Welcome to the 11th Gibbs Golden Turkey Awards

Once again unto the breach … and the negligence and all the other fails

golden turkey 2016 1
Mark Gibbs / psdblast.com

Back for 11th helpings?

Welcome, once again, to the Gibbs Golden Turkey Awards. It’s been a few years since our last effort to point the digit of disdain at those individuals, companies or entities that don't, won't or can't come to grips with reality, maturity, ethical behavior and/or social responsibility because of their blindness, self-imposed ignorance, thinly veiled political agenda, rapaciousness and greed, or their blatant desire to return us to the Dark Ages. Or all of those sins combined. But that lapse aside, with loins girded anew with cheap girders, we undertake again the traditional annual roasting of those who deserve a damn good basting. Without further ado, here in reverse order, are the top 10 Golden Turkeys for 2016 …

golden turkey 2016 2
David, Bergin, Emmett and Elliott / Flickr

Special also-ran; Anthony Weiner for guess what?

OK, we’re going to start out by breaking the rules: We had to add Anthony Weiner as a runner-up to the Top 10 simply because his behavior was insane and aided and abetted by technology. So, sure, smartphones are seductive and some people get totally sucked into communicating via them constantly, but when you’re a highly visible politician who’s dodged a political bullet for sexting once before (“Carlos Danger.” Really?) and you do it again, but this time with a minor and across state lines, you just have to be in the running for the Golden Turkeys. Sadly, Mr. Weiner is a runner up because there’s worse to come …

golden turkey 2016 3

10. The U.S. Department of State for being incredibly stupid about computers

Everyone on the planet now knows that Hillary Clinton had a poorly secured email server in her own house and Huma Abedin, vice chair of Clinton's 2016 campaign, shared a laptop with her husband, the aforementioned Anthony Weiner, and with which she communicated endlessly with Hillary Clinton. Now, these are high-profile people in the political world and for the U.S. Department of State to allow them to use computers and computer services without due care and attention to the security realities of today just blows our minds. Really, who in business shares a laptop these days? When you’re that visible in political life, you’re a target for every black hat from script kiddies trying their luck to state-sponsored hackers from Russia, North Korea, and everywhere else that might take an interest. And, unless you’re really naive, that list of hackers includes our “friends.” It’s about time the government in general got their act together on digital security. We’re picking on the U.S. Department of State in particular and slapping them with a Golden Turkey notice.

Trump
Pixabay

9. People who talk about “The Cyber”

If anything this year underscored a blatant, willful ignorance of the modern world, it has to have been in the (thankfully) final presidential debate when the moderator asked now President-elect Trump who is behind the cyber attacks on the US? Trump said:

As far as the cyber, I agree to parts of what Secretary Clinton said. We should be better than anybody else, and perhaps we’re not. I don’t think anybody knows that it was Russia that broke into the DNC. She’s saying Russia, Russia, Russia—I don't, maybe it was. I mean, it could be Russia, but it could also be China. It could also be lots of other people. It also could be somebody sitting on their bed that weighs 400 pounds, OK?

The internet has become, without question, a key economic component of the United States and anyone in power referring to “The Cyber” needs to get educated pronto. A big, fat Golden Turkey should be given to all who refer to “The Cyber.”

DNC hacked
bonjourpeewee / Flickr

8. The DNC for getting Pwned

While we might groan at “The Cyber”, we can only face-palm in disbelief at the Democratic National Committee’s email server being hacked (by “Guccifer 2.0” or so she or he claimed) and its contents released via Wikileaks. No matter what you think of the channel used to make the email public or of the contents revealed, for the DNC’s server to be hackable was the height of negligence. But wait! It gets worse! According to an analysis of the infiltration by Crowdstrike, the DNC intrusion “has been identified going back to summer of 2015, while [another group] separately breached the network in April 2016.”

Wow. Was there no one in the DNC paying attention to that pesky security stuff? Someone, somewhere in the DNC deserves a well done Golden Turkey.

FBI and Apple iPhone
Pixabay

7. Backdoor backers for backing backdoors

The issue of encryption and to what extent the state should be able to access encryption-protected content owned by private citizens had been simmering for the last couple of years but the mass shooting in San Bernardino in December 2015 put the FBI and Apple in a cage fight over unlocking the shooter’s iPhone. This battle continued into 2016 and was only resolved when the FBI found an alternative and, as yet undisclosed, way to access the iPhone’s contents. So, who’s the turkey here? The FBI? Apple? Depends on where you stand, but the real turkeys here are those people and organizations campaigning for backdoors in digital devices. No reasonable person with even the slightest understanding of computer security can make a cogent case for legally mandating backdoors in encryption systems, but those that deserve Golden Turkeys can.

By way of example, a draft U.S. Senate bill was leaked in April that Kevin Bankston, director of the Open Technology Institute, declared was the “most ludicrous, dangerous, technically illiterate tech policy proposal of the 21st century.” The U.S. Senate and all other backers of backdoors deserve being served up with all the trimmings.

Yahoo
Mark Gibbs / Pixabay

6. Yahoo for getting hacked and taking their time

Ah, yes, good ol’ Yahoo. When Marissa Mayer took over the helm at Yahoo in 2012, the board expected some kind of big turnaround, yet it turns out Ms. Mayer, who appears by all accounts to be a pretty good CEO, boarded a slowly sinking ship and has so far failed to find any way to plug the leaks other than sell the company to Verizon for $4.8 billion. But then, in September, the company admitted to discovering a breach that had exposed data from something like 500 million user accounts. The data included personal credentials such as names, email addresses, telephone numbers, dates of birth, hashed passwords, and even security questions and answers.

Now, you might say a breach of this magnitude was enough to put Yahoo in the running for a Golden Turkey, but the fact that it actually happened in 2014 but wasn’t announced until 2016 ices the bird. Is it any surprise that Verizon wants a $1 billion price reduction and could even call the whole deal off? Who’s going to gobble, gobble, gobble up Yahoo if they do?

5. Delta and Southwest, flightless turkeys
Wikipedia

5. Delta and Southwest, flightless turkeys

In August, at the height of the travel season, an electrical problem at Delta Airlines Atlanta headquarters caused the company’s computer systems to crash along with the travel plans of thousands of passengers world-wide. Until this incident, Delta was considered the most reliable of the major U.S. carriers, but this — can we call it a “glitch”? — revealed just how fragile their aging infrastructure is. How antique? Apparently much of Delta’s technology is vintage 1990s, which would be bad enough except that it’s an amalgam of cobbled together systems from the various airlines Delta acquired over the years.

Ed Bastian, Delta’s CEO apologized saying, “This isn't who we are,” a statement that isn’t even wrong. But Delta isn’t the only carrier to have a major outage this year; back in July, Southwest Airlines’ computer systems malfunctioned and 2,300 flights were cancelled over four days. Linda Rutherford, Southwest’s vice president of communication and outreach, blogged “…during a terrible situation such as this, Love Above All remained the theme, as we tried to get everyone back in the air. The machines failed, but Heart prevailed.” Once the wave of nausea passes, I’m nominating Delta and Southwest for a joint Golden Turkey. It’s even more flightless than they‘ve been.

Samsung
Andrew Zuis / Network World

4. Samsung for creating an exploding market

In late 2016 reports started to emerge that Samsung’s flagship smartphone, the Galaxy Note 7, was, literally, a hot item. By mid-October, there had been around 100 reports of these devices overheating and, in many cases, bursting into flame. On Oct. 13, Samsung recalled every Galaxy Note 7, including the replacements they had sent out earlier in the month after the first reports surfaced. The problem appears to have been a manufacturing fault that caused the lithium ion batteries to short-circuit, but until the U.S. Consumer Product Safety Commission issues its report, something that’s unlikely until after Q1, 2017, the truth will remain “out there.” What we do know is that Samsung is up for a flaming Golden Turkey.

golden turkey 2016 10
Pixabay

3. Windows 10 for being really annoying, intrusive, and possibly illegal

Eugene Levy's car salesman in National Lampoon's “Vacation” said, "You think you hate it now... but wait 'till you drive it." Many people feel much the same way about Windows 10. Looks pretty but … Windows 10 was Microsoft’s answer to the “meh” that greeted Windows 8, and while some aspects of W10 are definite improvements, such as a better mobile and tablet UI and much faster booting, there are also some serious annoyances that include the unholy mess of needing both the Settings app and Control Panel to make configuration changes, Wi-Fi Sense (which is ridiculous), and the endless rapid updates that you can only postpone rather than skip and that require rebooting every time. But these latter annoyances are nothing compared to the thing that Microsoft gives itself with Windows 10: The right and the tools to invade your privacy as they please. This includes mandatory data collection, for which Microsoft has been soundly castigated by the Electronic Frontier Foundation, as well as by France’s National Data Protection Commission, which warned Microsoft that Windows 10 data collection practices are in violation of French law. Microsoft gets nominated for a jack-booted Golden Turkey.

Ransomware
Christiaan Colen / Flickr

2. Companies that gave in to ransomware

If there’s one phenomenon in computer security that’s stood out this year it’s the rise of ransomware, malware that gets into your computer and encrypts everything, then demands a ransom, usually in untraceable Bitcoin. What’s really amazing about ransomware is the number of companies that have given into the demand and paid up, often without getting their data back. It’s not so much that they paid up (which was stupid in the extreme) but rather that they obviously didn’t have backups! If they had had backups they could have simply restored their systems and ignored the ransom demands. Seriously people! If you don’t have a disaster plan that includes taking backups as well as recovering from ransomware exploits, we don’t need to give you a Golden Turkey; you are a turkey.

golden turkey 2016 12
Blue Coat Photos / Flickr

And the winner is: Unsecured IoT products

On Oct. 21, at 7 am EDT, major internet sites including Twitter, Amazon, Tumblr, Reddit, Spotify, and Netflix became unreachable. The cause was a Distributed Denial of Service attack on Dyn, a company that provides large-scale internet infrastructure services, including DNS resolution. The attack, which overloaded Dyn’s systems with 1.2 terabits of requests per second, was on a scale that had never been seen before and originated from a huge number of devices, most of which incorporated subsystems made by a Chinese hi-tech company called XiongMai Technologies. These devices include cameras, residential gateways and baby monitors built by other manufacturers, and the weak security of the XiongMai subsystems made hacking trivial. The failure to secure these Internet of Things (IoT) products isn’t surprising as these manufacturers are building products fast and cheap and the consequences of so many vulnerable devices is going to cause major headaches over the next few years. All of these companies are responsible for unconscionable sloppiness and negligence and jointly win the 2016 Gibbs Golden Turkey award. We congratulate them on breaking the Internet.

golden turkey 2016 13
Mark Gibbs

And finally …

Thanks for viewing the 2016 Gibbs Golden Turkey awards. If you think we had easy pickings this year, just wait for 2017. We can predict with great confidence that next year’s field will be yuge. Watch out for the Internet of Things causing much more trouble, more hackers hacking, more humongous security fails, and more reasons to point the digit of disdain at those who will deserve it so, so richly.

Finally thanks to John Dix, Bob Brown, Michelle Davidson, and David Griffith for their help. If you have comments email me at feedback@gibbs.com. See you next year.

PAST TURKEYS: The Tenth Gibbs Golden Turkey Awards

The Ninth Annual Gibbs Golden Turkey Awards

The Eighth Annual Gibbs Golden Turkey Awards