Skip to comments.
Security Expert Hacks Obamacare Website In 4 Minutes; Accesses 70,000 Records
Zero Hedge ^
| January 20, 2014
| Michael Krieger
Posted on 01/20/2014 8:42:03 PM PST by Zakeet
click here to read article
Navigation: use the links below to view more comments.
first 1-20, 21 next last
![](http://libertywar.files.wordpress.com/2012/04/obama-at-speech.jpg)
Its actually hard to be this incompetent if you tried ...
1
posted on
01/20/2014 8:42:04 PM PST
by
Zakeet
To: Zakeet
This hacker is obviously racist.
2
posted on
01/20/2014 8:45:42 PM PST
by
LukeL
To: Zakeet
Obamacare is just about over.
To: Zakeet
I call BS!
Everyone knows there aren’t 70,000 records there!
4
posted on
01/20/2014 8:51:47 PM PST
by
bigbob
(The best way to get a bad law repealed is to enforce it strictly. Abraham Lincoln)
To: bigbob
Or, maybe he better check to see what’s in those records...I’d predict he got 70,000 versions of:
“Access Denied. 404. Server timeout. Abort/retry/fail?”
5
posted on
01/20/2014 8:55:35 PM PST
by
bigbob
(The best way to get a bad law repealed is to enforce it strictly. Abraham Lincoln)
To: Republican1795.
6
posted on
01/20/2014 8:58:17 PM PST
by
is_is
(VP Dad of Sgt. G - My Hero - "Sleep Well America......Your Marines have your Back")
To: bigbob
Or, maybe he better check to see whats in those records...Id predict he got 70,000 versions of:
all the various combinations and permutations of Obama's
1. Names
2. Nationality
3. Birth dates
4 Hospital of birth
5. Fathers name
6. Fathers nationality
7. Social security numbers
8. Residences
9. Sexual orientation
10. Other....
7
posted on
01/20/2014 9:03:01 PM PST
by
spokeshave
(OMG.......Schadenfreude overload is not covered under Obamacare :-()
To: bigbob
Everyone knows there arent 70,000 records there! That depends; given the underlying database-structure a single person's data could be spread across multiple database tables (not a bad thing*), each of which is a distinct record.
* You can use this to group data together, or to "compress" common data -- like storing 1..50 for each of the several states and using that number to reference the state rather than the full name or two-letter postal code.
8
posted on
01/20/2014 9:03:23 PM PST
by
OneWingedShark
(Q: Why am I here? A: To do Justly, to love mercy, and to walk humbly with my God.)
To: Zakeet
0 only found out when he saw it on TV, like the rest of us.
9
posted on
01/20/2014 9:04:31 PM PST
by
ntnychik
To: Zakeet
It’s patriotic to lose your personal info, right Joe?
10
posted on
01/20/2014 9:07:32 PM PST
by
12th_Monkey
(One man one vote is a big fail, when the "one" man is an idiot.)
To: Zakeet
A SQL injection attack against the username field is a common technique that yields massive exposure for little effort. The typical naive backend SQL script will directly substitute a browser field into a SQL "where" clause e.g. select ssn where username = '$username'; You fill in the username field with the value ' or '1' -- which changes the substituted value to select ssn where username where username = '' or '1' -- That yields a wildcard match on all usernames and spews all the ssn fields. The actual values will differ, but that is the gist of a SQL injection attack.
See SQL Injection attack
11
posted on
01/20/2014 9:15:15 PM PST
by
Myrddin
To: Zakeet
But, hey, look over there at Chris Christie . . .
12
posted on
01/20/2014 9:16:18 PM PST
by
BAW
("If you like your health plan, you can keep your health plan. Period.")
To: bigbob
Everyone knows there arent 70,000 records there! 65,000 of those records were put there by other hackers.
13
posted on
01/20/2014 9:35:53 PM PST
by
TChad
(The Obamacare motto: Dulce et decorum est pro patria mori.)
To: Myrddin
That is exactly why the process control industry uses so many layers of protection to it’s servers running SQL servers process layer servers.
That and of course Windows OS running on the servers.
Also most of this is edicts sent down from above by boards that have direct ties to Federal Government Security Regs for Process Control. Oh, that is right, that only goes BOOM not someones life savings
14
posted on
01/20/2014 10:13:38 PM PST
by
eartick
(Been to the line in the sand and liked it)
To: is_is
Well it is hard to believe the thing is even sustainable at this point.
To: Zakeet
16
posted on
01/20/2014 11:09:53 PM PST
by
Eleutheria5
(End the occupation. Annex today.)
To: Zakeet
Maybe he can tell us how many successfully enrolled and how many paid. Seems the government is unable to determine these numbers.
17
posted on
01/21/2014 2:57:23 AM PST
by
Lockbox
To: Zakeet
18
posted on
01/21/2014 3:35:52 AM PST
by
kinsman redeemer
(The real enemy seeks to devour what is good.)
To: Zakeet
My local news reported that 2 women were found at the Mexican border with credit cards that were created as a result of the Target security breach. I'm starting to wonder if all of these security breaches aren't just more punishment to the ‘colonialists’ and a direct means to redistribute the wealth that ‘somebody else made happen’.
19
posted on
01/21/2014 3:58:07 AM PST
by
liberalh8ter
(The only difference between flash mob 'urban yutes' and U.S. politicians is the hoodies.)
To: bigbob
Sounds about right, Bob :)
20
posted on
01/21/2014 5:23:26 AM PST
by
ResisTyr
("Resistance to tyrants is obedience to God " ~Thomas Jefferson)
Navigation: use the links below to view more comments.
first 1-20, 21 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson