Pluralistic: Darth Android (01 Sep 2025)


Today's links


An Android robot standing atop a cracked mobile phone, wearing Darth Vader armor.

Darth Android (permalink)

William Gibson famously said that "Cyberpunk was a warning, not a suggestion." But for every tech leader fantasizing about lobotomizing their enemies with Black Ice, there are ten who wish they could be Darth Vader, force-choking you while grating out, "I'm altering the deal. Pray I don't alter it any further."

I call this business philosophy the "Darth Vader MBA." The fact that tech products are permanently tethered to their manufacturers – by cloud connections backstopped by IP restrictions that stop you from disabling them – means that your devices can have features removed or altered on a corporate whim, and it's literally a felony for you to restore the functionality you've had removed:

https://pluralistic.net/2023/10/26/hit-with-a-brick/#graceful-failure

That presents an irresistible temptation to tech bosses. It means that you can spy on your users, figure out which features they rely on most heavily, disable those features, and then charge money to restore them:

https://restofworld.org/2021/loans-that-hijack-your-phone-are-coming-to-india/

It means that you can decide to stop paying a supplier the license fee for a critical feature that your customers rely on, take that feature away, and stick your customers with a monthly charge, forever, to go on using the product they already paid for:

https://pluralistic.net/2022/10/28/fade-to-black/#trust-the-process

It means that you can push "security updates" to devices in the field that take away your customers' ability to use third-party apps, so they're forced to use your shitty, expensive apps:

https://www.404media.co/developer-unlocks-newly-enshittified-echelon-exercise-bikes-but-cant-legally-release-his-software/

Or you can take away third-party app support and force your customers to use your shitty app that's crammed full of ads, so they have to look at an ad every time they want to open their garage-doors:

https://pluralistic.net/2023/11/09/lead-me-not-into-temptation/#chamberlain

Or you can break compatibility with generic consumables, like ink, and force your customers to buy the consumables you sell, at (literal) ten billion percent markups:

https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer

Combine the "agreements" we must click through after we hand over our money, wherein we "consent" to having the terms altered at any time, in any way, forever, and surrender our right to sue:

https://pluralistic.net/2025/08/15/dogs-breakfast/#by-clicking-this-you-agree-on-behalf-of-your-employer-to-release-me-from-all-obligations-and-waivers-arising-from-any-and-all-NON-NEGOTIATED-agreements

With the fact that billions of digital tools can be neutered at a distance with a single mouse-click:

https://pluralistic.net/2023/02/19/twiddler/

With the fact that IP law makes it a literal felony to undo these changes or add legal features to your own property that the manufacturer doesn't want you to have:

https://pluralistic.net/2024/05/24/record-scratch/#autoenshittification

And you've created the conditions for a perfect Darth Vader MBA dystopia.

Tech bosses are fundamentally at war with the idea that our digital devices contain "general purpose computers." The general-purposeness of computers – the fact that they are all Turing-complete, universal von Neumann machines – has created tech bosses' fortunes, but now that these fortunes have been attained, the tech sector would like to abolish that general-purposeness; specifically, they would like to make it impossible to run programs that erode their profits or frustrate their attempts at rent-seeking.

This has been a growing trend in computing since the mid-2000s, when tech bosses realized that the "digital rights management" that the entertainment industry had fallen in love with could provide even bigger dividends for tech companies themselves.

Since the Napster era, media companies have demanded that tech platforms figure out how to limit the use and copying of media files after they were delivered to our computers. They believed that there was some practical way to make a computer that would refuse to take orders from its owner, such that you could (for example) "stream" a movie to a user without that being a "download." The truth, of course is that all streams are downloads, because the only way to cause my screen to display a video file that is on your server is for your server to send that file to my computer.

"Streaming" is a consensus hallucination, and when a company claims to be giving you a "stream" that's not a "download," they really mean that they believe that the program that's rendering the file on your screen doesn't have a "save as" button.

But of course, even if the program doesn't have a "save as" button, someone could easily make a "save as" plugin that adds that functionality to your streaming program. So "streaming" isn't just "a video playback program without a 'save as' button," it's also "a video playback program that no one can add a 'save as' button to."

At the turn of the millennium, tech companies selling this stuff hoodwinked media companies by claiming that they used technical means to prevent someone from adding the "save as" button after the fact. But tech companies knew that there was no technical means to prevent this, because computers are general purpose, and can run every program, which means that every 10-foot fence you build around a program immediately summons up an 11-foot ladder.

When a tech company says "it's impossible to change the programs and devices we ship to our users," they mean, "it's illegal to change the programs and devices we ship to our users." That's thanks to a cluster of laws we colloquially call "IP law"; a label we apply to any law that lets a firm exert control on the conduct of users, critics and competitors:

https://locusmag.com/2020/09/cory-doctorow-ip/

Law, not technology, is the true battlefield in the War on General Purpose Computing, a subject I've been raising the alarm about for decades now:

https://memex.craphound.com/2012/01/10/lockdown-the-coming-war-on-general-purpose-computing/

When I say that this is a legal fight and not a technical one, I mean that, but for the legal restrictions on reverse-engineering and "adversarial interoperability," none of these extractive tactics would be viable. Every time a company enshittified its products, it would create an opportunity for a rival to swoop in, disenshittify the enshittification, and steal your customers out from under you.

The fact that there's no technical way to enforce these restrictions means that the companies that benefit from them have to pitch their arguments to lawmakers, not customers. If you have something that works, you use it in your sales pitch, like Signal, whose actual, working security is a big part of its appeal to users.

If you have something that doesn't work, you use it in your lobbying pitch, like Apple, who justify their 30% ripoff app tax – which they can only charge because it's a felony to reverse-engineer your iPhone so you can use a different app store – by telling lawmakers that locking down their platform is essential to the security and privacy of iPhone owners:

https://pluralistic.net/2024/01/12/youre-holding-it-wrong/#if-dishwashers-were-iphones

Apple and Google have a duopoly over mobile computing. Both companies use legal tactics to lock users into getting their apps from the companies' own app stores, where they take 30 cents out of every dollar you spend, and where it's against the rules to include any payment methods other than Google/Apple's own payment systems.

This is a massive racket. It lets the companies extract hundreds of billions of dollars in rents. This drives up costs for their users and drives down profits for their suppliers. It lets the duopoly structure the entire mobile economy, acting as de facto market regulators. For example, the fact that Apple/Google exempt Uber and Lyft from the 30% app tax means that they – and they alone – can provide competitive ride-hailing services.

But though both companies extract the 30% app tax, they use very different mechanisms to maintain their lock on their users and on app makers. Apple uses digital locks, which lets it invoke IP law to criminalize anyone who reverse-engineers its systems and provides an easy way to install a better app store.

Google, on the other hand, uses a wide variety of contractual tactics to maintain its control, arm-twisting Android device makers and carriers into bundling its app store with every device, often with a locked bootloader that prevents users from adding new app stores after they pay for their devices.

But despite this, Google has always claimed that Android is the "open" alternative to the Apple "ecosystem," principally on the strength that you can "sideload" an app. "Sideload" is a weird euphemism that the mobile duopoly came up with; it means "installing software without our permission," which we used to just call "installing software" (because you don't need a manufacturer's permission to install software on your computer).

Now, Google has pulled a Darth Vader, changing the deal after the fact. They've announced that henceforth, you will only be able to sideload apps that come from developers who pay to be validated by Google and certified as good eggs. This has got people really angry, and justifiably so.

Last week, the repair hero Louis Rossmann posted a scorching video excoriating Google for the change:

https://www.youtube.com/watch?v=QBEKlIV_70E

In the video, Rossmann – who is now running an anti-enshittification group called Fulu – reminds us that our mobile devices aren't phones, they're computers and urges us not to use the term "sideloading," because that's conceding that there's something about the fact that this computer can fit in your pocket that means that you shouldn't be able to, you know, just install software.

Rossmann thinks that this is a cash grab, and he's right – partially. He thinks that this is a way for Google to make money from forcing developers to join its certification program.

But that's just small potatoes. The real cash grab is the hundreds of billions of dollars that Google stands to lose if we switch to third-party app stores and choke off the app tax.

That is an issue that is very much on Google's mind right now, because Google lost a brutal antitrust case brought by Epic Games, makers of Fortnite:

https://pluralistic.net/2023/12/12/im-feeling-lucky/#hugger-mugger

Epic's suit contended that Google had violated antitrust law by creating exclusivity deals with carriers and device makers that locked Android users into Google's app store, which meant that Epic had to surrender 30% of its mobile earnings to Google.

Google lost that case – badly. It turns out that judges don't like it when you deliberately destroy evidence:

https://www.legaldive.com/news/deleted-messages-google-antitrust-case-epic-games-deliberate-spoliation-donato/702306/

They say that when you find yourself in a hole, you should stop digging, but Google can't put down the shovel. After the court ordered Google to open up its app store, the company just ignored the order, which is a thing that judges hate even more than destroying evidence:

https://www.justice.gov/atr/case/epic-games-inc-v-google-llc

So it was that last month, Google found itself with just two weeks to comply with the open app store order, or else:

https://www.theverge.com/news/717440/google-epic-open-play-store-emergency-stay

Google was ordered to make it possible to install new app stores as apps, so you could go into Google Play, search for a different app store, and, with a single click, install it on your phone, and switch to getting your apps from that store, rather than Google's.

That's what's behind Google's new ban on "sideloading": this is a form of malicious compliance with the court orders stemming from its losses to Epic Games. In fact, it's not even malicious compliance – it's malicious noncompliance, a move that so obviously fails to satisfy the court order that I think it's only a matter of time until Google gets hit with fines so large that they'll actually affect Google's operations.

In the meantime, Google's story that this move is motivated by security it obviously bullshit. First of all, the argument that preventing users from installing software of their choosing is the only way to safeguard their privacy and security is bullshit when Apple uses it, and it's bullshit when Google trots it out:

https://www.eff.org/document/letter-bruce-schneier-senate-judiciary-regarding-app-store-security

But even if you stipulate that Google is doing this to keep you safe, the story falls apart. After all, Google isn't certifying apps, they're certifying developers. This implies that the company can somehow predict whether a developer will do something malicious in the future.

This is obviously wrong. Indeed, Google itself is proof that this doesn't work: the fact that a company has a "don't be evil" motto at its outset is no guarantee that it won't turn evil in the future.

There's a long track record of merchants behaving in innocuous and beneficial ways to amass reputation capital, before blitzing the people who trust them with depraved criminality. This is a well-understood problem with reputation scores, dating back to the early days of eBay, when crooked sellers invented the tactic of listing and delivering a series of low-value items in order to amass a high reputation score, only to post a bunch of high-ticket scams, like dozens laptops at $1,000 each, which are never delivered, even as the seller walks away with tens of thousands of dollars.

More recently, we've seen this in supply chain attacks on open source software, where malicious actors spend a long time serving as helpful contributors, pushing out a string of minor, high-quality patches before one day pushing a backdoor or a ransomware package into widely used code:

https://arstechnica.com/security/2025/07/open-source-repositories-are-seeing-a-rash-of-supply-chain-attacks/

So the idea that Google can improve Android's safety by certifying developers, rather than code, is obvious bullshit. No, this is just a pretext, a way to avoid complying with the court order in Epic and milking a few more billions of dollars in app taxes.

Google is no friend of the general purpose computer. They keep coming up with ways to invoke the law to punish people who install code that makes their Android devices serve their owners' interests, at the expense of Google's shareholders. It was just a couple years ago that we had to bully Google out of a plan to lock down browsers so they'd be as enshittified as apps, something Google sold as "feature parity":

https://pluralistic.net/2023/08/02/self-incrimination/

Epic Games didn't just sue Google, either. They also sued Apple – but Apple won, because it didn't destroy evidence and make the judge angry at it. But Apple didn't walk away unscathed – they were also ordered to loosen up control over their App Store, and they also failed to do so, with the effect that last spring, a federal judge threatened to imprison Apple executives:

https://pluralistic.net/2025/05/01/its-not-the-crime/#its-the-coverup

Neither Apple nor Google would exist without the modern miracle that is the general purpose computer. Both companies want to make sure no one else ever reaps the benefit of the Turing complete, universal von Neumann machine. Both companies are capable of coming up with endless narratives about how Turing completeness is incompatible with your privacy and security.

But it's Google and Apple that stand in the way of our security and privacy. Though they may sometimes protects us against external threats, neither Google nor Apple will ever protect us from their own predatory instincts.

(Image: Ashwin Kumar, CC BY-SA 2.0, modified)

Hey look at this (permalink)


A shelf of leatherbound history books with a gilt-stamped series title, 'The World's Famous Events.'

Object permanence (permalink)

#20yrsago Microsoft abandons its customers AND copyright to kiss up to Hollywood https://memex.craphound.com/2005/08/30/microsoft-abandons-its-customers-and-copyright-to-kiss-up-to-hollywood/

#15yrsago Koko Be Good: complex and satisfying graphic novel about finding meaning in life https://memex.craphound.com/2010/08/31/koko-be-good-complex-and-satisfying-graphic-novel-about-finding-meaning-in-life/

#15yrsago Frankenmascot: all the cereal mascots in one https://web.archive.org/web/20100904072945/http://citycyclops.com/8.31.10.php

#5yrsago Bayer-Monsanto is in deep trouble https://pluralistic.net/2020/08/31/ai-rights-now/#gotterdammerung

#5yrsago Hard Wired https://pluralistic.net/2020/08/31/ai-rights-now/#len-vlahos

#5yrsago Big Tech welcomes (some) regulation https://pluralistic.net/2020/08/30/arabian-babblers/#bezos-bell-system

#5yrsago We don't know why you don't want to have public sex https://pluralistic.net/2020/08/30/arabian-babblers/#evopsych

Upcoming appearances (permalink)

A photo of me onstage, giving a speech, pounding the podium.


A screenshot of me at my desk, doing a livecast.

Recent appearances (permalink)


A grid of my books with Will Stahle covers..

Latest books (permalink)


A cardboard book box with the Macmillan logo.

Upcoming books (permalink)

  • "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025

  • "Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
    https://us.macmillan.com/books/9780374619329/enshittification/

  • "Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2026

  • "Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026

  • "The Memex Method," Farrar, Straus, Giroux, 2026

  • "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, 2026


Colophon (permalink)

Today's top sources:

Currently writing:

  • "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. (1022 words yesterday, 11212 words total).

  • A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Medium (no ads, paywalled):

https://doctorow.medium.com/

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

ISSN: 3066-764X

Join the Discussion at ChinWag