World’s greatest hacker calls Healthcare.gov security ‘shameful’

  • ghost in the wires 660.jpg

    The cover of “Ghost in the Wires,” the autobiography of notorious computer hacker and security expert Kevin Mitnick. (Little, Brown & Company)

  • healthcare.gov 2014 screenshot.jpg

    A screenshot of the Healthcare.gov website, which a group of leading security experts warn has significant security flaws. (FoxNews.com)

Security expert — and once the world’s most-wanted cyber criminal — Kevin Mitnick submitted a scathing criticism to a House panel Thursday of ObamaCare’s Healthcare.gov website, calling the protections built into the site “shameful” and “minimal.”

In a letter submitted as testimony to the House Science, Space and Technology Committee, Mitnick wrote: “It’s shameful the team that built the Healthcare.gov site implemented minimal, if any, security best practices to mitigate the significant risk of a system compromise.”

Mitnick’s letter, submitted to panel Chairman Lamar Smith, R-Texas, and ranking member Eddie Bernice Johnson, D-Texas, held comments from several leading security experts.

Mitnick concluded that, “After reading the documents provided by David Kennedy that detailed numerous security vulnerabilities associated with the Healthcare.gov Website, it’s clear that the management team did not consider security as a priority.”

His comments were backed up by testimony by Kennedy, who is CEO and founder of TrustedSec LLC and a self-described “white hat hacker,” meaning someone who hacks in order to fix security flaws and not commit cybercrime. In November, Kennedy and other experts testified before the same panel about security issues on Healthcare.gov.

Kennedy testified that most of the flaws they identified at the time still exist on the site, and said “indeed, it’s getting worse,” telling the panel that he and other experts have seen little improvement in the past two months.

“Nothing has really changed since our November 19 testimony,” Kennedy said.

Only one-half of a vulnerability has been found and plugged since then, he told the committee. “They did a little bit of work on it and it’s still vulnerable today.”

Also speaking at the panel were Michael Gregg, chief executive officer of Superior Solutions, Waylon Krush, co-founder and CEO of Lunarline, and Dr. Lawrence Ponemon, chairman and founder of the Ponemon Institute.

There have been no confirmed security breaches or hacks of the site yet, despite the alarming current and past testimony from the panel. (At the November panel, Kennedy said the website “may have already been hacked.”) The flaws that have been found are mere speculation, pointed out Krush, whose firm has done security work for the Department of Health and Human Services.

“Nobody here at this table can tell you there is a vulnerability,” he said during testimony. To actually test the flaws would require hacking the website itself, which would mean breaking the law, he noted.

Link: http://www.foxnews.com/tech/2014/01/16/world-greatest-hacker-calls-healthcaregov-security-shameful/

Advertisements

College republicans say they were denied entry into Obama event over ‘security reasons’

“A group of college republicans say they were denied entry into President Obama’s speech at the University of Central Missouri on Wednesday for security reasons.

Missouri College Republicans State Treasurer Courtney Scott told Campus Reform on Thursday that an unidentified police officer told the group they were barred from the event for “security reasons and for the president’s protection.”

“You will not be allowed any further,” the officer allegedly told the group of six College Republicans, dressed in republican and tea party clothing, as they attempted to enter the event.

Scott said each member of the group had a ticket to enter the event and that they arrived early complying with all rules.

“Obama was scheduled to speak at around 4 p.m., so around 3:30 pm we gathered our stuff up,” said Scott. “They had announced that there were to be no posters or anything so we dropped our stuff off. We were not carrying anything. We followed all the rules.”

Scott said the officer’s reasoning for stopping them seemed a bit odd.

“I hate to make allegations but it was just very suspicious that we were not allowed in,” she said.

Scott added that she was disappointed she was unable to hear President Obama speak in person.

“Regardless of one’s political party it would have been a great opportunity to hear from the president. I would never want to turn down that opportunity and am disappointed we didn’t get to see him in person.”

A spokesperson for the university was not available for comment by the time of publication.”

Read: http://www.campusreform.org/blog/?ID=4875

Dennis Rodman is sick of people complimenting LeBron James

Dennis Rodman is sick of people complimenting LeBron James

“LeBron came into the age of the game at a perfect time. Michael came into the game when back then you could hit people, knock him down, shoot a free throw and get back up,” Rodman said. “And LeBron can’t do that. All they do today is (complain) about a foul.”