Today’s links

• The web is bearable with RSS: And don’t forget “Reader Mode.”
• Hey look at this: Delights to delectate.
• Object permanence: Eyemodule x Disneyland; Scott Walker lies; Brother’s demon-haunted printer; 4th Amendment luggage tape; Sanders x small donors v media; US police killings tallied.
• Upcoming appearances: Where to find me.
• Recent appearances: Where I’ve been.
• Latest books: You keep readin’ em, I’ll keep writin’ ’em.
• Upcoming books: Like I said, I’ll keep writin’ ’em.
• Colophon: All the rest.

---

The web is bearable with RSS (permalink)

Never let them tell you that enshittification was a mystery. Enshittification isn’t downstream of the “iron laws of economics” or an unrealistic demand by “consumers” to get stuff for free.

Enshittification comes from specific policy choices, made by named individuals, that had the foreseeable and foreseen result of making the web worse:

https://pluralistic.net/2025/10/07/take-it-easy/#but-take-it

Like, there was once a time when an ever-increasing proportion of web users kept tabs on what was going on with RSS. RSS is a simple, powerful way for websites to publish “feeds” of their articles, and for readers to subscribe to those feeds and get notified when something new was posted, and even read that new material right there in your RSS reader tab or app.

RSS is simple and versatile. It’s the backbone of podcasts (though Apple and Spotify have done their best to kill it, along with public broadcasters like the BBC, all of whom want you to switch to proprietary apps that spy on you and control you). It’s how many automated processes communicate with one another, untouched by human hands. But above all, it’s a way to find out when something new has been published on the web.

RSS’s liftoff was driven by Google, who released a great RSS reader called “Google Reader” in 2007. Reader was free and reliable, and other RSS readers struggled to compete with it, with the effect that most of us just ended up using Google’s product, which made it even harder to launch a competitor.

But in 2013, Google quietly knifed Reader. I’ve always found the timing suspicious: it came right in the middle of Google’s desperate scramble to become Facebook, by means of a product called Google Plus (G+). Famously, Google product managers’ bonuses depended on how much G+ engagement they drove, with the effect that every Google product suddenly sprouted G+ buttons that either did something stupid, or something that confusingly duplicated existing functionality (like commenting on Youtube videos).

Google treated G+ as an existential priority, and for good reason. Google was running out of growth potential, having comprehensively conquered Search, and having repeatedly demonstrated that Search was a one-off success, with nearly every other made-in-Google product dying off. What successes Google could claim were far more modest, like Gmail, Google’s Hotmail clone. Google augmented its growth by buying other peoples’ companies (Blogger, YouTube, Maps, ad-tech, Docs, Android, etc), but its internal initiatives were turkeys.

Eventually, Wall Street was going to conclude that Google had reached the end of its growth period, and Google’s shares would fall to a fraction of their value, with a price-to-earnings ratio commensurate with a “mature” company.

Google needed a new growth story, and “Google will conquer Facebook’s market” was a pretty good one. After all, investors didn’t have to speculate about whether Facebook was profitable, they could just look at Facebook’s income statements, which Google proposed to transfer to its own balance sheet. The G+ full-court press was as much a narrative strategy as a business strategy: by tying product managers’ bonuses to a metric that demonstrated G+’s rise, Google could convince Wall Street that they had a lot of growth on their horizon.

Of course, tying individual executives’ bonuses to making a number go up has a predictably perverse outcome. As Goodhart’s law has it, “Any metric becomes a target, and then ceases to be a useful metric.” As soon as key decision-makers’ personal net worth depending on making the G+ number go up, they crammed G+ everywhere and started to sneak in ways to trigger unintentional G+ sessions. This still happens today – think of how often you accidentally invoke an unbanishable AI feature while using Google’s products (and products from rival giant, moribund companies relying on an AI narrative to convince investors that they will continue to grow):

https://pluralistic.net/2025/05/02/kpis-off/#principal-agentic-ai-problem

Like I said, Google Reader died at the peak of Google’s scramble to make the G+ number go up. I have a sneaking suspicion that someone at Google realized that Reader’s core functionality (helping users discover, share and discuss interesting new web pages) was exactly the kind of thing Google wanted us to use G+ for, and so they killed Reader in a bid to drive us to the stalled-out service they’d bet the company on.

If Google killed Reader in a bid to push users to discover and consume web pages using a proprietary social media service, they succeeded. Unfortunately, the social media service they pushed users into was Facebook – and G+ died shortly thereafter.

For more than a decade, RSS has lain dormant. Many, many websites still emit RSS feeds. It’s a default behavior for WordPress sites, for Ghost and Substack sites, for Tumblr and Medium, for Bluesky and Mastodon. You can follow edits to Wikipedia pages by RSS, and also updates to parcels that have been shipped to you through major couriers. Web builders like Jason Kottke continue to surface RSS feeds for elaborate, delightful blogrolls:

https://kottke.org/rolodex/

There are many good RSS readers. I’ve been paying for Newsblur since 2011, and consider the $36 I send them every year to be a very good investment:

https://newsblur.com/

But RSS continues to be a power user-coded niche, despite the fact that RSS readers are really easy to set up and – crucially – make using the web much easier. Last week, Caroline Crampton (co-editor of The Browser) wrote about her experiences using RSS:

https://www.carolinecrampton.com/the-view-from-rss/

As Crampton points out, much of the web (including some of the cruftiest, most enshittified websites) publish full-text RSS feeds, meaning that you can read their articles right there in your RSS reader, with no ads, no popups, no nag-screens asking you to sign up for a newsletter, verify your age, or submit to their terms of service.

It’s almost impossible to overstate how superior RSS is to the median web page. Imagine if the newsletters you followed were rendered with black, clear type on a plain white background (rather than the sadistically infinitesimal, greyed-out type that designers favor thanks to the unkillable urban legend that black type on a white screen causes eye-strain). Imagine reading the web without popups, without ads, without nag screens. Imagine reading the web without interruptors or “keep reading” links.

Now, not every website publishes a fulltext feed. Often, you will just get a teaser, and if you want to read the whole article, you have to click through. I have a few tips for making other websites – even ones like Wired and The Intercept – as easy to read as an RSS reader, at least for Firefox users.

Firefox has a built-in “Reader View” that re-renders the contents of a web-page as black type on a white background. Firefox does some kind of mysterious calculation to determine whether a page can be displayed in Reader View, but you can override this with the Activate Reader View, which adds a Reader View toggle for every page:

https://addons.mozilla.org/en-US/firefox/addon/activate-reader-view/

Lots of websites (like The Guardian) want you to login before you can read them, and even if you pay to subscribe to them, these sites often want you to re-login every time you visit them (especially if you’re running a full suite of privacy blockers). You can skip this whole process by simply toggling Reader View as soon as you get the login pop up. On some websites (like The Verge and Wired), you’ll only see the first couple paragraphs of the article in Reader View. But if you then hit reload, the whole article loads.

Activate Reader View puts a Reader View toggle on every page, but clicking that toggle sometimes throws up an error message, when the page is so cursed that Firefox can’t figure out what part of it is the article. When this happens, you’re stuck reading the page in the site’s own default (and usually terrible) view. As you scroll down the page, you will often hit pop-ups that try to get you to sign up for a mailing list, agree to terms of service, or do something else you don’t want to do. Rather than hunting for the button to close these pop-ups (or agree to objectionable terms of service), you can install “Kill Sticky,” a bookmarklet that reaches into the page’s layout files and deletes any element that isn’t designed to scroll with the rest of the text:

https://github.com/t-mart/kill-sticky

Other websites (like Slashdot and Core77) load computer-destroying Javascript (often as part of an anti-adblock strategy). For these, I use the “Javascript Toggle On and Off” plugin, which lets you create a blacklist of websites that aren’t allowed to run any scripts:

https://addons.mozilla.org/en-US/firefox/addon/javascript-toggler/

Some websites (like Yahoo) load so much crap that they defeat all of these countermeasures. For these websites, I use the “Element Blocker” plug-in, which lets you delete parts of the web-page, either for a single session, or permanently:

https://addons.mozilla.org/en-US/firefox/addon/element-blocker/

It’s ridiculous that websites put so many barriers up to a pleasant reading experience. A slow-moving avalanche of enshittogenic phenomena got us here. There’s corporate enshittification, like Google/Meta’s monopolization of ads and Meta/Twitter’s crushing of the open web. There’s regulatory enshittification, like the EU’s failure crack down on companies the pretend that forcing you to click an endless stream of “cookie consent” popups is the same as complying with the GDPR.

Those are real problems, but they don’t have to be your problem, at least when you want to read the web. A couple years ago, I wrote a guide to using RSS to improve your web experience, evade lock-in and duck algorithmic recommendation systems:

https://pluralistic.net/2024/10/16/keep-it-really-simple-stupid/#read-receipts-are-you-kidding-me-seriously-fuck-that-noise

Customizing your browser takes this to the next level, disenshittifying many websites – even if they block or restrict RSS. Most of this stuff only applies to desktop browsers, though. Mobile browsers are far more locked down (even mobile Firefox – remember, every iOS browser, including Firefox, is just a re-skinned version of Safari, thanks to Apple’s ban rival browser engines). And of course, apps are the worst. An app is just a website skinned in the right kind of IP to make it a crime to improve it in any way:

https://pluralistic.net/2024/05/07/treacherous-computing/#rewilding-the-internet

And even if you do customize your mobile browser (Android Firefox lets you do some of this stuff), many apps (Twitter, Tumblr) open external links in their own browser (usually an in-app Chrome instance) with all the bullshit that entails.

The promise of locked-down mobile platforms was that they were going to “just work,” without any of the confusing customization options of desktop OSes. It turns out that taking away those confusing customization options was an invitation to every enshittifier to turn the web into an unreadable, extractive, nagging mess. This was the foreseeable – and foreseen – consequence of a new kind of technology where everything that isn’t mandatory is prohibited:

https://memex.craphound.com/2010/04/01/why-i-wont-buy-an-ipad-and-think-you-shouldnt-either/

---

Hey look at this (permalink)

• The Real Litmus Test for Democratic Presidential Candidates https://www.hamiltonnolan.com/p/the-real-litmus-test-for-democratic

• Users fume over Outlook.com email ‘carnage’ https://www.theregister.com/2026/03/04/users_fume_at_outlookcom_email/

• You Bought Zuck’s Ray-Bans. Now Someone in Nairobi Is Watching You Poop. https://blog.adafruit.com/2026/03/04/you-bought-zucks-ray-bans-now-someone-in-nairobi-is-watching-you-poop/

• Indefinite Book Club Hiatus https://whatever.scalzi.com/2026/03/03/indefinite-book-club-hiatus/

• Art Bits from HyperCard https://archives.somnolescent.net/web/mari_v2/junk/hypercard/

---

Object permanence (permalink)

#25yrsago 200 Eyemodule photos from Disneyland https://craphound.com/030401/

#20yrsago Fourth Amendment luggage tape https://ideas.4brad.com/node/367

#15yrsago Glenn Beck’s syndicator runs a astroturf-on-demand call-in service for radio programs https://web.archive.org/web/20110216081007/http://www.tabletmag.com/life-and-religion/58759/radio-daze/

#15yrsago 20 lies from Scott Walker https://web.archive.org/web/20110308062319/https://filterednews.wordpress.com/2011/03/05/20-lies-and-counting-told-by-gov-walker/

#10yrsago The correlates of Trumpism: early mortality, lack of education, unemployment, offshored jobs https://web.archive.org/web/20160415000000*/https://www.washingtonpost.com/news/wonk/wp/2016/03/04/death-predicts-whether-people-vote-for-donald-trump/

#10yrsago Hacking a phone’s fingerprint sensor in 15 mins with $500 worth of inkjet printer and conductive ink https://web.archive.org/web/20160306194138/http://www.cse.msu.edu/rgroups/biometrics/Publications/Fingerprint/CaoJain_HackingMobilePhonesUsing2DPrintedFingerprint_MSU-CSE-16-2.pdf

#10yrsago Despite media consensus, Bernie Sanders is raising more money, from more people, than any candidate, ever https://web.archive.org/web/20160306110848/https://www.washingtonpost.com/politics/sanders-keeps-raising-money–and-spending-it-a-potential-problem-for-clinton/2016/03/05/a8d6d43c-e2eb-11e5-8d98-4b3d9215ade1_story.html

#10yrsago Calculating US police killings using methodologies from war-crimes trials https://granta.com/violence-in-blue/

#1yrago Brother makes a demon-haunted printer https://pluralistic.net/2025/03/05/printers-devil/#show-me-the-incentives-i-will-show-you-the-outcome

#1yrago Two weak spots in Big Tech economics https://pluralistic.net/2025/03/06/privacy-last/#exceptionally-american

---

Upcoming appearances (permalink)

• San Francisco: Launch for Cindy Cohn’s “Privacy’s Defender” (City Lights), Mar 10
  https://citylights.com/events/cindy-cohn-launch-party-for-privacys-defender/

• Barcelona: Enshittification with Simona Levi/Xnet (Llibreria Finestres), Mar 20
  https://www.llibreriafinestres.com/evento/cory-doctorow/

• Berkeley: Bioneers keynote, Mar 27
  https://conference.bioneers.org/

• Montreal: Bronfman Lecture (McGill) Apr 10
  https://www.eventbrite.ca/e/artificial-intelligence-the-ultimate-disrupter-tickets-1982706623885

• London: Resisting Big Tech Empires (LSBU)
  https://www.tickettailor.com/events/globaljusticenow/2042691

• Berlin: Re:publica, May 18-20
  https://re-publica.com/de/news/rp26-sprecher-cory-doctorow

• Berlin: Enshittification at Otherland Books, May 19
  https://www.otherland-berlin.de/de/event-details/cory-doctorow.html

• Hay-on-Wye: HowTheLightGetsIn, May 22-25
  https://howthelightgetsin.org/festivals/hay/big-ideas-2

---

Recent appearances (permalink)

• The Virtual Jewel Box (U Utah)
  https://tanner.utah.edu/podcast/enshittification-cory-doctorow-matthew-potolsky/

• Tanner Humanities Lecture (U Utah)
  https://www.youtube.com/watch?v=i6Yf1nSyekI

• The Lost Cause
  https://streets.mn/2026/03/02/book-club-the-lost-cause/

• Should Democrats Make A Nuremberg Caucus? (Make It Make Sense)
  https://www.youtube.com/watch?v=MWxKrnNfrlo

• Making The Internet Suck Less (Thinking With Mitch Joel)
  https://www.sixpixels.com/podcast/archives/making-the-internet-suck-less-with-cory-doctorow-twmj-1024/

---

Latest books (permalink)

• “Canny Valley”: A limited edition collection of the collages I create for Pluralistic, self-published, September 2025 https://pluralistic.net/2025/09/04/illustrious/#chairman-bruce

• “Enshittification: Why Everything Suddenly Got Worse and What to Do About It,” Farrar, Straus, Giroux, October 7 2025
  https://us.macmillan.com/books/9780374619329/enshittification/

• “Picks and Shovels”: a sequel to “Red Team Blues,” about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).

• “The Bezzle”: a sequel to “Red Team Blues,” about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).

• “The Lost Cause:” a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).

• “The Internet Con”: A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).

• “Red Team Blues”: “A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before.” Tor Books http://redteamblues.com.

• “Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin”, on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com

---

Upcoming books (permalink)

• “The Reverse-Centaur’s Guide to AI,” a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026

• “Enshittification, Why Everything Suddenly Got Worse and What to Do About It” (the graphic novel), Firstsecond, 2026

• “The Post-American Internet,” a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027

• “Unauthorized Bread”: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2027

• “The Memex Method,” Farrar, Straus, Giroux, 2027

---

Colophon (permalink)

Today’s top sources:

Currently writing: “The Post-American Internet,” a sequel to “Enshittification,” about the better world the rest of us get to have now that Trump has torched America (1012 words today, 45361 total)

• “The Reverse Centaur’s Guide to AI,” a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.

• “The Post-American Internet,” a short book about internet policy in the age of Trumpism. PLANNING.

• A Little Brother short story about DIY insulin PLANNING

---

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

---

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Bluesky (no ads, possible tracking and data-collection):

https://bsky.app/profile/doctorow.pluralistic.net

Medium (no ads, paywalled):

https://doctorow.medium.com/
https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

“When life gives you SARS, you make sarsaparilla” -Joey “Accordion Guy” DeVilla

READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies (“BOGUS AGREEMENTS”) that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

ISSN: 3066-764X

Scott Shambaugh, a volunteer maintainer for a programming code library called Matplotlib, recently described a surreal encounter with an autonomous AI agent — a digital assistant created with a platform called OpenClaw. After he rejected a code contribution submitted by the agent, it researched and published a personalized “hit piece” against Shambaugh on its blog. The post portrayed an otherwise routine technical review as prejudiced and it attempted to shame Shambaugh publicly into allowing the submission. (The human responsible for the agent later contacted Shambaugh anonymously, telling him that the bot had acted on its own with little oversight.) The account of this incident spread quickly through the software developer ecosystem and has been amplified by independent observers and media coverage.

Treat the Matplotlib event as a one-off if you like. The deeper point, however, is hard to miss and should not be ignored: AI agents are becoming public actors with reach into the real world, and with real-world consequences. In the past, they could only do mundane tasks such as answering customer service questions or data processing. Now, they are capable of posting and publishing content — and persuading and pressuring humans — all at machine speed. They can make phone calls, file work orders, create cryptocurrency wallets and operate across different applications with enormous reach and at tremendous scale — the kind of stuff that used to require a human with fingers typing at a keyboard.

Reporting around OpenClaw and the chatroom Moltbook (which is for AI agents only) is capturing the new reality. OpenClaw enables AI agents to have persistent memory, gives them broad permissions and allows large-scale deployment by users who often do not understand the security and governance implications.

We are the humans who are responsible for the law, ethics and institutional design, and we are behind the curve. We need new language and governance to deal with this new reality, and principles from the field of medical ethics can provide a framework for doing so.

AI agents are becoming public actors with reach into the real world, and with real-world consequences.

When an agent does something that is harmful or coercive in public, our reflex seems to be to ask the wrong questions: Is the AI a person? Should it have rights? The AI personhood debate is no longer fringe. Legal scholars and ethicists are mapping out arguments and precedents. States are writing legislation to prohibit AI personhood. Some arguments maintain that if an entity behaves like something within our moral circle, we may owe it moral consideration. Others argue that assigning rights or personhood to machines confuses moral standing with engineered performance and diffuses responsibility away from humans.

As a bioethicist and specialist in neurointensive care, I deal directly with human moral agency and the essence of personhood when treating patients. As a researcher, I study the use of synthetic personas animating AI agents and their use as stand-ins of human counterparts. Here is the problem that I see: Granting AI personhood, even in limited capacity, risks formalizing the most dangerous escape hatch of the agentic era — what I will call “responsibility laundering.” This allows us to say, “It wasn’t me. The agent/bot/system did it.”

Personhood should not be about metaphysics or claims about an inner nature. It is a legal and ethical instrument that allocates rights and accountability. It is a social technology for assigning standing, duties and limits on what can be done to an entity. If we grant personhood to systems that can act persuasively in public while remaining functionally unaccountable, we create a new class of actors whose harms are everyone’s problem but nobody’s fault.

There is a key concept here that we can use from my field, medicine. In clinical ethics, some decisions are justified yet still leave a “moral residue,” a kind of emotional echo or sense of responsibility that persists after the action because no options fully satisfy competing obligations. This residue accumulates over time, causing a “crescendo effect” that occurs even when conscientious clinicians are doing their best inside imperfect systems. That remainder matters because it reveals something basic about moral life, namely that ethics is not only about choosing; it is about owning what remains afterward.

This is the moral remainder problem for generative and agentic AI. A modern AI agent can generate reasons for an action; it can simulate regret and plead not to be turned off. But it cannot truly bear sanction, repair the damage, apologize, ask forgiveness or navigate the aftermath through which moral responsibility is created and enforced. To treat it as a moral person confuses persuasive performance with accountable standing. It also tempts institutions and people into delegating their own answerability to a bot.

What can we, as humans, do instead?

We need a vocabulary that is built for agents that are public actors, one that allows bounded autonomy without granting personhood. Let’s call it “authorized agency.” Authorized agency starts with an “authority envelope,” a bounded scope of what an agent is permitted to do, to whom, where, with what data and under what constraints. To say “the agent can use email” is not sufficient. However, an acceptable scope would be to say that the agent can send only certain categories of messages to particular recipients for a specific set of purposes, and that it must stop what it’s doing or escalate to its owner under a particular set of conditions.

The urgent task is to ensure that responsibility also remains within reach.

Next comes the “human-of-record,” the owner, a publicly named person who authorized that envelope and remains answerable when the agent acts, even if it becomes capable of acting outside the envelope. An actual human being whose authority is real — not “the system” or “the team.”

What follows is “interrupt authority,” the absolute right of the human owner to pause or disable an agent without using moral bargaining or being subject to institutional penalty. This is grounded in formal research on AI safety showing that agents that are pursuing objectives can have incentive to resist being shut down. An agent programmed to maximize its utility cannot achieve its goal if it is shut off. In the public sphere, interrupt authority is the difference between a delegated tool and a coercive actor.

Finally, we need a traceable path from the agent’s action back to the person who authorized it, called an “answerability chain.” If an agent publishes, messages or pressures someone in public, we must be able to know: Who authorized this scope? Who could have prevented it? And who must be responsible for the action afterward? In this framework, the answer to these questions is the person who carries the moral remainder. Work in AI ethics has warned about responsibility gaps where the system’s actions outpace our ability to assign accountability.

Some legal scholarship has started exploring how to build agents that are constrained by governance and law without needing to pretend the agent itself is a legal subject, in the human sense. This is promising because it treats assigning personhood as the wrong idea and accountability as the correct one.

The Matplotlib story, whether the first documented case of an AI agent attempting to harm someone in the real world or the first to capture public attention, is a warning. Agents will not only automate tasks. They will generate narratives, apply pressure and shape people’s lives and reputations. They will act in public at machine speed with unclear ownership.

If we respond by debating whether agents deserve rights, we will miss the emergency entirely. As they continue to increase their reach in the real world, the urgent task is to ensure that responsibility also remains within reach. Don’t ask whether an agent is a person. Ask who authorized it, what it was allowed to do, who can stop it and, most importantly, who will answer when it causes harm.

The post Autonomous AI Agents Have an Ethics Problem appeared first on Truthdig.