2012 Top 10 IT Mulligan’s (so far…)

As many of you golfers know, a Mulligan is an opportunity to re-tee up a ball that has been hit poorly. Not "legal" under the Rules of Golf, the term, per the USGA Museum,  hails from a fellow by the name of David Mulligan frequented St. Lambert Country Club in Montreal, Quebec, during the 1920s. Mulligan let it rip off the tee one day, wasn't happy with the results, re-teed, and hit again. According to the story, he called it a "correction shot," but his partners thought a better name was needed and dubbed it a "mulligan."

So Wasabi Roll decided to see how 2012 looked from the “Mulligan” perspective, i.e., what are the year’s Top 10 biggest blunders that the originators prefer to take a Mulligan on.  Without further adieu, here are the year’s IT Mulligan’s:

1)   Faceplant

The most anticipated public offering since the launch of the SS Titanic - and the results were about as disastrous for small-time investors.  Instead of a return to boom times for high-tech stocks, we were witnesses to a financial enema for the small-time investor. Although many investors had hoped for a big first-day pop, Facebook's stock opened on May 18 at $42.05 and fluctuated between $45 and $38 and barely closed above its offering price.  To make things worse, it’s been one of those county fair giant slides since then, it currently struggles at the $20 mark.  Interestingly enough, Facebook had given information about its prospective mobile revenues (or lack thereof) to the big banks but failed to share it with the investing public. It seems Mark Zuckerberg had customized his Facebook settings to "Share with major institutional investors only."  To date Mr. Zuckerberg has heard his name burned in infamy by some of his rhyming investors.

2)  Clone Wars

Aye, fight and you may die. Run, and you'll live... at least a while. And dying in your beds, many years from now, would you be willing' to trade ALL the days, from this day to that,

For one chance,

Just one chance,

To come back here and tell our enemies that they may take our lives, but they'll never take... OUR PATENTS!

Yes friends, this spring was the patent wars, starring the Marx Bros. of IT, Facebook and Yahoo, Apple and Samsung, Oracle and Google -- the list feels endless.  However, It seems even the judges have had enough. In June, federal judge Richard Posner canceled a trial between Motorola and Apple, calling Motorola's claims "ridiculous" and Apple's filings "frivolous" and ultimately dismissed the case with extreme prejudice. Now if we could just get the other 3,300 federal judges to follow his lead, we might be onto something. badah-bump, tishhh.

3)  A Resume by Any Other Name…

Newly minted CEO Scott Thompson had barely begun laying off employees at Yahoo and suing Facebook for patent violations when it was revealed that his resume was filed in the fiction/fantasy aisles.  Oh no he didn’t? Yes he did.  Degree in computer science, Uuuuuh nope. It was a mistake, he said -- but one that had been following him for more than a decade. Disgruntled investor Dan Loeb, unhappy with the choice of Thompson as CEO, used the fake resume to put Thompson back on the unemployment lines three months after he took the job no sane person wants running ShopRunner which provides faster shipping from shopping sites.  As for the disgruntled meddler, Loeb, he is apparently happier having new interim CEO Ross Levinsohn. Levinsohn's biggest claim to fame? He helped News Corp. acquire MySpace for nearly $600 million in 2005.

4)   You can’t be Siri-ous

Siri, the most notable new feature of the iPhone 4S, a pseudo AI companion to its cell phone users entertains it’s users with its quick wit and impressive responses. Like when bloggers at WMPower User asked her, "What's the best cellphone ever?" and Apple's Intelligent Assistant piped up, "Nokia Lumia 900." Whaaaaaaaaat? How did this atrocity happen?  Well, it so happens that Siri bases some of her answers on data gathered by geeky search engine Wolfram-Alpha, which takes its information about smartphones from, of all places, Best Buy, yes Best Buy, that brain trust giant that we all go to when the world’s technology goes awry. The big-box retailer's website had a handful of five-star reviews for the Nokia 900, and that was good enough for Siri -- at least until Apple reprogrammed her to respond with the name of the One True Phone from now on.

5)  Every Breath you take…

This one falls in the WTF category.  Between May 2007 and May 2010 as part of its Street View project, Google, Inc. collected data from Wi-Fi networks throughout the United States and around the world.  The purpose of Google's Wi-Fi data collection initiative was to capture information about Wi-Fi network that the company could use to help establish user locations and provide location-based services. However, Google also collected "payload" data, i.e., the content of the Internet communications it was monitoring that wasn't part of its location initiative. This payload data included e-mail and text messages, passwords, Internet usage history, and other highly sensitive personal information.  The true extent of those lies became public only after Google was forced to release an unredacted version of a highly censored 25-page FTC report on the matter last April.

6)  Goldilocks and the three PA’s - SOPA, PIPA, and CISPA

Right from the pages of 1984, Orwell’s dream is slowly becoming a reality with “Big Brother” coming down on the nature of the Internet with SOPA, PIPA, and CISPA.  While the Net's inhabitants successfully voiced it’s dismay via a well-supported Internet "blackout," effectively killing SOPA and PIPA, CISPA remains – this because unknown to the public, it has the quiet support of heavyweights like Facebook, IBM, and Microsoft. The Cyber Intelligence Sharing and Protection Act were passed by a House majority in April and await judgment in the Senate, where it's competing with two similar bills. In response, a group of opponents has banded together and formed the Internet Defense League, less the leotards and capes of course.

7)  Flame of Seagulls...

And Iran, Iran so far away.

I just ran, Iran all night and day.

Couldn’t get away.

The world will not be dominated by guns, but by keyboards. A lesson learned by Iran.  Under a program initiated under President Bush and continued under President Obama, the United States did in fact inject the Stuxnet worm -- co developed by the NSA and the Israeli secret service -- into an Iranian uranium processing plant, screwing up the centrifuges and spoiling the batch. Unfortunately Stuxnet didn't stay there, spreading to other computer systems. Now a Stuxnet cousin known as Flame is burning its way across networks in the Middle East, with no telling where or when it'll stop.

8)  Way to Go Microsoft!

Microsoft is so proud of the speed of its Windows Phone 7.5 operating system that it set up a Smoked by Windows Phone contest last May for visitors to its Microsoft Stores. If any other Smartphone user could defeat a WinPho7 at a series of basic tasks, that person would walk off with a $1,000 HP laptop. A few days into the contest, Android user Sahas Katta defeated a Windows Phone at a basic task, at which point store employees, refused to honor the challenge winner, and declared the contest null and void – NICE... Roughly a day later, Microsoft higher-ups realized what “a-holes” they looked like and reversed themselves, giving Katta the laptop shortly thereafter (eye roll).  It seems the marketing geniuses who came up with the idea definitely smoked something for sure.

9) Verbal and the Usual Suspects

In January, hacker group Lords of Dharmaraja posted source code for Norton Antivirus. In February, Anonymous tapped a phone confab between the FBI and Scotland Yard about -- yes -- how to catch Anonymous, and then posted the audio on YouTube. That same month, security consultants Stratfor Global had 5 million of its emails posted online, courtesy of those same anons. In March, a zero-day remote desktop exploit spread across the Web. Its source: A Microsoft program intended to identify and contain zero-day exploits. Way to Go Microsoft! Recently, LinkedIn had more than 6 million hashed user passwords stolen and posted online by a Russian hacker. Will the real incompetents please remain standing, so we can send Lt. Aldo Raine and his band of misfits to track you down and make sure you are readily identified.

10) Oracle to the Rescue! Our Hero?

Crackers have found yet vulnerability in Oracle's Java software new release, ver. 7.0 that allows them to break into users' computers and install nasty malware, security experts report. Crackers, yes Crackers, for “Hackers” are seldom malicious, and usually find vulnerabilities and point them out to the developers.  Where Crackers are vandals.

Regardless, the attack, first flagged in public last Sunday by researchers at the security firm FireEye, identified it as a "zero-day" threat, for those not in security circles, a zero-day (or zero-hour or day zero) attack or threat is an attack that exploits a previously unknown vulnerability in a computer application, meaning that the attack occurs on "day zero" of awareness of the vulnerability.

Oracle release four days later a fix.  Wow, a four-day turnaround suggests Oracle was “Johnny on the spot”, right? Well, not so much, for IDG News Service’s Lucian Constantin reported that Polish security researcher Adam Gowdiak had actually notified the Redwood Shores-based company of the problem way back in April, uh more that 4 months ago. Gowdiak said that the Oracle status report dated Aug. 23 indicated the company was planning to fix the vulnerabilities in its regularly scheduled October update.  The latest update that happened in June, fixed only three of 29 issues that Gowdiak said he had reported.  Alex Lanstein of the security firm FireEye, which publicly reported the Java attacks on Sunday, said after researching this further, said that this exploit was being used much longer than that. 

Source(s)

• http://www.networkworld.com/slideshow/54787#slide1
• http://www.slate.com/blogs/future_tense/2012/08/30/oracle_java_update_latest_fix_available_for_download_but_do_you_really_need_it_.html
• http://www.computerworld.com/s/article/9230736/Java_zero_day_exploit_goes_mainstream_100_sites_serve_malware

So “Once more unto the breach, dear friends, once more;”

____________________________________________________________

About Rick Ricker

An IT professional with over 20 years experience in Information Security, wireless broadband, network and Infrastructure design, development, and support.

For more information, contact Rick at (800) 333-8394 x 689