Posted on 01/20/2014 10:04:15 AM PST by ransomnote
The man who appeared before Congress last week to explain the security pitfalls of HealthCare.gov took to Fox News on Sunday to explain just how easy it was to penetrate the website.
Hacking expert David Kennedy told Foxs Chris Wallace that gaining access to 70,000 personal records of Obamacare enrollees via HealthCare.gov took about 4 minutes and required nothing more than a standard browser, the Daily Caller reported.
PHOTOS: Eye-popping excuses in American political scandals
And 70,000 was just one of the numbers that I was able to go up to and I stopped after that, he said. You know, Im sure its hundreds of thousands, if not more, and it was done within about a 4 minute timeframe. So, its just wide open.
You can literally just open up your browser, go to this, and extract all this information without actually having to hack the website itself, he said.
Mr. Kennedy testified before Congress Thursday that HealthCare.gov was 100 percent insecure, Washington Free Beaconreported.
What we learned was that they had rushed through what we call the software development life cycle where they actually build the application, he said on Fox. So when you do that, security doesnt really get integrated into it. And what happened with the rocky launch in October is they slapped a bunch of servers in trying to fix the website just to keep it up and running so that people could actually go and use it. The problem is they still didnt imbed any security into it.
Its not just myself thats saying this website is insecure, its also seven other independent security researchers that also looked at the research Ive done and came to the exact same conclusion, he said
(Excerpt) Read more at washingtontimes.com ...
Hackers were probably pretty hacked off that it took Obama so long to get the software to stand up on its shaky legs. The Canadian company that sold this *stuff* must know all the doors and windows are open...
Hacked in four minutes....so we know the software still takes 4 minutes to load.
“The Canadian company that sold this *stuff* must know all the doors and windows are open...”
Then how many employees and so called consultants for the Canadian company sold the code pathways to the open doors and windows to hackers in America, Russia and Eastern Europe.
Ironically, I remember reading that some people believe Obama purchased from Canada to prevent GOP from being able to subpoena members of the software company. Not sure Canada will allow us to legally do anything to punish the Canadian company should it sell knowledge of the security holes to the highest bidder. Really - how common is it for a country to offshore its national security?
there has to be reason for THIS much idiocy.
that would have been a Great Campaign Slogan
perhaps Hillary Can Adopt it?
“Really - how common is it for a country to offshore its national security?”
It has been very common for a little over 5 years in Insane America.
lol - it’s as though the government would do something like launch an investigation or something if it were a private business ;)
...gotta love the government getting involved, it gets to police itself, what could possibly go wrong?
LOL
That’s probably why Obama refuses to take it down. More important than proving he can launch software is the way the dems are using Obamacare information to register voters! Some have said that this is a key reason for much of what we have seen - “navigators” steer people to vote and I understand it’s just Dems they are harvesting. They need the votes so the doors to Obamacare must stand wide open.
even George Soros..was against confirming Ricky Holder as the head of the Justice Department....
that speaks volumes about the law abiding thugs in this regime.
harvest...
I waiting for news of the posting of names & SSNs
should be “I’m waiting for news of the posting of names & SSNs”
I saw him. We might as well post our ss nos, bank accounts and electronic signatures on the web.
Kennedy has offered to show the government how easy it is to hack. When he hacked it he did not pull up information on individuals as he would have then been breaking the law. He says once he was in, it would have been easy to get the personal information. I believe him.
He would need permission from the government to pull up the information. He has offered to do this for free. They have not responded to his offer. If the site is secure, as the government claims, they would be happy for him to try. The government knows the site is not secure and they are lying about it!
If you listened to the interview, he did not hack into the system. The action of hacking only happens when a security wall EXISTS and you have to trick your way into the system. This guy did NOT have to do that.
Identity theft is not a concern. No one who has signed up has personal information that is of use to an identity thief. The database is, however, a great voter registration and get-out-the-vote tool for the Democrats.
I believe Identity theft is still a concern. Early on, I read that the Obamacare website has links to the government’s information hubs - that’s why it is so slow - it links, cross checks, and pulls up information from many other government servers. I read that navigators have access to the hub. Further, I believe that the obamacare software bypassed security to link to these hubs so once inside, I believe hackers can get info on all Americans - ones that have not signed up or ever tried to log on to Healthcare.gov because it is apparently hardwired to databases with info on all Americans. Kennedy says there is no software checking for hacks and I believe him - so right now it appears to be open season.
Yes - it is a voter registration operation. But it is probably exposing all of us.
Reading your post makes me wonder if this is part of the single-payer initiative. They didn’t bother to even draft security because they didn’t expect the software to be up for very long, it was only a show, and complete exposure of everyone’s information could then be used in calls to “simplify” and avoid exposure in the future by “eliminating” the need to have to supply personal information like this by granting everyone singlepayer (i.e., the government already has information on you so why not the government handle your healthcare?)
Kinda funny, but a DDOS attack would be fruitless since the dam thing is incredibly slow or doesn’t work anyway. So the govey’s got that going for em.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.