Microsoft is doubling down on security after a major Russian cyberattack, they say.

How many times in the last quarter century since the Gates memo have we heard this sudden, renewed commitment to security?

We may conclude the only reason for this sudden “security before all else” approach is the result of behind-the-scenes pressure from Washington. If most of your country runs Windows, and Windows—an operating system created and secured by a private, for-profit company—is insecure, then your country is insecure.

So let’s zoom out. What does this mean, and why is Microsoft always behind the eight ball when it comes to security?

Simple: the free market has failed to select for strong cybersecurity.

It was always ever thus, but in our dogmatic capitalist utopia/dystopia (depending on who you ask), the invisible hand of Adam Smith is always right.

Except when it’s not.

Microsoft does not exist to secure the United States of America. Let me repeat that again, really slowly for those in the back: Microsoft does not exist to secure the United States of America.

Microsoft exists to ruthlessly maximize profit without regard for any other concern.

Cory Doctorow once quipped that Terminator already exists, and has existed for hundreds of years—soulless amoral AI forever non-humans that programatically blindly follow their nefarious ends.

That is, the modern corporation: Profit uber alles.

We cannot discuss grand strategy in cybersecurity on the global geopolitical stage without acknowledging the failure of capitalism in this regard.

So what we’re seeing now is an attempt to “tack on” security after the fact—which, as everyone knows, is expensive and generally fails.

Cybersecurity regulation has mostly failed. It’s still cheaper to take the fine that to do the work, in most cases.

Now the US government finds itself pressuring Microsoft behind the scenes to “do the work” where the entire socio-economic system the country is built on has failed to incentivize such conduct.

This makes the US, the world’s most highly-connected country, not competitive in the geopolitical blood-struggle with its adversaries on the global stage.

Countries that take a command economy approach to cybersecurity in industry will come off better than those that foolishly believe that the ghost of Adam Smith hovers over us all like a fairy godmother, benevolent chubby smile with a magic Capitalism Wand (TM) that makes everything secure automagically.

Too little, too late, I’m afraid. Security is an unforgiving discipline that does not tolerate pipe dreams. Engage with reality, or reality will engage with you. And reality, if you’re not prepared for it, bites.

Ironically, autocratic countries that have embraced free-as-in-freedom software find themselves in a game scenario where securing Linux makes both themselves and their own adversaries more secure. And no country is incentivized to use Windows except for the country that controls Microsoft—the United States and its allies/colonies/client states.

Bill Gates once stood on stage at a Microsoft event and said that the company’s official policy was to tolerate piracy in order to compete with Linux. Because free-as-in-freedom was intolerable to his company’s profit-driven mission.

Well, Bill, welcome to karma. I for one do not shed a tear.