Thread: Hacker Reveals How He Cracked ObamaCare Website In Less Than Four Minutes

Hacker Reveals How He Cracked ObamaCare Website In Less Than Four Minutes

Mike Miller
On January 19, 2014
http://mikesright.wordpress.com/

Video at the Page Link:

The hacking expert who testified before Congress last week about the security failures of HealthCare.gov, explained Sunday how he was able to penetrate the site. In less than four minutes.
“There’s a technique called ‘passive reconnaissance,’” hacker David Kennedy explained to “Fox News Sunday” host Chris Wallace, “which allows us to query and look at how the website operates and performs.”

“And these type of attacks that I’m mentioning here, and the 70,000 [personal records Kennedy found] that you’re referencing, is very easy to do It’s a rudimentary type attack that doesn’t actually attack the website itself. It extracts information from it without actually having to go into the system.”
“Think of it this way. Think of something where you have a car and the car doors are open and the windows are open — you can see inside of it. That’s basically what they allow you to do and there’s no real sophistication level here — it’s just really wide open. So there’s no hacking actually involved.”

Good to know, huh? Guess what’s even more troubling? Kennedy said that gaining access to 70,000 personal records of ObamaCare enrollees via HealthCare.gov took less than four minutes, and required nothing more than a standard browser to pull off.

“You can literally just open up your browser, go to this, and extract all this information without actually having to hack the website itself.”

“You can’t make this stuff” is overused and often overstated. In the case of ObamaCare, not so much. Happy shopping, health insurance customers.

http://www.ijreview.com/2014/01/1096...-four-minutes/

http://www.alipac.us/f19/cyber-exper...1/#post1390932

Put Your Information On Obamacare Site And A Hacker Will Have It In 4 Minutes

January 21, 2014 by Sam Rolley

PHOTOS.COM

David Kennedy, the hacker who recently testified before Congress about Healthcare.gov’s many security failures, explained during a television appearance Sunday how he was able to compromise the Obamacare insurance exchange website in fewer than four minutes.
Speaking with FOX’s Chris Wallace, Kennedy explained that he was able to access more than 70,000 personal records on the Obamacare website via a standard Internet browser with little effort.
“And 70,000 was just one of the numbers that I was able to go up to and I stopped after that,” he said. “You know, I’m sure it’s hundreds of thousands, if not more, and it was done within about a four-minute time frame. So, it’s just wide open.”
“You can literally just open up your browser, go to this, and extract all this information without actually having to hack the website itself,” he said.
During Congressional testimony last week, Kennedy told lawmakers that the Obamacare website was obviously created with little concern for user privacy and is “100 percent” insecure.
“What we learned was that they had rushed through what we call the software development life cycle where they actually build the application,” he said on FOX. “So when you do that, security doesn’t really get integrated into it. And what happened with the rocky launch in October is they slapped a bunch of servers in trying to fix the website just to keep it up and running so that people could actually go and use it. The problem is they still didn’t imbed any security into it.”
“It’s not just myself that’s saying this website is insecure, it’s also seven other independent security researchers that also looked at the research I’ve done and came to the exact same conclusion,” he said.
In addition to security problems, questions about Obamacare’s solvency also continue to make big headlines as the White House continues to encourage Americans to sign up for the government healthcare program.
On the heels of news that the White House had failed to reach its youth enrollment goals last week, National Center for Policy Analysis CEO John Goodman restated his October warning that an Obamacare “death spiral” is very likely to occur.
The economist believes part of the problem is that many of the Americans willing to put up with the risks and headaches of signing up for Obamacare are the unhealthiest members of the population.
“Remember, everybody is facing the wrong price. And sick people are facing a price that’s well below the cost of their care. Young healthy people are being overcharged. And so they need lots of young healthy people to join so they can get the money to pay the bills for the sick people. And the younger people just aren’t buying it.
“Part of the problem, I think, is that it’s been so difficult for people to sign up, and so the only ones who’ve persevered — sometimes trying a hundred times — are people who really have serious health problems.”

Editor’s note: If you have bought or tried to buy health insurance through the Obamacare exchange, we want to hear from you. Please tell us about your experience. Was the site easy to access and easy to navigate? Were the prices you found what you expected or too high, or were they lower than you expected? Were the coverage options too inclusive, just right, not inclusive enough? Are you concerned about the security of the private information you submitted? Email your experience to freedomwatch@personalliberty.com. We’d love to hear from you your thoughts on Obamacare.

Filed Under: Conservative Politics, Liberty News, Staff Reports

http://personalliberty.com/2014/01/2...-in-4-minutes/