23.09.2014 - 11:36 [ Techdirt ]

Healthcare.gov Is A Security Disaster… And Those Working On It Knew It, And Tried To Stop Independent Security Review To Hide It

We’ve written before about how problematic the technology is behind the federal healthcare.gov website, pointing out that the federal government hired political cronies rather than web development experts to build it. There was an effort to open source the code, but after the feds put the code on github, they removed it after people started pointing out just how bad it was. Then, just about a month ago, we noted that the government turned down a FOIA request from the Associated Press concerning the site’s security practices, arguing that it might „give hackers enough information to break into the service.“ As we noted at the time, if revealing the basic security you have in place will give hackers a road map to breaking into the site, the site is not secure at all.