Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

No security ever built into Obamacare site: Hacker
cnbc ^ | 11/25/2013 | By: Matthew J. Belvedere

Posted on 12/02/2013 5:34:50 PM PST by tobyhill

It could take a year to secure the risk of "high exposures" of personal information on the federal Obamacare online exchange, a cybersecurity expert told CNBC on Monday. "When you develop a website, you develop it with security in mind. And it doesn't appear to have happened this time," said David Kennedy, a so-called "white hat" hacker who tests online security by breaching websites. He testified on Capitol Hill about the flaws of HealthCare.gov last week.

"It's really hard to go back and fix the security around it because security wasn't built into it," said Kennedy, chief executive of TrustedSec. "We're talking multiple months to over a year to at least address some of the critical-to-high exposures on the website itself."

According to the Department of Health and Human Services, which oversaw the implementation of the website, the components used to build the site are compliant with standards set by Federal security authorities.

(Excerpt) Read more at cnbc.com ...


TOPICS: Extended News; News/Current Events
KEYWORDS: obamacare; obamacarelies; obamacaresecurity; obamacarewebsite; obamacarewebsitefix
Navigation: use the links below to view more comments.
first previous 1-2021-27 last
To: Chickensoup
Correction... TAX PAYERS' FUNDS!!!!!
21 posted on 12/02/2013 8:29:03 PM PST by ogen hal (First amendment or reeducation camp)
[ Post Reply | Private Reply | To 20 | View Replies]

To: AdmSmith; AnonymousConservative; Berosus; bigheadfred; Bockscar; cardinal4; ColdOne; ...

Thanks tobyhill.


22 posted on 12/02/2013 8:37:26 PM PST by SunkenCiv (http://www.freerepublic.com/~mestamachine/)
[ Post Reply | Private Reply | View Replies]

To: Graewoulf
LOL!

Good one...

Obama to sign up on health exchange (Which SSAN will Hussein use?)

I was so thrilled to see Drudge's headline.

All the reporting about the HealthCare,gov relaunch has been about the Potemkin website with its dysfunctional backend and the "glitches" that still need to be fixed.

Virtually nothing has been said or printed about the website's utter lack of security and the fact that Obama would forcibly subject citizens' to reveal their personal data to every amateur hacker, identity-theft ring, and evil enterprise in the world.

Another conspiracy of silence.

23 posted on 12/02/2013 9:05:18 PM PST by thouworm
[ Post Reply | Private Reply | To 19 | View Replies]

To: tobyhill

Security-shmerity, as long as Obama’s buddies in Canada got 650 million of taxpayer money, that’s all Obama really cared about anyway.


24 posted on 12/02/2013 9:05:59 PM PST by Bullish (America should yank Obama like a rotten tooth before he poisons the entire body)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tobyhill; All

(Well, hey, they HAD to make it as easy as possible for the NSA to collect all the info they wanted!)


25 posted on 12/02/2013 9:13:58 PM PST by Colofornian
[ Post Reply | Private Reply | To 1 | View Replies]

To: tobyhill
"It's really hard to go back and fix the security around it because security wasn't built into it,"

No, it's impossible.

There's no such thing as a completely secure system. I used to say that the only completely secure computer is still in the factory sealed box, but then back in the 90s, Apple shipped quite a few systems that were "pre-infected" with malware.

But if a system is designed from the start without security, it can NEVER become a trusted system.

Mark

26 posted on 12/03/2013 12:18:14 AM PST by MarkL (Do I really look like a guy with a plan?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NTHockey
EVERYBODY involved with the leaking of personal information has violated the HIPAA Law. Arrest them.

Actually, it's not just HIPPA. I believe that if you take credit card payments on a website, the entire system has to be PCI DSS (Payment Card Industry Data Security Standard) compliant. Otherwise, the major payment card vendors will not allow you access to their financial networks.

If the government were to force these vendors to abandon their own security standards, then we've got a real problem here.

Mark

27 posted on 12/03/2013 12:26:28 AM PST by MarkL (Do I really look like a guy with a plan?)
[ Post Reply | Private Reply | To 12 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-27 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson