Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

No security ever built into Obamacare site: Hacker
cnbc ^ | 11/25/2013 | By: Matthew J. Belvedere

Posted on 12/02/2013 5:34:50 PM PST by tobyhill

It could take a year to secure the risk of "high exposures" of personal information on the federal Obamacare online exchange, a cybersecurity expert told CNBC on Monday. "When you develop a website, you develop it with security in mind. And it doesn't appear to have happened this time," said David Kennedy, a so-called "white hat" hacker who tests online security by breaching websites. He testified on Capitol Hill about the flaws of HealthCare.gov last week.

"It's really hard to go back and fix the security around it because security wasn't built into it," said Kennedy, chief executive of TrustedSec. "We're talking multiple months to over a year to at least address some of the critical-to-high exposures on the website itself."

According to the Department of Health and Human Services, which oversaw the implementation of the website, the components used to build the site are compliant with standards set by Federal security authorities.

(Excerpt) Read more at cnbc.com ...


TOPICS: Extended News; News/Current Events
KEYWORDS: obamacare; obamacarelies; obamacaresecurity; obamacarewebsite; obamacarewebsitefix

1 posted on 12/02/2013 5:34:50 PM PST by tobyhill
[ Post Reply | Private Reply | View Replies]

To: tobyhill

Obama is a slacker so everyone in his Admin follows his lead and are slackers ,even the Secret Service


2 posted on 12/02/2013 5:38:43 PM PST by molson209 (Hillary Clinton)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tobyhill
"When you develop a website, you develop it with security in mind. And it doesn't appear to have happened this time,"

Unbelievable.

At this point in history how could anyone build any website that does not have security as their first priority?

If for no other reason than you do not want hackers high jacking your site.

But this site is being built for commercial reasons. This site is supposedly designed to handle personal data and accept payments. How could they not have had security as a major concern?

But this was a no bid contract and the Obama administration got the best people available. /S

3 posted on 12/02/2013 5:42:50 PM PST by Pontiac (The welfare state must fail because it is contrary to human nature and diminishes the human spirit.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: molson209
Obama and his whole Administration - A tale of Dumb and Dumber.
4 posted on 12/02/2013 5:43:18 PM PST by SandRat (Duty - Honor - Country! What else needs said?)
[ Post Reply | Private Reply | To 2 | View Replies]

To: tobyhill

They are on a three year plan and.....oh wait....


5 posted on 12/02/2013 5:45:18 PM PST by relictele (Principiis obsta & Finem respice - Resist The Beginnings & Consider The End)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tobyhill
I.D. for Obamacare buy not for voting. Poetic justice.
6 posted on 12/02/2013 5:46:40 PM PST by tractorman (I never miss a chance to tweak a liberal.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tobyhill

It’s redistribution at work. Why should I be allowed my own identity and credit. I should be forced to share it with those less fortunate and all that....


7 posted on 12/02/2013 5:48:11 PM PST by volunbeer (We must embrace austerity or austerity will embrace us)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tobyhill

Bring it all down, man!


8 posted on 12/02/2013 5:51:59 PM PST by samadams2000 (Someone important make......The Call!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tobyhill
They want the exchanges to fail, in order to force "white Amerika" onto Medicaid, as a matter of "social justice."

See tag line.

9 posted on 12/02/2013 6:09:44 PM PST by Carry_Okie (0Care IS Medicaid; they'll pull a sheet over your head, then take everything you own to pay for it.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tobyhill
...the components used to build the site are compliant with standards set by Federal security authorities...

Right there, this says a lot about the security of all government websites/

10 posted on 12/02/2013 6:10:58 PM PST by Ol' Dan Tucker (People should not be afraid of the government. Government should be afraid of the people)
[ Post Reply | Private Reply | To 1 | View Replies]

To: samadams2000

If I had my way
If I had my way in this wicked world
If I had my way
I would tear this old building down
— Rev Gary Davis


11 posted on 12/02/2013 6:12:19 PM PST by ClearCase_guy
[ Post Reply | Private Reply | To 8 | View Replies]

To: tobyhill

EVERYBODY involved with the leaking of personal information has violated the HIPAA Law. Arrest them.


12 posted on 12/02/2013 6:29:02 PM PST by NTHockey (Rules of engagement #1: Take no prisoners. And to the NSA trolls, FU)
[ Post Reply | Private Reply | To 1 | View Replies]

To: SandRat

Obama and his whole Administration - A tale of Dumb and Dumber.


More like a criminal cabal.


13 posted on 12/02/2013 6:33:39 PM PST by Hotlanta Mike ("Governing a great nation is like cooking a small fish - too much handling will spoil it." Lao Tzu)
[ Post Reply | Private Reply | To 4 | View Replies]

To: tobyhill

Universal Husseincare 21.2 means everyone is allowed on board - eh?


14 posted on 12/02/2013 6:35:30 PM PST by Libloather (The epitome of civility.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tobyhill

Could anyone just consider challenging this on the grounds that it is completely, and totally illegal, through the HIPAA laws to disregard privacy in the entire field of medicine?


15 posted on 12/02/2013 6:40:06 PM PST by stanne
[ Post Reply | Private Reply | To 1 | View Replies]

To: tobyhill




HACKERS: NO SECURITY EVER BUILT INTO OBAMACARE SITE

16 posted on 12/02/2013 7:32:20 PM PST by thouworm
[ Post Reply | Private Reply | To 1 | View Replies]

To: thouworm

Hatchet-faced bitch.


17 posted on 12/02/2013 7:38:37 PM PST by beethovenfan (If Islam is the solution, the "problem" must be freedom.)
[ Post Reply | Private Reply | To 16 | View Replies]

To: tobyhill
security wasn't built into it

18 posted on 12/02/2013 7:57:26 PM PST by Slyfox (Satan's goal is to rub out the image of God he sees in the face of every human.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: thouworm; All

” - - - He [Carney] also reinforced the White House’s earlier promises, going back to early in 2010, that President Obama himself would sign up for Affordable Care Act coverage.
‘He will,’ Carney confirmed. - - - “

THIS IS GREAT NEWS !

At last, we will be able to hack into the medical and personal sealed records of B. Hussein Obama!

The Army Doctors at Walter Reed will be a treasure trove of deeply person information on B. Hussein!

BTW, you don’t think that B. Hussein would actually lie about anything in his medical records do you?

Read more: http://www.dailymail.co.uk/news/article-2517077/New-designed-fix-Obamacare-website-CRASHES-White-House-boasts-it.html#ixzz2mNeSOXKj
Follow us: @MailOnline on Twitter | DailyMail on Facebook


19 posted on 12/02/2013 8:05:19 PM PST by Graewoulf (Democrats' Obamacare Socialist Health Insur. Tax violates U.S. Constitution AND Anti-Trust Law.)
[ Post Reply | Private Reply | To 16 | View Replies]

To: tobyhill

So who is going to hang for this stealing of government funds?


20 posted on 12/02/2013 8:17:40 PM PST by Chickensoup (we didn't love freedom enough... Solzhenitsyn.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Chickensoup
Correction... TAX PAYERS' FUNDS!!!!!
21 posted on 12/02/2013 8:29:03 PM PST by ogen hal (First amendment or reeducation camp)
[ Post Reply | Private Reply | To 20 | View Replies]

To: AdmSmith; AnonymousConservative; Berosus; bigheadfred; Bockscar; cardinal4; ColdOne; ...

Thanks tobyhill.


22 posted on 12/02/2013 8:37:26 PM PST by SunkenCiv (http://www.freerepublic.com/~mestamachine/)
[ Post Reply | Private Reply | View Replies]

To: Graewoulf
LOL!

Good one...

Obama to sign up on health exchange (Which SSAN will Hussein use?)

I was so thrilled to see Drudge's headline.

All the reporting about the HealthCare,gov relaunch has been about the Potemkin website with its dysfunctional backend and the "glitches" that still need to be fixed.

Virtually nothing has been said or printed about the website's utter lack of security and the fact that Obama would forcibly subject citizens' to reveal their personal data to every amateur hacker, identity-theft ring, and evil enterprise in the world.

Another conspiracy of silence.

23 posted on 12/02/2013 9:05:18 PM PST by thouworm
[ Post Reply | Private Reply | To 19 | View Replies]

To: tobyhill

Security-shmerity, as long as Obama’s buddies in Canada got 650 million of taxpayer money, that’s all Obama really cared about anyway.


24 posted on 12/02/2013 9:05:59 PM PST by Bullish (America should yank Obama like a rotten tooth before he poisons the entire body)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tobyhill; All

(Well, hey, they HAD to make it as easy as possible for the NSA to collect all the info they wanted!)


25 posted on 12/02/2013 9:13:58 PM PST by Colofornian
[ Post Reply | Private Reply | To 1 | View Replies]

To: tobyhill
"It's really hard to go back and fix the security around it because security wasn't built into it,"

No, it's impossible.

There's no such thing as a completely secure system. I used to say that the only completely secure computer is still in the factory sealed box, but then back in the 90s, Apple shipped quite a few systems that were "pre-infected" with malware.

But if a system is designed from the start without security, it can NEVER become a trusted system.

Mark

26 posted on 12/03/2013 12:18:14 AM PST by MarkL (Do I really look like a guy with a plan?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NTHockey
EVERYBODY involved with the leaking of personal information has violated the HIPAA Law. Arrest them.

Actually, it's not just HIPPA. I believe that if you take credit card payments on a website, the entire system has to be PCI DSS (Payment Card Industry Data Security Standard) compliant. Otherwise, the major payment card vendors will not allow you access to their financial networks.

If the government were to force these vendors to abandon their own security standards, then we've got a real problem here.

Mark

27 posted on 12/03/2013 12:26:28 AM PST by MarkL (Do I really look like a guy with a plan?)
[ Post Reply | Private Reply | To 12 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson