The Orange Mane -  a Denver Broncos Fan Community  

Go Back   The Orange Mane - a Denver Broncos Fan Community > Jibba Jabba > War, Religion and Politics Thread
Register FAQ Members List Calendar Chat Room Mark Forums Read



Reply
 
Thread Tools Display Modes
Old 11-02-2013, 09:28 AM   #1
UltimateHoboW/Shotgun
Don't piss off Manning.
 
UltimateHoboW/Shotgun's Avatar
 
Time to believe!

Join Date: Dec 2004
Location: Gensis Planet
Posts: 6,446

Adopt-a-Bronco:
C.J. Anderson
Default Security hole found in Obamacare website

http://money.cnn.com/2013/10/29/tech...care-security/


Quote:
The Obamacare website has more than annoying bugs. A cybersecurity expert found a way to hack into users' accounts.
Until the Department of Health fixed the security hole last week, anyone could easily reset your Healthcare.gov password without your knowledge and potentially hijack your account.

The glitch was discovered last week by Ben Simo, a software tester in Arizona. Simo found that gaining access to people's accounts was frighteningly simple. You could have:
guessed an existing user name, and the website would have confirmed it exists.
claimed you forgot your password, and the site would have reset it.
viewed the site's unencrypted source code in any browser to find the password reset code.
plugged in the user name and reset code, and the website would have displayed a person's three security questions (your oldest niece's first name, name of favorite pet, date of wedding anniversary, etc.).
answered the security questions wrong, and the website would have spit out the account owner's email address -- again, unencrypted.
Armed with the account holder's email address, a person with malicious intent could easily track down their target on social media, where they'd likely discover the answers to those security questions.
It wouldn't have even taken a skilled hacker. Anyone with bad intentions -- and a minimal understanding of how to read a website's code -- could have figured it out. While such an attack might not have yielded your Social Security number or health information, it would have exposed your address and phone number.
Related story: Obamacare 'hub' back online after malfunction
By Friday, that dent in security was gone. But security consultants say it's disconcerting that such a privacy concern remained unaddressed for more than three weeks after the federal government launched the Obamacare website Oct. 1.
Obama ex-aide: Valley would've done better
Obama ex-aide: Valley would've done better
The Department of Health and Human Services, which is rolling out the health care overhaul, confirmed the flaws existed. After being contacted for this story, the department said changes were made that would prevent outsiders from seeing someone's password reset code.
"We have taken great care to ensure that people's usernames and information are kept secure," said health spokeswoman Joanne Peters.
Simo tried to report the defect as soon as he found it, but the Obamacare hotline operator referred him to law enforcement -- which was neither helpful nor relevant. While attempting to retrace Simo's steps on Friday, CNNMoney found that some of the issues had been fixed -- but not all.
Still, Simo fears that a savvy hacker could find other holes and Obamacare applicants' data will be compromised on a mass scale.
"This seems really sloppy," Simo said. "Either the developers were incompetent and did not know how to do the basic things to protect user information, or the development was so fractured that the individuals building the system didn't understand how they fit into the bigger picture."
Related story: Obamacare website: 6 biggest contractors
The flaw wasn't mentioned at last week's congressional hearing, when government contractors CGI Federal and Quality Software Services Inc. testified about their responsibilities in the project. But another point was made by Congressman Mike Rogers, R-Mich.: companies keep patching up the website's holes, and adding thousands of new lines of computer code, exposing the entire system to unforeseen security problems.
Cyberattacks on Obamacare exchange websites are already underway. At least one state, Connecticut, has seen outsiders attempt to gain "irregular" access, according to Jim Wadleigh, chief information officer of Access Health CT.
Congress' inquiries continued Tuesday, when the Ways and Means Committee posed questions about the site's glitches and security to Marilyn Tavenner, head of the health department's Centers for Medicare & Medicaid Services.
The security hole is just the latest in a series of mishaps for the Obamacare website's launch. In the first weeks, system errors prevented people from signing up to the newly launched insurance exchanges. Over the past weekend, a government contractor's network failure again left users unable to apply.
Monday brought the latest worrisome disclosure: that the entire Obamacare website operates on a single computer server in Virginia -- without any backup, according to Congressman Rogers. To top of page



http://nation.foxnews.com/2013/10/03...website-hacked

Quote:
Hackers blamed for NY’s ObamaCare breakdown

By Bruce Golding | New York Post

The numbers just don’t add up.

The “abnormally high traffic” that crippled New York’s ObamaCare Web site for two days may have resulted from a malicious attack by hackers, computer-security experts said Wednesday.

The NY State of Health site recorded an astounding 10 million visits after opening for business Tuesday — although there are only about 1.1 million state residents without health insurance and just 330,000 are expected to buy ObamaCare for next year.

By comparison, the federal government’s heavily promoted HealthCare.gov site — a portal to the sites for all 50 states, the District of Columbia and America’s territories and commonwealths — drew just 4.7 million visitors the first day.
Obama
UltimateHoboW/Shotgun is online now   Reply With Quote
Sponsored Links
Old 11-02-2013, 01:52 PM   #2
Mecklomaniac
Pro Bowler
 
Mecklomaniac's Avatar
 

Join Date: Dec 2002
Location: WA
Posts: 703

Adopt-a-Bronco:
Jack Dolbin
Default


Maybe Sebelius should read the book
Mecklomaniac is offline   Reply With Quote
Old 11-02-2013, 01:57 PM   #3
Rohirrim
Partisan
 
Rohirrim's Avatar
 

Join Date: Jan 2003
Location: Twixt Hell & Highwater
Posts: 54,506

Adopt-a-Bronco:
Malik Jackson
Default

What we need around here are ten more Obamacare threads. Geez, Michele. Let's try to conserve the bandwidth.
Rohirrim is offline   Reply With Quote
Old 11-03-2013, 06:00 AM   #4
barryr
Ring of Famer
 
New to the Forum

Join Date: Aug 2007
Posts: 9,706

Adopt-a-Bronco:
None
Default

This whole things is a mess and a joke, but as typical, the liberals will pretend it's not happening. Or blame republicans. Or blame Bush. Or blame the evil capitalists, well only those that give to republicans of course since the ones that donate to democrats are "good." They don't want to shown to be wrong in thinking government can handle everyone's healthcare just fine.
barryr is offline   Reply With Quote
Old 11-03-2013, 06:05 AM   #5
Rohirrim
Partisan
 
Rohirrim's Avatar
 

Join Date: Jan 2003
Location: Twixt Hell & Highwater
Posts: 54,506

Adopt-a-Bronco:
Malik Jackson
Default

Quote:
Originally Posted by barryr View Post
This whole things is a mess and a joke, but as typical, the liberals will pretend it's not happening. Or blame republicans. Or blame Bush. Or blame the evil capitalists, well only those that give to republicans of course since the ones that donate to democrats are "good." They don't want to shown to be wrong in thinking government can handle everyone's healthcare just fine.
You realize that you've posted this same post about nearly every subject that comes up for years on here? How can we be sure you're not some kind of Right Wing bot?
Rohirrim is offline   Reply With Quote
Old 11-03-2013, 02:58 PM   #6
Fedaykin
Ring of Famer
 

Join Date: Nov 2006
Posts: 4,955

Adopt-a-Bronco:
None
Default

Quote:
Originally Posted by Rohirrim View Post
You realize that you've posted this same post about nearly every subject that comes up for years on here? How can we be sure you're not some kind of Right Wing bot?
The gig is up, I'll have to start working on barryr-bot 2.0
Fedaykin is online now   Reply With Quote
Old 11-05-2013, 01:39 PM   #7
UltimateHoboW/Shotgun
Don't piss off Manning.
 
UltimateHoboW/Shotgun's Avatar
 
Time to believe!

Join Date: Dec 2004
Location: Gensis Planet
Posts: 6,446

Adopt-a-Bronco:
C.J. Anderson
Default

Quote:
Originally Posted by Mecklomaniac View Post

Maybe Sebelius should read the book
Rep!
UltimateHoboW/Shotgun is online now   Reply With Quote
Old 11-08-2013, 10:57 AM   #8
UltimateHoboW/Shotgun
Don't piss off Manning.
 
UltimateHoboW/Shotgun's Avatar
 
Time to believe!

Join Date: Dec 2004
Location: Gensis Planet
Posts: 6,446

Adopt-a-Bronco:
C.J. Anderson
Default

UltimateHoboW/Shotgun is online now   Reply With Quote
Old 11-08-2013, 01:04 PM   #9
B-Large
Ring of Famer
 
B-Large's Avatar
 
Expunged... Accidently?

Join Date: Sep 2013
Posts: 2,585

Adopt-a-Bronco:
None
Default

Its going to work for me and my needs, it will get fixed. But the sideshow is fun to watch... another solid thread.
B-Large is online now   Reply With Quote
Old 11-17-2013, 12:00 AM   #10
UltimateHoboW/Shotgun
Don't piss off Manning.
 
UltimateHoboW/Shotgun's Avatar
 
Time to believe!

Join Date: Dec 2004
Location: Gensis Planet
Posts: 6,446

Adopt-a-Bronco:
C.J. Anderson
Default

UltimateHoboW/Shotgun is online now   Reply With Quote
Old 11-17-2013, 04:31 AM   #11
barryr
Ring of Famer
 
New to the Forum

Join Date: Aug 2007
Posts: 9,706

Adopt-a-Bronco:
None
Default

Quote:
Originally Posted by Rohirrim View Post
You realize that you've posted this same post about nearly every subject that comes up for years on here? How can we be sure you're not some kind of Right Wing bot?
You do realize you libs have posted your typical crap for years? Oh, of course you don't, you guys really think your posts are full of originality. Simplicity should be making you comfortable.
barryr is offline   Reply With Quote
Old 11-17-2013, 04:33 AM   #12
barryr
Ring of Famer
 
New to the Forum

Join Date: Aug 2007
Posts: 9,706

Adopt-a-Bronco:
None
Default

Quote:
Originally Posted by B-Large View Post
Its going to work for me and my needs, it will get fixed. But the sideshow is fun to watch... another solid thread.
600 million and it still doesn't work? 600 million and hackers can easily get people's ID and other personal information? Yes, solid work by our government.
barryr is offline   Reply With Quote
Old 11-17-2013, 07:59 AM   #13
UltimateHoboW/Shotgun
Don't piss off Manning.
 
UltimateHoboW/Shotgun's Avatar
 
Time to believe!

Join Date: Dec 2004
Location: Gensis Planet
Posts: 6,446

Adopt-a-Bronco:
C.J. Anderson
Default

UltimateHoboW/Shotgun is online now   Reply With Quote
Old 11-17-2013, 11:45 PM   #14
L.A. BRONCOS FAN
Mo' holla fo' yo' dolla!
 
L.A. BRONCOS FAN's Avatar
 

Join Date: Dec 2002
Location: In a bunker in an undisclosed location
Posts: 53,795
Default

Just a heads-up for UltimateSpammer, barryr, Beavis, and the rest:

Your hero Smirky McFlightsuit is going to be on Leno this week.

L.A. BRONCOS FAN is offline   Reply With Quote
Reply

Thread Tools
Display Modes



Forum Jump


All times are GMT -7. The time now is 04:55 PM.


Denver Broncos