Long before "agentic AI," we had the idea that software was your agent on the internet.
-
There were always ways in which Google's "open" Android wasn't *exactly* open. The company engaged in illegal "tying" arrangements that forced hardware vendors and carriers to lock out versions of Android that were created by Google's competitors:
https://ec.europa.eu/commission/presscorner/detail/en/ip_18_4581
10/
In other words, even though Google offered a mobile platform that was (mostly) *technically* open, they used *commercial* and *legal* strategies to choke off the market oxygen for alternative Android versions that tried to capitalize on that technical openness.
11/
-
In other words, even though Google offered a mobile platform that was (mostly) *technically* open, they used *commercial* and *legal* strategies to choke off the market oxygen for alternative Android versions that tried to capitalize on that technical openness.
11/
But life finds a way. The existence of an open, modifiable, tinkerer-friendly mobile operating system meant Android hackers could create alternatives to Google's (de facto) walled garden, which thrived in the cracks in that garden wall. Operating systems like CalyxOS, PureOS and Graphene offered a more private, more secure Android experience, one that was largely "de-Googled," blocking Google's relentless acquisition of your private data:
12/
-
But life finds a way. The existence of an open, modifiable, tinkerer-friendly mobile operating system meant Android hackers could create alternatives to Google's (de facto) walled garden, which thrived in the cracks in that garden wall. Operating systems like CalyxOS, PureOS and Graphene offered a more private, more secure Android experience, one that was largely "de-Googled," blocking Google's relentless acquisition of your private data:
12/
And Google's data-hunger is *relentless*. Android exfiltrates a chunk of your personal and behavioral data *every five minutes*. The "resting heartbeat" of Android surveillance pulses and pulses, irrespective of whether you're using your device, and the instant you unlock your screen, that heartbeat quickens, sending even more data to the company:
https://digitalcontentnext.org/blog/2018/08/21/google-data-collection-research/
13/
-
Long before "agentic AI," we had the idea that software was your agent on the internet. That's why the technical term for a browser is a "user agent." Your browser acts on your behalf to retrieve information and then show it to you, in the format you choose. It's your agent:
https://pluralistic.net/2024/05/07/treacherous-computing/#rewilding-the-internet
--
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
https://pluralistic.net/2026/06/12/compelled-speech/#quishing
1/
@pluralistic Oh how I cried when I finally found out what REST had been supposed to be and how Fielding would beat most current 'REST' API authors with blunt objects if he hadn't apparently let go a long time ago.
-
And Google's data-hunger is *relentless*. Android exfiltrates a chunk of your personal and behavioral data *every five minutes*. The "resting heartbeat" of Android surveillance pulses and pulses, irrespective of whether you're using your device, and the instant you unlock your screen, that heartbeat quickens, sending even more data to the company:
https://digitalcontentnext.org/blog/2018/08/21/google-data-collection-research/
13/
All that data has proved irresistible to authoritarian governments. Donald Trump's enforcers have seized on Google data as a vital source of information about the identity of protesters and the location of migrants hunted by ICE:
https://www.eff.org/deeplinks/2026/04/google-broke-its-promise-me-now-ice-has-my-data
14/
-
All that data has proved irresistible to authoritarian governments. Donald Trump's enforcers have seized on Google data as a vital source of information about the identity of protesters and the location of migrants hunted by ICE:
https://www.eff.org/deeplinks/2026/04/google-broke-its-promise-me-now-ice-has-my-data
14/
There are many reasons why users would seek out these de-Googled alternatives to Android, finding them in spite of Google's illegal commercial tactics to block access to competing technologies. The worse it got, the better those alternatives looked.
Perhaps this explains Google's years-long effort to increase the *technical* barriers to using modified versions of Android, beefing these up to match the commercial restrictions that stand in the way of a de-Googled existence.
15
-
There are many reasons why users would seek out these de-Googled alternatives to Android, finding them in spite of Google's illegal commercial tactics to block access to competing technologies. The worse it got, the better those alternatives looked.
Perhaps this explains Google's years-long effort to increase the *technical* barriers to using modified versions of Android, beefing these up to match the commercial restrictions that stand in the way of a de-Googled existence.
15
Back in 2023, Google floated the idea of "Web Environment Integrity" (WEI), a set of modifications to web standards that would force your computer to disclose its operating environment to the web servers it connected to, *even if you objected to this disclosure*:
https://pluralistic.net/2023/08/02/self-incrimination/#wei-bai-bai
16/
-
Back in 2023, Google floated the idea of "Web Environment Integrity" (WEI), a set of modifications to web standards that would force your computer to disclose its operating environment to the web servers it connected to, *even if you objected to this disclosure*:
https://pluralistic.net/2023/08/02/self-incrimination/#wei-bai-bai
16/
WEI was a form of "remote attestation." That's when your device uses a sub-processor (sometimes called a "Technical Protection Module" or "TPM") or a walled off part of its main processor (sometimes called a "secure enclave") to produce a cryptographically signed description of your device and its configuration: which hardware, software, plug-ins and settings you're running.
17/
-
WEI was a form of "remote attestation." That's when your device uses a sub-processor (sometimes called a "Technical Protection Module" or "TPM") or a walled off part of its main processor (sometimes called a "secure enclave") to produce a cryptographically signed description of your device and its configuration: which hardware, software, plug-ins and settings you're running.
17/
When you connect to a server, it demands that your device send this "attestation" before it handles your request. If your device won't provide this data, or if the server doesn't like (or recognize) your device and its details, it can refuse to deal with you. And because the attestation is prepared by a TPM or a secure enclave that you can't modify or override, you don't get to decide which facts about your device it's allowed to see.
18/
-
When you connect to a server, it demands that your device send this "attestation" before it handles your request. If your device won't provide this data, or if the server doesn't like (or recognize) your device and its details, it can refuse to deal with you. And because the attestation is prepared by a TPM or a secure enclave that you can't modify or override, you don't get to decide which facts about your device it's allowed to see.
18/
Practically speaking, this means that remote attestation lets a server refuse to deal with you until you turn off your ad-blocker and your tracker-blocker. It means that the server can discriminate against users who block auto-play sound and video, who block pop-ups, who put the tab in the background when it's playing a mandatory pre-roll ad.
19/
-
Practically speaking, this means that remote attestation lets a server refuse to deal with you until you turn off your ad-blocker and your tracker-blocker. It means that the server can discriminate against users who block auto-play sound and video, who block pop-ups, who put the tab in the background when it's playing a mandatory pre-roll ad.
19/
WEI was especially disturbing in light of Google's efforts to kill ad-blockers and privacy blockers through updates to Chrome, an effort that continues to this day:
https://protonprivacy.substack.com/p/google-is-finally-killing-ublock
These blockers are an important part of the dynamic between web publishers and their users. In the real world, when you get an offer, you can make a *counter-offer*.
20/
-
WEI was especially disturbing in light of Google's efforts to kill ad-blockers and privacy blockers through updates to Chrome, an effort that continues to this day:
https://protonprivacy.substack.com/p/google-is-finally-killing-ublock
These blockers are an important part of the dynamic between web publishers and their users. In the real world, when you get an offer, you can make a *counter-offer*.
20/
That's all an ad-blocker is: a way for users to respond to a server whose opening bid is, "How about you give me all your data and let me take over your computer in exchange for showing you this page?" with "How about 'Nah?'"
https://www.eff.org/deeplinks/2019/07/adblocking-how-about-nah
21/
-
That's all an ad-blocker is: a way for users to respond to a server whose opening bid is, "How about you give me all your data and let me take over your computer in exchange for showing you this page?" with "How about 'Nah?'"
https://www.eff.org/deeplinks/2019/07/adblocking-how-about-nah
21/
We didn't get rid of pop-up ads by making them illegal, or by boycotting advertisers who used them. We got rid of pop-up ads when web users installed pop-up blockers, which made pop-up ads pointless. Take away our ability to block obnoxious digital content and you *guarantee* that we will be flooded with it.
22/
-
We didn't get rid of pop-up ads by making them illegal, or by boycotting advertisers who used them. We got rid of pop-up ads when web users installed pop-up blockers, which made pop-up ads pointless. Take away our ability to block obnoxious digital content and you *guarantee* that we will be flooded with it.
22/
These kinds of modifications aren't just used to block ads - they're also key to accessibility. People who have photosensitive epilepsy or who (like me) suffer from low-contrast vision problems use add-ons to reformat pages so that we can safely and legibly access them.
WEI's creators said they were only trying to put the web on a level playing field with apps, which routinely rat you out to the companies you connect to.
23/
-
These kinds of modifications aren't just used to block ads - they're also key to accessibility. People who have photosensitive epilepsy or who (like me) suffer from low-contrast vision problems use add-ons to reformat pages so that we can safely and legibly access them.
WEI's creators said they were only trying to put the web on a level playing field with apps, which routinely rat you out to the companies you connect to.
23/
Apps are a source of bottomless enshittification, not least because (unlike the web), they enjoy special, dangerous legal protections that make it *very* legally risky to modify them:
https://pluralistic.net/2025/07/31/unsatisfying-answers/#systemic-problems
WEI wasn't an effort to level the playing field between apps and the web - it was *a race to the bottom*, an attempt to make the web as enshittogenic as the app hellscape.
24
-
Apps are a source of bottomless enshittification, not least because (unlike the web), they enjoy special, dangerous legal protections that make it *very* legally risky to modify them:
https://pluralistic.net/2025/07/31/unsatisfying-answers/#systemic-problems
WEI wasn't an effort to level the playing field between apps and the web - it was *a race to the bottom*, an attempt to make the web as enshittogenic as the app hellscape.
24
Public outrage to WEI killed the project, but Google's commitment to augmenting its illegal commercial lockdown efforts with *technical* lockdowns never ended. Now, Google has rolled out an experimental "reCAPTCHA Mobile Verification" that uses an app, your camera, and your device's TPM or secure enclave to produce an attestation about your Android device:
https://support.google.com/recaptcha/answer/16609652
25/
-
Public outrage to WEI killed the project, but Google's commitment to augmenting its illegal commercial lockdown efforts with *technical* lockdowns never ended. Now, Google has rolled out an experimental "reCAPTCHA Mobile Verification" that uses an app, your camera, and your device's TPM or secure enclave to produce an attestation about your Android device:
https://support.google.com/recaptcha/answer/16609652
25/
This will make it much easier for the apps and other services you interact with to block your device if you run an Android alternative, or if you install a mod that overrides the actions of Google's stock Android:
26/
-
This will make it much easier for the apps and other services you interact with to block your device if you run an Android alternative, or if you install a mod that overrides the actions of Google's stock Android:
26/
This is a terrible idea - it's every bit as bad as WEI was. In an age in which Big Tech is ever-more tied to authoritarian governments, redesigning our devices to tell strangers things we don't want them to know isn't just shortsighted, it's inexcusable.
eof/
-
This is a terrible idea - it's every bit as bad as WEI was. In an age in which Big Tech is ever-more tied to authoritarian governments, redesigning our devices to tell strangers things we don't want them to know isn't just shortsighted, it's inexcusable.
eof/
@pluralistic Google unfortunately has the resources to do more than one of these at a time—they're also part of the attribution cartel, a project with Meta and Apple to drive ad revenue to lower-cost misinfo and slop that they, not independent publishers, can control
When "old Google" applied commodification to replace Digital and Sun servers with cheap generic PCs, it was a good approach. But applying it to news and creative works on the web is a big risk https://blog.zgp.org/facebook-slop-the-future-of-ad-supported-media/
-
J jwcph@helvede.net shared this topic
