Watcher Forum
Would you like to react to this message? Create an account in a few clicks or log in to continue.


Welcome to Watcher Forum
 
HomeLatest imagesSearchRegisterLog in

Watcher Forum :: Welcome! :: General Discussion
 

 NO SECURITY ever built into Obamacare site

Go down 
AuthorMessage
Guest
Guest




NO SECURITY ever built into Obamacare site Empty
PostSubject: NO SECURITY ever built into Obamacare site   NO SECURITY ever built into Obamacare site I_icon_minitimeTue Dec 03, 2013 2:10 pm
http://www.trunews.com/security-ever-built-obamacare-site-hacker/

No security ever built into Obamacare site: Hacker


It could take a year to secure the risk of “high exposures” of personal information on the federal Obamacare online exchange, a cybersecurity expert told CNBC on Monday.

“When you develop a website, you develop it with security in mind. And it doesn’t appear to have happened this time,” said David Kennedy, a so-called “white hat” hacker who tests online security by breaching websites. He testified on Capitol Hill about the flaws of HealthCare.gov last week.

“It’s really hard to go back and fix the security around it because security wasn’t built into it,” said Kennedy, chief executive of TrustedSec. “We’re talking multiple months to over a year to at least address some of the critical-to-high exposures on the website itself.”

According to the Department of Health and Human Services, which oversaw the implementation of the website, the components used to build the site are compliant with standards set by Federal security authorities.

“The privacy and security of consumers’ personal information are a top priority for us. Security testing happens on an ongoing basis using industry best practices to appropriately safeguard consumers’ personal information,” said the spokesperson.

Another online security expert—who spoke at last week’s House hearing and then on CNBC—said the federal Obamacare website needs to be shut down and rebuilt from scratch. Morgan Wright, CEO of Crowd Sourced Investigations said: “There’s not a plan to fix this that meets the sniff test of being reasonable.”

Last month, a Sept. 27 government memorandum surfaced in which two HHS officials said the security of the site had not been properly tested before it opened, creating “a high risk.”

HHS had explained then that steps were taken to ease security concerns after the memo was written, and that consumer information was secure. Technicians fixed a security bug in the password reset function in late October, the agency said.

But on CNBC, Kennedy disputed those claims, saying vulnerabilities remain on “everything from hacking someone’s computer so when you visit the website it actually tries to hack your computer back, all the way to being able to extract email addresses, users names—first name, last name—[and] locations.”

Read Full Article
Back to top Go down
Kitiara

Kitiara


Posts : 412
Reputation : 66
Join date : 2011-11-17

NO SECURITY ever built into Obamacare site Empty
PostSubject: Re: NO SECURITY ever built into Obamacare site   NO SECURITY ever built into Obamacare site I_icon_minitimeTue Dec 03, 2013 11:51 pm
Obamacare:

bad horsey
Back to top Go down
 
NO SECURITY ever built into Obamacare site
Back to top 
Page 1 of 1
 Similar topics
-
» 30 to 40 percent of Obamacare tech not built — ‘Either hacked or will be soon
» HIDDEN SOURCE CODE IN OBAMACARE WEB SITE!!!!!!!!
» Hearing: Security Flaws in Obamacare Website Endanger Americans
» Enrolling in Obamacare allows government to link your IP address with your name, social security number, bank accounts and web surfing
» Enrolling in Obamacare allows government to link your IP address with your name, social security number, bank accounts and web surfing habits

Permissions in this forum:You cannot reply to topics in this forum
Watcher Forum :: Welcome! :: General Discussion-
Jump to: