No Security in Website///ObamaCare site producing flawed forms

[edthecynic]

Obviously the website has been fixed quite successfully, so well in fact, that even the GOP denial of service attacks have failed to bring it down. So now they are trying to scare users away from the site with this hack scare. Mind you, all of the GOP's attempts to hack the site and release users personal info have failed since there has yet to be any released info, so the GOP now is reduced to only scare tactics!

You better change your board name to "edthemoron"... can you READ?

HACKERS: NO SECURITY EVER BUILT INTO OBAMACARE SITE

No security ever built into Obamacare site: Hacker

How STUPID do you have to be to believe "no security ever built into Obamacare site?"

The Right are the most gullible morons on Earth!!!!

 

[mudwhistle]

You better change your board name to "edthemoron"... can you READ?

HACKERS: NO SECURITY EVER BUILT INTO OBAMACARE SITE

No security ever built into Obamacare site: Hacker

As with every other government site I've been on, it's easier for a hacker to navigate the site then an authorized user.

So hack the site and prove it's hackable. Nobody has hacked it yet so it can't be that easy!!!!

My understanding is hackers checked out the security and didn't even find basic security software.

 

[AquaAthena]

No security ever built into Obamacare site: Hacker

t could take a year to secure the risk of "high exposures" of personal information on the federal Obamacare online exchange, a cybersecurity expert told CNBC on Monday.

"When you develop a website, you develop it with security in mind. And it doesn't appear to have happened this time," said David Kennedy, a so-called "white hat" hacker who tests online security by breaching websites. He testified on Capitol Hill about the flaws of HealthCare.gov last week.

"It's really hard to go back and fix the security around it because security wasn't built into it," said Kennedy, chief executive of TrustedSec. "We're talking multiple months to over a year to at least address some of the critical-to-high exposures on the website itself."

Ills of HealthCare.gov: Insurers say ObamaCare site producing flawed forms | Fox News

Retooled Obamacare website traffic surges but problems remain | Reuters

You love beating this issue to death, don't you?

I posted that in another thread, earlier this morning.

What we love, is outing the facts...just the facts, that others have turned a blind eye to, or do not know about.

Beware before you give out ANY personal and financial information. It could wind up anywhere and already has....

 

[edthecynic]

As with every other government site I've been on, it's easier for a hacker to navigate the site then an authorized user.

So hack the site and prove it's hackable. Nobody has hacked it yet so it can't be that easy!!!!

My understanding is hackers checked out the security and didn't even find basic security software.

So why hasn't it been hacked yet??!!

 

[Zoom-boing]

According to white-hat hacker David Kennedy, the site can be easily hacked, allowing criminals to compromise computers and steal people's private information.

White-hat hackers examine systems, searching for security flaws. But instead of criminally exploiting whatever flaws they find, they report them so that the systems can become more secure. Kennedy is chief executive of TrustedSec, a security company.

On a Monday morning interview on CNBC, Kennedy offered some harsh words about the Obamacare Web site. After noting the well-publicized performance problems, "we basically started poking and prodding and looking at the security, and we found that it was pretty bad all around… Putting your information on there is definitely a risk."

What could happen to people who use the site should it be compromised? Kennedy warns of "everything from hacking someone's computer so when you visit the website it actually tries to hack your computer back, all the way to being able to extract email addresses, users names—first name, last name—[and] locations."

Kennedy testified before Congress last week on the issue, and TrustedSec published a damning report. TrustedSec found "clear indicators that even basic security was not built into the healthcare.gov website." The report warns "the website has critical risks associated with it and security concerns should be remediated immediately."

Kennedy explained to CNBC that "When you develop a website, you develop it with security in mind. And it doesn't appear to have happened this time…It's really hard to go back and fix the security around it because security wasn't built into it."

How long will it take to fix the site? Kennedy estimated on CNBC that " We're talking about multiple months to over a year."

And not everyone in government seemed aware of the seriousness of the problem. "One of the folks on the congress side literally said 'There are other web sites that are hacked all the time, so why should ours be any different.'" Fortunately, "A lot of others are trying to fix this and address it."

Kennedy isn't the only security expert to be concerned. CNBC also quotes Crowd Sourced Investigations CEO Morgan Wright, who believes that the current site should be dumped and recreated from scratch. "There's not a plan to fix this that meets the sniff test of being reasonable."

Kennedy finds all of this "unfortunate because when you look at the site itself, it could do really good."

Poor security on Obamacare site could sacrifice private info | PCWorld

Go to the link and click on the TrustSec congressional hearing report (a damning report).

 

[edthecynic]

According to white-hat hacker David Kennedy, the site can be easily hacked, allowing criminals to compromise computers and steal people's private information.

White-hat hackers examine systems, searching for security flaws. But instead of criminally exploiting whatever flaws they find, they report them so that the systems can become more secure. Kennedy is chief executive of TrustedSec, a security company.

On a Monday morning interview on CNBC, Kennedy offered some harsh words about the Obamacare Web site. After noting the well-publicized performance problems, "we basically started poking and prodding and looking at the security, and we found that it was pretty bad all around… Putting your information on there is definitely a risk."

What could happen to people who use the site should it be compromised? Kennedy warns of "everything from hacking someone's computer so when you visit the website it actually tries to hack your computer back, all the way to being able to extract email addresses, users names—first name, last name—[and] locations."

Kennedy testified before Congress last week on the issue, and TrustedSec published a damning report. TrustedSec found "clear indicators that even basic security was not built into the healthcare.gov website." The report warns "the website has critical risks associated with it and security concerns should be remediated immediately."

Kennedy explained to CNBC that "When you develop a website, you develop it with security in mind. And it doesn't appear to have happened this time…It's really hard to go back and fix the security around it because security wasn't built into it."

How long will it take to fix the site? Kennedy estimated on CNBC that " We're talking about multiple months to over a year."

And not everyone in government seemed aware of the seriousness of the problem. "One of the folks on the congress side literally said 'There are other web sites that are hacked all the time, so why should ours be any different.'" Fortunately, "A lot of others are trying to fix this and address it."

Kennedy isn't the only security expert to be concerned. CNBC also quotes Crowd Sourced Investigations CEO Morgan Wright, who believes that the current site should be dumped and recreated from scratch. "There's not a plan to fix this that meets the sniff test of being reasonable."

Kennedy finds all of this "unfortunate because when you look at the site itself, it could do really good."

Poor security on Obamacare site could sacrifice private info | PCWorld

Go to the link and click on the TrustSec congressional hearing report (a damning report).

The GOP have been trying to hack the site from the day it opened, and failing that they are now spreading a rumor to the world's hackers that there is no security to encourage them to hack the site and it still has not been hacked.

If the site is sooooo defenseless, why hasn't it been hacked yet?????!!!!!

 

[Zoom-boing]

According to white-hat hacker David Kennedy, the site can be easily hacked, allowing criminals to compromise computers and steal people's private information.

White-hat hackers examine systems, searching for security flaws. But instead of criminally exploiting whatever flaws they find, they report them so that the systems can become more secure. Kennedy is chief executive of TrustedSec, a security company.

On a Monday morning interview on CNBC, Kennedy offered some harsh words about the Obamacare Web site. After noting the well-publicized performance problems, "we basically started poking and prodding and looking at the security, and we found that it was pretty bad all around… Putting your information on there is definitely a risk."

What could happen to people who use the site should it be compromised? Kennedy warns of "everything from hacking someone's computer so when you visit the website it actually tries to hack your computer back, all the way to being able to extract email addresses, users names—first name, last name—[and] locations."

Kennedy testified before Congress last week on the issue, and TrustedSec published a damning report. TrustedSec found "clear indicators that even basic security was not built into the healthcare.gov website." The report warns "the website has critical risks associated with it and security concerns should be remediated immediately."

Kennedy explained to CNBC that "When you develop a website, you develop it with security in mind. And it doesn't appear to have happened this time…It's really hard to go back and fix the security around it because security wasn't built into it."

How long will it take to fix the site? Kennedy estimated on CNBC that " We're talking about multiple months to over a year."

And not everyone in government seemed aware of the seriousness of the problem. "One of the folks on the congress side literally said 'There are other web sites that are hacked all the time, so why should ours be any different.'" Fortunately, "A lot of others are trying to fix this and address it."

Kennedy isn't the only security expert to be concerned. CNBC also quotes Crowd Sourced Investigations CEO Morgan Wright, who believes that the current site should be dumped and recreated from scratch. "There's not a plan to fix this that meets the sniff test of being reasonable."

Kennedy finds all of this "unfortunate because when you look at the site itself, it could do really good."

Poor security on Obamacare site could sacrifice private info | PCWorld

Go to the link and click on the TrustSec congressional hearing report (a damning report).

The GOP have been trying to hack the site from the day it opened, and failing that they are now spreading a rumor to the world's hackers that there is no security to encourage them to hack the site and it still has not been hacked.

If the site is sooooo defenseless, why hasn't it been hacked yet?????!!!!!

Link?

By your logic, because it hasn't been hacked yet there are no security issues with it.

<blink, blink>

Ok, don't bother reading the congressional report on the security of the site.

 

[edthecynic]

Poor security on Obamacare site could sacrifice private info | PCWorld

Go to the link and click on the TrustSec congressional hearing report (a damning report).

The GOP have been trying to hack the site from the day it opened, and failing that they are now spreading a rumor to the world's hackers that there is no security to encourage them to hack the site and it still has not been hacked.

If the site is sooooo defenseless, why hasn't it been hacked yet?????!!!!!

Link?

By your logic, because it hasn't been hacked yet there are no security issues with it.

<blink, blink>

Ok, don't bother reading the congressional report on the security of the site.

At the congressional hearing it was revealed that the most popular searches on the website were hack attempts, so it is not for lack of trying that the site has not been successfully hacked yet!!!!!

 

[Jackson]

Do hackers generally advertise the fact they have hacked site? Don't they keep that quiet?

 

[Sunshine]

How about NBC....No security ever built into Obamacare site: Hacker

they said
Monday, 25 Nov 2013 | 7:14 AM ET
Dissecting the critical security problems with the website Healthcare.gov, with TrustedSec CEO David Kennedy. "It will take a long time to address some of the critical and high exposures on the website itself," he says.

It could take a year to secure the risk of "high exposures" of personal information on the federal Obamacare online exchange, a cybersecurity expert told CNBC on Monday.

this is all speculation

So?????

They've had over 3 years to work this stuff out an just now they're doing it?

I get the feeling these folks are scraping the bottom of the barrel for programmers. I can see a pattern here. They showed the same concern for security in Benghazi as well. Only thing Democrats seem to do well these days is get out the vote and do fundraisers.

[MENTION=20102]mudwhistle[/MENTION]

Mud, how did you miss this? This contract was given WITHOUT BIDS to one of Michelles' Princeton buddies, and they are not in the US, they are in Canada.

 

[edthecynic]

Do hackers generally advertise the fact they have hacked site? Don't they keep that quiet?

The GOP hackers, out to destroy the ACA, would definitely make a successful hack public immediately!

 

[Zoom-boing]

The GOP have been trying to hack the site from the day it opened, and failing that they are now spreading a rumor to the world's hackers that there is no security to encourage them to hack the site and it still has not been hacked.

If the site is sooooo defenseless, why hasn't it been hacked yet?????!!!!!

Link?

By your logic, because it hasn't been hacked yet there are no security issues with it.

<blink, blink>

Ok, don't bother reading the congressional report on the security of the site.

At the congressional hearing it was revealed that the most popular searches on the website were hack attempts, so it is not for lack of trying that the site has not been successfully hacked yet!!!!!

You didn't read the report, did you?

One of the more alarming trends is that the actual security testing of the website was deferred due to project delays. The website was launched without formal testing and with known risks around the security of the applications. Even further, there was little to no security built into the website or through the development. With the complexity of the website, this would indicate that the the website will suffer from significant security concerns for a long period of time unless significant action is taken to address the issues and flaws within it.

There's lots more but I'm not wasting my time pointing it out. Read it, don't read it, I don't care. Keep believing that security on the website is fine ... even though security pros say otherwise.

 

[Zoom-boing]

Do hackers generally advertise the fact they have hacked site? Don't they keep that quiet?

The GOP hackers, out to destroy the ACA, would definitely make a successful hack public immediately!

Once again, link?

 

[chikenwing]

The "issue" is already dead. All that's happening now is the 'Obamatowners' are all astride the stinking splayed out 'White unicorn', Obama used to ride so charismatically, wailing on the poor beast and screaming at it to get up!
Note to Libs: This is what happens when you put the 'First Affirmative Action' President into an office he was better suited to vacuuming.

theres nothing better then a racist making a fool of themselves ... case in point racist fool Embarrassing himself

whos the fool?? what part is raciest??

English not gibberish

 

[The2ndAmendment]

How about NBC....No security ever built into Obamacare site: Hacker

they said
Monday, 25 Nov 2013 | 7:14 AM ET
Dissecting the critical security problems with the website Healthcare.gov, with TrustedSec CEO David Kennedy. "It will take a long time to address some of the critical and high exposures on the website itself," he says.

It could take a year to secure the risk of "high exposures" of personal information on the federal Obamacare online exchange, a cybersecurity expert told CNBC on Monday.

this is all speculation

So?????

They've had over 3 years to work this stuff out an just now they're doing it?

I get the feeling these folks are scraping the bottom of the barrel for programmers. I can see a pattern here. They showed the same concern for security in Benghazi as well. Only thing Democrats seem to do well these days is get out the vote and do fundraisers.

Let's give them some credit though, they are excellent at hiring the right people to construct the greatest spy and data collection systems and fusion centers that the world shall ever see.

 

[The2ndAmendment]

Obviously the website has been fixed quite successfully, so well in fact, that even the GOP denial of service attacks have failed to bring it down. So now they are trying to scare users away from the site with this hack scare. Mind you, all of the GOP's attempts to hack the site and release users personal info have failed since there has yet to be any released info, so the GOP now is reduced to only scare tactics!

No link or even a hint at where that information comes from.

And you call me the conspiracy theorist.

 

[The2ndAmendment]

So hack the site and prove it's hackable. Nobody has hacked it yet so it can't be that easy!!!!

My understanding is hackers checked out the security and didn't even find basic security software.

So why hasn't it been hacked yet??!!

Hackers (crackers is the proper term) don't usually reveal themselves to the authorities. It takes months and sometimes years for the authorities to catch a person engaged in identity theft.

 

[mudwhistle]

So hack the site and prove it's hackable. Nobody has hacked it yet so it can't be that easy!!!!

My understanding is hackers checked out the security and didn't even find basic security software.

So why hasn't it been hacked yet??!!

It has officially been hacked. That's how they discovered what they found.

BTW, the site is designed to gather your personal information whether you sign up or not.

 

[mudwhistle]

they said
Monday, 25 Nov 2013 | 7:14 AM ET
Dissecting the critical security problems with the website Healthcare.gov, with TrustedSec CEO David Kennedy. "It will take a long time to address some of the critical and high exposures on the website itself," he says.

It could take a year to secure the risk of "high exposures" of personal information on the federal Obamacare online exchange, a cybersecurity expert told CNBC on Monday.

this is all speculation

So?????

They've had over 3 years to work this stuff out an just now they're doing it?

I get the feeling these folks are scraping the bottom of the barrel for programmers. I can see a pattern here. They showed the same concern for security in Benghazi as well. Only thing Democrats seem to do well these days is get out the vote and do fundraisers.

[MENTION=20102]mudwhistle[/MENTION]

Mud, how did you miss this? This contract was given WITHOUT BIDS to one of Michelles' Princeton buddies, and they are not in the US, they are in Canada.

knew that when the site first opened....

 

[Sunshine]

So?????

They've had over 3 years to work this stuff out an just now they're doing it?

I get the feeling these folks are scraping the bottom of the barrel for programmers. I can see a pattern here. They showed the same concern for security in Benghazi as well. Only thing Democrats seem to do well these days is get out the vote and do fundraisers.

[MENTION=20102]mudwhistle[/MENTION]

Mud, how did you miss this? This contract was given WITHOUT BIDS to one of Michelles' Princeton buddies, and they are not in the US, they are in Canada.

knew that when the site first opened....

Well, the government can get good programmers. They just chose not to in this case.