Monday, October 21, 2013

Obamacare website security called 'outrageous'

From CSMonitor.com (Oct. 14):

Cybersecurity professionals are voicing questions about potential red flags in the new federal health care website system that could open the door to theft of personal information.

In the two weeks since the Affordable Healthcare Act site, www.healthcare.gov, went live, most complaints have centered on long wait times with sites initially overloaded by interested visitors. In response, government officials are scrambling to get more capacity for the main site and its satellites.

But potentially far more serious questions are emerging about cybersecurity. Experts have said that hackers could “spoof” the website with a look-alike website to collect personal information, or criminals could use an automated program to try repeatedly to enter the site even if it didn’t get a login correct.

Experts have stopped short of calling these concerns “vulnerabilities” – a term that means a proven weak spot to hackers. But they say these red flags need attention.

“I’ll ask you your Social Security, your date of birth, [so] an hour later I can empty your bank account,” John McAfee, who founded the cybersecurity company of the same name but is no longer associated with it, complained on Fox News. The Obamacare websites, he said, have “no safeguards,” and the main site's architecture is "outrageous."

'Clickjacking.' The government site lacks defenses to prevent an attacker from putting an invisible layer over the legitimate website, Ms. Shah added. As a result, a user clicking on a link or button might end up at a renegade site that looked just the same – and end up divulging personal information to that site. [read more]

So, now only do people have to contend with website delays now they have to worry about conartists stealing their info possibly their identity. Well, that’s what you get when the federal gov’t builds a website.

Along the same lines:

Oct. 14: Obamacare's Website Is Crashing Because It Doesn't Want You To Know How Costly Its Plans Are (Not surprising. This is like saying turtles move slow.)

Oct. 17: Obamacare Website Violates Licensing Agreement for Copyrighted Software

                 ObamaCare's Black Box (From the article: The failures [of the website] that have all but disabled ObamaCare are the result of deliberate political choices, which HHS and the White House are compounding with secrecy and stonewalling.)

Posted by Andy at 10:04 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)