Saturday, April 19, 2014

ObamaCare Heartbleed

" users asked to reset passwords following Heartbleed bug."

"The officials are requesting that users reset their passwords after a continuing internal review by the Department of Homeland security flagged the site as possibly being vulnerable to a Heartbleed exploit. The move to reset passwords is being taken "out of an abundance of caution," according to a a notice published on the site, which serves as a portal for the health insurance exchanges set up under Obamacare. In addition, the note says that "there’s no indication" that any information was revealed through Heartbleed."

"Critics of the Affordable Care Act may seize the opportunity to attack the much-maligned website, which was plagued by bugs during its launch last year..."

The Verge


Chip Ahoy said...

Calling everyone's attention to change all passwords is the wrong thing to do because it falls directly into the trap of collecting passwords unless it is reliably fixed. Is it reliably fixed?

xkcd explains itself in alternate text, hover mouse for text that substitutes when pictures cannot display. It reads: "You still there server? It's me, Margret."

ndspinelli said...

Chip is absolutely correct. And the phrase, "Good enough for govt. work" comes to mind.