Jump to content

Obama Still Lying About Obamacare Website Security


Recommended Posts

Big suprise that Obama continues to lie about the security of Obamacare website...

 

 

Security expert -- and once the world's most-wanted cyber criminal -- Kevin Mitnick submitted a scathing criticism to a House panel Thursday of ObamaCare's Healthcare.gov website, calling the protections built into the site "shameful" and "minimal."

 

 

In a letter submitted as testimony to the House Science, Space and Technology Committee, Mitnick wrote: "It's shameful the team that built the Healthcare.gov site implemented minimal, if any, security best practices to mitigate the significant risk of a system compromise."

 

 

Mitnick's letter, submitted to panel Chairman Lamar Smith, R-Texas, and ranking member Eddie Bernice Johnson, D-Texas, held comments from several leading security experts.

 

 

Mitnick concluded that, "After reading the documents provided by David Kennedy that detailed numerous security vulnerabilities associated with the Healthcare.gov Website, it's clear that the management team did not consider security as a priority."

 

 

RAW DATA: Security experts on Healthcare.gov issues

 

 

His comments were backed up by testimony by Kennedy, who is CEO and founder of TrustedSec LLC and a self-described "white hat hacker," meaning someone who hacks in order to fix security flaws and not commit cybercrime. In November, Kennedy and other experts testified before the same panel about security issues on Healthcare.gov.

 

Kennedy testified that most of the flaws they identified at the time still exist on the site, and said "indeed, it's getting worse," telling the panel that he and other experts have seen little improvement in the past two months.

"Nothing has really changed since our November 19 testimony," Kennedy said.

Only one-half of a vulnerability has been found and plugged since then, he told the committee. "They did a little bit of work on it and it's still vulnerable today."

Also speaking at the panel were Michael Gregg, chief executive officer of Superior Solutions, Waylon Krush, co-founder and CEO of Lunarline, and Dr. Lawrence Ponemon, chairman and founder of the Ponemon Institute.

There have been no confirmed security breaches or hacks of the site yet, despite the alarming current and past testimony from the panel. (At the November panel, Kennedy said the website "may have already been hacked.") The flaws that have been found are mere speculation, pointed out Krush, whose firm has done security work for the Department of Health and Human Services.

“Nobody here at this table can tell you there is a vulnerability,” he said during testimony. To actually test the flaws would require hacking the website itself, which would mean breaking the law, he noted

 

 

http://www.foxnews.com/tech/2014/01/16/world-greatest-hacker-calls-healthcaregov-security-shameful/

Link to comment
Share on other sites

Join the conversation

You are posting as a guest. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...