Skip to comments.No security ever built into Obamacare site: Hacker
Posted on 12/02/2013 5:34:50 PM PST by tobyhill
It could take a year to secure the risk of "high exposures" of personal information on the federal Obamacare online exchange, a cybersecurity expert told CNBC on Monday. "When you develop a website, you develop it with security in mind. And it doesn't appear to have happened this time," said David Kennedy, a so-called "white hat" hacker who tests online security by breaching websites. He testified on Capitol Hill about the flaws of HealthCare.gov last week.
"It's really hard to go back and fix the security around it because security wasn't built into it," said Kennedy, chief executive of TrustedSec. "We're talking multiple months to over a year to at least address some of the critical-to-high exposures on the website itself."
According to the Department of Health and Human Services, which oversaw the implementation of the website, the components used to build the site are compliant with standards set by Federal security authorities.
(Excerpt) Read more at cnbc.com ...
Obama is a slacker so everyone in his Admin follows his lead and are slackers ,even the Secret Service
At this point in history how could anyone build any website that does not have security as their first priority?
If for no other reason than you do not want hackers high jacking your site.
But this site is being built for commercial reasons. This site is supposedly designed to handle personal data and accept payments. How could they not have had security as a major concern?
But this was a no bid contract and the Obama administration got the best people available. /S
They are on a three year plan and.....oh wait....
It’s redistribution at work. Why should I be allowed my own identity and credit. I should be forced to share it with those less fortunate and all that....
Bring it all down, man!
See tag line.
Right there, this says a lot about the security of all government websites/
If I had my way
If I had my way in this wicked world
If I had my way
I would tear this old building down
— Rev Gary Davis
EVERYBODY involved with the leaking of personal information has violated the HIPAA Law. Arrest them.
Obama and his whole Administration - A tale of Dumb and Dumber.
More like a criminal cabal.
Universal Husseincare 21.2 means everyone is allowed on board - eh?
Could anyone just consider challenging this on the grounds that it is completely, and totally illegal, through the HIPAA laws to disregard privacy in the entire field of medicine?
- - - He [Carney] also reinforced the White Houses earlier promises, going back to early in 2010, that President Obama himself would sign up for Affordable Care Act coverage.
He will, Carney confirmed. - - -
THIS IS GREAT NEWS !
At last, we will be able to hack into the medical and personal sealed records of B. Hussein Obama!
The Army Doctors at Walter Reed will be a treasure trove of deeply person information on B. Hussein!
BTW, you dont think that B. Hussein would actually lie about anything in his medical records do you?
Read more: http://www.dailymail.co.uk/news/article-2517077/New-designed-fix-Obamacare-website-CRASHES-White-House-boasts-it.html#ixzz2mNeSOXKj
Follow us: @MailOnline on Twitter | DailyMail on Facebook
So who is going to hang for this stealing of government funds?
I was so thrilled to see Drudge's headline.
All the reporting about the HealthCare,gov relaunch has been about the Potemkin website with its dysfunctional backend and the "glitches" that still need to be fixed.
Virtually nothing has been said or printed about the website's utter lack of security and the fact that Obama would forcibly subject citizens' to reveal their personal data to every amateur hacker, identity-theft ring, and evil enterprise in the world.
Another conspiracy of silence.
Security-shmerity, as long as Obama’s buddies in Canada got 650 million of taxpayer money, that’s all Obama really cared about anyway.
(Well, hey, they HAD to make it as easy as possible for the NSA to collect all the info they wanted!)
No, it's impossible.
There's no such thing as a completely secure system. I used to say that the only completely secure computer is still in the factory sealed box, but then back in the 90s, Apple shipped quite a few systems that were "pre-infected" with malware.
But if a system is designed from the start without security, it can NEVER become a trusted system.
Actually, it's not just HIPPA. I believe that if you take credit card payments on a website, the entire system has to be PCI DSS (Payment Card Industry Data Security Standard) compliant. Otherwise, the major payment card vendors will not allow you access to their financial networks.
If the government were to force these vendors to abandon their own security standards, then we've got a real problem here.