Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Politics : Formerly About Advanced Micro Devices -- Ignore unavailable to you. Want to Upgrade?

To: SilentZ who wrote (750261)	10/29/2013 11:16:48 PM
From: Bilow	Respond to of 1574410

Hi SilentZ; Re: "So given that that isn't really true ..."; No silly, it is true. Go read the wikipedia article on "internet security". Or get yourself into an edit war trying to correct it. Simple fact is that the internet is not secure. I'm pretty sophisticated on the internet. I've designed hardware for it, LOL. I know how to use a packet sniffer and I know that it doesn't take a high school education to figure out what to do with the information you get from it. A wifi packet sniffer is freeware. I don't have any problem with doing transaction on eBay at the level of several thousand dollars. I know people who won't use the internet for any purchases whatsoever. Do you think it's going to be an easy sell to get them to type their personal information onto the internet? Probably not. I use the internet but I know it's not safe. Everyone I know, hot shot engineer or total moron, if they're connected to the internet long enough, eventually ends up catching a computer virus. The problem is not the viruses that clog up the net by replication. Those are the ones that you know about; the problem is the ones that log your keystrokes, harvest some useful information, and disappear without a trace. Hey I know a recipe for a security disaster! Let's create a government program which requires millions of people, many of them quite stupid, most of them ignorant of things like the difference between http and https, to log onto the internet and enter their personal information. How much information? Let's make sure that there's nothing personal in there like health information. But we'll include enough for an identity thief. Yeah, that's a brilliant idea. I'm assuming that the program will survive another 6 months. By that time, start looking for the internet scams that center around applying for insurance. Obama built the biggest scam target in the history of the internet. But really, I don't think that the programs security problems are a big deal. It would only be thousands of people inconvenienced. What's going on with Obamacare is millions of people suffering thousands of dollars in losses. This is not a happy time for Democrats. Frankly, if a year ago, someone had told you that it was going to be this badly managed would you have believed them? Of course not. We told you, LOL. As an example, the IRS has a program where you can file your taxes on line. But funny thing, you don't do it through the IRS. Wonder why that would be, LOL. And their providers? Private companies. And when you click the button that says that you agree to the terms of service what would that include? Here's an example: "ADDITIONALLY, TAXHAWK AND ALL OF OUR DATA AND/OR SERVICE PROVIDERS DISCLAIM ANY AND ALL WARRANTIES FOR THE SECURITY, RELIABILITY, TIMELINESS, AND PERFORMANCE OF ANY OF THE PRODUCTS AND SERVICES OFFERED ON THE SITE OR RECEIVED THROUGH ANY LINKS PROVIDED ON THE SITE, AS WELL AS FOR ANY INFRINGEMENT OR ADVICE RECEIVED THROUGH THE SITE OR THROUGH ANY LINKS PROVIDED ON THE SITE. TAXHAWK DOES NOT WARRANT THAT THE SERVICES ARE SECURE, FREE FROM BUGS, VIRUSES, INTERRUPTION, ERRORS, THEFT OR DESTRUCTION. YOU UNDERSTAND AND AGREE THAT ANY MATERIAL DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF THE PRODUCTS AND SERVICES OR THROUGH THE SITE IS DONE SO AT YOUR OWN RISK AND AT YOUR OWN DISCRETION AND THAT YOU ARE AND SHALL ALWAYS REMAIN SOLELY RESPONSIBLE FOR ANY CLAIMS, INCLUDING WITHOUT LIMITATION, ANY DAMAGES TO YOUR COMPUTER SYSTEM OR LOSS OF DATA THAT RESULTS FROM DOWNLOADING OR OTHERWISE OBTAINING SUCH MATERIAL." So yeah, I think the line was originally included by the company responsible for the website, and that it got commented out at the request of the Obama administration. -- Carl

To: SilentZ who wrote (750261)	10/30/2013 8:49:28 AM
From: Bilow	Read Replies (1) \| Respond to of 1574410

Hi SilentZ; Regarding the security of signing up for Obamacare using the internet, did you see the Mother Jones article on the subject? Enjoy! How Healthcare.gov Could Be Hacked Security experts say the federal health insurance website is vulnerable to a common technique that hackers use to steal personal information Dana Liebelson, Mother Jones, October 24, 2013 motherjones.com ... Here's the problem: When an American signs up for Obamacare online, they must enter a good deal of personal information to verify identity—including name, Social Security number, phone number, email address, income, and employer—and identifying information for their family members. In the majority of states, Americans will enter this information directly into the Healthcare.gov website. ... "Common clickjacking would be a popular method to attempt to exploit [the site]" says Wilhoit. "Hackers could use this information in the creation of fake identities, fake credit cards, and fake accounts very easily." He adds that it's relatively easy to fix, although the fixed code would need to rolled out on multiple Healthcare.gov pages and potentially state websites as well. Asked about clickjacking concerns, the Department of Health and Human Services (HHS) referred Mother Jones to this security statement, which says that Americans don't need to worry: "If a security incident occurs, an Incident Response capability would be activated, which allows for the tracking, investigation, and reporting of incidents." [LOL] ... "These state sites...represent more viable targets for direct attack" than the federal data hub, Budd argues. And hackers have been known to target state healthcare programs—last year, over 280,000 Social Security numbers were stolen from Utah's Medicaid server. Hawaii, for example, does not automatically use SSL across its entire website, potentially leaving user information vulnerable to hackers—particularly if a visitor to the site is using an open wireless network, such as one at a coffee shop. The same is true with the online health exchanges created by Minnesota and Colorado. Budd notes that attacking state sites "rather than the more fortress-like data warehouse [like the data hub] can be easier to pull off with a greater chance of success." Many security experts argue that Healthcare.gov's code would quickly improve if it was open source—posted publicly for other programmers to examine, adapt, and improve. In fact, the code for the site was originally supposed to be open source. But HHS removed its code from open-source websites after developers complained they had trouble distinguishing which code belonged to which part of the website. Since then, all of Healthcare.gov's coding mistakes have happened behind closed doors. -- Carl P.S. I don't subscribe to Mother Jones so I didn't notice this article when it came out last week. BWAHAHAHAHAHAHA!!! LOL!!! BWAHAHAHAHAHA!!!