Gaping Hole in Obamacare Site Still Exposing Records 2 Months Later
January 21, 2014 7:40 PM
Healthcare.gov is rated as less secure than over half of websites, is exposing private records
has caught a nasty security bug, but it doesn't seem to be seeking treatment.
I. Obamacare Portal is Dangerous to Americans
disastrous Oct. 1, 2013 launch
, the government's effort to fix its one-stop shop for health insurance
focused on the portal's service glitches
, which led to timeouts and lost user form information.
The effort drew fire when it was revealed that project managers
tried to raise concerns about the site's issues as far back as July 2013
, but were largely ignored and told to proceed like it was business as usual.
But for a website that is entrusted with a massive amount of sensitive personal information and records, a number problem was festering beneath the surface.
It turns out that as poorly designed as Healthcare.gov's front-end is, its
backend may be even more of a mess
, with security experts identifying multiple security flaws. Some experts argued that the flaws were serious enough to
necessitate a shutdown of the site
. Of course, President Barrack Hussein Obama (D) refused to do that, insisting the dangers would be fixed quickly.
One of the experts to testify before Congress in November about the security concerns, TrustedSec founder David Kennedy, has returned this week with some disturbing news, though, saying one of the worst security holes remains gaping open two months later.
By doing advanced searches using Google Inc.'s (
) search engine and then modifying the resulting URLs minimally, he believes that over 70,000+ records can be accessed. He says his white hat code of ethics prevents him from actually fully testing the bug, but that he's certain his black hat colleagues would have no problem exploiting it.
Most embarrassingly, the bug is a simple one, he states, and could be cured in a matter of days if the Obama administration committed to treating it.
The fact that it remains unfixed two months after it was widely publicized is disturbing, he argues, as other bugs will be much harder to fix and remain unresolved as well. Among those is lacking security certifications which allow malicious attack sites to impersonate the government website, preying on victims via phishing scams.
II. Silence From the Obama Administration on Why it Isn't Protecting Americans
The Centers for Medicare and Medicaid Services
(CMS) the Health Department agency responsible for Healthcare.gov's development has thus far refused to respond to the latest round of media inquiries regarding the website continuing to endanger Americans.
In December after a
special meeting with top tech leaders
the President announced
he was tapping retired Microsoft
) Office President Kurt DelBene
to lead repair efforts on the site. But Mr. DelBene -- who carries impressive cloud credentials, having
championed Microsoft's Office 365 development
-- does not appear to have been able to fix the failing project thus far.
[Image Source: DailyClash]
Regardless of how you feel about public healthcare in general, or the specific implementation that the President and his allies in Congress passed and signed into law, it's almost impossible to deny that the web face of the program has been an abysmal failure. After billions spent on the site,
-- a site that examines websites for known security flaws -- estimates that HealthCare.gov is more insecure than half the sites on the web.
The scan we ran on the site states:
SummaryNumber of Happy Findings: 2
Number of Not As Happy Findings: 8
Percentage Happy Findings: 20%
What These Numbers Mean
We detected 2 Happy Findings on www.healthcare.gov. According to the
data we have gathered
worse than approximately 50% of sites
out there. The good news is that adding many of our HTTP header recommendations for security
take very little time
to implement and
have a big impact
(For reference's sake, while we don't have billions,
was found to be more secure, better than roughly 74 percent of sites.)
In a blog Mr. Kennedy concludes that if you choose to take part in Obamacare via the mandatory website, you're doing so at your own risk. He
Everything that we've seen from the website is a symptomatic problem of a much larger issue of how they code the website so I'd be very concerned with using it.
Perhaps the federal healthcare site remains unfixed because keeping Americans secure simply isn't as high a priority to the President as spying on them. In recent months the President has
largely been focused on defending
U.S. National Security Agency
uses general warrants
to seize the
of nearly every single American.
III. No Energy for HealthCare.gov
Defending policies which treat law abiding Americans as criminals has been an understandably exhausting effort for the head of the U.S.
British monarch King George III, once remarked, "A traitor is everyone who does not agree with me."
Likewise, the President has been
compelled to push charges
for those who disagree with his spying programs, an effort to extinguish the flame of truth that has consumed much of his focus. But the administration is determined that taxpayers must not be allowed to learn what their money is being spent on.
To that end it is looking to
make an example of leakers
so as to warn government employees that if they choose to violate secrecy mandates in order to protect the Constitution
they will face treason and/or espionage charges
. Revealing details of the classified domestic surveillance programs is a crime under U.S. law, and the swelling nationalist regime isn't afraid to borrow a page from King George's playbook and crack down on its unruly subjects.
The Obama administration is returning America to its imperialist English roots with his "total war" on terrorism and general warrants. The effort has drained the President and his staff on the energy to fix their broken healthcare site. [Image Source: Freaking News]
Such ongoing efforts to continue its assault on taxpayers' civil liberties appear to
have sapped not only taxpayer dollars
, but have also drained what little effort the administration might have otherwise invested in fixing its broken healthcare portal.
But the President has stood firm in the face of criticism, looking to employ his crafty oratory gifts to win back the hearts of beleaguered Americans. Most recently in a speech he attempted to make it sound like he was making some sort of a change to the surveillance state, but upon closer inspection
his words actually revealed his decision to continue to back those policies
As a result of the President's priorities, America's fledgling public healthcare effort remains a laughingstock of other nations, while American companies are viewed as a possible security risk due to America's growing police state that spies on citizens and allies alike.
"The whole principle [of censorship] is wrong. It's like demanding that grown men live on skim milk because the baby can't have steak." -- Robert Heinlein
Editorial: President Obama Pledges to Continue Mass Searches
January 20, 2014, 7:13 PM
Tax and Spy: How the NSA Can Hack Any American, Stores Data 15 Years
December 31, 2013, 12:36 PM
Rep. King Says Sen. Paul "Disgraced" Office by Criticizing NSA
December 20, 2013, 11:37 AM
Microsoft Retiree Tapped as Struggling Obamacare Site's Top Repairman
December 17, 2013, 7:35 PM
President Barack Obama Meeting with Tech Leaders to Discuss HealthCare.gov, NSA
December 17, 2013, 10:59 AM
PIQ ROBOTTM reveals its new artificial intelligence software
November 29, 2016, 12:59 AM
One more time - Happy Thanksgiving to Everyone Around the World
November 24, 2016, 4:00 AM
Google’s Smart Contact Lens Project gets halted for 2016
November 20, 2016, 7:00 AM
Cell Research Study shows African Americans have greater immune response to infection
November 10, 2016, 1:00 AM
UTHealth Clinical Trial Shows Progress Using Stem Cells to Treat Traumatic Brain Injury
November 8, 2016, 1:00 AM
Uber Partners with Circulation to Pilot Program Connecting Transportation and Digital Health Care
November 6, 2016, 5:00 AM
Most Popular Articles
Surface Pro 5 Rumors - New Release Date and Price
April 22, 2017, 6:45 AM
Apple Watch NikeLab Limited Edition unveiled.
April 22, 2017, 6:20 AM
Motorola Moto G5 Pus – Well Worth Considering Over the Others
April 25, 2017, 7:06 AM
SAPPHIRE PULSE Radeon RX 580 8GD5 – Great Value for the Money
April 20, 2017, 7:47 AM
Meet the Smartphone with four cameras - Alcatel Flashphone
April 5, 2017, 11:20 AM
Latest Blog Posts
Galaxy Note 8 – Available Second Half 2017
Apr 28, 2017, 7:30 AM
Google Android App – Huge improvement on Nighttime Photography
Apr 27, 2017, 7:40 AM
Google Co-Founder, Sergey Brin has an Airship
Apr 26, 2017, 6:43 AM
Samsung Galaxy S8 and S8 Plus – Lots of Glass that Breaks Easily
Apr 25, 2017, 7:20 AM
Samsung Galaxy S8 – Warning for Pet Owners
Apr 24, 2017, 5:59 AM
Sound Bars and the Costs?
Apr 23, 2017, 6:30 AM
Link your Brain to Your Computer – In Four Years…Maybe
Apr 22, 2017, 7:03 AM
Google Home can now identify users by their voice.
Apr 21, 2017, 7:15 AM
Amazon Lex – Now Available for Developers.
Apr 20, 2017, 6:58 AM
You can now use Instagram offline on your Android Smartphone
Apr 19, 2017, 8:00 AM
Now you can livestream to YouTube from your mobile device.
Apr 18, 2017, 8:05 AM
Google Home – Is It a Spy Device?
Apr 17, 2017, 7:30 AM
Apple added to self –driving test permit list
Apr 15, 2017, 6:21 AM
Project Scorpio – Coming on June 11
Apr 14, 2017, 6:20 AM
Looks Like Samsung Has Been Forgiven.
Apr 13, 2017, 6:50 AM
United Airlines - Blasted on China’s Social Network and the Stock Market
Apr 12, 2017, 6:50 AM
Amazon's Third-Party Sellers Hacked
Apr 11, 2017, 6:25 AM
Microsoft Surface Pro5 Details Revealed
Apr 9, 2017, 6:41 AM
Own An Android Phone? Then you could be hacked over Wi-FI
Apr 7, 2017, 6:47 AM
Apple confirms iOS 10.3 bug and its effect on iCloud Services
Apr 6, 2017, 6:30 AM
Apple Rolls Out New Version of Apple Music
Apr 5, 2017, 10:35 AM
Apple in the News
Apr 4, 2017, 9:03 AM
More Blog Posts
Copyright 2017 DailyTech LLC. -
Terms, Conditions & Privacy Information