millennium Copyright Act, the "anticircumvention law." This is a law that felonizes tampering with copyright locks, even if you are the creator of the undelying work.
So Amazon â the owner of the monopoly audiobook platform Audible â puts a mandatory copyright lock around every audiobook they sell. I, as an author who writes, finances and narrates the audiobook, can't provide you, my customer, with a tool to remove that lock. If I do so, I face criminal sanctions: a five year prison sentence and a $500,000 fine for a first offense:
In other words: if I let you take my own copyrighted work out of Amazon's app, I commit a felony, with penalties that are far stiffer than the penalties you would face if you were to simply pirate that audiobook. The penalties for you shoplifting the audiobook on CD at a truck-stop are lower than the penalties the author and publisher of the book would face if they simply gave you a tool to de-Amazon the file. Indeed, even if you hijacked the truck that delivered the CDs, you'd probably be looking at a shorter sentence.
This is a law that is purpose-built to encourage intermediaries to usurp the relationship between buyers and sellers, creators and audiences. It's a charter for parasitism and predation.
But as bad as that is, there's another aspect of DMCA 1201 that's even worse: the exemptions process.
You might have read recently about the Copyright Office "freeing the McFlurry" by granting a DMCA 1201 exemption for companies that want to reverse-engineer the error-codes from McDonald's finicky, unreliable frozen custard machines:
Under DMCA 1201, the Copyright Office hears petitions for these exemptions every three years. If they judge that anticircumvention law is interfering with some legitimate activity, the statute empowers them to grant an exemption.
When the DMCA passed in 1998 (and when the US Trade Rep pressured other world governments into passing nearly identical laws in the decades that followed), this exemptions process was billed as a "pressure valve" that would prevent abuses of anticircumvention law.
But this was a cynical trick. The way the law is structured, the Copyright Office can only grant "use" exemptions, but not "tools" exemptions. So if you are granted the right to move Audible audiobooks into a third-party app, you are personally required to figure out how to do that. You have to dump the machine code of the Audible app, decompile it, scan it for vulnerabilities, and bootstrap your own jailbreaking program to take Audible wrapper off the file.
No one is allowed to help you with this. You aren't allowed to discuss any of this publicly, or share a tool that you make with anyone else. Doing any of this is a potential felony.
In other words, DMCA 1201 gives intermediaries power over you, but bans you from asking an intermediary to help you escape another abusive middleman.
This is the exact opposite of how intermediary law should work. We should have rules that ban intermediaries from exercising undue power over the parties they serve, and we should have rules empowering intermediaries to erode the advantage of powerful intermediaries.
The fact that the Copyright Office grants you an exemption to anticircumvention law means nothing unless you can delegate that right to an intermediary who can exercise it on your behalf.
A world without publishing intermediaries is one in which the only writers who thrive are the ones capable of being publishers, too, and that's a tiny fraction of all the writers with something to say.
A world without interoperability intermediaries is one in which the only platform users who thrive are also skilled reverse-engineering ninja hackers â and that's an infinitesimal fraction of the platform users who would benefit from interoperabilty.
Let this be your north star in evaluating platform regulation proposals. Platform regulation should weaken intermediaries' powers over their users, and strengthen their power over other middlemen.
Put in this light, it's easy to see why the ill-informed calls to abolish Section 230 of the Communications Decency Act (which makes platform users, not platforms, responsible for most unlawful speech) are so misguided:
If we require platforms to surveil all user speech and block anything that might violate any law, we give the largest, most powerful platforms a permanent advantage over smaller, better platforms, run by co-ops, hobbyists, nonprofits local governments, and startups. The big platforms have the capital to rig up massive, automated surveillance and censorship systems, and the only alternatives that can spring up have to be just as big and powerful as the Big Tech platforms we're so desperate to escape:
This is especially grave given the current political current, where fascist politicians are threatening platforms with brutal punishments for failing to censor disfavored political views.
Anyone who tells you that "it's only censorship when the government does it" is badly confused. It's only a First Amendment violation when the government does it, sure â but censorship has always relied on intermediaries. From the Inquisition to the Comics Code, government censors were only able to do their jobs because powerful middlemen, fearing state punishments, blocked anything that might cross the line, censoring far beyond the material actually prohibited by the law:
We live in a world of powerful, corrupt middlemen. From payments to real-estate, from job-search to romance, there's a legion of parasites masquerading as helpmeets, burying their greedy mouthparts into our tender flesh:
But intermediaries aren't the problem. You shouldn't have to stand up your own payment processor, or learn the ins and outs of real-estate law, or start your own single's bar. The problem is power, not intermediation.
As we set out to build a new, good internet (with a lot less help from the US government than seemed likely as recently as last week), let's remember that lesson: the point isn't disintermediation, it's weak intermediation.
If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
Forget F1: the only car race that matters now is the race to turn your car into a digital extraction machine, a high-speed inkjet printer on wheels, stealing your private data as it picks your pocket. Your carâs digital infrastructure is a costly, dangerous nightmareâââbut for automakers in pursuit of postcapitalist utopia, itâs a dream they canât give up on.
Your car is stuffed full of microchips, a fact the world came to appreciate after the pandemic struck and auto production ground to a halt due to chip shortages. Of course, that wasnât the whole story: when the pandemic started, the automakers panicked and canceled their chip orders, only to immediately regret that decision and place new orders.
But it was too late: semiconductor production had taken a serious body-blow, and when Big Car placed its new chip orders, it went to the back of a long, slow-moving line. It was a catastrophic bungle: microchips are so integral to car production that a car is basically a computer network on wheels that you stick your fragile human body into and pray.
The car manufacturers got so desperate for chips that they started buying up washing machines for the microchips in them, extracting the chips and discarding the washing machines like some absurdo-dystopian cyberpunk walnut-shelling machine:
These digital systems are a huge problem for the car companies. They are the underlying cause of a precipitous decline in car quality. From touch-based digital door-locks to networked sensors and cameras, every digital system in your car is a source of endless repair nightmares, costly recalls and cybersecurity vulnerabilities:
Whatâs more, drivers hate all the digital bullshit, from the janky touchscreens to the shitty, wildly insecure apps. Digital systems are driversâ most significant point of dissatisfaction with the automakersâ products:
Even the automakers sorta-kinda admit that this is a problem. Back in 2020 when Massachusetts was having a Right-to-Repair ballot initiative, Big Car ran these unfuckingbelievable scare ads that basically said, âYour car spies on you so comprehensively that giving anyone else access to its systems will let murderers stalk you to your home and kill you:
But even amid all the complaining about cars getting stuck in the Internet of Shit, thereâs still not much discussion of why the car-makers are making their products less attractive, less reliable, less safe, and less resilient by stuffing them full of microchips. Are car execs just the latest generation of rubes whoâve been suckered by Silicon Valley bullshit and convinced that apps are a magic path to profitability?
Nope. Car execs are sophisticated businesspeople, and theyâre surfing capitalismâs latestâââand lastâââhot trend: dismantling capitalism itself.
Now, leftists have been predicting the death of capitalism since The Communist Manifesto, but even Marx and Engels warned us not to get too frisky: capitalism, they wrote, is endlessly creative, constantly reinventing itself, re-emerging from each crisis in a new form that is perfectly adapted to the post-crisis reality:
But capitalism has finally run out of gas. In his forthcoming book, Techno Feudalism: What Killed Capitalism, Yanis Varoufakis proposes that capitalism has diedâââbut it wasnât replaced by socialism. Rather, capitalism has given way to feudalism:
Under capitalism, capital is the prime mover. The people who own and mobilize capitalâââthe capitalistsâââorganize the economy and take the lionâs share of its returns. But it wasnât always this way: for hundreds of years, European civilization was dominated by rents, not markets.
A ârentâ is income that you get from owning something that other people need to produce value. Think of renting out a house you own: not only do you get paid when someone pays you to live there, you also get the benefit of rising property values, which are the result of the work that all the other homeowners, business owners, and residents do to make the neighborhood more valuable.
The first capitalists hated rent. They wanted to replace the âpassive incomeâ that landowners got from taxing their serfsâ harvest with active income from enclosing those lands and grazing sheep in order to get wool to feed to the new textile mills. They wanted active incomeâââand lots of it.
Capitalist philosophers railed against rent. The âfree marketâ of Adam Smith wasnât a market that was free from regulationâââit was a market free from rents. The reason Smith railed against monopolists is because he (correctly) understood that once a monopoly emerged, it would become a chokepoint through which a rentier could cream off the profits he considered the capitalistâs due:
Today, we live in a rentierâs paradise. People donât aspire to create valueâââthey aspire to capture it. In Survival of the Richest, Doug Rushkoff calls this âgoing metaâ: donât provide a service, just figure out a way to interpose yourself between the provider and the customer:
Donât drive a cab, create Uber and extract value from every driver and rider. Better still: donât found Uber, invest in Uber options and extract value from the people who invest in Uber. Even better, invest in derivatives of Uber options and extract value from people extracting value from people investing in Uber, who extract value from drivers and riders. Go meta.
This is your brain on the four-hour-work-week, passive income mind-virus. In Techno Feudalism, Varoufakis deftly describes how the new âCloud Capitalâ has created a new generation of rentiers, and how they have become the richest, most powerful people in human history.
Shopping at Amazon is like visiting a bustling city center full of storesâââbut each of those storesâ owners has to pay the majority of every sale to a feudal landlord, Emperor Jeff Bezos, who also decides which goods they can sell and where they must appear on the shelves. Amazon is full of capitalists, but it is not a capitalist enterprise. Itâs a feudal one:
This is the reason that automakers are willing to enshittify their products so comprehensively: they were one of the first industries to decouple rents from profits. Recall that the reason that Big Car needed billions in bailouts in 2008 is that theyâd reinvented themselves as loan-sharks who incidentally made cars, lending money to car-buyers and then âsecuritizingâ the loans so they could be traded in the capital markets.
Even though this strategy brought the car companies to the brink of ruin, it paid off in the long run. The car makers got billions in public money, paid their execs massive bonuses, gave billions to shareholders in buybacks and dividends, smashed their unions, fucked their pensioned workers, and shipped jobs anywhere they could pollute and murder their workforce with impunity.
Car companies are on the forefront of postcapitalism, and they understand that digital is the key to rent-extraction. Remember when BMW announced that it was going to rent you the seatwarmer in your own fucking car?
Not to be outdone, Mercedes announced that they were going to rent you your carâs accelerator pedal, charging an extra $1200/year to unlock a fully functional acceleration curve:
This is the urinary tract infection business model: without digitization, all your carâs value flowed in a healthy stream. But once the car-makers add semiconductors, each one of those features comes out in a painful, burning dribble, with every button on that fakakta touchscreen wired directly into your credit-card.
But itâs just for starters. Computers are malleable. The only computer we know how to make is the Turing Complete Von Neumann Machine, which can run every program we know how to write. Once they add networked computers to your car, the Car Lords can endlessly twiddle the knobs on the back end, finding new ways to extract value from you:
https://doctorow.medium.com/twiddler-1b5c9690cce6
That means that your car can track your every movement, and sell your location data to anyone and everyone, from marketers to bounty-hunters looking to collect fees for tracking down people who travel out of state for abortions to cops to foreign spies:
Digitization supercharges financialization. It lets car-makers offer subprime auto-loans to desperate, poor people and then killswitch their cars if they miss a payment:
https://www.youtube.com/watch?v=4U2eDJnwz_s
Subprime lending for cars would be a terrible business without computers, but digitization makes it a great source of feudal rents. Car dealers can originate loans to people with teaser rates that quickly blow up into payments the dealer knows their customer canât afford. Then they repo the car and sell it to another desperate person, and another, and another:
Digitization also opens up more exotic options. Some subprime cars have secondary control systems wired into their entertainment system: miss a payment and your car radio flips to full volume and bellows an unstoppable, unmutable stream of threats. Tesla does one better: your car will lock and immobilize itself, then blare its horn and back out of its parking spot when the repo man arrives:
Digital feudalism hasnât stopped innovatingâââitâs just stopped innovating good things. The digital device is an endless source of sadistic novelties, like the cellphones that disable your most-used app the first day youâre late on a payment, then work their way down the other apps you rely on for every day youâre late:
Usurers have always relied on this kind of imaginative intimidation. The loan-sharkâs arm-breaker knows youâre never going to get off the hook; his goal is in intimidating you into paying his boss first, liquidating your house and your kidâs college fund and your wedding ring before you default and he throws you off a building.
Thanks to the malleability of computerized systems, digital arm-breakers have an endless array of options they can deploy to motivate you into paying them first, no matter what it costs you:
Car-makers are trailblazers in imaginative rent-extraction. Take VIN-locking: this is the practice of adding cheap microchips to engine components that communicate with the carâs overall network. After a new part is installed in your car, your carâs computer does a complex cryptographic handshake with the part that requires an unlock code provided by an authorized technician. If the code isnât entered, the car refuses to use that part.
VIN-locking has exploded in popularity. Itâs in your iPhone, preventing you from using refurb or third-party replacement parts:
Itâs in fuckinâ ventilators, which was a nightmare during lockdown as hospital techs nursed their precious ventilators along by swapping parts from dead systems into serviceable ones:
And of course, itâs in tractors, along with other forms of remote killswitch. Remember that feelgood story about John Deere bricking the looted Ukrainian tractors whose snitch-chips showed theyâd been relocated to Russia?
That wasnât a happy storyâââit was a cautionary tale. After all, John Deere now controls the majority of the worldâs agricultural future, and theyâve boobytrapped those ubiquitous tractors with killswitches that can be activated by anyone who hacks, takes over, or suborns Deere or its dealerships.
Control over repair isnât limited to gouging customers on parts and service. When a company gets to decide whether your device can be fixed, it can fuck you over in all kinds of ways. Back in 2019, Tim Apple told his shareholders to expect lower revenues because people were opting to fix their phones rather than replace them:
By usurping your right to decide who fixes your phone, Apple gets to decide whether you can fix it, or whether you must replace it. Problem solvedâââand not just for Apple, but for car makers, tractor makers, ventilator makers and more. Apple leads on this, even ahead of Big Car, pioneering a ârecyclingâ program that sees trade-in phones shredded so they canât possibly be diverted from an e-waste dump and mined for parts:
John Deere isnât sleeping on this. Theyâve come up with a valuable treasure they extract when they win the Right-to-Repair: Deere singles out farmers who complain about its policies and refuses to repair their tractors, stranding them with six-figure, two-ton paperweight:
The repair wars are just a skirmish in a vast, invisible fight thatâs been waged for decades: the War On General-Purpose Computing, where tech companies use the law to make it illegal for you to reconfigure your devices so they serve you, rather than their shareholders:
The force behind this army is vast and grows larger every day. General purpose computers are antithetical to technofeudalismâââall the rents extracted by technofeudalists would go away if others (tinkereres, co-ops, even capitalists!) were allowed to reconfigure our devices so they serve us.
Youâve probably noticed the skirmishes with inkjet printer makers, who can only force you to buy their ink at 20,000% markups if they can stop you from deciding how your printer is configured:
https://pluralistic.net/2022/08/07/inky-wretches/#epson-salty
But weâre also fighting against insulin pump makers, who want to turn people with diabetes into walking inkjet printers:
These companies start with people who have the least agency and social power and wreck their lives, then work their way up the privilege gradient, coming for everyone else. Itâs called the âshitty technology adoption curveâ:
Technofeudalism is the public-private-partnership from hell, emerging from a combination of state and private action. On the one hand, bailing out bankers and big business (rather than workers) after the 2008 crash and the covid lockdown decoupled income from profits. Companies spent billions more than they earned were still wildly profitable, thanks to those public funds.
But thereâs also a policy dimension here. Some of those rentiersâ billions were mobilized to both deconstruct antitrust law (allowing bigger and bigger companies and cartels) and to expand âIPâ law, turning âIPâ into a toolsuite for controlling the conduct of a firmâs competitors, critics and customers:
https://locusmag.com/2020/09/cory-doctorow-ip/
IP is key to understanding the rise of technofeudalism. The same malleability that allows companies to âtwiddleâ the knobs on their services and keep us on the hook as they reel us in would hypothetically allow us to countertwiddle, seizing the means of computation:
The thing that stands between you and an alternative app store, an interoperable social media network that you can escape to while continuing to message the friends you left behind, or a car that anyone can fix or unlock features for is IP, not technology. Under capitalism, that technology would already exist, because capitalists have no loyalty to one another and view each otherâs margins as their own opportunities.
But under technofeudalism, control comes from rents (owning things), not profits (selling things). The capitalist who wants to participate in your iPhoneâs âecosystemâ has to make apps and submit them to Apple, along with 30% of their lifetime revenuesâââthey donât get to sell you jailbreaking kit that lets you choose their app store.
Rent-seeking technology has a holy grail: control over âring zeroââââthe ability to compel you to configure your computer to a feudalistâs specifications, and to verify that you havenât altered your computer after it came into your possession:
For more than two decades, various would-be feudal lords and their court sorcerers have been pitching ways of doing this, of varying degrees of outlandishness.
At core, hereâs what they envision: inside your computer, they will nest another computer, one that is designed to run a very simple set of programs, none of which can be altered once it leaves the factory. This computerâââeither a whole separate chip called a âTrusted Platform Moduleâ or a region of your main processor called a secure enclaveâââcan tally observations about your computer: which operating system, modules and programs itâs running.
Then it can cryptographically âsignâ these observations, proving that they were made by a secure chip and not by something you could have modified. Then you can send this signed âattestationâ to someone else, who can use it to determine how your computer is configured and thus whether to trust it. This is called âremote attestation.â
There are some cool things you can do with remote attestation: for example, two strangers playing a networked video game together can use attestations to make sure neither is running any cheat modules. Or you could require your cloud computing provider to use attestations that they arenât stealing your data from the server youâre renting. Or if you suspect that your computer has been infected with malware, you can connect to someone else and send them an attestation that they can use to figure out whether you should trust it.
Today, thereâs a cool remote attestation technology called âPrivacyPassâ that replaces CAPTCHAs by having you prove to your own device that you are a human. When a server wants to make sure youâre a person, it sends a random number to your device, which signs that number along with its promise that it is acting on behalf of a human being, and sends it back. CAPTCHAs are all kinds of badâââbad for accessibility and privacyâââand this is really great.
But the billions that have been thrown at remote attestation over the decades is only incidentally about solving CAPTCHAs or verifying your cloud server. The holy grail here is being able to make sure that youâre not running an ad-blocker. Itâs being able to remotely verify that you havenât disabled the bossware your employer requires. Itâs the power to block someone from opening an Office365 doc with LibreOffice. Itâs your bossâs ability to ensure that you havenât modified your messaging client to disable disappearing messages before he sends you an auto-destructing memo ordering you to break the law.
And thereâs a new remote attestation technology making the rounds: Googleâs Web Environment Integrity, which will leverage Googleâs dominance over browsers to allow websites to block users who run ad-blockers:
Thereâs plenty else WEI can do (it would make detecting ad-fraud much easier), but for every legitimate use, there are a hundred ways this could be abused. Itâs a technology purpose-built to allow rent extraction by stripping us of our right to technological self-determination.
Releasing a technology like this into a world where companies are willing to make their products less reliable, less attractive, less safe and less resilient in pursuit of rents is incredibly reckless and shortsighted. You want unauthorized bread? This is how you get Unauthorized Bread:
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
[Image ID: The interior of a luxury car. There is a dagger protruding from the steering wheel. The entertainment console has been replaced by the text 'You wouldn't download a car,' in MPAA scare-ad font. Outside of the windscreen looms the Matrix waterfall effect. Visible in the rear- and side-view mirror is the driver: the figure from Munch's 'Scream.' The screen behind the steering-wheel has been replaced by the menacing red eye of HAL9000 from Stanley Kubrick's '2001: A Space Odyssey.']
I'm on a 20+ city book tour for my new novel PICKS AND SHOVELS. Catch me in CHICAGO with PETER SAGAL next WEDNESDAY (Apr 2), and in BLOOMINGTON next FRIDAY (Apr 4). More tour dates here.
Enshittification is what you get when tech companies, run by the common-or-garden mediocre sociopaths who end up at the top of most businesses, are unshackled from any consequence for indulging their worst, greediest impulses:
The reason Facebook was once a nice place to hang out and talk with your friends and isn't anymore is that Mark Zuckerberg is no longer disciplined by competitors like Instagram (which he bought) nor by regulators (whom he captured), nor by interoperable tech like ad-blockers and alternative clients (which he uses IP law to destroy) nor by his own workforce (who have become disposable thanks to workforce supply catching up with demand). It used to be that Mark Zuckerberg couldn't really move the enshittification lever in the Facebook C-suite because these disciplining forces gummed it up. He had to worry about losing users, or about users installing alternative technology, or about regulators hitting him hard enough to hurt, or about workplace revolts. Now, he doesn't have to worry about these things, so he's indulging the impulses that he's had since the earliest days in his Harvard dorm, when he was a mere larval incel cooking up an online service to help him rate the fuckability of his female classmates.
When we had defenses, Mark Zuckerberg had to respect them. Now that we're defenseless, he's shameless. He's insatiable. He will devour us to the marrow.
When I'm explaining enshittification to normies, I often make comparisons to other places where you can't escape like airports and sports stadiums: "Facebook can afford to abuse you once they have you locked for the same reason that water costs $7/bottle on the other side of the airport TSA checkpoint." It's an extremely apt comparison, as you can verify for yourself by reading "Shakedown at the Snack Counter: The Case for Street Pricing," a new report from the Groundwork Collective:
"Shakedown" makes the point that â as is the case with tech giants â sports stadiums and airports are creatures of vast public subsidy. If this seems counterintuitive, try Mariana Mazzucato's Entrepreneurial State, which lists all the ways in which the tech revolution represents a privatization of publicly funded research, as with the iPhone, whose semiconductors, internet connection, voice assistant technology, touchscreen and other components all count the public as a key investor:
And, as with airports and sports stadiums, the proprietors of the iPhone business are able to reap this gigantic public subsidy without taking on any public duties. Regulators that could impose some kind of public service obligations as quid pro quo for using public funds are AWOL, or worse, captured and complicit in the ongoing, publicly financed ripoff:
Airport, stadiums and tech platforms are all walled gardens â roach motels that are hard to escape once they've been entered. Thus the scorching prices of stadium and airport food, and the 30% transaction fees imposed by Apple and Google on app revenues (this is 1,000% higher than the average fees charged by the rest of the payment processing industry!), the 51% fees extracted by Google/Meta from advertisers and publishers (compare with the historical average of 15%), and the 45-51% that Amazon takes out of every dollar earned by its platform sellers. Once you're locked in, they can turn the screws, either by gouging buyers directly, or by gouging sellers, who pass those additional costs onto buyers.
Groundwork has a proposal to address this in physical settings: regulation. Specifically, a "street pricing" regulation that keeps the charges for food and drinks within these walled gardens to prices comparable to those on the outside. They note that these regulations enjoy wide, bipartisan support. 76% of Republicans support a regulation that can only be described as "price controls," two words that normally trigger head-explosions in the right.
How is it that such a commanding majority of Republicans can get behind government price controls? Simple: it's obvious that when a company no longer faces market discipline â when they're the only game in town (or on the other side of the TSA checkpoint) â that government discipline has to fill the vacuum, and if it doesn't, you will get mercilessly screwed.
This is where enshittification â a form of monopolistic decay unique to the tech sector â departs from everyday monopoly abuse in other sectors, like aviation and league sports. Tech has an in-built flexibility, the inescapable property of "interoperability" that comes standard with every digital system thanks to the universal nature of computers themselves.
Interoperable technologies let you hack Instagram to restore it to the state of privacy- and attention-respecting glory that made it a success in the first place:
Interoperability creates a unique, easily administered source of discipline over tech bosses that just isn't available as a means of countering the ripoffs we see elsewhere, including in sports stadiums and airports. That means that, far from being harder to fix than other disgusting scams in our society, tech is easier to fix. All that stands in the way is the IP laws that criminalize the kind of reverse-engineering work that allow the users of technology to have the final say over how the devices and services they rely on work:
https://locusmag.com/2020/09/cory-doctorow-ip/
Those IP laws were spread around the world by the US Trade Representative, who insisted that every country that wanted to export its products to the US without punitive tariffs must pass laws protecting the rent-extracting scams of US tech giants. With those tariff promises now in tatters, there's never been a better time for the rest of the world to jettison those Big Tech-protecting laws:
If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
â Live Streamingâ Interactive Chatâ Private Showsâ HD Qualityâ Free Actions
Free to watch ⢠No registration required ⢠HD streaming
Adversarial interoperability is one of the most reliable ways to protect tech users from predatory corporations: that's when a technologist reverse-engineers an existing product to reconfigure or mod it (interoperability) in ways its users like, but which its manufacturer objects to (adversarial):
"Adversarial interop" is a mouthful, so at EFF, we coined the term "competitive compatibility," or comcom, which is a lot easier to say and to spell.
Scratch any tech success and you'll find a comcom story. After all, when a company turns its screws on its users, it's good business to offer an aftermarket mod that loosens them again. HP's $10,000/gallon inkjet ink is like a bat-signal for third-party ink companies. When Mercedes announces that it's going to sell you access to your car's accelerator pedal as a subscription service, that's like an engraved invitation to clever independent mechanics who'll charge you a single fee to permanently unlock that "feature":
Comcom saved giant tech companies like Apple. Microsoft tried to kill the Mac by rolling out a truly cursèd version of MS Office for MacOS. Mac users (5% of the market) who tried to send Word, Excel or Powerpoint files to Windows users (95% of the market) were stymied: their files wouldn't open, or they'd go corrupt. Tech managers like me started throwing the graphic designer's Mac and replacing it with a Windows box with a big graphics card and Windows versions of Adobe's tools.
Comcom saved Apple's bacon. Apple reverse-engineered MS's flagship software suite and made a comcom version, iWork, whose Pages, Numbers and Keynote could flawlessly read and write MS's Word, Excel and Powerpoint files:
It's tempting to think of iWork as benefiting Apple users, and certainly the people who installed and used it benefited from it. But Windows users also benefited from iWork. The existence of iWork meant that Windows users could seamlessly collaborate on and share files with their Mac colleagues. IWork didn't just add a new feature to the Mac ("read and write files that originated with Windows users") â it also added a feature to Windows: "collaborate with Mac users."
Every pirate wants to be an admiral. Though comcom rescued Apple from a monopolist's sneaky attempt to drive it out of business, Apple â now a three trillion dollar company â has repeatedly attacked comcom when it was applied to Apple's products. When Apple did comcom, that was progress. When someone does comcom to Apple, that's piracy.
Apple has many tools at its disposal that Microsoft lacked in the early 2000s. Radical new interpretations of existing copyright, contract, patent and trademark law allows Apple â and other tech giants â to threaten rivals who engage in comcom with both criminal and civil penalties. That's right, you can go to prison for comcom these days. No wonder Jay Freeman calls this "felony contempt of business model":
Take iMessage, Apple's end-to-end encrypted (E2EE) instant messaging tool. Apple customers can use iMessage to send each other private messages that can't be read or altered by third parties â not cops, not crooks, not even Apple. That's important, because when private messaging systems get hacked, bad things happen:
But Apple has steadfastly refused to offer an iMessage app for non-Apple systems. If you're an Apple customer holding a sensitive discussion with an Android user, Apple refuses to offer you a tool to maintain your privacy. Those messages are sent "in the clear," over the 38-year-old SMS protocol, which is trivial to spy on and disrupt.
Apple sacrifices its users' security and integrity in the hopes that they will put pressure on their friends to move into Apple's walled garden. As CEO Tim Cook told a reporter: if you want to have secure communications with your mother, buy her an iPhone:
Last September, a 16-year old high school student calling himself JJTech published a technical teardown of iMessage, showing how any device could send and receive encrypted messages with iMessage users, even without an Apple ID:
JJTech even published code to do this, in an open source library called Pypush:
https://github.com/JJTech0130/pypush
In the weeks since, Beeper has been working to productize JJTech's code, and this week, they announced Beeper Mini, an Android-based iMessage client that is end-to-end encrypted:
Beeper is known for a multiprotocol chat client built on Matrix, allowing you to manage several kinds of chat from a single app. These multiprotocol chats have been around forever. Indeed, iMessage started out as one â when it was called "iChat," it supported Google Talk and Jabber, another multiprotocol tool. Other tools like Pidgin have kept the flame alive for decades, and have millions of devoted users:
But iMessage support has remained elusive. Last month, Nothing launched Sunchoice, a disastrous attempt to bring iMessage to Android, which used Macs in a data-center to intercept and forward messages to Android users, breaking E2EE and introducing massive surveillance risks:
Beeper Mini does not have these defects. The system encrypts and decrypts messages on the Android device itself, and directly communicates with Apple's servers. It gathers some telemetry for debugging, and this can be turned off in preferences. It sends a single SMS to Apple's servers during setup, which changes your device's bubble from green to blue, so that Apple users now correctly see your device as a secure endpoint for iMessage communications.
Now, this is a high-stakes business. Apple has a long history of threatening companies like Beeper over conduct like this. And Google has a long history deferring to those threats â as it did with OG App, a superior third-party Instagram app that it summarily yanked after Meta complained:
But while iMessage for Android is good for Android users, it's also very good for Apple customers, who can now get the privacy and security guarantees of iMessage for all their contacts, not just the ones who bought the same kind of phone as they did. The stakes for communications breaches have never been higher, and antitrust scrutiny on Big Tech companies has never been so intense.
Apple recently announced that it would add RCS support to iOS devices (RCS is a secure successor to SMS):
Early word from developers suggests that this support will have all kinds of boobytraps. That's par for the course with Apple, who love to announce splashy reversals of their worst policies â like their opposition to right to repair â while finding sneaky ways to go on abusing its customers:
The ball is in Apple's court, and, to a lesser extent, in Google's. As part of the mobile duopoly, Google has joined with Apple in facilitating the removal of comcom tools from its app store. But Google has also spent millions on an ad campaign shaming Apple for exposing its users to privacy risks when talking to Android users:
While we all wait for the other shoe to drop, Android users can get set up on Beeper Mini, and technologists can kick the tires on its code libraries and privacy guarantees.
If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
But HP is still in business. Apple is still in business. Google is still in business. Microsoft is still in business. IBM is still in business. Facebook is still in business.
We donât have those controlled burns anymore. Yesterdayâs giants tower over all, forming a thick canopy. The internet is âfive giant websites, each filled with screenshots of the other four.â
These tech companies have produced a lot of fire-debt. Over and over, they erupt in flamesâin this short decade alone, every one of our tech giants has experienced a privacy scandal that should have permanently disqualified it from continuing to enjoy our patronage (and I do mean every one of them, including the one that spends millions telling you that itâs the pro-privacy alternative to the others).
Privacy is just one way that these firms are enshittifying themselves. There are the ghastly moderation failures, the community betrayals, the frauds and the billions squandered on follies.
We hate these companies. We hate their products. They are always on fire. They canât help it. Itâs the curse of bigness.
Companies cannot unilaterally mediate the lives of hundreds of millions â or even billions â of people, speaking thousands of languages, living in hundreds of countries.
- Let the Platforms Burn: The Opposite of Good Fires is Wildfires
Frank Wilhoit described conservativism as âexactly one propositionâ:
There must be in-groups whom the law protects but does not bind, alongside out-groups whom the law binds but does not protect.This is likewise the project of corporatism. Tech platforms are urgently committed to ensuring that they can do anything they want on their platforms â and theyâre even more dedicated to the proposition that you must not do anything they donât want on their platforms.
They can lock you in. You canât unlock yourself. Facebook attained network-effects growth by giving its users bots that logged into Myspace on their behalf, scraped the contents of their inboxes for the messages from the friends they left behind, and plunked them in their Facebook inboxes.
Facebook then sued a company that did the same thing to Facebook, who wanted to make it as easy for Facebook users to leave Facebook as it had been to get started there.
Apple reverse-engineered Microsoftâs crown jewels â the Office file-formats that kept users locked to its operating systems â so it could clone them and let users change OSes.
Try to do that today â say, to make a runtime so you can use your iOS apps and media on an Android device or a non-Apple desktop â and Apple will reduce you to radioactive rubble.
- Let the Platforms Burn: The Opposite of Good Fires is Wildfires