Microsoft ships flaws. A lot of flaws. But I want to talk about just three of them, BlueHammer, RedSun, and UnDefend, because they are seeing exploitation in the wild. Two of the six are in BitLocker and Defender, the encryption and defense layer Microsoft ships as the reason to trust their platform.

This past January I said that position is already untenable. Gone. Doesn’t exist.

Windows Users Are Cooked: Microsoft’s Encryption Mushroom Cloud Isn’t Going Away

For months I have been warning people Windows can’t continue like this. It’s no longer sustainable and everyone must migrate. What “Nightmare Eclipse” has just demonstrated in public with three flaws is the thing we have been talking about openly for months. And by openly, I mean publishing proof-of-concept code is constitutionally protected speech in the US.

To be fair, aiding-or-enabling is different, and not protected, which I’ll get to in a second. In fact, we should lay some of the blame for an overheated pace of exploit sharing at the feet of politicians pumping “War Department” aggression rhetoric with belligerence as the American security mindset. Is that an UFC arena replacing the White House? Are those repeated fire-ready-aim acts of war crimes in a war that can’t be won? Does MAGA keep pushing a “bomb them until they agree” foreign policy? Think about the mental state of American “leadership” when you read a researcher saying there’s a “Bone Shattering Drop”. It’s not exceptional.

Microsoft is in denial, which hurts the public. It has responded with a blog post shaming researchers on coordinated disclosure, with a reminder that its private Digital Crimes Unit brings cases against those who enable criminal activity. Yeah, ok Pinkerton, if you claim to be a law enforcement group maybe enforce it against yourself? The threat to the public doesn’t go one direction here. The person who bottles the pollution, which is basically anyone now, faces the same laws, in principle, as the billionaires who push the pollution to be bottled. Am I right Volkswagen? The company that spews vulnerable code, at scale like a broken sewer pipe, faces what Digital Crimes Unit exactly?

A working exploit is a form of science, downstream evidence that the upstream polluter exists. Microsoft authored defects so widely their entire history has been an example of what not to do unless you’re the son of a powerful lawyer. The whole virus industry was literally created by Microsoft. Katie Moussouris, who built the Microsoft bug bounty program, said it plainly: the bugs are Microsoft’s, they wrote the code, and they own the risk to customers.

Every single era-defining mass infection ran on a Microsoft product. Get it? The right-hand column is accountability, investigation, regulation. At each scale of disaster, there are zero non-Microsoft events.

Year	Outbreak	Microsoft attack surface	Blast radius	Non-Microsoft event at that scale
1986	Brain	MS-DOS boot sector	First PC virus in the wild	None
1999	Melissa	Word and Outlook macros	Forced corporate mail shutdowns, $80M cleanup	None
2000	ILOVEYOU	Windows and Outlook scripting	45M machines, $5.5B in damage	None
2001	Code Red	IIS web server	359,000 hosts in under 14 hours	None
2001	Nimda	Windows and IIS, five vectors	Most widespread worm on the internet within 22 minutes	None
2003	SQL Slammer	SQL Server	Saturated global bandwidth in 10 minutes	None
2003	Blaster	Windows RPC/DCOM	Millions of machines in reboot loops	None
2004	Sasser	Windows LSASS	Grounded flights, delayed trains, downed hospital systems	None
2008	Conficker	Windows Server service	9 to 15M machines, still circulating today	None
2010	Stuxnet	Windows, four zero-days	Crossed malware into physical industrial sabotage	None
2017	WannaCry	Windows SMBv1	200,000+ machines across 150 countries, UK NHS down	None
2017	NotPetya	Windows SMB and credential theft	$10B, the costliest cyberattack on record	None

Look at how AV-TEST cataloged new malware samples by platform. Windows in 2022, for example, drew more than five thousand times the volume aimed at macOS and we see what action today? You want task list for a Digital Crimes Unit? I’ll give you a clue: Microsoft, with Windows, in the enterprise.

Platform	New malware samples, 2022	Multiple of macOS
Windows	69,504,686	5,585x
Linux	1,917,133	154x
macOS	12,445	baseline

Of the endpoint malware that Surfshark logged from January through August, Windows accounted for 87 percent against 13 percent for macOS, and the July spike traced more than half its detections to PowerShell exploitation of Microsoft SharePoint flaws.

SharePoint. Who in their right mind is using SharePoint? If Microsoft was criminally accountable for flaws, SharePoint would have been regulated out of the market years ago.

Many of you know that I started this blog in 1995 in the mind that we would someday prove Linux an obviously better OS, while knowing full well the money to be made was mopping up Microsoft breaches. Now back to the aiding-or-enabling theory. Access to exploits is related to why the Israelis leaving military service flock to Microsoft like moths to the sun. Windows has been a goldmine for the 8200 crews intending to weaponize flaws. Perhaps more to the point, if you’re still using Microsoft software, ask yourself how do you prove your data is not right now in the hands of the Israeli military? Decades ago we talked about the NSA, but do they even hold a candle anymore? This is why a Wiz (ex-Israeli military, ex-Microsoft) acquisition by Google is so politically relevant to public safety.

American infrastructure is increasingly being taken over by Israeli military interests and in some cases, literally ceded to foreign leadership.

Back to the core technical problem, the defense layer Microsoft ships as the reason to trust their platform is fundamentally broken. It’s not even hard to find defects in 2026 for Microsoft’s latest security-branded offerings. Last month I openly documented an authentication bypass in Microsoft agent governance toolkit, marketed as a security checkpoint, with the authentication functions disconnected.

They shipped pre-authentication architectural failure in the product being sold to prevent it. Would you buy a car with a seatbelt that isn’t attached? Microsoft as whole is a pollution pattern, such that a proof-of-concept on GitHub of the emitter is not evidence of the emission.

When I asked Microsoft directly about their serious safety failure, a man in a thick Russian accent waved his hands at me, saying it’s just some random Microsoft worker doing it. He didn’t take the report, and then offered me swag with a Microsoft logo as “bounty”.

Microsoft wants us to allow them to exist in two states at once. Importance so high, that disclosing its flaws is never justifiable. Importance so low, that it will not carry a warranty, a liability, or a duty of care for the flaws it ships.

Speaking of mushroom clouds, that’s impossible, which a 1920s German Jew would gladly tell you, while the 2020s Israeli Jew probably would never.

Uncertainty in      Uncertainty in
Flaw Disclosure     Liability/Warranty
      │                    │
      ▼                    ▼
   [ ΔF ]               [ ΔL ]      ≥   K

Metric	The High-Criticality Limit (ΔF→0)	The Low-Criticality Limit (ΔL→∞)
The State	Importance is infinitely high.	Importance is infinitesimally low.
The Rule	Disclosing its flaws is never justifiable.	It will not carry a warranty or a duty of care.
The Quantum Behavior	Because the systemic risk of disclosure is so massive, knowledge of its flaws must remain hidden (ΔF approaches zero). As a result, the legal or liability framework (ΔL) becomes completely unmeasurable and unbounded.	Because the system carries zero liability or duty of care (ΔL approaches infinity), the existence, tracking, or disclosure of its flaws (ΔF) becomes entirely meaningless.

Microsoft has its Tel Aviv and Seattle offices of lawyers working around the clock to block/enforce the law towards whatever is best for Microsoft. That’s a given. But who is fighting for the laws holding them accountable for what they ship? The 900 pound gorilla is missing from the story of the son of one of the most powerful lawyers in America avoiding accountability. Kevin Beaumont noted that Microsoft once hired SandboxEscaper after she published zero-day exploit code. Notably, the same conduct the claims say now is criminal was a hiring pitch when convenient for them.

The defect is the focus and Microsoft needs to truly own it, so that others don’t pwn it.

An open letter to the editors of If You’re Listening and ABC News In-depth.

Your episode on YouTube “The fascism expert at the heart of Palantir” contains errors serious enough to require retraction.

You called an appointment an election

At 5:50 the narration states that the most advanced country on earth “elected Adolf Hitler as chancellor.” Hitler was appointed chancellor by President Hindenburg on 30 January 1933. He was never elected to that office, and the NSDAP never won a parliamentary majority. By 22 March 1933 the regime had opened Dachau to jail and kill political opponents. Calling the infamous appointment an election, in a segment about how fascism takes hold, is an inversion of the methods that the episode claims to explain.

You inverted the thinkers you invoked

The episode says Karp marinated in Herbert Marcuse and the Frankfurt School and presents this as ennobling background. But Marcuse had fled Germany in 1933 and spent World War II in the US Office of Strategic Services analyzing the Nazi state. Karp would have been better off staying in America than going to Frankfurt to learn the wrong lessons from old Nazis celebrating lack of accountability. Marcuse wrote Repressive Tolerance that rejected extending tolerance to fascist movements. One-Dimensional Man is a critique of how consumer abundance manufactures conformity. The arc that your episode draws, in which a wealthy postwar family’s comfort persuades Karp that American prosperity cures fascism, is the precise reversal of the thinker that you bizarrely placed at his foundation. The episode takes the man who fought the Nazi state and uses his authority to frame the operator of a fascist surveillance and targeting company. This contradiction should have prevented the comparison, but instead you tried to bring them together on a single point: both are Jewish.

You ran a Nazi trope while claiming to investigate a fascist

The narration states that the ideas of Marcuse and the Frankfurt School “have come to dominate some of the social science departments” and carry “influence on the young” (5:16). That is the antisemitic trope known as Cultural Marxism conspiracy theory, a direct descendant of the Nazi charge of Kulturbolschewismus, which held that Jewish intellectuals were corrupting national culture and the minds of the young. You presented an antisemitic trope without context inside a segment ostensibly investigating a fascist, while naming the thinkers as Jews. That is not a small editorial lapse.

The damage

A false historical claim about how Hitler took power and how great his country was, an inverted reading of the anti-fascist thinkers to blame the Jews for the fascist Jew’s rise, and the reproduction of an antisemitic conspiracy frame together produce a segment that badly misinforms the public on the exact subject it claims to clarify.

I am requesting an apology and a full retraction.

Davi Ottenheimer

I watched a video that says Palantir software is not inherently sinister because it’s software (3:47) just like email. That’s obviously wrong. It’s like saying land mines are not inherently sinister because they use explosives.

I knew this was going to be bad.

Then it says Hitler was elected chancellor (5:50). That is wrong. Ugh. So wrong, and so important. He was appointed 30 January 1933.

Not elected. And very unpopular. The NSDAP was sliding and losing support all through 1932, so by March 22, 1933 Hitler opened the Dachau camp to jail political opponents and murder them during the election. He never won a majority, and not only wasn’t elected he made voting into a death sentence. Don’t say elected.

Let me more precise. This Australian “news” video heaps undeserved praise on Hitler.

the most technologically advanced, educated, and developed country on earth elected Adolf Hitler as chancellor

No, no, and no. This video is full of basic factual errors like this, and it’s bad. Really bad.

Germany was not some pinnacle of technological advancement that birthed fascism. Its own war machine ran on animals. 75% of the Wehrmacht depended on horses. The video’s framing, that the most advanced nation on earth produced Hitler, is a lie. Hitler seized control of a nation that was copying British jet patents, importing American trucks and tractors, aspiring to build cars on seized Czech designs (Porsche/VW), and importing American racist doctrine.

Germany definitely was NOT the frontier of progress. It’s a common Hitler apologist red flag to frame Germany as the most technologically advanced. Hitler’s own complaint was the opposite, that Versailles had put Germany behind the world, and his answer was to erase all political opponents, especially the educated, and end elections in order to make germany great again. He literally tortured and murdered those who had dared to vote against him.

Another huge problem with the video is Hitler was a huge fan of America (especially Henry Ford), and Nazi Germany was an implementation and industrialization of American racist doctrine. You can’t just talk about America after the war as an effect on Germany, without looking at America building Hitler.

So it’s bad at analysis too, which of course derives from getting so many facts wrong.

The Palantir CEO is patterning Hitler because he’s patterning pre-war America, and he’s opposed to denazification. It’s exactly the opposite of what this video is claiming. That’s crucial to understand why Palantir is inherently sinister. And it’s all missing from this annoyingly bad ABC News pump called “If you’re listening”.

Clearly they have not been listening.

The video even tries to boost Palantir software by claiming it has features like speed and ease of use, despite constant headlines from the UK are blaring that it’s extremely slow and unusable.

Notably, Palantir says they have to stop terrorists, while it’s well documented that they generate terrorists. Palantir says they oppose far-right extremists while it’s been proven they are providing far-right extremists tools to destroy political opponents. None of this news makes it into the video, but a whole lot of puffery about philosophy of the “German Jews” is in there.

Palantir literally has been the engine of destroying calm, replacing it with extrajudicial assassinations and violent extremist groups. Nothing about that gets mentioned, just a long Australian rant accusing group of powerful Jews running the universities and all thinking the same thing under the video banner of a “mastermind” from the Jews who were “dominating” childrens’ thought.

A video that claims ideas of Marcuse and the Frankfurt School “have come to dominate some of the social science departments” and carry “influence on the young” is an old and tired Cultural Marxism trope used in antisemitism. Did someone making this video think “oh, that’s good, let’s run that” and not know what it is and where it comes from? The video is spreading Nazi Kulturbolschewismus while claiming to be investigating a fascist.

What is going on here is painful, uninformed, disinformation. The legend being spread that the CEO is steeped in culture of Frankfurt School in general, let alone Habermas, is provably false. His actual supervisors were Karola Brede and Hans-Joachim Busch, in the Division of Social Sciences, a totally different part of the university.

Karp’s dissertation subject (“Aggression in der Lebenswelt” how aggression can be created and made acceptable) is the exact opposite of what this video claims. He wrote about the very mechanism now laundering himself, how violence gets dressed as necessity. He feared power and sought to adorn himself with aggression as a survival tactic. His own description of the German family that was kind to him, gave him a coat, and told him plainly they had all been Nazis before becoming Democrats reveals his own character failures (7:44). He read their postwar comfort, instead of being tried for their crimes, as proof that American prosperity cures them of fascism. The opportunist’s lesson was that whatever power rewards becomes the truth, which is what makes him available for anything a regime asks. That frictionless availability is an even bigger danger than fanaticism because it needs no conviction and recognizes no red lines.

I want to be clear. The Frankfurt School’s Habermas philosophy culminates in communication free of domination, which is the inverse of a surveillance-power operator. Palantir is the total rejection of the school of thought this video tries to pull in and blame for Palantir’s CEO. The only thing in common is… they’re both Jews, which weirdly seems to be a particularly important point to this narrator!

See all the problems? It’s probably the worst video I’ve seen in years, rife with mistakes. The latent antisemitism is ridiculous and totally unnecessary, but perhaps that’s revealing the frame of mind of the presenter.

A simple explanation of the problem, if they wanted to blame Jews, is right in front of everyone, yet rarely examined. The CEO is not German philosopher material. He is echoing the brutality of extremist Meir Kahane concepts of Jewish terrorism as “American supremacy” without any filter. There are radical, fringe fascists outside the norm, and not normal.

PLAYBOY: Then the only difference between you and, say, the American Nazi Party is that they’re wrong and you’re right?

KAHANE: I can’t put it better than that.

If you don’t know who Meir “every Jew a .22” Kahane is, and why he was classified a terrorist, you don’t know what Israel has become, and why Palantir is right there. The effect of Kahane needs airtime far more than the Frankfurt school of philosophy that the CEO repeatedly says he doesn’t follow.

And then the video tries to claim Anthropic won’t give data to the government (via Hegseth), without admitting that Anthropic just agreed to give all its data to the government (via Elon Musk).

Come on. Anthropic announces they will hand all the data over in a business deal and reporters are still thinking the hollow PR version is holding?

And then, worst of all, this video doesn’t even mention Peter Thiel, founder of Palantir. So you have a fascist founder in a story about a fascist CEO and that relationship gets no mention at all? Nothing? Instead we have to listen to a story about the Jews that Karp disagreed with and wanted to do the opposite of, while they’re falsely made adjacent to his fascism?

Overall this video does such a light touch on fascism, at times factually inaccurate, that it comes across as harmful gloss about fascism or even promotion of Hitler. The CEO likes to ski? How is that relevant to anything? Jewish philosophers at one time said that power prevents abuse of power? Ok. What are these useless tangents? This “Australian” view of history appears to be very broken and fixated on “weird” trivia.

Snow!

Jews!

Palantir’s CEO literally published a fascist manifesto, using Nazi vocabulary to complain about denazification, and it’s not even mentioned. Instead we get to watch him happy from skiing.

The video fails to give an inherently sinister Palantir, well documented by their fascist words and actions, the treatment it sorely deserves: Nazi land mine. You don’t want it in your country. It’s not just software, like Karp is not just some German Jewish intellectual. Both are militant, extreme, radical, and should not be tolerated.