Here is an email that Elon Musk, current world’s richest man and owner of a gigantic social media network that generated child sexual abuse material on demand, sent to sex offender Jeffrey Epstein on November 11, 2012: “What day/night will be the wildest party on your island?” 

At first glance, the latest Department of Justice dump of Epstein documents is at least as horrifying as any of the dumps that came previously. Whether or not—and most likely not—any consequences of any sort come for any of the people who interacted with or were friends with the notorious child sexual abuser, the documents are depraved and continue to show that Musk and many other rich and powerful people have been lying about their relationships with Epstein for years. 

In September, Musk tweeted “this is false” in response to a Forbes article based on previously released documents that stated he “planned a trip to Epstein’s private island.” He also wrote “Epstein tried to get me to go to his island and I REFUSED.” Musk had previously been named on Epstein’s calendar as being slated to visit Epstein’s island in 2014.

The emails released Friday show without a doubt that Musk, at the very least, “planned” a trip to Epstein’s island. They also show that Epstein asked Musk if SolarCity, his solar power startup that was eventually folded into Tesla, could electrify the island or his New Mexico ranch. 

The newly released documents show that Musk emailed with Epstein over the course of more than a year. In a December 2013 thread called “Christmas and New Year’s,” Musk wrote “Will be in the BVI [British Virgin Islands]/St Bart’s area over the holidays. Is there a good time to visit?” 

“I will send heli for you,” Epstein responded. “Thanks,” Musk answered. 

“Actually, I could fly back early on the 3rd. We will be in St Bart’s. When should we head to your island on the 2nd?,” Musk said in a follow-up email.

In October 2012, Musk emailed Epstein and said “The world needs more romance […] Talulah [Musk’s second wife] and I are headed to St. Barth’s at the end of the year. I assume you will most likely be on your island?” 

Epstein eventually responded in November and offered to send Musk as helicopter: “how many people will you be for the heli to island,” Epstein wrote. 

“Probably just Talulah and me,” Musk responded. “What day/night will be the wildest party on your island?”

Another thread between Epstein and Musk was about providing power to two of Epstein’s properties: “is there any one at Solar City that my guys can talk to about electrifying the caribean [sic] island? Or the New Mexico ranch,” Epstein wrote. “Are we in New Mexico?” Musk wrote, adding a colleague to the thread.

These emails are hitting at a time where there is quite a lot going on in the world, and Musk, Donald Trump, and the current class of people in political power have shown that they will suffer very little from essentially any political scandal. And yet, these emails show in black and white that Musk has been lying about his relationship with Epstein, and that’s worth documenting. 

Today's links

• Threads' margin is the Eurostack's opportunity: Move fast and break kings.
• Hey look at this: Delights to delectate.
• Object permanence: Frank Chu; MPAA x TSA; Flint truths; Pastel Q; Bernie meme.
• Upcoming appearances: Where to find me.
• Recent appearances: Where I've been.
• Latest books: You keep readin' em, I'll keep writin' 'em.
• Upcoming books: Like I said, I'll keep writin' 'em.
• Colophon: All the rest.

Threads' margin is the Eurostack's opportunity (permalink)

OG App is the coolest app you've never heard of. Back in 2022, two teenagers unilaterally disenshittified Instagram by making an "alt-client" that restored all the parts of Insta that made it a success and blocked all the antifeatures that Meta crammed down users' throats after they had them locked in.

Here's how OG App worked: first, it popped up a browser window and loaded the Instagram login screen. Then, after you'd logged into Insta, it stole the "session key" (the cryptographic proof that you were logged into your account). That let it impersonate you to Insta's servers, and slurp down the whole feed that Insta had queued up for you.

After grabbing your feed, OG App deleted all the ads, all the slop, all the boosted content, all the months-old clickbait that The Algorithm (TM) had surfaced. What was left was pristine: the posts from people you followed, in reverse-chronological order. To make this all even sweeter, OG App sent no data back to Meta as you used it, except for the likes and comments you intended to transmit to the company. All the other data that Meta's apps gather got blocked: everything from your location, to which posts you slowed down your scrolling on, to accelerometer readouts that revealed minute changes in how you hold your phone from second to second.

Boy did people like this! By the end of the day, OG App was in the top ten charts for both Google and Apple's app stores. By the next morning, it was gone. Meta sent a takedown notice to the app store duopoly and they killed OG App on its behalf (there is honor among thieves):

https://techcrunch.com/2022/09/27/og-app-promises-you-an-ad-free-instagram-feed/

The funny thing is, the OG App creators were just following the Facebook playbook. When Facebook opened up to the general public in 2006, it had the problem that everyone who wanted social media already had an account on Myspace, and all of Facebook's improvements on Myspace (Zuck made a promise never to spy on his users!) didn't matter, because Myspace had something Facebook could not match: Myspace had all your friends.

Facebook came up with an ingenious solution to this problem: they offered Myspace users a bot. You gave that bot your Myspace login credentials (just as OG App did with your Insta credentials) and the bot impersonated you to Myspace (just as OG App did with Insta), and it grabbed everything queued up for you on Myspace (just as OG App did with Insta), and then flowed those messages into your Facebook feed (just as OG App did with Insta).

This was very successful! Users didn't have to choose between their friends on Myspace and the superior design and privacy policies of Facebook. They got to eat their cake and have it, too.

This is actually a very old and important pattern in tech. It's what "move fast and break things" looks like when it's actually disrupting sclerotic and decaying companies that lock us in, take us for granted, and treat us like shit. It's what Apple did when they cloned the MS Office file formats and released iWork, whose Pages, Numbers and Keynote let Microsoft users escape from the prison of Windows and bring their documents with them:

https://www.eff.org/deeplinks/2019/06/adversarial-interoperability-reviving-elegant-weapon-more-civilized-age-slay

But like every pirate, the tech companies dreamed of being admirals. Once they'd attained the admiralty, they announced that when they did this stuff, it was progress, but if anyone does it to them, it would be piracy.

What's more, they were able to take advantage of a metastasizing blob of IP laws that the US Trade Representative spread around the world (with threats of tariffs for noncompliance). Soon, nearly every country had enacted laws that made it a literal crime for their entrepreneurs and technologists to fix America's defective tech exports by adding privacy tools, bridging old services into new ones, or reading and writing America's ubiquitous proprietary file-formats:

https://pluralistic.net/2026/01/01/39c3/#the-new-coalition

For decades, this system was immovable. The world couldn't afford tariffs on its exports to the USA, and it was able to maintain the pretense that America's platforms were trustworthy neutral parties, that would not be weaponized against their own national interest at the behest of the American state.

Obviously, that is dead now. Donald Trump, debilitated by white matter disease and his endemic incontinent belligerence, has flipped the table over in a poker game that was rigged in his favor because he resented having to pretend to play (TM November Kelly):

https://pluralistic.net/2026/01/26/i-dont-want/#your-greenback-dollar

EU member-states are minting new "digital sovereignty" ministries as fast as they can print up new business cards, the EU itself has just appointed its first "Tech Sovereignty, Security and Democracy" czar:

https://commission.europa.eu/about/organisation/college-commissioners/henna-virkkunen_en

They're building the "Eurostack," a fleet of EU-based data centers that will host free, open, auditable, trustworthy equivalents to the US tech giants' offerings:

https://pluralistic.net/2025/06/25/eurostack/#viktor-orbans-isp

But Eurostack is about to run into a wall: Article 6 of the EU's own Copyright Directive, which prohibits reverse-engineering and modification of tech products. It's a law that the US Trade Rep lobbied hard for, winning the day by promising tariff-free access to the US for Europe's exports (a promise Trump has now broken):

https://pluralistic.net/2025/10/15/freedom-of-movement/#data-dieselgate

So long as Europe continues to hold up its end of this one-sided bargain, it will not be able to create the reverse-engineering based tools to let EU companies, governments and households get their data out of US tech silos, let alone let them build and enjoy successors to OG App, which will make it easy for them to leave US social media without sacrificing contact with the people who matter to them.

Which brings me to Threads, Meta's latest social media network. Threads is built on Activitypub and Mastodon, these being open/free, auditable and trustworthy protocols, designed to support "federated" social media. That's social media that runs on servers managed by lots of different entities, whose users can all connect to one another no matter which server they use. Meta was clearly excited by the prospect of enclosing and conquering this open upstart, but also nervous at the prospect that its users would find, in federation, an easy path to escape from Meta's clutches.

After all, if you can leave Threads and join a non-Meta Mastodon server without losing contact with the people you followed and were followed by on Threads, then why wouldn't you leave? Mark Zuckerberg's users don't like him – they just hate him less than they love the people they are in community with on Zuckerberg's platforms.

So Threads never really joined the Fediverse. You can't quite follow and be followed by Mastodon users, and you can't quite migrate your account off Meta's servers and onto a better one. Zuck and his lieutenants are keenly attuned to any design that drives high "switching costs" for leaving their services, and they exploit these switching costs to figure out just how much pain they can inflict on users without risking their departure:

https://www.eff.org/deeplinks/2021/08/facebooks-secret-war-switching-costs

So now they've started to turn the screws on Threads users. They just announced a global program of Threads enshittification, with a promise to cram ads into the eyeballs of every Threads account:

https://www.contentgrip.com/meta-threads-ads-go-global/

This represents a hell of an opportunity for the EU and Eurostack. Meta's ads are wildly illegal in the EU, violating Europe's landmark privacy law, the GDPR. The only reason Meta gets away with its flagrant lawbreaking is that it has captured the Irish state, and uses legal tricks to force all GDPR enforcement into Irish jurisdiction:

https://pluralistic.net/2025/12/01/erin-go-blagged/#big-tech-omerta

People hate ads. More than half of all web users have installed an adblocker (which also protects their privacy). It's the largest consumer boycott in human history:

https://doc.searls.com/2023/11/11/how-is-the-worlds-biggest-boycott-doing/

But no one has ever installed an adblocker for an app, because reverse-engineering apps and the mobile platforms they run on is illegal under laws like Article 6 of the Copyright Directive. As a result, tech companies – especially US giants, who can violate EU law with impunity – love to enshittify their apps, because they know that no one can do unto them as they did unto their own rivals (like Myspace).

Meta's new ad strategy for Threads is the perfect cue for a European repeal of Article 6 of the Copyright Directive. Procedurally, this is a great moment for it, as the EU is finalizing the Digital Fairness Act, which could include an exemption to EUCD 6 for privacy-enhancing technologies:

https://www.europarl.europa.eu/legislative-train/theme-protecting-our-democracy-upholding-our-values/file-digital-fairness-act

Giving Europeans an effective way to push back against Meta's wholesale violation of their rights is a way that the Eurostack can score popular support right now – not in five years when the new data centers come online. It's a way of improving the lives of Europeans in immediate, concrete ways, rather than asking them to be grateful that some ministry has changed cloud providers – an important change, sure, but one that has no real impact on their daily lives.

What's more, legalizing jailbreaking for the purpose of making Threads alt-clients wouldn't just give Europeans a better social media experience – it could bootstrap European social media services. Remember, Threads was able to achieve instant scale by moving Instagram users onto Threads wholesale, maintaining their Insta follows and followers when they created their Threads accounts.

Europe – like everywhere else – is full of entrepreneurs who are trying to get national, independent social media platforms off the ground, hoping to woo users by promising them a more privacy-respecting alternative. They've got the same problem Zuck had when he tried to compete with Myspace: users love their friends more than they hate being spied on, so merely offering a better service is insufficient.

To get users off the old platforms, you have to lower their switching costs – you have to let them bring their friends to the new network, even if those friends are still stuck on the old network. Legalize jailbreaking in the EU and you'll make it possible to do "on-device bridging" – where a new social media app is able to break open the data storage of the Threads app on the same device and move that data into its own feeds. And because the EU has the GDPR, they have the privacy framework needed to police the privacy violations that breaking into other apps' data storage can lead to.

Meta will squawk. They'll say Europe is legalizing the violation of its corporate rights. But Meta violates Europeans' rights at scale, and the "rights" that I'm talking about taking away from Meta are rights the EU gave it in the first place, in exchange for a broken promise of tariff-free access to the USA.

Adblocking isn't stealing. Adblocking is bargaining. Without adblocking, the companies don't sell us services in exchange for our privacy – they plunder all the private data they can get, and dribble out services at whatever level they think we deserve. If ad-supported media was a restaurant, it'd be one where you got thrown up against a wall, relieved of your wallet, fed a handful of gruel, and then got kicked in the ass and sent on your way:

https://www.eff.org/deeplinks/2019/07/adblocking-how-about-nah

Every time Donald Trump threatens the EU, he makes the case for the Eurostack, but still, he can't help himself. Likewise, every time Zuckerberg enshittifies his services, he makes the case for repealing Article 6 of the Copyright Directive, and he can't help himself either.

Threads' inexorable enshittification is an opportunity: an opportunity to make the case for the Eurostack, an opportunity to improve the lives of millions of Europeans, and an opportunity to break through the walled gardens that keep the people we love stuck on legacy social media platforms.

When they did it to us, that wasn't progress. When we do it to them, it's not piracy.

Hey look at this (permalink)

• EFF to Close Friday in Solidarity with National Shutdown https://www.eff.org/deeplinks/2026/01/eff-close-friday-solidarity-national-shutdown

• Let's Make Hope Normal Again https://www.youtube.com/watch?v=qxt4HCjd7VA

• Detecting Dementia Using Lexical Analysis: Terry Pratchett’s Discworld Tells a More Personal Story https://www.mdpi.com/2076-3425/16/1/94

• How is Inventing the Renaissance an SFF-Related Work? https://www.exurbe.com/how-is-inventing-the-renaissance-an-sff-related-work/

• The Good, the Pretty, and Fear Itself https://catvalente.substack.com/p/the-good-the-pretty-and-fear-itself

Object permanence (permalink)

#25yrsago Frank Chu explainer http://www.12galaxies.20m.com

#20yrsago Kerouac curator invents copyright laws to keep photographers away https://thomashawk.com/2006/01/open-letter-to-myra-borshoff-cook-tour.html

#20yrsago EFF suing AT&T for helping NSA illegally spy on Americans https://www.eff.org/cases/nsa-multi-district-litigation

#20yrsago CD DRM software players are amateurish and easy to trick https://blog.citp.princeton.edu/2006/01/31/cd-drm-attacks-player/

#20yrsago MPAA puts TSA goon in charge of enforcement https://web.archive.org/web/20060209035921/http://www.mpaa.org/press_releases/2006_01_31.pdf

#20yrsago US-VISIT immigration system spent $15 million per crook caught https://www.schneier.com/blog/archives/2006/01/the_failure_of_1.html

#20yrsago Law firm fires clerk for personal opposition to DRM https://web.archive.org/web/20060203030500/http://www.freeculturenyu.org/2006/01/31/drm-fired/

#15yrsago Free excerpt from Jo Walton’s brilliant Among Others https://web.archive.org/web/20110204214337/http://www.tor.com/stories/2011/01/excerpt-among-others

#15yrsago Debunking yet another bought-and-paid-for report on the need for non-neutral net https://arstechnica.com/tech-policy/2011/01/huge-isps-want-per-gb-payments-from-netflix-youtube/

#15yrsago Batman: billionaire plutocrat vigilante https://reactormag.com/batman-plutocrat/

#15yrsago Another copyright troll throws in the towel https://www.eff.org/press/archives/2011/01/31

#10yrsago Ten hard truths about the Flint water atrocity https://www.ecowatch.com/michael-moore-10-things-they-wont-tell-you-about-the-flint-water-trage-1882162388.html

#10yrsago Watch: AMAZING slam poem about policing women’s speech habits https://www.youtube.com/watch?v=me4_QwmaNoQ

#10yrsago Congress wants to know if agencies were compromised by the backdoor in Juniper gear (and where it came from) https://www.reuters.com/article/us-juniper-networks-congress-idUSKCN0V708P/

#5yrsago Know Nothings, conspiratorialism and Pastel Q https://pluralistic.net/2021/01/31/rhymes-with-pastel-q/#paranoid-style

#5yrsago Mashing the Bernie meme https://pluralistic.net/2021/01/31/rhymes-with-pastel-q/#bernie-3d

Upcoming appearances (permalink)

• Salt Lake City: Enshittification at the Utah Museum of Fine Arts (Tanner Humanities Center), Feb 18
  https://tanner.utah.edu/center-events/cory-doctorow/

• Victoria: 28th Annual Victoria International Privacy & Security Summit, Mar 3-5
  https://www.rebootcommunications.com/event/vipss2026/

• Berkeley: Bioneers keynote, Mar 27
  https://conference.bioneers.org/

• Berlin: Re:publica, May 18-20
  https://re-publica.com/de/news/rp26-sprecher-cory-doctorow

• Berlin: Enshittification at Otherland Books, May 19
  https://www.otherland-berlin.de/de/event-details/cory-doctorow.html

• Hay-on-Wye: HowTheLightGetsIn, May 22-25
  https://howthelightgetsin.org/festivals/hay/big-ideas-2

Recent appearances (permalink)

• How the Internet Got Worse (Masters in Business)
  https://www.youtube.com/watch?v=auXlkuVhxMo

• Enshittification (Jon Favreau/Offline):
  https://crooked.com/podcast/the-enshittification-of-the-internet-with-cory-doctorow/

• Why Big Tech is a Trap for Independent Creators (Stripper News)
  https://www.youtube.com/watch?v=nmYDyz8AMZ0

• Enshittification (Creative Nonfiction podcast)
  https://brendanomeara.com/episode-507-enshittification-author-cory-doctorow-believes-in-a-new-good-internet/

• Enshittification with Plutopia
  https://plutopia.io/cory-doctorow-enshittification/

Latest books (permalink)

• "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025

• "Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
  https://us.macmillan.com/books/9780374619329/enshittification/

• "Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).

• "The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).

• "The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).

• "The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).

• "Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.

• "Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com

Upcoming books (permalink)

• "Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2026

• "Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026

• "The Memex Method," Farrar, Straus, Giroux, 2026

• "The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026

Colophon (permalink)

Today's top sources:

Currently writing: "The Post-American Internet," a sequel to "Enshittification," about the better world the rest of us get to have now that Trump has torched America (1048 words today, 18579 total)

• "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.

• "The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.

• A Little Brother short story about DIY insulin PLANNING

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Medium (no ads, paywalled):

https://doctorow.medium.com/

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

ISSN: 3066-764X

Greetings everyone. Hope you all are hanging in there as everything continues to catch fire/freeze over. There’s been little meaningful fallout since the federal agents’ killing of Alex Pretti, other than the apparent dismissal of ICE figurehead Greg Bovino; operations are still continuing apace, Minneapolis is still in the streets, and Democrats abandoned the idea of using a shutdown threat as leverage. Tech workers do continue to call on executive leadership to condemn the administration and cancel ICE contracts—Silicon Valley CEOs have stayed quiet—and another day of work stoppage and protest is planned tomorrow, Friday, January 30th. NationalShutdown.org has a searchable map of actions across the US. I’ve received word that protestors are planning an ICE Out demonstration at an Amazon tech hub in Santa Monica. I’m planning on reporting on the event (otherwise, I’m observing the shutout) and I’ll include more details at the end of the post.

Despite the authoritarian headwinds, there are of course those working to keep democracy functioning. To that end, I was invited to speak at a meeting of California’s Legislative Progressive Caucus—a group of dozens of elected state assembly members—in San Francisco last week. The caucus is crafting its approach to its next legislative session, and I was asked to discuss AGI, labor, and tech policy in the age of Trump, along with co-panelists Emily Bender, the computational linguist at the University of Washington, computer scientist Margaret Mitchell, and AI researcher Deborah Raji. I thought I’d share my remarks with readers here, in case they’re of interest. I also wanted to note that I’m only able to do things like this thanks to my paying subscribers. Taking trips and preparing talks like this are entirely unpaid labor, and it’s only because I think it’s important to advocate for the worker, the human, and the user in the age of AI and big tech, that I undertake them. And subscribers make that work possible. Thank you.

Subscribe now

I’m also pleased to report that I was impressed by the defiant attitudes and outlook of many members of the progressive caucus I spoke with.Tthey made calls for showing up in the streets for their communities and protesting ICE alongside them. They laughed off the Trump administration’s efforts to ‘ban’ AI lawmaking via executive order. Shortly after the meeting, assemblyman Alex Lee, the head of the progressive caucus, introduced legislation to eliminate tax breaks for companies that contract with the ICE or the Department of Homeland Security. Isaac Bryan, who I’ve actually interviewed in these pages before, about his No Robo Bosses bill, sponsored legislation to ban police officers from taking secondary employment with ICE. Unlike too many Democrats at the federal level, they appeared to have no intention of standing down.

Hello -

Thanks for having me, and for convening this listening session. I’ve been been reporting on the tech industry for over 15 years, and for the last five, I’ve been focusing on technology and labor. I wrote a book called Blood in the Machine about the history of worker resistance to automation, and the perennially misunderstood Luddite uprising.

With that in mind, there are a few points I want to hit on:

First, that the history of automation technologies can teach us a great deal about the present. From the power loom to the robotized assembly line to artificial intelligence, he ways that automation technologies impact working people tend to follow similar patterns.

One key lesson is that stories about the incredible power of a new technology have historically been used by entrepreneurs, bosses, and elites to override norms, standards, and laws, or bend them to their favor. Factory owners who adopted mechanized looms in the early 1800s argued that the rules on the books shouldn’t apply to them because they were using new and improved technology. On those grounds, they eventually convinced British Parliament to tear up most of the laws protecting cloth workers altogether. Decades of immense working class suffering ensued.

Today, a lot of tech CEOs right down the street from here are arguing much the same thing, calling for a moratorium on AI laws and deregulation—arguing that AI technology is so new and powerful it shouldn’t be beholden to any state laws at all.

A key to this agenda is the idea that artificial general intelligence, or AGI, is about to arise and unleash untold economic and social benefits. This, too, I might note, is not new. Pro-business interests have been claiming that full automation is right around the corner for no less than two centuries. The inventor of the early computer, Charles Babbage, and the writer Andrew Ure notably did so in the 1800s, when they claimed autonomous, human-free factories were incipient—in part to rebut growing concerns over the brutal working conditions in real-world factories.

Now, generative AI is undoubtedly on many counts, novel, and technologically impressive. But I bring up all this historical context to remind us that we’ve been here before, with powerful interests using the specter of world-changing technology to concentrate power, justify trampling workers in the short term, and distract from the more immediate harms and impacts.

So that’s the second thing I want to underline here:

AGI, or an AI super intelligence should, in my opinion as a tech reporter and something of a historian of automation, be understood primarily as Emily Bender have described it: A marketing device. There are plenty of AI researchers who truly believe we are on the cusp of realizing an AI super intelligence, and there are plenty who do not. But figures like Sam Altman have realized that AGI makes for the ultimate story to sell partners and investors on his company and products.

OpenAI defines AGI as, and I quote from its official charter, still online today, “highly autonomous systems that outperform humans at most economically valuable work.” This is what it’s selling to enterprise clients around the world, and why so many companies have FOMO; no company wants to risk missing out on the ‘eliminate all labor costs’ machine. That’s ultimately why we have an AI bubble right now.

In fact, in researching a report for the AI Now Institute, I analyzed AI CEOs’ public usage of the term ‘AGI’, and found that it tended to correlate almost exactly to when they needed to raise a new funding round or distract from a PR scandal.

The third and last point I want to make is that, just as the dreams of the fully automated factory helped obscure real-world problems with factory conditions and child labor abuses in the 1800s, the AGI story is obscuring the fact that AI is causing a litany of real-world problems right now.

For one, it’s a motor behind the often reckless data center buildout that’s raising electricity bills, threatening water supplies, and impacting communities across the nation. But that’s all worth it, the AI companies say to states and municipalities eager to stay ahead of the curve, because AGI is around the bend.

Furthermore, many companies that buy AI firms’ enterprise software are buying into the AGI dream, too, and have indeed begun replacing workers’ jobs and tasks with AI, regardless of whether the technology is truly up for the task. So far, it’s usually not; the AI does a worse job than the human in nearly every case. But the AI is cheaper. So what you see happening a lot is firms executing layoffs—Salesforce, here in SF, for instance, cited AI as a driving force behind its most reason round of firings, as did Amazon recently—and then the remaining workers have to work extra hours to pick up the slack. In fact, after Amazon’s corporate leadership attributed its layoffs to AI, Amazon tech workers took the extraordinary step of issuing a public statement saying internal AI tools were not capable of doing their work, and that AI was an excuse to cut headcount.

This is happening in a number of different fields, not just tech. I run a series on my website called ‘AI Killed My Job’ in which I ask workers to share stories of how AI impacted their workplaces. I’ve heard from hundreds of workers at this point. And it is clear that AI *is* doing some real damage, especially to our creative industries here in California. Artists who’ve lost half of their clients to Midjourney and can no longer afford to pay rent. Translators who’ve anxiously watched their work dry up and are scrambling to change careers late in life. Copywriters who are instructed by bosses to feed their writing into a program so an AI model can train to become their replacement.

One of the stories I thought I’d shared here was one I received was from a man named Jacques, who was the copy chief for a tech company’s website and support pages. He oversaw all the documents that helped users understand how to use its product, and how to troubleshoot when something went wrong. He sent me this story in early 2025. I’ll quote from him:

“AI didn’t quite kill my current job, but it does mean that most of my job is now training AI to do a job I would have previously trained humans to do. I have no idea how entry-level developers, support agents, or copywriters are supposed to become senior devs, support managers, or marketers when the experience required to ascend is no longer available.”

I followed up with Jacques six months later, and he told me his company had laid him off. “I was actually let go the week before Thanksgiving now that the AI was good enough,” he wrote.

None of the above cases are happening, it’s important to underline, because there’s an AGI that is suddenly better than humans at telling stories, writing copy, creating art. People overwhelmingly prefer the work of humans to AI, in fact. But as with every significant automation technology past, AI is alluring for the simple reason that it lets bosses cut labor costs and exert more control over their workplaces.

The concern is that this idea of AGI is helping to cover for the rote, mass automation of lots of jobs I think we really want people to be able to do; translator, artist, actor, writer, therapists, nurses, I could go on — and if we allow it to continue apace, society will be all the poorer, more polluted, and beholden to systems controlled by a relative handful billionaires in Silicon Valley.

Industry interests will always try to use new automation technologies to justify undermining labor. It’s a recurring theme through automation history. They will tell stories about its power, its exceptionalism, to try to escape scrutiny and accountability for what’s actually happening. But there is absolutely no reason that any technology should not be subject to democracy, should not be shaped by the very people who must live with it. Technology should be built to benefit everyone—not just the powerful.

A final note: People are not only anxious about AI but angry about how it’s being forced on them in their workplaces, and what management is using it to do to their livelihoods. You’ve probably heard form your constituents. I just want to relay that I hear it from my interview subjects, from workers, students, and members of civil society, nearly every day. There is a lot of political power to be found in building solidarity against extractive AI companies, big tech and in strong action to curb their worse impulses—even, sometimes, refusing it.

Subscribe now

Amazon is a major ICE contractor. Last year, it inked a $25 million deal to supply the agency with cloud compute services. As such, it makes for a compelling setting for a protest during tomorrow’s ICE out actions in Santa Monica. Details are below:

That’s it for this week. Take the day off tomorrow, and stay safe out there. Hammers up.

Both of these statements are true:

1. Across the whole US economy, there’s not really a visible effect of AI on hiring and job mix;
2. Some sectors are absolutely devastated directly by AI.

But also:

1. Nobody cares if it was technically AI or not that took their job;
2. The wider economy is visibly screwed already.

Even the most mainstream financial press is starting to admit that claiming your layoffs are AI at work is a fake excuse to sound good to investors.

Here’s a headline from Fortune: “AI layoffs are looking more and more like corporate fiction that’s masking a darker reality, Oxford Economics suggests”. That darker reality is that the economy is already screwed. But we’ll get to that: [Fortune, archive]

The primary motivation for this rebranding of job cuts appears to be investor relations. The report notes that attributing staff reductions to AI adoption “conveys a more positive message to investors” than admitting to traditional business failures, such as weak consumer demand or “excessive hiring in the past.” By framing layoffs as a technological pivot, companies can present themselves as forward-thinking innovators rather than businesses struggling with cyclical downturns.

… When asked about the supposed link between AI and layoffs, Cappelli urged people to look closely at announcements. “The headline is, ‘It’s because of AI,’ but if you read what they actually say, they say, ‘We expect that AI will cover this work.’ Hadn’t done it. They’re just hoping. And they’re saying it because that’s what they think investors want to hear.”

A report from Yale’s Budget Lab says there isn’t evidence of economy-wide effects from AI: [FT, archive]

The labour market doesn’t feel great, so it feels correct that AI is taking people’s jobs. But we’ve looked at this many, many different ways, and we really cannot find any sign that this is happening.

Broadly, across economic sectors, AI isn’t visibly affecting the job market. But it’s a good layoff excuse: [CNBC]

Stephany said there isn’t much evidence from his research that shows large levels of technological unemployment due to AI.

“Economists call this structural unemployment, so the pie of work is not big enough for everybody anymore and so people will lose jobs definitely because of AI, I don’t think that this is happening on a mass scale,” he said.

So if that’s true, why are there all these layoffs? It’s broader and long-running economic problems. You can start at the end of the zero interest rate policy.

From 2007 to 2009, we had the global financial crisis. The US economy was so damaged by the crash, the Fed lowered interest rates to near-zero for most of a decade just to keep the money moving. You could borrow money almost free! So companies went as big as they could on the free money. They over-hired just in case they needed the workers.

Then in 2022, inflation hit and the Fed put interest rates back up. Suddenly, things were not going so great. Come to 2024–25, and companies are throwing out employees they hired prospectively like they’re surplus unsold stock.

So people are in fact losing their jobs. But don’t say “no-one is losing their jobs to AI.” That’s not actually true. Some sectors really have been devastated by AI specifically.

Brian Merchant at Blood in the Machine – which you should all read – has been hammering on this theme. He’s got an ongoing project, “AI Took My Job,” talking to workers who were indeed fired directly for AI.

Translators in particular — businesses think bad machine translation is good enough. Duolingo’s AI-generated content quality is so bad that a lot of paying customers have left. Freelance translators can hardly find work these days, specifically because chatbots mash out translations. [Blood in the Machine]

Content moderators are an AI target too, because companies really do not care about the job at all. They’ll do it with any old rubbish, and now they are! [Blood in the Machine]

The vibe-coding push and computer software really just not working any more, I don’t have a smoking gun link, but it’s clear that quality is job number 55 or so.

MBAs loathe employees. Any employees. They despise you. AI promises the one thing MBAs want more than anything — firing people — so they’re all-in. That it doesn’t work does not matter.

MBAs also assume any job they don’t understand must be simple, so they put out sloppy trash that any consumer can see is obviously terrible. But the product won’t lose its customer base for the next year — probably — so that’s a problem for several quarters from now.

Sometimes managers forget AI’s just the excuse, and they fire entry level workers assuming AI can replace them — when it can’t. Sometimes they realise they shot themselves in the foot. [Register]

What will happen is that companies will realise the bots can’t do the jobs. But this will take a year or two. Then the companies that survive will rehire people. They’ll try to do it at lower pay, of course. [Register]

Liz Fong-Jones at Honeycomb, and formerly of Google, says: [Bluesky]

AI today is literally not capable of replacing the senior engineers they are laying off. corps are in fact getting less done, but they’re banking on making an example of enough people that survivors put their heads down and help them implement AI in exchange for keeping their jobs … for now.

When the AI bubble pops — which I’m still guessing at next year — that will mark the start of Great Depression 2. It’s going to be bad.

But it’s bad already — without a few huge tech companies swapping the same 10 billion dollars around, the economy numbers officially go into recession.

But the real economy where you and I live is already in trouble. The numbers in the real US economy are so bad, President Trump fired the US Commissioner of Labor Statistics because of a jobs report he didn’t like. That’s how you know it’s going great! [BBC]

For now, it’s mutual aid time. If you’re still in work, send some money to the people who aren/t. They need it.

And, of course, we must mention our good friends at Stop Gen AI, who help redistribute money to those affected by AI-related, or AI-excuse, job cuts. Go support Stop Gen AI. [Stop Gen AI]

• Video — Podcast

It’s pledge week at Pivot to AI! If you enjoyed this post, and our other posts, please do put $5 into the Patreon. It helps us keep Pivot coming out daily. Thank you all.

A hacker demonstrated that the viral new AI agent Moltbot (formally Clawdbot) is easy to hack via a backdoor in an attached support shop.Clawdbot has become a Silicon Valley sensation among a certain type of AI-booster techbro, and the backdoor highlights just one of the things that can go awry if you use AI to automate your life and work.

Software engineer Peter Steinberger first released Moltbot as Clawdbot last November. (He changed the name on January 27 at the request of Anthropic who runs a chatbot called Claude.) Moltbot runs on a local server and, to hear its boosters tell it, works the way AI agents do in fiction. Users talk to it through a communication platform like Discord, Telegram, or Signal and the AI does various tasks for them.

According to its ardent admirers, Moltbot will clean up your inbox, buy stuff, and manage your calendar. With some tinkering, it’ll run on a Mac Mini and it seems to have a better memory than other AI agents. Moltbot’s fans say that this, finally, is the AI future companies like OpenAI and Anthropic have been promising. 

The popularity of Moltbot is sort of hard to explain if you’re not already tapped into a specific sect of Silicon Valley AI boosters. One benefit is the interface. Instead of going to a discrete website like ChatGPT, Moltbot users can talk to the AI through Telegram, Signal, or Teams. It’s also active, rather than passive. It also takes initiative. Unlike Claude or Copilot, Moltbot takes initiative and performs tasks it thinks a user wants done. The project has more than 100,000 stars on GitHub and is so popular it spiked Cloudflare’s stock price by 14% earlier this week because Moltbot runs on the service’s infrastructure.

But inviting an AI agent into your life comes with massive security risks. Hacker Jamieson O'Reilly demonstrated those risks in three experiments he wrote up as long posts on X. In the first, he showed that it’s possible for bad actors to access someone’s Moltbot through any of its processes connected to the public facing internet. From there, the hacker could use Moltbot to access everything else, including Signal messages, a user had turned over to Moltbot.

In the second post, O'Reilly created a supply chain attack on Moltbot through ClawdHub. “Think of it like your mobile app store for AI agent capabilities,” O’Reilly told 404 Media. “ClawdHub is where people share ‘skills,’ which are basically instruction packages that teach the AI how to do specific things. So if you want Clawd/Moltbot to post tweets for you, or go shopping on Amazon, there's a skill for that. The idea is that instead of everyone writing the same instructions from scratch, you download pre-made skills from people who've already figured it out.”

The problem, as O’Reilly pointed out, is that it’s easy for a hacker to create a “skill” for ClawdHub that contains malicious code. That code could gain access to whatever Moltbot sees and get up to all kinds of trouble on behalf of whoever created it.

For his experiment, O’Reilly released a “skill” on ClawdHub called “What Would Elon Do” that promised to help people think and make decisions like Elon Musk. Once the skill was integrated into people’s Moltbot and actually used, it sent a command line pop-up to the user that said “YOU JUST GOT PWNED (harmlessly.)”

Another vulnerability on ClawdHub was the way it communicated to users what skills were safe: it showed them how many times other people had downloaded it. O’Reilly was able to write a script that pumped “What Would Elon Do” up by 4,000 downloads and thus make it look safe and attractive. 

“When you compromise a supply chain, you're not asking victims to trust you, you're hijacking trust they've already placed in someone else,” he said. “That is, a developer or developers who've been publishing useful tools for years has built up credibility, download counts, stars, and a reputation. If you compromise their account or their distribution channel, you inherit all of that.”

In his third, and final, attack on Moltbot, O’Reilly was able to upload an SVG (vector graphics) file to ClawdHub’s servers and inject some JavaScript that ran on ClawdHub’s servers. O’Reilly used the access to play a song from The Matrix while lobsters danced around a Photoshopped picture of himself as Neo. “An SVG file just hijacked your entire session,” reads scrolling text at the top of a skill hosted on ClawdHub.

O’Reilly attacks on Moltbot and ClawdHub highlight a systemic security problem in AI agents. If you want these free agents doing tasks for you, they require a certain amount of access to your data and that access will always come with risks. I asked O’Reilly if this was a solvable problem and he told me that “solvable” isn't the right word. He prefers the word “manegeable.”

“If we're serious about it we can mitigate a lot. The fundamental tension is that AI agents are useful precisely because they have access to things. They need to read your files to help you code. They need credentials to deploy on your behalf. They need to execute commands to automate your workflow,” he said. “Every useful capability is also an attack surface. What we can do is build better permission models, better sandboxing, better auditing. Make it so compromises are contained rather than catastrophic.”

We’ve been here before. “The browser security model took decades to mature, and it's still not perfect,” O’Reilly said. “AI agents are at the ‘early days of the web’ stage where we're still figuring out what the equivalent of same-origin policy should even look like. It's solvable in the sense that we can make it much better. It's not solvable in the sense that there will always be a tradeoff between capability and risk.”

As AI agents grow in popularity and more people learn to use them, it’s important to return to first principles, he said. “Don't give the agent access to everything just because it's convenient,” O’Reilley said. “If it only needs to read code, don't give it write access to your production servers. Beyond that, treat your agent infrastructure like you'd treat any internet-facing service. Put it behind proper authentication, don't expose control interfaces to the public internet, audit what it has access to, and be skeptical of the supply chain. Don't just install the most popular skill without reading what it does. Check when it was last updated, who maintains it, what files it includes. Compartmentalise where possible. Run agent stuff in isolated environments. If it gets compromised, limit the blast radius.”

None of this is new, it’s how security and software have worked for a long time. “Every single vulnerability I found in this research, the proxy trust issues, the supply chain poisoning, the stored XSS, these have been plaguing traditional software for decades,” he said. “We've known about XSS since the late 90s. Supply chain attacks have been a documented threat vector for over a decade. Misconfigured authentication and exposed admin interfaces are as old as the web itself. Even seasoned developers overlook this stuff. They always have. Security gets deprioritised because it's invisible when it's working and only becomes visible when it fails.”

What’s different now is that AI has created a world where new people are using a tool they think will make them software engineers. People with little to no experience working a command line or playing with JSON are vibe coding complex systems without understanding how they work or what they’re building. “And I want to be clear—I'm fully supportive of this. More people building is a good thing. The democratisation of software development is genuinely exciting,” O’Reilly said. “But these new builders are going to need to learn security just as fast as they're learning to vibe code. You can't speedrun development and ignore the lessons we've spent twenty years learning the hard way.”

Moltbot’s Steinberger did not respond to 404 Media’s request for comment but O’Reilly said the developer’s been responsive and supportive as he’s red-teamed Moltbot. “He takes it seriously, no ego about it. Some maintainers get defensive when you report vulnerabilities, but Peter

immediately engaged, started pushing fixes, and has been collaborative throughout,” O’Reilly said. “I've submitted [pull requests] with fixes myself because I actually want this project to succeed. That's why I'm doing this publicly rather than just pointing my finger and laughing Ralph Wiggum style…the open source model works when people act in good faith, and Peter's doing exactly that.”

Acoustic solutions are essential in today’s workspaces, from pods to ceiling baffles, in all shapes and sizes. Most of these products, while effective, don’t always blend with interiors, and they often look more corporate than contemporary.

So when BIT CREATIVE was hired to envision a branch in Poland for leading Danish audio technology company GN Group, the architects decided to look at items in the core line, from hearing aids to devices for gamers. “The products were really the inspiration for the entire office concept,” says Barnaba Grzelecki, founder of BIT CREATIVE.

Located in the Saski Crescent complex in Warsaw, the 21,527-square-foot headquarters supports global operations, particularly the organization’s IT department, the largest cohort in the space. Exposed ceilings and tree canopies visible through some of the windows create an expansive feel.

Diverse zones allow employees to shift from heads-down work to group sessions with ease. An area for guests, which contains a plant-filled bookshelf, is reminiscent of a living room. The social sector at the heart of the workplace includes a casual dining section and bar. Glass blocks let sunlight filter in and complement the tile backsplash. There’s even a room dedicated to deep relaxation, complete with cosmic motifs and a recliner.

In a nod to Scandinavian style, natural oak wood is the material of choice, paired with red brick, concrete, and greenery. Found in the GN Group’s former office within a co-working center, these favored details now enhance the current setting. An LED ribbon that floats on the ceiling references sound waves, while graphics depict their intensity.

The color palette has a series of gray tones balanced by sage, navy, and hints of purple. The brand’s signature orange brings vibrancy to a music-themed room that features percussion instruments, including a display of cymbals.

Soundproofing is, of course, at the forefront, with multipurpose pieces that are ideal in the open office. Circular fixtures that resemble origami flowers seem to float overhead. PET panels integrated into partitions reduce noise and offer added privacy. Bitumen-backed carpet tiles bring durability and texture underfoot.

More than an office, the space doubles as a showroom-type environment that highlights sonic elements. “The design is built around sound, both functionally and visually,” notes Grzelecki.

To see this and other works by the studio, visit bitcreative.info.

Photography by Fotomohito.