YunoBlog

Blog

  • A Tale of Two Seas

    This post is part of a symposium on international law under the second Trump administration. Read the rest of the posts here. ** ** ** It was morning on Easter Sunday when I started to think about nuclear war. “Open the Fuckin’ Strait, you crazy bastards,” the U.S. president railed on TruthSocial, addressing the Iranian government, “or you’ll be living in Hell.” A couple days later…

    Source

  • Pluralistic: The AI bubble isn’t like the internet bubble (26 May 2026)

    Today’s links


    The head and shoulder of a supine bearded man in a chambray shirt. He is tied down with ropes around his shoulders. Four tiny figures with suits and grotesque plutocratic heads are prying his mouth open by yanking at his hair and beard. Once of the men is shoving an evil robot into his mouth.

    The AI bubble isn’t like the internet bubble (permalink)

    One of the surprise breakout software products of the early web was Lotus Notes, a kind of primitive precursor to all-in-one office productivity suites like GDocs, Office365, etc. It was so important that its creator, Ray Ozzie, was promoted to Microsoft’s Chief Software Architect, succeeding Bill Gates himself:

    https://knowledge.wharton.upenn.edu/podcast/knowledge-at-wharton-podcast/the-man-who-would-change-microsoft-ray-ozzies-vision-for-connected-software/

    People who remember Notes tend to deride it for its clunky user interface and demi-functional administrative tools. But what made Notes so central to Microsoft wasn’t its polish – it was the fact that Notes represented a brokered peace between IT managers, who wanted mainframe-like control over everything their users could do with business equipment, and the users themselves – workers who kept smuggling internet-based tools into the enterprise network on the very sensible grounds that they had a job to do, and these were the best tools to do it.

    The arrival of internet-based tools – especially ones that ran in browsers – represented a major challenge to IT departments, who had been long accustomed to dictating terms to their users. If the IT manager and the compliance department decided that the best way to manage disclosure and leak risks was to block all email attachments for outside users, then that was that: no one could send those attachments.

    But after the internet arrived on the corporate desktop, employees who needed to get documents to supply chain partners and customers could treat these IT policies as damage and route around them. Just fire up your Hotmail or Yahoo mail window, or hop on MSN Messenger or ICQ or AIM, or drop the file on an anonymous FTP server and send the link to your counterparty. Job done!

    IT managers hated this, and to be fair to them, they weren’t (always) wrong. These outside tools came from a variety of untrustworthy sources, including malicious sites that pushed virus-infected versions to their users. Also, by evading firewall rules with these tools, users made it impossible to achieve the compliance goals that IT had been charged with enforcing, and it was IT’s asses on the line if the company got in trouble as a result.

    Foundationally, IT was being asked to do two irreconcilable things: they were supposed to be enabling workers to get their jobs done, and they were supposed to be stopping those workers from doing things that could harm the business. This can’t be done, because the only way to eliminate the possibility that a worker will take an action that harms the business is to gag that worker and lock them in a dungeon. Workers need flexibility and freedom to achieve business goals, and that flexibility and freedom means that those workers might (deliberately or accidentally) thwart the business’s goals.

    What’s more, workers will always run into situations that were not anticipated by policy, and if they are denied any agency or initiative, they will fail to get their jobs done. In work, the exception is the rule, hence the importance of “process knowledge” (all the implicit knowledge shared among workers across the firm and its suppliers and customers, which cannot be captured or recorded):

    https://pluralistic.net/2025/09/08/process-knowledge/#dance-monkey-dance

    Indeed, there’s a form of labor action called a “work to rule,” in which workers only do the things dictated by their rulebooks, without taking any of the routine additional measures dictated by process knowledge. Merely by following every rule to the letter, workers can grind a shop to a halt:

    https://en.wikipedia.org/wiki/Work-to-rule

    Since the dawn of personal computers, workers and IT departments have come into conflict, as workers literally smuggled technology into the business that could do things the IT department had (often arbitrarily and capriciously) prohibited. When Visicalc emerged as the killer app for the Apple ][+, workers snuck these computers into work and used them to sort spreadsheets in ways that IT had declined to permit. They didn’t do this to cheat or steal from the company – the whole point was to do a better job.

    So it was with the early web: workers discovered a myriad of new capabilities in the free-to-use world of web-based tools and realized how these tools would make them much more effective at their jobs. The fact that IT wouldn’t let them do these things was just more evidence that IT – and the managers who set IT’s agenda – didn’t understand the business as well as workers.

    It didn’t help that IT managers’ first line of defense was the high-tech version of abstinence-only education: “You only think you need your work computers to do this, but really, you don’t, so stop trying”:

    https://www.theguardian.com/technology/2009/jun/16/computer-security-abstinence

    Abstinence-only education never works, but where “you only think you need this” failed, Lotus Notes succeeded. Lotus Notes provided a whole suite of tools that largely (if imperfectly) replaced the universe of free tools that workers were using to evade their IT departments’ edicts, so they could get their jobs done. At the same time, Lotus Notes provided a set of management tools that let IT fine-tune how these tools worked, giving them (some) of the controls they needed to achieve their compliance goals.

    Like all brokered peace settlements, Lotus Notes left both sides feeling like they’d made a compromise they could live with, giving up some of their goals, but keeping the things that really mattered to them.

    It’s impossible to overstate how important Lotus Notes and similar products were, because workers demanded the right to use the web on their work computers, and they made those demands so forcefully that managers had to completely re-do their IT policies, lest those workers treat them as damage and route around them. Back then, the tech press was full of stories about these conflicts, as workers insisted that the new technology that was sweeping the nation was so foundational and transformative that they had to be allowed to use it.

    What we never saw back then were stories about how managers had to monitor workers to ensure that they were using the web as much as possible. No one had to force workers to find ways to integrate the web into their workflows.

    In other words, the story of the web at work was the opposite of the story of AI at work. Today, you can’t turn around without reading a story about bosses who are threatening to fire workers if they don’t increase their AI usage:

    https://www.businessinsider.com/boss-track-ai-use-career-2025-8

    Virtually every major company now has a program to force workers into using AI:

    https://www.cnbc.com/2026/05/05/ai-use-work-employee-monitoring-tech-surveillance.html

    It’s conceivable that over the past quarter-century, bosses have become technophiles while workers have fallen prey to superstitious technophobia, but it hardly seems likely. Historically, workers have always been enthusiastic about tools that let them do a better job – indeed, it’s a truism that labor-led automation produces improvements in quality, while capital-driven automation increases throughput (often at the expense of quality).

    Workers aren’t the only typical early adopters who find AI lacking. As a group, teenagers and young adults hate AI:

    https://www.nytimes.com/2026/04/09/style/gen-z-ai-gallup-study.html

    That’s not what it was like during the early web days. Back then, young people entering the workforce were passionate devotees of the web, to the point where the business press routinely ran articles asking how today’s workplaces were going to adapt to the demands of these webbed-up workers.

    https://www.nber.org/digest/apr03/internet-changes-labor-market

    AI boosters insist that the deficits we see in AI – its lack of profitability, its primitive and error-riddled outputs – are no different from the shakedown problems of the early web (and we know how the web turned out!). But this is a profoundly flawed comparison: the early web and AI are very different from one another.

    For one thing, the early web may have lost money, but it had great unit economics. Every new web user brought the web closer to profitability, as did every new use of the web, and every new generation of web technology. By contrast, AI has – in the memorable phrasing of Ed Zitron – “dogshit unit economics.” Every new AI user makes AI less profitable, as does every new use for AI, and each generation of AI loses more money than the last. AI is the money-losingest endeavor in human history:

    https://pluralistic.net/2025/09/27/econopocalypse/#subprime-intelligence

    In other words, the early web was a technology that grew more profitable every day, which workers and young people had to force on their bosses – and AI is a technology that grows less profitable every day, and bosses have to force it on workers and young people.

    Now, it’s true that some workers don’t have to be forced to use AI. Workers who enjoy a high degree of autonomy (that is to say, workers who are positioned to ignore workplace coercion) can adopt AI in ways that they feel suited to, just as those early web users and Visicalc smugglers did. They can fulfill the maxim that labor-driven automation improves quality, while resisting capital’s insistence that automation be used to increase throughput at quality’s expense.

    They can act as centaurs (workers assisted by technology), not as reverse-centaurs (workers who are recruited to serve as peripherals for machines). As with all technology questions, what the technology does is nowhere near as important as who the tech does it for and who the tech does it to:

    https://pluralistic.net/2025/09/11/vulgar-thatcherism/#there-is-an-alternative

    And there’s another group of workers who adopt AI voluntarily: workers who see that AI can do a lot of work that they view as dull and unimportant for them. These workers might be right – there are plenty of bullshit jobs out there:

    https://memex.craphound.com/2018/06/20/david-graebers-bullshit-jobs-why-does-the-economy-sustain-jobs-that-no-one-values/

    But it’s also possible that they’re wrong, and they’re substituting AI for something that really should be done by a person.

    But on the plus side, at least no one has to force them to adopt AI.

    Hey look at this (permalink)


    A shelf of leatherbound history books with a gilt-stamped series title, 'The World's Famous Events.'

    Object permanence (permalink)

    #25yrsago Website graveyard https://web.archive.org/web/20010516224100/http://www.disobey.com/ghostsites/

    #20yrsago Canadian students ask govt to save them from copyright https://web.archive.org/web/20060629014007/https://action.web.ca/home/cfs/en_alerts.shtml?x=88910&AA_EX_Session=d56bebd39174d9839ec3ee5fa6fe93a4

    #20yrsago Lifespan of best-sellers falls 6/7ths in 40 years https://web.archive.org/web/20060601231943/https://www.lulu.com/static/pr/05_19_06.php

    #15yrsago Sarkozy’s false-flag E-G8 attracts withering scorn https://web.archive.org/web/20121109010803/https://arstechnica.com/tech-policy/2011/05/france-attempts-to-civilize-the-internet-internet-fights-back/

    #15yrsago Tool reveals ISP traffic-shaping https://web.archive.org/web/20120514151210/https://arstechnica.com/tech-policy/2011/05/new-shaperprobe-tool-detects-isp-traffic-shaping/

    #15yrsago Falun Gong sues Cisco over complicity in China’s “Golden Shield” – allege torture, murder https://web.archive.org/web/20110524065718/http://news.cnet.com/8301-1023_3-20065219-93.html

    #15yrsago Scenes from Los Angeles’s teacher-librarian witch-hunt https://mizzmurphy.blogspot.com/2011/05/message-received.html

    #15yrsago Denmark bans Marmite https://www.theguardian.com/theguardian/2011/may/24/uk-should-ban-sandi-toksvig

    #10yrsago As mobile carriers ramp up bribery program, Internet coalition says no to “zero rating” https://web.archive.org/web/20160524233609/https://motherboard.vice.com/read/medium-mozilla-and-kickstarter-signed-a-letter-against-zero-rating

    #10yrsago Philippines’ new “dictator” will give a hero’s burial to Ferdinand Marcos https://web.archive.org/web/20160526135257/http://www.msn.com/en-ph/news/world/philippine-dictator-marcos-to-get-heros-burial-duterte/ar-BBtnPJH

    #10yrsago Judge handcuffs public defender for speaking out in court https://web.archive.org/web/20160525151444/http://www.reviewjournal.com/news/las-vegas/las-vegas-judge-handcuffs-public-defender-courtroom

    #10yrsago Sanders donors flock to Tim Canova’s campaign against DNC Chair Debbie Wasserman Schultz https://edition.cnn.com/2016/05/23/politics/debbie-wasserman-schultz-primary-opponent-fundraising/index.html

    #10yrsago Algorithmic risk-assessment: hiding racism behind “empirical” black boxes https://www.propublica.org/article/machine-bias-risk-assessments-in-criminal-sentencing

    #10yrsago Plagiarism detection app vs Russia’s elites: 1-2 fake PhDs discovered every day https://www.slate.com/articles/news_and_politics/cover_story/2016/05/the_thriving_russian_black_market_in_dissertations_and_the_crusaders_fighting.html

    #10yrsago Technology’s “culture of compliance” must be beaten back in the name of justice https://bb9.berlinbiennale.de/all-problems-can-be-illuminated-not-all-problems-can-be-solved/

    #10yrsago Grass in the park at the center of San Francisco gentrification debate is now for rent https://sfist.com/2016/05/23/rec_parks_pilot_program_allows_you/

    #10yrsago Lawsuit: Texas’s largest jail is full of people who are locked up for being poor https://web.archive.org/web/20160524134738/https://thinkprogress.org/economy/2016/05/23/3781076/texas-bail-lawsuit/

    #10yrsago After the precariat, the unnecessariat: the humans who are superfluous to corporations https://morecrows.wordpress.com/2016/05/10/unnecessariat/

    #5yrsago Watomatic, for lower Whatsapp switching costs https://pluralistic.net/2021/05/24/how-about-nah/#comcom

    Upcoming appearances (permalink)

    A photo of me onstage, giving a speech, pounding the podium.


    A screenshot of me at my desk, doing a livecast.

    Recent appearances (permalink)


    A grid of my books with Will Stahle covers..

    Latest books (permalink)


    A cardboard book box with the Macmillan logo.

    Upcoming books (permalink)

    • “The Reverse-Centaur’s Guide to AI,” a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)

    • “Enshittification, Why Everything Suddenly Got Worse and What to Do About It” (the graphic novel), Firstsecond, 2026

    • “The Post-American Internet,” a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027

    • “Unauthorized Bread”: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027

    • “The Memex Method,” Farrar, Straus, Giroux, 2027


    Colophon (permalink)

    Today’s top sources:

    Currently writing: “The Post-American Internet,” a sequel to “Enshittification,” about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.

    • “The Reverse Centaur’s Guide to AI,” a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.

    • “The Post-American Internet,” a short book about internet policy in the age of Trumpism. PLANNING.

    • A Little Brother short story about DIY insulin PLANNING

    This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

    https://creativecommons.org/licenses/by/4.0/

    Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

    How to get Pluralistic:

    Blog (no ads, tracking, or data-collection):

    Pluralistic.net

    Newsletter (no ads, tracking, or data-collection):

    https://pluralistic.net/plura-list

    Mastodon (no ads, tracking, or data-collection):

    https://mamot.fr/@pluralistic

    Bluesky (no ads, possible tracking and data-collection):

    https://bsky.app/profile/doctorow.pluralistic.net

    Medium (no ads, paywalled):

    https://doctorow.medium.com/

    Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

    https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

    When life gives you SARS, you make sarsaparilla” -Joey “Accordion Guy” DeVilla

    READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies (“BOGUS AGREEMENTS”) that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

    ISSN: 3066-764X

  • Directors of Firms Linked to Sanctioned Cambodian Conglomerate Bought Properties in Japan

    Since October, Cambodia’s Prince Group has been under siege from authorities around the world, including the U.S. which dubbed it a “transnational criminal organization.”

    Japanese authorities have so far remained silent, but flight and property records show that directors of several firms linked to the Prince Group have established a footprint in that country too.

    In its October 14, 2025, sanctions announcement, the U.S. alleged that the Prince Group operated “industrial scale cyberfraud operations” in Cambodia, which were run out of “compounds reliant on human trafficking and modern-day slavery.”

    A Prince Group spokesperson dismissed allegations against the conglomerate and its chairman Chen Zhi, who has been sanctioned and indicted in the U.S.

    “Mr. Chen and his companies were not a criminal syndicate but a collection of legitimate businesses serving millions of people and employing tens of thousands of people across the globe,” the spokesperson said by email.

    “Chen Zhi and the Prince Group of companies are innocent of the wild and unfounded accusations made by the U.S government, parroted in jurisdictions around the world,” the spokesperson added. 

    Among other global actions against the Prince Group, the U.S. has sanctioned dozens of companies, and the U.K. has frozen more than $200-million worth of property held by directors and entities linked to the conglomerate. The U.S. Treasury Department released a map showing Prince Group “offshore hubs and shell companies” in jurisdictions including Hong Kong, Laos and the British Virgin Islands.

    Japan is not on the map, and authorities there have not made any public statements about investigating the Prince Group. A person who answered the phone at police headquarters in Tokyo said they were unable to answer questions. 

    However, Japanese media have reported that individuals tied to the Prince Group have traveled to the country and purchased properties. Japanese media have not named those individuals, but property and flight records show who they are. 

    Tokyo Mansions

    OCCRP’s Japanese media partner, Tansa, obtained records showing that a director of companies linked to the Prince Group owns land in Chiba prefecture, on the eastern outskirts of Tokyo. That man, Chen Bo, purchased property in 2019 in a gated community called “One Hundreds Hills.” A 2,365-square-meter home sits on the plot of land.

    Originally from China, Chen Bo acquired a Cambodian passport in 2014, according to the government’s citizenship gazettes. 

    While Chen Bo has not been sanctioned himself, Cambodian corporate records show he served as a director at nine companies that were. These include Byex Exchange Co. Limited and Tian Xu International Technology Plc, which the U.K. sanctioned for allegedly providing financial services to the Prince Group.

    The mansion on the outskirts of Tokyo adds to another one Chen Bo bought downtown, near Zenpukuiji Park, just days before the U.S. and U.K. imposed sanctions on Prince Group. Shortly after those sanctions came down, he transferred the property to his wife.

    Japanese media have reported that the two properties are together worth about $7 million, although they have not named him as the owner. The financial sources used by Chen Bo to secure these real estate holdings remain unclear.  

    Chen Bo did not respond to requests for comment emailed to his companies. A person who answered the phone at CCU Commercial Bank PLC, where he is listed as chairman, said there was no “staff member called Chen Bo” and hung up. A person who said he was his former assistant at  another company he chairs, Billion Wisdom Investment Co Ltd., said Chen Bo “is in China now.” 

    Corporate filings link Billion Wisdom Investment to another China-born Cambodian passport holder named Su Chang, who serves as co-director. Land records show that Su Chang purchased an apartment at Wellith One Aoyama, a prime development in the heart of Tokyo’s Minato neighbourhood, in 2021. 

    Su Chang did not respond to requests for comment emailed to his companies. The person who answered the phone at Billion Wisdom Investment said the company directors were not in Cambodia, and did not provide contact details. 

    Japanese land records show one more director of a Prince Group-related firm with real estate in Tokyo: Brendon Luo purchased a luxury apartment in the downtown neighborhood of Shibuya in May 2025. He is also from China and holds a Cambodian passport, according to the government gazette. 

    Also known as Luo Pinghua, Brendon Luo is listed in the Cambodian corporate registry as a director at Prince Plaza Investment Co. Ltd. The head of the Prince Group, Chen Zhi, is listed as the firm’s chairman. While Brendon Luo has not been personally sanctioned, the U.S. Treasury Department targeted Prince Plaza Investment as part of the Prince Group network.

    The Treasury Department did not specify the exact commercial activities of Prince Plaza Investment, but listed it among more than 100 sanctioned companies it said were “owned or controlled by, or purport to act for or on behalf of, members of Prince Group TCO [transnational criminal organization].”

    Brendon Luo did not respond to requests for comment emailed to his companies, including Prince Plaza Investment. A person who answered the phone at Prince Commercial Trading Co. Ltd., where he is listed as chairman, said Brendon Luo was not present and that he could not provide contact details.

    Jets to Japan

    Flight records obtained by OCCRP show that Su Chang was a passenger on recent private jet flights into Japan together with Hu Xiaowei, who has been sanctioned by the U.S. and U.K. in relation to the Prince Group. 

    Su Chang has not been accused of illicit activity or targeted by sanctions. 

    OCCRP recently revealed that Hu Xiaowei goes by at least four different identities, and had previously unreported ties to both the Prince Group and its sanctioned chairman, Chen Zhi.

    The U.K. government froze several properties belonging to Hu Xiaowei after OCCRP reported on his multiple identities, and revealed that he had purchased London properties worth more than $44 million. 

    The jet that made multiple trips to Japan in recent years is owned by CN Breeze Limited, a shell company Hu Xiaowei controls through Future King Inc., his British Virgin Islands entity. He owns Future King under his alias, Wu An Ming, according to recent Hong Kong stock exchange filings. 

    Flight records show the jet made multiple trips to Japan beginning in March 2023. They included at least two trips from Phnom Penh to Japan following the U.S. Treasury Department’s October 2025 announcement of sanctions against 146 entities and individuals.

    Earlier this month, Hong Kong’s Department of Justice applied for a freezing order against Future King Inc., along with other assets belonging to Hu Xiaowei, OCCRP reported.

    International Actions

    The U.S. and U.K. spearheaded the crackdown on the Prince Group in October 2025, sanctioning more than 100 targets. Since then, several other countries have taken measures against people and entities allegedly associated with the conglomerate.

    Over the course of November and December 2025, South Korea, Hong Kong, Singapore and Taiwan, as well as Thailand, announced various actions. These included sanctions, freezing or seizing hundreds of millions in assets, and arrests and criminal charges against people allegedly linked to Prince Group. 

    Then in January 2026, Cambodian authorities arrested the Prince Group chairman Chen Zhi, and extradited him to China. State media in China reported that authorities suspect he and his associates of running fraud operations and concealing the proceeds. 

    In the statement emailed to OCCRP, the Prince Group spokesperson rejected such accusations.

    “What few factual allegations that have been made, have been broad and generic with no evidence, or proven to be composed of outright falsehoods and impossibilities,” the spokesperson said.

    In early 2026, the U.K., Hong Kong and Taiwan announced more measures against individuals and entities allegedly linked to Prince Group. These include indictments and  freezes on properties and other assets.

    To date, no evidence directly links the properties purchased in Japan with the proceeds of crime. But even if Japanese authorities suspected a connection, they’d have fewer legal mechanisms to freeze or seize assets than their counterparts in other jurisdictions. 

    The Financial Action Task Force, a multinational anti-money laundering watchdog, flagged shortcomings in Japanese enforcement in its most recent Mutual Evaluation Report for the country in 2021.

    “Japan has a stated commitment to deprive criminals of property through the seizure and confiscation of crime proceeds, however the scope of restraint and confiscation pursued is not in keeping with Japan’s risk profile,” the report says.

    One key tool for law enforcement in many jurisdictions is civil forfeiture. In the U.K., for example, authorities can freeze assets that can then be seized under civil forfeiture laws if the subject is unable to prove they acquired them with legitimate funds.

    Not in Japan.

    As a retired senior police officer told OCCRP — anonymously as he was not authorised to speak to journalists — there is “no civil forfeiture in Japan.”

    Additional reporting by Jack Adamovic Davies.

  • Australia confirms first diphtheria death amid worst outbreak in decades

    Most cases are in the Northern Territory with some also in Western Australia, South Australia and Queensland.
  • Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks

    Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks

    Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union. The two men were the focus of a 2025 KrebsOnSecurity story about how their hosting companies had assumed control over the technical infrastructure of Stark Industries Solutions, an Internet service provider sanctioned last year by the EU as a frequent staging ground for cyber mischief from Russia’s intelligence agencies.

    An investigator with the Tax Intelligence and Investigation Service (FIOD), the Dutch financial crimes agency, during the raid. Image: FIOD.

    The Dutch daily news outlet de Volkskrant reports that the Dutch financial crime agency FIOD on May 18 arrested a 57-year-old from Amsterdam and a 39-year-old from The Hague, charging them with violating sanctions law by directly or indirectly making economic resources available to EU-sanctioned entities.

    The Dutch investigation focuses on Stark Industries, a sprawling hosting provider that materialized just two weeks before Russia invaded Ukraine. As detailed in this May 2024 deep-dive, Stark quickly became the source of massive distributed denial-of-service (DDoS) attacks against European targets, and emerged as a top supplier of proxy and anonymity services that showed up time and again in cyberattacks linked to Russia-backed hacking groups.

    That report identified two Moldovan brothers — Ivan and Yuri Neculiti and their company PQHosting — who were providing one of Stark’s two main conduits to the larger Internet. In May 2025, the EU sanctioned PQHosting and the Neculiti brothers for aiding Russia’s hybrid warfare efforts. But as KrebsOnSecurity observed in September 2025, those sanctions failed to target Stark’s remaining connection to the Internet — an Internet service provider based in the Netherlands called MIRhosting.

    MIRhosting is operated by Andrey Nesterenko, a 39-year-old Russian native who runs the business out of the Netherlands.  News that PQHosting and the Neculiti brothers were about to be sanctioned by the EU leaked in the media nearly two weeks before the sanctions were announced last year. During that time, the Stark network assets were transferred from PQHosting to a new entity called the[.]hosting, under the control of the Dutch entity WorkTitans BV.

    And as our September 2025 report showed, WorkTitans was controlled by Nesterenko and a 57-year-old from Amsterdam named Youssef Zinad. On top of that, WorkTitans was getting connectivity to the larger Internet solely through MIRhosting, where Zinad had worked previously.

    On May 18, Dutch financial crime investigators arrested Nesterenko and Zinad, and searched three businesses in Enschede and Almere and two data centers in Dronten and Schiphol-Rijk. A statement from the Dutch authorities said they also seized laptops, telephones and more than 800 servers.

    A message to the-hosting customers immediately after 800 of its servers were seized by Dutch authorities. The message says that unfortunately data stored on the server has been lost and cannot be recovered.

    De Volkskrant said it reviewed data showing WorkTitans and MIRhosting were the most-used networks in pro-Russian attacks on Danish government bodies between November 13 and 19, 2025, the week of Denmark’s municipal elections.

    The publication wrote that prior to Nesterenko’s arrest, the MIRhosting founder denied that he knew his servers had been misused by pro-Russian cybercriminals. “He said he had ended all services with the Neculiti brothers when the EU sanctions came into force in May 2025,” and the he “reserved all rights to take action against ‘harmful and incorrect publications,” de Volkskrant wrote.

    MIRhosting released a statement saying it has initiated an internal investigation into the alleged facts concerning the elections in Denmark, and that it has temporarily paused services to WorkTitans as a precautionary measure while the matter is being reviewed further.

    “Based on our preliminary findings, there are no indications that the services over which we exercise control were actually used to influence the Danish elections,” the statement reads. “No anomalies or spikes were observed in our network traffic during the period mentioned in the publication; had large-scale DDoS attacks occurred, such activity would have been evident. Furthermore, prior to the media publication, we had not received any complaints, abuse reports, or official requests regarding suspicious activities or misuse of our network. Meanwhile, our regular operational activities continue, and our service to our other clients remains fully intact.”

    Born in Nizhny Novgorod, Russia, Mr. Nesterenko grew up as a piano prodigy who performed publicly at a young age. In 2004, Nesterenko founded MIRhosting’s parent Innovation IT Solutions Corp., which has the notable distinction of being the company responsible for hosting stopgeorgia[.]ru, a hacktivist website for organizing cyberattacks against Georgia that appeared at the same time Russian forces invaded the former Soviet nation in 2008. That conflict was thought to be the first war ever fought in which a notable cyberattack and an actual military engagement happened simultaneously.

    Responding to questions shared via email, Nesterenko said MIRhosting does not support cybercrime, sanctions evasion, or illegal activity, and that the allegations and arrest by Dutch authorities have been extremely harmful to him and his company.

    “The transition to the.hosting was not intended to evade sanctions,” Nesterenko wrote. “The hardware and customer portfolio had already been transferred to WorkTitans before the sanctions appeared. Closing or damaging a legitimate Dutch infrastructure company will not stop cybercrime, but it will harm many people who have done nothing wrong.”

    Far less is public about the 57-year-old Zinad, who reportedly has been keeping a low profile since our story last year. De Volkskrant reported that Zinad blocked access to his LinkedIn account, had gone months without responding to emails, WhatsApp messages and phone calls, and told a colleague that illness was forcing him to lead a somewhat more reclusive life.

    Mr. Zinad’s now-defunct LinkedIn profile. It was full of posts for MIRhosting’s services.

    Mr. Nesterenko claims Zinad was never an employee of MIRhosting.

    “He helped me and MIRhosting with certain business tasks under a normal business-to-business arrangement between companies,” Nesterenko explained.

    However, in previous emails to KrebsOnSecurity, Nesterenko carbon copied Mr. Zinad (who had a @mirhosting.com email), explaining that he was part of the company’s legal team. Also, the Dutch website stagemarkt[.]nl lists Youssef Zinad as an official contact for MIRhosting’s offices in Almere.

    Mr. Zinad has never responded to requests for comment. Nor did de Volkskrant have any luck tracking him down. The publication said it repeatedly asked Mr. Zinad (referred to here as simply “Z”), but he reportedly avoided every form of contact.

    “‘I am unavailable but will respond to your message as soon as possible,’ reads an automated reply on WhatsApp on 2 October 2025,” de Volkskrant reported. “It is the only response de Volkskrant would receive in months. He did not pick up his phone and did not call back. When an acquaintance asked him via LinkedIn to contact the reporter, he blocked access to his LinkedIn page. At an address in Almere where Z.’s personal limited company is registered, no one was present in April. The corner house’s blinds were drawn, and a pile of rubbish bags lay outside next to a container, as if someone had recently left. A neighbour said he knew the man but did not know where he was staying. Z. was later arrested at a residence in Amsterdam.”

  • Singapore Charges Malaysian Man in Transnational Impersonation Scam

    Authorities in Singapore are set to charge a 22-year-old Malaysian man for his alleged involvement in a government-official impersonation scam, police said. His apprehension brings the total number of Malaysians arrested in the city-state since March for allegedly assisting scam syndicates to 28.

    The suspect was arrested after a victim reported being defrauded by individuals posing as a bank employee and a Singapore police officer.

    Investigators believe a transnational scam syndicate tasked the man with collecting cash and jewelry from victims and passing the valuables to other operatives in Singapore and Malaysia.

    If convicted, the suspect faces up to 10 years in prison, a fine of up to $391,000, or both.

  • Ebola epidemic spreading rapidly and outpacing containment efforts

    There are more than 900 suspected cases of the Bundibugyo strain of Ebola in the Democratic Republic of the Congo, and 220 suspected deaths, the head of the World Health Organization (WHO), Tedros Ghebreyesus, said on Monday.
  • Italian Police Target “Previously Unseen” Streaming Piracy Tech That Looks Familiar

    Italian Police Target “Previously Unseen” Streaming Piracy Tech That Looks Familiar

    Law enforcement operations against pirate streaming networks have been a regular occurrence, particularly inside the EU.

    This includes Italy, where the financial police, Guardia di Finanza (GdF), has routinely cracked down on the “pezzotto,” the term used for selling IPTV streaming boxes and subscriptions.

    This week the financial police in Ravenna announced something they say is different. In an operation named “Tutto Chiaro” (“All Clear”), coordinated by the Bologna prosecutor’s office, around 200 officers carried out more than 100 searches and seizures across Italy, with parallel action in France and Germany.

    At the center of the crackdown is an app called CinemaGoal. The GdF calls the technology behind it “highly advanced and previously unseen”.

    “The operation, which stemmed from social media monitoring, uncovered, for the first time, the existence of an innovative technology,” GdF explained, noting that the app offered superior viewing quality while the anti-piracy detection rate was minimal.

    How the GdF Says It Worked

    According to the GdF, CinemaGoal was installed on a customer’s device, connecting it to a foreign server that decrypted the premium content. This included content from premium broadcasters such as Sky and DAZN, but the authorities also named Netflix, Disney+, and Spotify as targets.

    Pirate streaming

    gdf video

    The police explain that, every three minutes, virtual machines captured the “original” codes of legitimate subscriptions and instantly relayed them, sending a “clear” signal to pirate subscribers. Those legitimate accounts were registered to fictitious names, as well as some who have been identified.

    Because the system tapped into the official streaming feeds, GdF says the quality of the streams was superior. Paired with a low anti-piracy detection rate and relative anonymity for its subscribers, the more than 70 identified resellers had little trouble selling these subscriptions.

    New Anti-Piracy Tech?

    The “previously unseen” framing relied on a broad description by GdF, referencing “Original codes,” a “clear” signal, a foreign server that “decrypts” content. This is press release language, not a technical explanation. But just how “new” is this technology?

    The few concrete details shared by authorities are reminiscent of one of the oldest piracy tricks. For over two decades, pirates have hijacked pay-TV by copying the constantly changing key that unlocks a single legitimate subscription and sharing it out to everyone else. This is typically known as card sharing.

    GdF video

    However, with card-sharing, keys typically change every few seconds. The GdF suggests that CinemaGoal refreshes codes every three minutes, which is significantly slower.

    That timing, together with the claim that CinemaGoal actually looked better than an ordinary pirate stream, hints at something more modern. This would be largely in line with CDN leeching, which is an emerging problem that anti-piracy outfits have been referring to over the past years.

    In 2024, anti-piracy group Irdeto noted that this technical breach is particularly popular among operations that use piracy-enabling devices.

    “Typically, they will reverse engineer video applications to understand how to access and extract the CDN content, enabling them to distribute pirated material more efficiently,” the blog post explained, while also referencing the quality improvement.

    “Pirates leverage CDN infrastructure to deliver pirated content more quickly and with lower latency, thus enhancing the streaming experience for their illicit users,” Irdeto added.

    What type of operation was targeted by operation “Tutto Chiaro” remains unclear for now. The police reportedly have the source code, however, so more information may come out in the future.

    Perhaps that will also explain a more straightforward problem with the official press release. Currently, the same “grab the codes every three minutes” description is used for all streaming services, from live sports on DAZN to on-demand video on Netflix, to music on Spotify. These platforms do not all work the same way, however, and cannot all be unlocked by a single trick.

    Subscribers in the Crosshairs

    Interestingly, public searches show that CinemaGoal has left no notable public footprint. TorrentFreak found no app store listing, APK mirror, reseller storefront, or forum thread predating the operation. Every reference dates to the announcement by the Italian police.

    The GdF says the investigation began with “monitoring social media,” and, according to Italian outlet Il Post, the app was promoted through networks such as Telegram, with agents selling online or meeting customers in person. This would confirm that there was no public sales outlet mentioning the CinemaGoal app.

    Through Eurojust, the authorities seized foreign servers holding the decryption data and the app’s source code. The same investigation found that the same operation also relied on the more traditional IPTV “pezzotto”, in addition to CinemaGoal.

    Rightsholders have welcomed the latest streaming piracy crackdown. Sky Italia’s CEO Andrea Duilio thanked the GdF and the Bologna prosecutors, and warned that people who choose illegal streaming risk fines and expose their personal data to theft and fraud.

    Whether the enforcement actions will effectively end the operation is unclear. There haven’t been any reports of arrests of the people who ran the operation.

    GdF’s press release does suggest that many pirate subscribers are at risk. It notes that fines will be issued to the first 1,000 identified subscribers, who will receive claims ranging from €154 to €5,000. The GdF puts the total involved in the “thousands.”

    This is not the first time that pirate streaming subscribers have come in the crosshairs of the authorities. Last year, thousands of subscribers, connected to an IPTV crackdown, received similar fines in the mail.

    From: TF, for the latest news on copyright battles, piracy and more.

  • Pluralistic: No honor among (ad-tech) thieves (25 May 2026)

    Today’s links

    • No honor among (ad-tech) thieves: Including “and” and “the.”
    • Hey look at this: Delights to delectate.
    • Object permanence: Budweiser nunchuks; GOP vote-suppressor voted illegally; Airbnb enshittifies; Oculus enshittifies; Nintendo copyfrauds its fans; Meritocracy to eugenics pipeline; Ultima Online crisis management; SNES cartridge urinal; JJ Abrams x Axanar, “Sex Criminals”; Beating school filters for fun; Orphan works; Japanese ATM heist; How the Sacklers rigged the game.
    • Upcoming appearances: London, Kansas City, LA, Menlo Park, Toronto, NYC, Edinburgh.
    • Recent appearances: Where I’ve been.
    • Latest books: You keep readin’ em, I’ll keep writin’ ’em.
    • Upcoming books: Like I said, I’ll keep writin’ ’em.
    • Colophon: All the rest.


    A painting of three lemons on a white background. Each has been altered to add a horrific eye staring out of it. From behind two of the lemons loom carny barkers, gesticulating wildly and waving canes.

    No honor among (ad-tech) thieves (permalink)

    It shouldn’t come as a surprise to learn that a company that uses dishonest tactics to spy on you for profit will also use dishonest tactics to sell the resulting surveillance data.

    The only reason this wouldn’t be obvious is if you’ve fallen into the trap of thinking “if you’re not paying for the product, you’re the product.” Companies that cheat when the opportunity arises will cheat everyone: customers, users, regulators, suppliers and employees. You’re the product if the company can get away with making you the product:

    https://pluralistic.net/2022/11/14/luxury-surveillance/#liar-liar

    The digital surveillance swindle is a con from top to bottom: it’s not just that they spy on you, it’s also that they lie to you about how and why and where they spy on you and what happens to the data they swindle out of you. They’re not just cheats, in other words – they’re also liars.

    Of course they’re liars! If their terms of service were honest, they’d say something like, “By being desperate enough to use this product, you ‘agree’ that we’re allowed to come over to your house and punch your grandmother, wear your underwear, make long-distance calls and eat all the food in your fridge.”

    So they lie like crazy. But they don’t just lie to us: they lie to the people they sell our surveillance data to as well. Of course they do! Those people are the ones giving them the money! By tricking the people paying for the product, these surveillance swindlers can get them to pay more!

    This is the basis of Tim Hwang’s essential 2020 book Subprime Attention Crisis:

    https://pluralistic.net/2020/10/05/florida-man/#wannamakers-ghost

    Core to Hwang’s thesis is that these ads aren’t just dangerous, they’re also ineffective. The danger of these ads is the erosion of privacy and the mobilization of private data for state repression and fraud, but not particularly for persuasion. The idea that ad-tech companies have realized the ancient dream of building a mind-control ray via the novel technique of “hacking your dopamine loop” is a story that the ad-tech swindlers cooked up to help them sell ads:

    https://pluralistic.net/2021/09/30/dont-believe-the-criti-hype/#ordinary-mediocrities

    Critics who repeat these outlandish claims are helping these companies sell ads to credulous advertisers, who are getting robbed to the tune of hundreds of billions of dollars. This is the process that Lee Vinsel calls “criti-hype,” which is when you “take the sensational claims of boosters and entrepreneurs, flip them, and start talking about ‘risks’”:

    https://peoples-things.ghost.io/youre-doing-it-wrong-notes-on-criticism-and-technology-hype/

    Criti-hype is satisfying because the hype itself is so fantastically overblown. These companies claim they’re going to save/destroy/conquer the world, transform the very nature of humanity, etc, and so critics who repeat those claims (brackets derogatory) can style themselves as defenders of the world and humanity itself.

    This is also a very profitable style of criticism: there’s a huge commercial market for people who claim to be defending the world from conquest by evil dopamine-hacking sorcerers and/or superintelligent paperclip-maximizers that can chatbot you into killing yourself and/or voting for Trump (brackets derogatory).

    The opposite of criti-hype is materialistic criticism, grounded in independently verifiable claims about how these scams work. To be a good tech critic, you need to start by assuming that a company that lies to its users about what it’s doing is perfectly capable of lying to its customers and investors about what it’s doing (that is, “even if you’re paying for the product, you’re still the product”).

    That’s demonstrably, verifiably true of the commercial surveillance industry. Commercial spies lie to their customers like crazy, and always have. Think of the department store magnate John Wannamaker’s famous quip that “half my advertising dollars are wasted, I just don’t know which half.” Man, did someone ever do a sell-job on old Wannamaker: imagine believing that only half of your advertising dollars are wasted. Today, thanks to creepy ad-tech analytics, we know that the true figure is around 99%.

    Hwang’s book documents lots more ad-tech fraud that’s every bit as audacious as the Wannamaker-era con-jobs. For example, there’s the fact that when Procter and Gamble zeroed out its $200m/year surveillance advertising program, they saw a zero percent drop in sales because (to a first approximation) all $200m of that annual spend was disappearing down the fraud-hole.

    There’s been plenty more examples since, rivaling previous eras for audacity and outlandishness. In 2023, Mozilla Labs investigated the ways that modern cars spy on their drivers and concluded that, when it came to privacy, cars were “the worst product category” they had ever evaluated, and recommended that you not buy any of the cars currently offered for sale:

    https://www.mozillafoundation.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/

    Mozilla’s report investigated two things: which data your car was collecting and selling about you (lots) and what data your car company claimed it had collected about you and was offering for sale (way, way more).

    For example, Nissan and Kia claimed that they had data about your sex life, a thing that cannot be reasonably inferred from the sensors in your car (unless you have a highly specific sex life). Six car companies claimed they had your genetic data (again, not a thing that any of the sensors in your car can know about).

    What’s more, all of these scams have only gotten worse in the intervening three years:

    https://cleantechnica.com/2026/05/22/mozilla-foundation-condemns-data-collection-by-cars/

    These companies are spying on you, and lying to you about how much they respect your privacy, and lying to their commercial customers about all the fiendish ways they’ve cooked up for invading your privacy.

    Everyone in the ad-tech sector is lying to everyone else in the ad-tech sector, in other words. It’s your basic hive of scum and villainy. Back in 2023, Cox Media – part of the sprawling media conglomerate that includes Cox Cable – told advertisers that they had a new product called “Active Listening” that recorded and transcribed all the conversations you have around your smart speakers, smart TVs, smart watches and phones:

    https://www.404media.co/heres-the-pitch-deck-for-active-listening-ad-targeting/

    It was a lie. There are plenty of ways that these devices spy on you, of course. Your smart TV is a cesspool of surveillance and data-exfiltration, but that data doesn’t include your conversations:

    https://pluralistic.net/2022/12/03/painful-burning-dribble/#law-of-intended-consequences

    Same for your smart speaker, which not only gathers tons of information about you for sale and targeting, but also leaks your voice data all the time, whenever you utter any of its “trigger words,” which include over 1,000 phrases that sound like its trigger words:

    https://pluralistic.net/2020/07/02/big-river/#triggered

    Cox, in other words, was running the same equal-opportunity scam that your auto-maker runs: deceiving you about how little data they were stealing from you, and deceiving their customers about how much data they were gathering on you.

    That said, there was something remarkable and unique about Cox’s fraud: because they were ripping off other (better-connected) fraudsters, their lies triggered an investigation by Donald Trump’s FTC, who never met a scammer they wouldn’t defend (from another scammer):

    https://arstechnica.com/tech-policy/2026/05/marketer-that-claimed-it-could-tap-devices-for-ad-targeting-will-pay-880k-settlement/

    Still, there are limits to this “honor among thieves” business. The settlement Trump’s FTC extracted from Cox for lying to other liars is less than $1m – basically, change that Cox can find down the back of its sofa:

    https://arstechnica.com/tech-policy/2026/05/marketer-that-claimed-it-could-tap-devices-for-ad-targeting-will-pay-880k-settlement/

    Still, the Cox settlement is a great criti-hype object lesson, a reminder that these creepy, lying companies lie to everyone, including their customers, which means that even if you’re paying for the product, you’re still the product.

    Hey look at this (permalink)


    A shelf of leatherbound history books with a gilt-stamped series title, 'The World's Famous Events.'

    Object permanence (permalink)

    #25yrsago Best email disclaimer award https://web.archive.org/web/20010526174903/http://www.theregister.co.uk/content/35/19057.html

    #25yrsago Kaycee hoax FAQ https://web.archive.org/web/20010629212706/https://rootnode.org/article.php?sid=26

    #25yrsago Crisis management in Ultima Online https://web.archive.org/web/20010605015828/http://www.newyorker.com/FACT/

    #25yrsago E3 is all softcore porn now https://web.archive.org/web/20010702122044/https://www.salon.com/tech/feature/2001/05/22/e3_2001/print.html

    #25yrsago Canadian payphone infinite long distance glitch https://web.archive.org/web/20010608183145/https://www.wired.com/news/culture/0,1284,43967,00.html

    #20yrsago Kids make a sport out of outsmarting school web-filters https://web.archive.org/web/20060821224237/http://news.com.com/Kids+outsmart+Web+filters/2009-1041-6062548.html

    #20yrsago Orphan works legislation https://web.archive.org/web/20060531135239/http://www.copybites.com/2006/05/chairman_lamar_.html

    #20yrsago U. Florida cops ask fiction writer for fingerprints, DNA https://memex.craphound.com/2006/05/22/u-florida-cops-ask-fiction-writer-for-fingerprints-dna/

    #20yrsago HDMI, the Manchurian DRM – a Broadcast Flag dormant until 2010 https://web.archive.org/web/20060523193853/https://arstechnica.com/news.ars/post/20060521-6880.html

    #15yrsago The Filter Bubble: how personalization changes society https://memex.craphound.com/2011/05/22/the-filter-bubble-how-personalization-changes-society/

    #15yrsago Last decade’s English libel legal sharks poised to make a new fortune on stupid privacy lawsuits and superinjuctions https://memex.craphound.com/2011/05/22/last-decades-english-libel-legal-sharks-poised-to-make-a-new-fortune-on-stupid-privacy-lawsuits-and-superinjuctions/

    #15yrsago RIAA boss takes home $3 mil+ https://lefsetz.com/wordpress/2011/05/21/another-member-of-the-overpaid/

    #15yrsago Vindictive game company invites employees to pan reviewer’s novel after bad review https://maroonersrock.com/2011/05/conduit-2-developer-calls-for-internal-retaliation-against-author-of-negative-joystiq-review/

    #15yrsago France lobbies G8 for Internet control and censorship https://www.laquadrature.net/en/2011/05/20/frances-g8-focuses-on-control-and-restrictions-to-online-freedoms/

    #15yrsago Budweiser nunchuks: American Ninja https://web.archive.org/web/20110701153712/http://www.todayandtomorrow.net/2011/05/19/american-ninja/

    #15yrsago GOP legislative aide works on punitive voter ID bill, boasts of illegally voting in another district https://web.archive.org/web/20110522014606/http://host.madison.com/wsj/news/local/govt-and-politics/elections/article_ede5d49e-8272-11e0-a6e0-001cc4c03286.html

    #15yrsago Raising a kid without disclosing their sex https://web.archive.org/web/20110523180952/http://www.parentcentral.ca/parent/babiespregnancy/babies/article/995112–parents-keep-child-s-gender-secret

    #15yrsago Byron Sonne: Canadian security geek jailed for taunting G20 security theatre https://web.archive.org/web/20110518195236/http://www.torontolife.com/daily/informer/from-print-edition-informer/2011/05/03/how-byron-sonne’s-obsessions-with-the-g20-security-apparatus-cost-him-everything/

    #15yrsago HOWTO make a SNES cartridge urinal https://blog.pricecharting.com/2011/05/how-to-build-video-game-urinal.html

    #15yrsago German police raid German Pirate Party’s servers two days before election https://web.archive.org/web/20120516010632/https://arstechnica.com/tech-policy/2011/05/german-police-seize-pirate-party-servers-looking-at-anons-toolkit/

    #10yrsago JJ Abrams urges Paramount to drop its lawsuit over fan Star Trek movie https://web.archive.org/web/20160522121940/https://deadline.com/2016/05/star-trek-axanar-lawsuit-ending-jj-abrams-paramount-1201760721/

    #10yrsago Pat Buchanan on the Republican Party’s historical opposition to free trade deals https://web.archive.org/web/20160521162845/http://www.theamericanconservative.com/buchanan/free-trade-vs-the-republican-party/

    #10yrsago United offered men-only “executive” flights until 1970 https://viewfromthewing.com/united-airlines-men-only-executive-service/

    #10yrsago Elderly man kills wife because they couldn’t afford her medicine https://www.nytimes.com/2016/05/20/us/florida-man-says-he-killed-sick-wife-because-he-couldnt-afford-her-medicine-sheriffs-say.html?_r=0

    #10yrsago Sex Criminals: Robin Hood bank robbers who can stop time when they orgasm https://memex.craphound.com/2016/05/21/sex-criminals-robin-hood-bank-robbers-who-can-stop-time-when-they-orgasm/

    #10yrsago Airbnb stealth-updates terms of service, says it’s not an insurer and requires binding arbitration https://memex.craphound.com/2016/05/20/airbnb-stealth-updates-terms-of-service-says-its-not-an-insurer-and-requires-binding-arbitration/

    #10yrsago Oculus breaks promise, uses DRM to kill app that let you switch VR systems https://web.archive.org/web/20160520161939/https://motherboard.vice.com/read/new-oculus-drm-cross-platform

    #10yrsago Nintendo claims ownership over fans’ Minecraft/Mario mashups https://web.archive.org/web/20160521193334/http://arstechnica.com/gaming/2016/05/nintendo-issues-copyright-claims-on-mario-themed-minecraft-videos/

    #10yrsago Paypal refuses to deliver online purchases to UK addresses containing “Isis” https://b2fxxx.blogspot.com/2016/05/the-tyranny-of-algorithm-yet-again.html

    #10yrsago 30 students debate mass surveillance on Capitol Hill https://web.archive.org/web/20160521000031/https://theintercept.com/2016/05/20/high-school-debaters-bring-surveillance-encryption-arguments-to-capitol-hill/

    #10yrsago What the NSA’s assault on whistleblowers taught Snowden https://www.theguardian.com/us-news/2016/may/22/how-pentagon-punished-nsa-whistleblowers

    #10yrsago Massive, coordinated ATM heist in Japan nets $12.7 million (¥‎1.4 billion) https://web.archive.org/web/20160523102154/http://mainichi.jp/english/articles/20160522/p2g/00m/0dm/044000c

    #5yrsago How the Sacklers rigged the game https://pluralistic.net/2021/05/23/a-bankrupt-process/#sacklers

    #5yrsago Consent theater https://pluralistic.net/2021/05/20/consent-theater/

    #5yrsago Debunking the arguments for vaccine apartheid https://pluralistic.net/2021/05/21/wait-your-turn/#vaccine-apartheid

    #5yrsago How the filibuster dies https://pluralistic.net/2021/05/22/not-with-a-bang/#theory-of-change

    #1yrago Strange Bedfellows and Long Knives https://pluralistic.net/2025/05/21/et-tu-sloppy-steve/#fractured-fairytales

    #1yrago The meritocracy to eugenics pipeline https://pluralistic.net/2025/05/20/big-cornflakes-energy/#caliper-pilled

    Upcoming appearances (permalink)

    A photo of me onstage, giving a speech, pounding the podium.


    A screenshot of me at my desk, doing a livecast.

    Recent appearances (permalink)


    A grid of my books with Will Stahle covers..

    Latest books (permalink)


    A cardboard book box with the Macmillan logo.

    Upcoming books (permalink)

    • “The Reverse-Centaur’s Guide to AI,” a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026 (https://us.macmillan.com/books/9780374621568/thereversecentaursguidetolifeafterai/)

    • “Enshittification, Why Everything Suddenly Got Worse and What to Do About It” (the graphic novel), Firstsecond, 2026

    • “The Post-American Internet,” a geopolitical sequel of sorts to Enshittification, Farrar, Straus and Giroux, 2027

    • “Unauthorized Bread”: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, April 20, 2027

    • “The Memex Method,” Farrar, Straus, Giroux, 2027


    Colophon (permalink)

    Today’s top sources:

    Currently writing: “The Post-American Internet,” a sequel to “Enshittification,” about the better world the rest of us get to have now that Trump has torched America. Third draft completed. Submitted to editor.

    • “The Reverse Centaur’s Guide to AI,” a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.

    • “The Post-American Internet,” a short book about internet policy in the age of Trumpism. PLANNING.

    • A Little Brother short story about DIY insulin PLANNING

    This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

    https://creativecommons.org/licenses/by/4.0/

    Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

    How to get Pluralistic:

    Blog (no ads, tracking, or data-collection):

    Pluralistic.net

    Newsletter (no ads, tracking, or data-collection):

    https://pluralistic.net/plura-list

    Mastodon (no ads, tracking, or data-collection):

    https://mamot.fr/@pluralistic

    Bluesky (no ads, possible tracking and data-collection):

    https://bsky.app/profile/doctorow.pluralistic.net

    Medium (no ads, paywalled):

    https://doctorow.medium.com/

    Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

    https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

    When life gives you SARS, you make sarsaparilla” -Joey “Accordion Guy” DeVilla

    READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies (“BOGUS AGREEMENTS”) that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

    ISSN: 3066-764X

  • How Unbekoming! The central delusion of MAHA

    How Unbekoming! The central delusion of MAHA

    The antivax movement has a central conspiracy theory, but there is also a central delusion behind MAHA, revealed by a blogger with the ‘nym Unbekoming.

    The post How Unbekoming! The central delusion of MAHA first appeared on Science-Based Medicine.