No Flying Cars – Technology wins and losses

It may surprise some to know that I agree with the findings of a recent Australian Digital Alliance report about loosening of copyright restrictions being economically beneficial (EFF coverage here). The rest of you would be surprised if I didn’t.

Let me explain a bit further. This past week I found that a piece of work I’d created for use on a t-shirt — now you may all be collectively surprised that I also draw and paint — had spawned another t-shirt for sale which was either a direct rip-off or a parody. I was leaning towards the former given that a) parody is such a squishy area in copyright law and b) it just seemed, to me, to be a mimic of my design and not mocking the design. It did have a contrary slogan on it, but just that wasn’t enough to convince me that it wasn’t just riding the coattails of my original work.

So I had to decide whether to just let it go or to contact the site selling the shirt. I went back and forth for a couple of days and then finally decided that I didn’t want to risk it getting out of hand and having no firm ground to stand on if I needed to challenge it (i.e. – I knew about it, why didn’t I do something previously?) later. By this I mean that I knew it was attached to a small mudslinging war going on in a particular community and who knows where it would lead; What if they sold a gajillion of those shirts? So I felt I had to at least contact the vendor and let them know I had concerns about it.

The site replied saying they were reviewing the design as not only is there a question of fair use, there’s the site’s own terms of service. They asked if they could send my contact information to the seller, in the hope that we might work it out amongst ourselves, and I said yes.

The seller went a bit nuts.

In fairness, I have to tell you he went nuts because he thought it was his ‘enemy’ that was doing this (the shirt featured one of said enemies) and confused this with an actual DMCA take-down notice and/or copyright suit. Of course, those things have specific steps and requirements and initiate the involvement of the courts. I had merely emailed the vendor with my concerns and asked them to review the allegation. He posted a Youtube video and, again not fully understanding the actualities of the complaint, made some statements that were way off base. Including a later second video with a perjury remark that I never quite understood — although someone else posited that maybe he thought I wasn’t the actual copyright owner and he still assumed the ‘enemy’ was. I responded to the videos as calmly as I could, stated my case and hoped that would be enough.

At first, it didn’t seem to be but I commented on the second video with the same eye towards civility. After all, he was fighting some war of ideology that I wasn’t and didn’t want to be a part of. That doesn’t make the conclusion jumping any more rational, but I say it here out so you know his state of mind. I had noted that the vendor should be sending him my email address and they did after a few hours. He wrote, pleaded his POV, I replied with mine and said that this was way out of hand and I was willing to just drop it. I had made my opinion known (that I disagreed that it was a clear parody) and he insisted his intent was to parody (the enemy). But it’s all settled now.

Isn’t that all a big pain in the ass? Yes. Yes it was. And considering I bothered to do this over an item which probably won’t sell more than a handful of copies, why do I say I support the findings of the Australian study? Well, because I believe the copyright system is too fractured and, in places, far too vague. In the instance above, the guy felt it was black and white: this is parody and that’s fair use, case closed. Whereas I, not wanting to loose the rights I have over my work, felt I needed to express my concern. Hardly a month goes by where I don’t see an artist having to go after someone ripping off their work. And plenty of times the person doing the rip-off tries to claim fair use. And then someone, usually a judge who’s usually none-too-keen to have to hear it, has to decide what’s actually going on: free speech or profiting off the work of others.

The Copyright Act of 1976, which is a clusterfork of loophooles and “let The Mouse win”, puts forth four measures for deciding infringement:

1. The purpose and character of the use, including whether such use is of commercial nature or is for nonprofit educational purposes
2. The nature of the copyrighted work
3. The amount and substantiality of the portion used in relation to the copyrighted work as a whole
4. The effect of the use upon the potential market for, or value of, the copyrighted work

That last one is often misunderstood to mean that if you’re not directly taking sales away, then nana-nana-boo-boo. But the ‘potential market’ and ‘value’ is not so cut and dried. You can reduce something’s value by diluting it, for instance. An invaluable page outlining fair can be found on copyright.gov. It’s still a bit vague, yes?

In the instance above, was it an individual exercising their free speech or an online vendor taking advantage to earn a few buck off a controversy? Like I said, it’s squishy.

But back to the ADA study. The world is changing. Actually, the world has already changed. But it takes society a while to catch up with huge changes, especially when it involves regulations and laws. And it takes on an even more glacial pace when the issue has international ramifications. We have treaties regarding copyright with other countries, but copyright is not the same worldwide. Some items that are now in the public domain in the US are not public domain in the UK. But Australia, where I lived for a few years, has an interesting mechanism in place that is, IMHO, beneficial to all:

1. For purposes of education, which is fairly clearly defined, fair use is very broad. If you are at university and go into the library, you can make copies of books for use in your studies without worry. If you are a lecturer who wishes to show your film class how Spielberg’s camera movement enhances the film, do so without fear of an AFACT raid. If you’re a jerk who wants to scan a bunch of comics to ‘teach’ the Internet about comics, you are not within the law. The gist being, “Don’t hinder the education of our people at the expense of copyright laws”.
2. Copyright holders get paid for this. Yes, yes, I know you get paid here in the US for sales, but this is not the same thing. In order to allow the unfettered use of copyrighted material as above, Australian schools and universities pay the copyright holders a small royalty in order to recognize their contribution. If your in-copyright book is put into a university library in Australia, you’ll received payment for that. You won’t make your living that way, but the value of your work is thereby recognized.

Do keep this in mind when reading the ADA study as, while an awesome thing, is also tied into their problems. The complaint that Australian schools pay too much for material may be valid. But it can be corrected. The core idea itself is not broken, even if the measure of pay may be out of kilter. Ask an American writer the last time they received any similar compensation and they’re likely to stare at you blankly. The ADA wants to fix this by reforming copyright smartly.

“Why?”, you may ask, “this sounds awesome!” It is. But the flip-side to the story is that much of the rest of Australian copyright is more restrictive. There is no complimentary fair use like our, albeit squishy, American section 107. Ripping your CDs to MP3 is still, technically, not legal in Australia. Australia has something called ‘Fair Dealing’. And it’s super-squishy. and not often fair.

And this is the problem with most of our copyright laws, be it the USA or Australia. This squishiness has, like a carcass in the sun, grown squishier over time as we’ve bandaged and tacked on to the law. It’s borne out of a time when we were a paper society that was hobbled by distance, disconnectedness and slow information. Nowhere is this more noticeable than in the US patent system. Our patent system isn’t just rickety or squishy, it’s broken and obsolete. And I think we should put a bullet in it ASAP and put it out our misery, especially as regards software patents and the patenting of thought. Many feel copyright is all we need, and I think I might be one of them.

Copyright has a place and it will probably always have a place while we’re all fancy and civilized. We need to make sure that artists and creators can benefit from their work. But we need to provide for the advancement and innovation that fancy civilized societies need in order to evolve. Our copyright needs to be looked at with a 21st century eye and rebuilt, possibly from the ground up. And as many international players that can be brought to the table the better. Not just to make it more even across the globe, but to keep us and other more-greedy countries’ natural tendencies towards aggression in check.

So, yes. I’m all for it. Had we had a more succinct and non-squishy fair use clause in our copyright laws, I might never have had to make that guy freak out last week. It was a bother for us both. Were there a clear set of guidelines which either of us could point to to prove our case, mine or his, wonderful. But as it is, it’s all just opinions. And opinions are like… well, you get my drift.

Let’s make it better. Let’s reform copyright and let’s modernize or completely re-thing our patent system (especially IP patents).

I’ll close with my favorite saying re: copyright: If The Mouse* is still winning, we’re all still losing.

---

* – Yes, that mouse. The famous one. The famous one who has skirted copyright expirations with all the speed and agility that millions of dollars and enormous economic power can bring to bear on politicians. But that’s another story…

First – IANAL. I am a technologist and someone who, unlike most of our elected officials, understands how the Internet works; both under the hood and in practice. That is why I am opposed to measures like SOPA and PIPA which put the power to degrade the Internet into the hands of corporations whose vested interest is not in th betterment of mankind and the freedom of the people of Earth to communicate, but in the profits of their shareholders. Rather than tackle the technical side of the Ineternet vis-a-vis SOPA/PIPA, let me give you a scenario that addresses the practical side.

—-

The Scenario

WEBSITE X has posted a video which is critical of U.S. SENATOR Z and presents evidence of wrong-doing. SENATOR Z is fighting to tamp down any talk of wrong-doing and this video, if people start to find it, could be a huge problem for him. So he sets his people to work on finding a way to downplay or, indeed, silence this annoyance before it goes mainstream. The problem is that WEBSITE X is in Norway.

Aides to SENATOR X point out to him that under the recently passed SOPA and PIPA laws, he can get WEBSITE X shut down, at least for the U.S. users of the Internet, if they can find or manufacture some sort of infringement. After hours of searching, an aide stumbles upon a 30 second clip from Mission Impossible 3 on a WEBSITE X user’s profile.

A representative from the MPAA, suddenly made aware by an ‘anonymous’ tip, cries foul and WEBSITE X is shuttered for U.S. users.

SENATOR X’s problem goes away. WEBSITE X has been silenced. Justice has been… taken into an alley and given a thrashing.

—

Simplistic? You bet. Plausible? You bet. The motion picture industry in America is something we can, overall, be proud of. (Yes, this bill gives this power to others as well, but the MPAA is its progenitor.) But giving them extra-normal powers and privileges in our laws and with our law enforcement agencies is not something to be proud of. While we love and embrace Hollywood and the entertainment they’ve given us, keep in mind that it is just that: entertainment.

The amount of revenue that they make up in the U.S. economy per year is not only less than the auto industry as a whole, it’s less than just Ford. We will trim far more from the Pentagon’s budget this cycle than their entire industry made in 2011. If my calculations are correct, they account for only a fraction of a percent of our $14.5 trillion economy (I come up with about .005%). yet our government has given them sweeping law enforcement access and is now tailor-making laws for them that infringe on the freedoms of every person who uses the Internet.

That’s not simplistic. That’s a travesty.

The Message

Stop SOPA. Stop PIPA. Intelligent, practical laws are not hastily put together and shoved through session as fast as possible at the behest of those who will benefit most. If the House and Congress want to truly protect intellectual property and curb piracy, they need to listen to those who understand the Internet, not fight against them. If Google and Reddit, two polar opposites in Internet culture, are both opposed to your bill? Your bill is wrong.

Disclaimer: I am not a lawyer, nor do my opinions represent that of Harvard Physics, Harvard Law or Harvard University. What I am is a computing professional and technologist. A sometimes outraged one. As a result, some of what follows may be a bit snide. I can’t apologize just yet for that. Past the outrage, I’m hoping that something good will come from this incident… although I rather doubt it.

The Incident:
On April 20th, 2011 around 1,500 computers in the Massachusetts labor department’s Departments of Unemployment Assistance (DUA) and Career Services (DCS) were found to be infected with a [allegedly] new variant of a well-known Windows worm (not a virus as has been reported) called W32.Qakbot. From some prior date — they say April 19th, but I don’t find the idea that they know when the initial infection occurred convincing given other facts — until around May 13th (or May 16th, according to another report), information entered or accessed on these machines may have been intercepted by the worm for transmission to an unknown recipient.

The Response:
The Executive Office of Labor and Workforce Development reported this incident on May 17th. That’s 28 days until they notified the public or state officials. Call it four weeks, call it nearly a month, but either way it’s too long and clearly at odds with state law which requires that any such break-in be reported to the Attorney General’s office “as soon as practicable and without unreasonable delay”. There is absolutely no reason this could not have been reported sooner… except, perhaps, incompetence and/or fear. In their official statement it’s claimed that “all possible actions have been taken to minimize the impact to the Commonwealth’s constituents”, but this is clearly in error as “all possible actions” would have included notifying the AG immediately.

And I’m afraid I have to take the Boston Globe to task too. In its report on the incident it said:

“The potential impact of the breach is dwarfed by other recent data thefts. In April, Sony Corp. suffered an attack on several of its networks used by consumers for video gaming, music, and movie downloads. In the same month, Texas e-mail marketing firm Epsilon Data Management LLC reported that hackers had raided its network and stolen the e-mail addresses of millions of US consumers.”

If anything, it’s the other way around. Those other episodes presented a low risk that actual sensitive data was released. The Sony breach, while involving more people, may have included names, email addresses and probably mailing addresses, but these sorts of scraps are something that criminals can often already buy or collect on their own from search engines. The Epsilon breach netted mostly email addresses. In all likelihood, that just means more phishing attempts; Something people are already inundated with unless their email provider is one of the better spam preventers.

But the labor department incident most likely included the transfer of critically sensitive information such as Social Security numbers, financial information, EINs, and work or personal history information. So let me be very clear in exactly what I’m stating. This incursion is more serious than the Sony or Epsilon breaches. It may affect tens or hundreds of thousands of MA residents and potentially thousands of MA businesses and, unlike the Sony breach, which may help identity thieves zero in on a target, the information gleaned from DUA/DCS might make it a trivial matter for thieves to hijack a person’s identity.

The initial response to the media from the labor department was a shrugging ‘Well you know… viruses, right?’ and a clearly implied wish that everyone will just move on and not make a big deal of it. As though virus/worm outbreaks are just part and parcel of having a computer. And some, it seems, including some of the media reporting the issue, are buying this wrong-headed idea. Why? Because… well, because lots of people have PCs and they get viruses all the time, right? Right. And Wrong. And part of the problem. The home computer user’s experience cannot and should not be projected onto the ‘enterprise’ computing environment. Despite the fact that the average PC user and the average business user are both using a boat with Windows written on the side does not mean that the water they sail on is the same.

That sort of thinking is what’s got us where we are. The proliferation of malware (viruses, worms, trojans, etc.) in the world is not a foregone conclusion. It’s not an endemic side-effect of owning a computer. It’s something that has grown and been fostered by a poor understanding of ‘security’, a leaning towards this sort of passive concession that it’s Computer Magic and beyond our ken and… frankly… laziness. That’s been followed up by an industry that’s happy to do the least they can get away with to band-aid the situation and entities who put their head in the sand and think slapping on an anti-virus client is good enough. And the cycle repeats. The only winners are the thieves. They win because a large portion of the United States computing population can’t be bothered to do better.

Let’s talk about particulars. One concept most PC users do not follow but every business PC environment that calls themselves security-conscious should is the ‘Principle of Least Privilege’ aka least-privileged user account (LUA). Given the notoriously malware-prone existence that Windows has lived, a corporate or government support entity who does not subscribe to this principle is just asking for it. The idea is very simple: The end-user should ordinarily be logged in with an account which has the least amount of administrative privilege possible which still allows them to do their work. In other words, require passwords and don’t log in with an administrator account. But… walk into any coffee shop in America and you can wager a safe bet that 80%-90% of the people there are doing just that.

Why is this so important? Why am I bringing it up here? And why do I assume the computers in question didn’t rely on this principle already? Simple: This one action, implementing this one policy, would have stopped the spread of this worm in the DUA/DCS computers. W32.Qakbot cannot extend its infection without the user having certain administrative privileges. And, in my opinion, this principle should not only be encouraged… it should be mandated, especially for computers that come into contact with sensitive information. I know mine are. And how many ‘inevitable’ virus/worm infestations have we dealt with in my tenure as head of this group? Zero.

I’m not saying this to imply that my network is beyond the reach of malicious computer thieves and black hat hackers. No network can ever be 100% secure. But there are certain principles and methodologies well-known and well-documented in annals of computer security that, if followed, reduce your susceptibility by leaps and bounds. But, sadly, many would rather cross their fingers, stick their heads in the sand and hope they get lucky. Well… the law of averages (another name for ‘luck’) is not on their side. Yes, your users will complain that they can’t install software without your help, but they won’t be complaining about a proliferation of viruses and malware. Because, and this is the crux of the whole principle of least privilege, if they can’t install software, malware can’t install itself. The malware only has as much privilege to modify the system as the user does (barring flaws in the operating system – that’s a wholly separate issue that we’ll not get into here). And you, the administrator, control that level of privilege.

Simple. Effective. And… ignored by the average IT outfit as being too ‘burdensome’ on the end-user. Sure, a firewall is the first line of defense when designing your network. But an anti-virus client is not the second defense, it’s the last line of defense. We’re not even concerned yet with what operating system is in the line of fire, much less what software it’s running. The second line of defense in this case is your policies and whether it’s more burdensome to inconvenience the user a little bit… or risk having the whole thing come down on your head like DCA and DCS are now experiencing.

• If you approach your security policies as merely ‘keeping people out’, you have already failed.
• If you approach them from the standpoint of ‘let’s assume they’re already in’, you have a chance at success.

So when CNET reports that “The agency is notifying people who may have been affected and is working with the Massachusetts attorney general’s office to investigate the breach”, I sincerely hope that part of the investigation will include looking into what made this possible from inside, not just from outside. Because there’s zero chance they’ll stop the thievery of this information. It’s already in the wild and catching the perpetrators is, now, a secondary concern given that there’s not taking back the damage. But as a MA state resident, right now I care very much about what my state government’s computing security policies are and why they’re not using every proven method available to them to safeguard our information. We have new and very specific laws in MA about how sensitive information can be transmitted, but how it’s stored and maintained by the state is equally as important.

And, as such, I feel that the Executive Office of Labor and Workforce Development has some explaining to do.

State House News Service report: Massachusetts officials disclose data breach in unemployment system
Official response: Executive Office of Labor and Workforce Development Reports…

Disclaimer: I am not a lawyer, nor do my opinions represent that of Harvard Law or Harvard University. What I am is a technologist. A very outraged technologist. As a result, some of what follows may be a bit snide. I can’t apologize just yet for that. Past the outrage, I’m thanking the high heavens for the EFF who are tackling the cause of my outrage.

Across town somewhere detective Kevin Christopher contends that his warrant to seize from Boston College student Riccardo Calixte anything “capable of storing digital data in any form” is justified because… well, mostly because he’s been told that Calixte is really good with computers. That can’t be good, right? The laundry list of things to be seized from this “master of his trade” (my, how horrific…) included such cutting edge technology as “zip drive disks”, “optical scanners”, “manuels (sic)” and “firewalls”. The EFF’s motion to quash was denied in District Court (I was quite surprised by this, actually), but that just means that now the Superior Court will have to hear it and, sorry BCPD, that’s even worse for you as it means more publicity.

According to Calixte, the confiscated items also included the Post-it he was writing on at the time to document what was happening. But that’s hearsay, right? Well, much of the ‘evidence’ which led to all this is hearsay as well. And a great deal of what is proffered as ’cause’ is, quite simply, not illegal and/or not tied to any criminal complaint. Specifically:

• Performing “jail breaks” on a cell phone is not inherently illegal.
• Calling someone a “hacker” doesn’t make them a criminal.
• A computer science student who is considered “a master of the trade” is, presumably, the university’s goal (!) Isn’t that why he’s in school? Is a master carpenter also a nefarious n’er-do-well in the eyes of the police?
• Using more than one operating system doesn’t make you suspicious… it makes you a typical computer science student and, in my book, a fellow traveler (see what I did there?).
• Sending an email that is libelous or slanderous is a civil issue, not a criminal one. This is a criminal case you’re building.
• Even if that message was sent anonymously, is that really cause for all this posturing? If the note were stapled to a public bulletin board, would there be some sort of criminal ‘fraud’ investigation? (Fraud? Seriously? That’s your angle? You’re going the ‘MySpace Mom’ route to nail some kid for being a jerk?)
• If the person in question has supposedly, according to your single source in this un-related ‘crime’ who is also the aggrieved party, downloaded music and/or movies illegally, that’s a civil issue (he’s not being charged or even accused of trafficking, is he?).
• He’s alleged to have, according to your aggrieved single source in this un-related issue, gotten into the university computers and changed grades — with no evidence whatsoever to support the allegation other than ‘some guy said’ and no inkling of validity from the university whose name is on your badge whether such a crime even exists.
• And finally, although there are many more such idiotic instances in the documentation that I could go on about, the accused is supposed to have ‘fixed’ other peoples’ computers so that they can’t be scanned by police later for evidence. Can’t detective Christopher call someone in law enforcement (or the closest 14 year old) before putting that in official documents and making himself look even more technologically clueless? Call, for the love of Pete, if for no other reason than to give the computer forensics guys a good laugh at this fantastical magic trick some B.C. student has created despite the incredible improbability of it all.

I’m not saying that I think the Calixte is guilty or is not guilty of the original ‘crime’ (of sending an anonymous email that defamed someone). What I’m saying is “This whole railroading incident reeks of authoritarianism and I don’t want this to happen to me”, detective Christopher. It’s bad policing and it’s worse public policy. You’re setting precedents that could end up making a lot more ‘criminials’ out of otherwise innocent citizens. I use more than two operating systems, including the very much maligned and demonized by the ignorance of this officer, Ubuntu Linux. Am I suspicious now? In fact, our entire back-end infrastructure here runs on this apparently ‘evil’ Linux distro. Detective Christopher’s characterization of it as ‘rare’, much less somehow nefarious in nature, doesn’t hold water, especially on a college campus. In fact, Dell, maker of the frightening “white cover with gray trim” computer seized from the student, offers Ubuntu Linux as an option on many of its machines (and FreeDOS? “Free” DOS? What is this… communist Russia? *gasp*!). A fact any idiot with access to the Internet could suss out in about one minute. Two minutes, tops, if the Dell site is slow. Well, my dad has three sorts of hammers. You better lock him up now for being a seditious carpenter.

Had this been somehow related to mental health, a medical professional would no doubt have been consulted. If an airplane were involved, the FAA or NTSB. If a car were involved, at the very least I’m sure a mechanic would have been consulted. But in this case, detective Christopher seems to think he has a handle on this whole ‘computer’ thing, I assume because he’s touched one and watches television. But anything that’s not in his very narrow technological worldview is seen as suspicious and dark and must be made for nogoodniks. As a result, his cluelessness and inexperience in regards to computer crime is clearly and loudly spelled out in both the warrant and the supporting documentation surrounding the seizure of the student’s property. It’s jack-booted over-kill and it’s the kind of thing we need to stamp out; we can’t just wait until luddites like Christopher die off and are replaced by people who grew up with higher technology. We have to handle this now.

Christopher didn’t know what he was doing and he just did what he wanted because he felt he had the authority. It’s almost like something out of a bad movie (oh, wait, it is…). And to compound the thick-headedness of it all, he actually got a warrant for his flimsy excuse of a ‘probable cause’, thereby extending the trail of incompetence back to the magistrate’s office as well.

If Calixte has done something wrong, he needs to atone for it. But in proportion to the wrong and with law enforcement maintaining the high road of principle and justice. We can’t allow this in our society. This sort of “well meaning” overstepping of authority has no place in the republic that our laws provide for. Used like this, they become the tools of fascism and authoritarianism and that sort of thinking has no business whatsoever in Americas justice, much less a college police unit.

There’s a saying about pointing out a problem but offering no solution. Well, I hereby proffer up the attention of myself or my group (and the promise to enlist others) to help explain or demystify the technology and/or culture surrounding computing and the digital age when needed. Especially if it will help keep travesties like this one from happening. I don’t want to have my house raided because someone doesn’t understand the ‘magic’ of my trade and, scared by it, runs off to get the pitchforks and torches.

If you feel the same, I urge you to donate to the EFF (Electronic Frontier Foundation) — You never know when you might need them — and also to explain to others why this sort of thing isn’t keeping them safe, it’ just moving each of us closer to ‘criminal’ and polluting justice with ignorance.

Much has been said in recent days about the strong-arming tactics of groups like the RIAA and MPAA who, in an overzealous attempt to trounce piracy, often end up hurting their customers and painting everyday people as ‘bad guys’. One of the tools they’ve used has been a company called MediaDefender; a company whose tactics are, IMHO, rather questionable both legally and morally.

Well, it seems they’ve really outdone themselves this time by sabotaging the livelihood of online media network Revision3. Read the whole sordid tale as told by Revision3’s Jim Louderback here: Inside the Attack that Crippled Revision3
(And I do encourage you to read the whole thing… and then pick your jaw up off the floor…)

“[Spoofing is] an appropriate response to the problem of peer-to-peer piracy,” and “a self-help measure that is completely lawful … I think it would be crazy if record labels, or motion picture studios or any other owners of content didn’t take advantage of those kinds of measures.”
–Cary Sherman, President, RIAA, June 2002 (quote found on MediaDefender’s website)

• Maggie McFee is a technologist and computing engineer who joined Harvard in 2005.
• In addition to technology, she enjoys comics, video editing & data wrangling and working in her hackerspace building robots and useless gadgets.

Note: Although I’m just posting this article, it was written in April of 2007 and also published at Helium. As such, it may be a little dated.

Halo’s Effect: The biggest threat to the dominance of Microsoft Windows on the desktop may also be coming out of Redmond, Washington; from a little company called Microsoft.

As Windows began to gain control of desktop computing around version 3.1 (or 3.11, to be more precise), a long-running question was spun up, “Who could possibly take away that market control?” That spinning top of a question is still going ’round today. But there are a few more wobbles these days, and one competitor, of a sort, may be causing more imbalance than others: Microsoft’s own Xbox. Apple’s OSX has increased its market share as has Linux, but none of them may be quite as dangerous to the Windows juggernaut as the company’s own video game console.

One of the primary barbs tossed back and forth between Windows’ consumer users and users of other platforms has had to do with games. Windows had ’em, no one else really did. While it’s true that the increased popularity of OSX has led some game houses back to developing for the Mac, and a few houses went further and created Linux versions, this trickle of titles is nothing compared with the flood of games one finds at your average Best Buy or CompUSA. Even that bastion of gaming market share, the Sony PS2, couldn’t shake Windows’ steely grip on gaming. Especially when you’re talking online gaming and high-end 3-D graphics. With new cards on the market every other day, or so it seemed, Windows was still the hard-core gamer’s nirvana, and they were happy to be there. A never-ending battle with viruses, adware, spyware and other malware couldn’t sway them. If it couldn’t run ‘Everquest’ or ‘Battlefield 1942’ or the like, it didn’t matter how friendly and stable it was.

And then came the Xbox. And everyone was talking about ‘Halo’.
I’ll freely admit that I was skeptical of the Xbox. I rolled my eyes and said, “That’s all we need, the Blue Screen of Death on our gaming consoles”. It was, after all, a PC at heart. But the platform, and more to the point the Microsoft Xbox division, has proven me and other nay-sayers wrong. It has sold consistently well and satisfaction amongst owners is quite high. There have been stumbles here and there, but any new gaming platform needs to find its legs. And, it can’t be stressed enough, ‘Halo: Combat Evolved’ was the “kick ass” hit that the platform needed to send sales over the top. Drop a beige box gamer in front of an Xbox running ‘Halo’ and you’d have to pry the controller back from them. Add to that the promise that Xbox Live held for online gaming and did indeed deliver, and you’ve got a clear winner. Gamers were happy. Developers were happy. And when the Xbox 360 rolled out, consumers offered up a big chunk of their cash and eagerly climbed on that new horse. Also along for the ride were ‘Halo’ and its smash hit brother ‘Halo 2’. As were ‘Call of Duty 2’ and the megahit ‘Gears of War’. In short, Xbox ruled with PC gamers.

And then something interesting started to hit my radar. For those of you who don’t know me I’m not only a nerd at home, but at work as well. I run a computing department at a well-known university’s physics branch. Throughout the day I see students and faculty come and go and at night I’m never far from various online presences I maintain. Not all that long ago I started to notice a subtle change in the computing cloud around me. A few more Apple Powerbooks and MacBooks showed up around work, and as well as a few surprising “I’ve switched” stories online. As time went on I began to get the sneaking suspicion that some of these people hadn’t switch platforms so much as switched how they thought about their computer.

If your Xbox gave you all you needed, and maybe more, for your gaming experience, what need was there to remain loyal to Windows? And after a few stories from your Mac friends about how much less frustrating their day-to-day computing is on OSX… well, surely one has to begin to wonder if maybe you can’t have it all. Off the top of my head I can think of about five recent Mac switchers I know who, two or three years ago, would have been adamant about their need for Windows. But now they get their gaming done with Xbox (and also, increasingly, the Wii), and produce their podcasts or build their websites or write their blog on their Mac. Their personal computer, be it a Mac or a PC running Linux or WIndows, is about doing the things they need to get done and then moving on. Now that it’s not doubling as their game machine they’re free to pursue whatever works best, not what they’re willing to endure in order to get their game on.

And that, as I see it, is the ‘Halo Effect’ (‘Xbox Effect’ just didn’t sound as cool, you see). I, for one, will be happy to one day be done with the Mac vs Windows vs Linux debate. When it’s really about using whatever truly best suits you and appeases you, not what has which stranglehold on what market, then who cares what you choose. And maybe a little more competition for the desktop will get Microsoft to finally, for real, get control of the whole virus/adware/spyware nonsense which has kept so many suffering over and over – many who just wanted to have a little fun on WoW, not learn how to troubleshoot faulty software. And if that happens, they only need look so far as the Xbox to see who brought down mighty Windows.

In this new game of ‘Halo Effect’, maybe the ‘Blue Screen of Death’ will be the first to get PWND.