Support Free Republic.
Thank you!
Posted on 11/19/2013 10:56:11 AM PST by RoosterRedux
Not only is healthcare.gov at risk, it may already have been compromised, a security expert testified before the Senate.
“Hackers are definitely after it,” said David Kennedy, CEO of information security firm TrustedSEC before a House Science, Space, and Technology committee hearing on security concerns surrounding the problematic Healthcare.gov website.
“And if I had to guess, based on what I can see … I would say the website is either hacked already or will be soon.”
One key problem facing Healthcare.gov is that security wasn’t built into the site from the very beginning, he said -- an opinion shared by both Kennedy and Fred Chang, the distinguished chair in cyber security at Southern Methodist University.
“There’s not a lot of security built into the site, at least that’s what we can see from a 10,000 foot view,” Kennedy told the committee.
(Excerpt) Read more at foxnews.com ...
Winner winner! Post of the day!
Sounds like a backpedal from the claims earlier this week that it was being DDOS attacked by right wing zealots.
Just from that I can deduce without any tools that there are severe Sql Injection issues, probably XML injection and cross-site scripting vulnerabilities too.
And that is just on a visual inspection. An hacker with the simplest of tools (Burp, Web Scarab, paros, etc.) could find myriad infiltration pathways in a matter of minutes.
“One key problem facing Healthcare.gov is that security wasn’t built into the site from the very beginning, he said — an opinion shared by both Kennedy and Fred Chang, the distinguished chair in cyber security at Southern Methodist University.”
Normally, I wouldn’t have believed this . . . however, now . . .
Let me sum up this PDF for those without the time / technical background to read and understand what’s being said:
If you value your identity, stay off Healthcare.gov
Oh, that? We forgot about that.
“It’s not only social security numbers … it’s one of the largest collections of personal data, social security and everything else, that we’ve ever seen,” Kennedy said.
Well, heck, who would be interested in that?
The bad news is that your medical and tax records are now in the hands of a 12-year-old North Korean hacker. The good news is he's your heart surgeon.
IBT ‘IATHF’ (It’s All The Hackers’ Fault!)
Normally, I wouldn’t have believed this . . . however, now . . .
As the Obamacare disaster grows more legs than a caterpillar, I am coming to the conclusion that this is the end of Obama.
He looks like an unplugged idiot--unaware, uncaring, indifferent, and just plain incompetent. And on top of that, he's a shameless liar.
Put a fork in him...he's done.
Wow! You’re not kiddin.
Don’t go near it.
Funny how close this hole Deathcare episode is to a Dilbert cartoon. Dilbert’s Elbonians clearly have been the contractors in setting it up. The entire country of Elbonia, for you non-Dilbert types, is covered in knee-deep mud and the Elbonians are totally incompetent at everything. Their main attraction is that they work cheap and that, folks, is the only difference I can see so far between them and the Kenyan’s bunch. And maybe what Washington DC is knee-deep in? I don’t recall any episodes where the Elbonians set up a health insurance system but I expect Dilbert will be on it.
OMG!!!!!!!!!!!!!!!!!!!!!!!!
This site looks like something that a bunch of high-schoolers threw together in a weekend of all-nighters
How they managed to spend $680million on this is unbelievable
The sql commands are gone from that search list now.
ALREADY.
Too late, of course, all the data is sitting on some scumbags hard drive in Pakistan already.
Easy pickings...
What if someone put a Stuxnet in it?
Rut-roh.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.