Chief tech officer at HHS resigns — after failing to sign off on security for Healthcare.gov in September

posted at 2:41 pm on November 7, 2013 by Allahpundit

When the news broke last night that he was leaving, I figured he’d been pushed out as a sacrificial lamb in lieu of firing someone more important like Sebelius or Marilyn Tavenner. After reading this, I wonder if I’ve got it all wrong. Was he pushed out or did he resign in protest because they insisted on launching a site that he knew wasn’t secure?

When asked whether he jumped or was pushed, HHS said simply that “Tony [Trenkle] made a decision that he was going to move to the private sector.” Memo to Darrell Issa: Subpoena this man.

CBS News has learned that [Tony] Trenkle, the Chief Information Officer for the Centers for Medicare and Medicaid Services (CMS), was originally supposed to sign off on security for the glitch-ridden website before its Oct. 1 launch, but didn’t. Instead, the authorization on September 27 was given by Trenkle’s boss, CMS administrator Marilyn Tavenner…

Trenkle and two other CMS officials, including Chief Operating Officer Michelle Snyder, signed an unusual “risk acknowledgement” saying that the agency’s mitigation plan for rigorous monitoring and ongoing tests did “not reduce the (security) risk to the … system itself going into operation on October 1, 2013.”…

Wednesday, an HHS spokesman said that the reason Tavenner, not Trenkle, signed the security authorization is because HealthCare.gov is “a high-profile project and CMS felt it warranted having the administrator sign the authority to operate memo.” HHS also says there is an aggressive risk mitigation plan in effect, “the privacy and security of consumers personal information is a top priority for us” and personal information is “protected by stringent security standards.”

So Trenkle wanted to sign the authority memo for a site he knew hadn’t been tested for security end-to-end and was guaranteed to malfunction once it came under a heavy traffic load? He hoped and dreamed to put his John Hancock on this trainwreck — but Tavenner decided to selflessly take responsibility for the looming disaster by signing it herself? That seems … unlikely. Tell me if this sounds more plausible: Tavenner asks Trenkle to sign and he politely refuses. The site’s not secure, after all, and not only is it not secure but trying to repair it on the fly is bound to create even more security holes. Because he’s a good soldier and wants the site to work, though, he sticks around for another month and does his best to help fix things. A month later, for reasons as yet unknown, he finally abandons ship.

Could be, I guess, that Trenkle was so incompetent that he didn’t realize the extent of the security problems, but that doesn’t jibe with his assessment in the “risk acknowledgment” mentioned in the excerpt above. It also doesn’t jibe with the nearly universal opinion among tech experts who’ve been quoted in the media that launching a site without end-to-end testing for security is unorthodox, especially one as prominent as this:

“The best scenario is to have done end-to-end testing,” said Lisa Gallagher, vice president of technology solutions for the Healthcare Information and Management Systems Society, a medical technology nonprofit. That it wasn’t done “would cause me some mild concern,” she continued, adding she would advise a relative or close friend to wait until the website is stabilized before plunging in.

Asked former White House chief information officer Theresa Payton, “If you haven’t done end-to-end testing, how can we say with certainty how hard or easy it is for cybercriminals to attack at different points in the process?”

“It makes me shudder a little,” said Payton, a former bank security executive who now has her own company.

At least one tech consultant thinks “It would be very surprising if there isn’t some type of breach, either at the federal or state level, by this time next year.” Exit question: Per the AP, Tavenner testified a few days ago that she didn’t voice the concerns about security at CMS to either Sebelius or the White House. In that case, why hasn’t she been fired?


Related Posts:

Breaking on Hot Air

Blowback

Note from Hot Air management: This section is for comments from Hot Air's community of registered readers. Please don't assume that Hot Air management agrees with or otherwise endorses any particular comment just because we let it stand. A reminder: Anyone who fails to comply with our terms of use may lose their posting privilege.

Trackbacks/Pings

Trackback URL

Comments

The side-by-side pix of the Wicked Witch of the West is a bit off-putting.

Happy Nomad on November 7, 2013 at 2:48 PM

Road kill…

in_awe on November 7, 2013 at 2:49 PM

The Clusterf*ck Administration.

Bitter Clinger on November 7, 2013 at 2:52 PM

Why worry about security for a site that doesn’t work?

faraway on November 7, 2013 at 2:53 PM

Tavenner testified a few days ago that she didn’t voice the concerns about security at CMS to either Sebelius or the White House. In that case, why hasn’t she been fired?

Why indeed. Would any private sector company suffer such a debacle without massive firings?

Happy Nomad on November 7, 2013 at 2:53 PM

The side-by-side pix of the Wicked Witch of the West is a bit off-putting.

Happy Nomad on November 7, 2013 at 2:48 PM

Evil squared.

Bitter Clinger on November 7, 2013 at 2:53 PM

Regime

forest on November 7, 2013 at 2:53 PM

Sheesh

cmsinaz on November 7, 2013 at 2:53 PM

Is it 1973 yet?

22044 on November 7, 2013 at 2:54 PM

Considering that critical personal information for millions is at risk, this is not too different from the whistle blower on the Columbia space shuttle that said that key gaskets wouldn’t hold in cold weather, but he was overruled and they launched… in cold weather. Worse than idiots.

anotherJoe on November 7, 2013 at 2:54 PM

He better hire a food taster.

faraway on November 7, 2013 at 2:55 PM

This guy is probably looking into a name change so he won’t be associated with the continuing ClusterFark known as 404Care.

At minimum, he’ll have a 3 year gap on his resume.

HumpBot Salvation on November 7, 2013 at 2:57 PM

The majority of the USA, from obama on down

Schadenfreude on November 7, 2013 at 2:57 PM

Dear Tony Trenkle,

Please write a book that will help the young tech-savy generation understand why they shouldn’t trust the government to manage anything that isn’t absolutely required in the Constitution. Thank you.

Best wishes for a successful career in the private sector.

wren on November 7, 2013 at 3:00 PM

If you think the site is high risk now, wait until they are done “fixing” it on the fly. They are already under pressure to complete in one month a job they have already admitted should take 6 or 9 months at a minimum. Just think how many loop holes they are going to have to overlook or ignore to come in By December 1st.

Of course, right now hackers can’t get on the site, just like everyone else. However, watch what happens once it has stabilized.

Fred 2 on November 7, 2013 at 3:03 PM

Scapegoat?

sandee on November 7, 2013 at 3:04 PM

I hope he’s got his tax records in order.

hillbillyjim on November 7, 2013 at 3:09 PM

What’s in Trenkle’s resume? What’s his experience and relative IT competence?

matthew8787 on November 7, 2013 at 3:09 PM

Maybe he couldn’t stand looking at Sebelius one more day!!

Deano1952 on November 7, 2013 at 3:10 PM

Scapegoat?

sandee on November 7, 2013 at 3:04 PM

Possibly. From the bios I can find on him, he appears to be a career civil service bureaucrat – since I can’t find anything on what kind of IT security certifications (Security+, CISSP, MCSE, etc) he may have had – so I don’t see any technical qualifications for the IT security field.

If he had any of the relevant certifications, and had any integrity at all, he would NOT put his name on any authority to operate knowing the system did not meet standard government security requirements.

dentarthurdent on November 7, 2013 at 3:13 PM

Tell me if this sounds more plausible: Tavenner asks Trenkle to sign and he politely refuses. The site’s not secure, after all, and not only is it not secure but trying to repair it on the fly is bound to create even more security holes. Because he’s a good soldier and wants the site to work, though, he sticks around for another month and does his best to help fix things. A month later, for reasons as yet unknown, he finally abandons ship.

My SWAG is that he stuck around to try to fix it until it was obvious to him, as an expert, that the combination of “issues” made such a patch impossible. “Issues” that he probably had been previously unaware of, due to the excessive compartmentalization that resulted from the administration’s (i.e., The One’s) paranoia and egotism.

When it became obvious that nothing could save the ship, he went over the side before he was offered up as a sacrifice to the Shark Gods of the media and the enraged progressive elite’ as the guy who was entirely at fault. Which he wasn’t, but the left do so love having scapegoats.

Bailing before the incoming fecal storm arrives is just good strategy- and good common sense.

clear ether

eon

eon on November 7, 2013 at 3:13 PM

ACA implementation is as amateurish as it gets.

It should have been a requirement that the exchanges be up and running a year (or at least 6 months) before the mandates kicked in. That would allow time for testing and allow people to get on and browse the plans before they started getting cancellation notices.

Only a complete idiot sets up a system where cancellation notices would go out before, or right when, the site was supposed to launch and “hope” it all goes well.

taznar on November 7, 2013 at 3:13 PM

Maybe he couldn’t stand looking at Sebelius one more day!!

Deano1952 on November 7, 2013 at 3:10 PM

He only resigned – he didn’t stab his own eyes out and jump off the roof – so I’m guessing he didn’t actually see her every day….

dentarthurdent on November 7, 2013 at 3:14 PM

dentarthurdent on November 7, 2013 at 3:14 PM

You owe me a new keyboard!! :-)

Deano1952 on November 7, 2013 at 3:19 PM

When the news broke last night that he was leaving, I figured he’d been pushed out as a sacrificial lamb in lieu of firing someone more important like Sebelius or Marilyn Tavenner. After reading this, I wonder if I’ve got it all wrong. Was he pushed out or did he resign in protest because they insisted on launching a site that he knew wasn’t secure?

He got pushed out because they insisted on launching a site that he knew wasn’t secure.

Steve Eggleston on November 7, 2013 at 3:19 PM

Of course, right now hackers can’t get on the site, just like everyone else. However, watch what happens once it has stabilized.

Fred 2 on November 7, 2013 at 3:03 PM

We don’t know that, they could be installing various mouse holes which allow them to access the sites in the event they get repaired enough to provide a semblance of reliability. No use hacking now because there’s nothing and no one to hack, but after a million or so citizens manage to get in…well then.

Bishop on November 7, 2013 at 3:20 PM

Headline over at Ace was better. That one actually got me to read what was happening while I ignored this one.

El_Terrible on November 7, 2013 at 3:21 PM

OK then why does the site not come up with at least a warning from McAfee “No one tested this page or site and it should be blocked to all who come to the site as it is potentially dangerous and suspicious.

Google, Bing, Yahoo, etal all should do the same.

If not w sic Mark Levin’s law firm on them all.

APACHEWHOKNOWS on November 7, 2013 at 3:21 PM

As for Tinkle, he jumped when the jump was still fairly good, he saw the gallows being erected in HHS and figured there was a rope in his future.

Bishop on November 7, 2013 at 3:22 PM

They should have left Sharyl Attkisson’s computer alone…she is on a mission.

d1carter on November 7, 2013 at 3:23 PM

Is it 1973 yet?

22044 on November 7, 2013 at 2:54 PM

Awesome!

freedomfirst on November 7, 2013 at 3:23 PM

HHS has trademarked Error 404. The IRS will be billing accordingly.

Happy Nomad on November 7, 2013 at 3:23 PM

Another victim of the shutdown.

mankai on November 7, 2013 at 3:24 PM

This guy needs some security for his self and his family “stat”.

Navy Seals at least.

APACHEWHOKNOWS on November 7, 2013 at 3:25 PM

30-something years as a software developer. I would normally never speak in absolutes such as “This thing will never work”.

But they deployed a system this mission-critical without thorough end-to-end security testing !?

This thing will never work.

Tsar of Earth on November 7, 2013 at 3:26 PM

The Snowden/Trenkle Inc. would certainly be a favorite government contractor…LOL.

d1carter on November 7, 2013 at 3:27 PM

You owe me a new keyboard!! :-)

Deano1952 on November 7, 2013 at 3:19 PM

Success!!!
I can go home feeling like I accomplished something today…

dentarthurdent on November 7, 2013 at 3:32 PM

Trenkle and two other CMS officials, including Chief Operating Officer Michelle Snyder, signed an unusual “risk acknowledgement” saying that the agency’s mitigation plan for rigorous monitoring and ongoing tests did “not reduce the (security) risk to the … system itself going into operation on October 1, 2013.”…

.
Let that sink in for a moment and then ask your Representative why you should subject yourself to the risks inherent in the healthcare.gov system, under penalty of additional tax, because the Øbama administration is so stubborn and authoritarian that they will not yield. There is no earthly reason why Americans should accept this dictatorial chain of events and penalties.
.
Øbama cannot abrogate free will.

ExpressoBold on November 7, 2013 at 3:34 PM

The Clusterf*ck Administration.

Bitter Clinger on November 7, 2013 at 2:52 PM

Let’s lay this out. First, despite what Obama says, the product is lousy–it’s an Edsel. Second, the website is a fiasco. Third, not only is the website a fiasco, but it’s a hacker’s paradise. On top of that, Sec Syphillis tells us that with a gun to our heads we can enroll by paper and turn those forms over to felons who will “process” them for us.

Obama seems to like shopping analogies these days (“just shop around”; “it’s like havin’ a great product, but the cash registers aren’t workin’”), so how this: Obamacare is Obama requiring Americans to buy 8-Track players in person at an inner-city store after felons have been hired to serve as salespeople, the store’s security force has been fired and its security cameras have been disabled, and the cops have been ordered not to respond to any call for or about that location.

BuckeyeSam on November 7, 2013 at 3:36 PM

Of course, right now hackers can’t get on the site, just like everyone else. However, watch what happens once it has stabilized.

Fred 2 on November 7, 2013 at 3:03 PM

Hackers don’t use or need the front end that legitimate users would use – not that obamatrons can be considered “legitimate” in any use of the word…..

But the hackers go in the back doors – kind of like most libtards do in other aspects of their lives….

dentarthurdent on November 7, 2013 at 3:36 PM

Trenkle: Somebody’s going to jail over this and it ain’t going to be me.

d1carter on November 7, 2013 at 3:38 PM

And this is how health care will be from now on.

These are the people who are running our hospitals and doctors.

And anyone who tells the truth about anything will be gone.

Lot’s of people are going to die.

petunia on November 7, 2013 at 3:39 PM

So Trenkle wanted to sign the authority memo for a site he knew hadn’t been tested for security end-to-end and was guaranteed to malfunction once it came under a heavy traffic load? He hoped and dreamed to put his John Hancock on this trainwreck — but Tavenner decided to selflessly take responsibility for the looming disaster by signing it herself? That seems … unlikely.

You cant work a month in government IT without understanding you don’t sign.

This guy is so high in the chosen people food chain, you don’t get there with a civil service exam. You get there because you made someone happy

Was he really worried about signing, or was he positioning himself in case they needed a good goat (scapegoat) later

It also doesn’t jibe with the nearly universal opinion among tech experts who’ve been quoted in the media that launching a site without end-to-end testing for security is unorthodox, especially one as prominent as this:

I cant figure out how they wrote it. The only way to write a big system is to write the external skeleton first allowing for every subsystem. that includes security. You test as you write

That is why I do not believe the story. Someone near the top, even in IT, had to be crooked. Anyone can smell a dead fish

Was he afraid to lose the big bucks? Or just afraid? Or did he wait until he got a cue

By not signing he created plausible deniability

The whole project was so staged it is hard to tell the honest players

entagor on November 7, 2013 at 3:42 PM

so everything is fixed…right? – ave. Obama voter

workingclass artist on November 7, 2013 at 3:44 PM

Just think of a phone call today from Sharyl Attiksson to this guy.

“sweet”

APACHEWHOKNOWS on November 7, 2013 at 3:48 PM

I believe he was heard whining about how difficult implementing the Windows NT 3.1 version was….

hillsoftx on November 7, 2013 at 3:48 PM

ACA implementation is as amateurish as it gets.

It should have been a requirement that the exchanges be up and running a year (or at least 6 months) before the mandates kicked in. That would allow time for testing and allow people to get on and browse the plans before they started getting cancellation notices.

Only a complete idiot sets up a system where cancellation notices would go out before, or right when, the site was supposed to launch and “hope” it all goes well.

taznar on November 7, 2013 at 3:13 PM

The Dunning–Kruger effect is a cognitive bias in which unskilled individuals suffer from illusory superiority, mistakenly rating their ability much higher than average. This bias is attributed to a metacognitive inability of the unskilled to recognize their mistakes.

Team Choom can’t balance a budget, can’t coherently plan ahead, yet they believe they can run individuals’ lives & finances better than individuals themselves can – they are functionally, if not clinically, retarded…

Anti-Control on November 7, 2013 at 3:49 PM

Exit question: Per the AP, Tavenner testified a few days ago that she didn’t voice the concerns about security at CMS to either Sebelius or the White House. In that case, why hasn’t she been fired?

The way to keep your job in the Obama Administration is to take the blame yourself and make clear the higher-ups knew nothing about your “incompetence.”

The Obama Administration is Bizarro-Business. Tell the world you really screwed up something major, and your job is secure. Mention that your superiors knew about the problems beforehand, and you’re history.

Trenkle refused to sign off because he refused to become the scapegoat. That’s why he had to go.

Of course, refusing to put his name on a disaster of this scope is the very reason he was still able to get a job in the private sector.

There Goes the Neighborhood on November 7, 2013 at 3:49 PM

and I hope they were at least charitable enough to give him a dot-matrix printer as a parting gift…

hillsoftx on November 7, 2013 at 3:49 PM

Chief tech officer at HHS resigns — after failing to sign off on security for Healthcare.gov in September

BREAKING NEWS:

This position to be filled by that poster here who
regularly touts their LSAT, SAT, Written exams, and
of course Oral Exams to us Rubes…

..let’s give a Laurel and Hardy Congrats to….

NONPARTISAN!!!!!!!!

ToddPA on November 7, 2013 at 3:52 PM

I wonder if Mr. Trenkle is out of the country on an extended vacation…that’s what Jeffery Zients did before the IRS scandal hit.

d1carter on November 7, 2013 at 3:53 PM

” I Know nothing, I know nothingggggggggg” Sgt. Schultz total.

APACHEWHOKNOWS on November 7, 2013 at 3:53 PM

Hi

To all Shawn Hannity producers reading today.

Your free to use the one liners on the HHS Sec. going to Atlanta thread.

Have a nice time putting up with Juan Williams lies and fraud constant.

APACHEWHOKNOWS on November 7, 2013 at 3:57 PM

HHS also says there is an aggressive risk mitigation plan in effect

Let’s take a look at the definition of “mitigation”:

mitigation
[mit-i-gey-shuhn]
1. the act of mitigating, or lessening the force or intensity of something unpleasant, as wrath, pain, grief, or extreme circumstances

So instead of locking down their website, HHS spent their time (and our money) on having your personal information compromised suck less!

pain train on November 7, 2013 at 4:02 PM

log in
log out
and
or
garbage in
ObamaCare out.

APACHEWHOKNOWS on November 7, 2013 at 4:06 PM

I wonder what they paid him to shut him up and not divulge anything to the mindless masses?

rplat on November 7, 2013 at 4:06 PM

why hasn’t she been fired?

Because the opposition party is weak and incompetent?

Mr. Arrogant on November 7, 2013 at 4:07 PM

He got pushed out because they insisted on launching a site that he knew wasn’t secure.

Steve Eggleston on November 7, 2013 at 3:19 PM

That’s pretty judgmental of you Eggleston. Maybe he just wanted to spend more time with his family. /

Oldnuke on November 7, 2013 at 4:09 PM

Dear Shawn,

Get rid of this troll Jamie Dupree, he is a hack.

APACHEWHOKNOWS on November 7, 2013 at 4:12 PM

You cant work a month in government IT without understanding you don’t sign.

This guy is so high in the chosen people food chain, you don’t get there with a civil service exam. You get there because you made someone happy

Was he really worried about signing, or was he positioning himself in case they needed a good goat (scapegoat) later

It also doesn’t jibe with the nearly universal opinion among tech experts who’ve been quoted in the media that launching a site without end-to-end testing for security is unorthodox, especially one as prominent as this:

I cant figure out how they wrote it. The only way to write a big system is to write the external skeleton first allowing for every subsystem. that includes security. You test as you write

That is why I do not believe the story. Someone near the top, even in IT, had to be crooked. Anyone can smell a dead fish

Was he afraid to lose the big bucks? Or just afraid? Or did he wait until he got a cue

By not signing he created plausible deniability

The whole project was so staged it is hard to tell the honest players

entagor on November 7, 2013 at 3:42 PM

“When asked whether he jumped or was pushed, HHS said simply that “Tony [Trenkle] made a decision that he was going to move to the private sector.”

Does that not look like a dig at Tony to you from Team Choom, a bunch of out-of-the-closet leftards? :) I think Tony left them on terms they found less than ideal…

Anti-Control on November 7, 2013 at 4:12 PM

Like this Shawn,

Jamie Dupree is just a white Juan Williams.

APACHEWHOKNOWS on November 7, 2013 at 4:13 PM

I’ve never seen anything cobbled together quite as badly as this. Why would anyone have even a shred of confidence in a program so poorly run? ESPECIALLY when it concerns their health. Government doesn’t know how to run something like this, they’ve proven over and over again how badly they can screw things up. It’s one thing when you’re talking about clunkers, if you get a bad car you can sell it and move on. If you get bad health care choices you could die.

scalleywag on November 7, 2013 at 4:15 PM

Jamie Dupree,

The polls are rigged too fool.

APACHEWHOKNOWS on November 7, 2013 at 4:16 PM

“If your credit score is good you will not be able to keep it”.
Period.

Love Pres. Obama

APACHEWHOKNOWS on November 7, 2013 at 4:22 PM

The annoucement will be:

“ObamaCare Hospital and other Care Centers to be located South of Mexico City as a way to slow illegal immigration.”

Democrat Party Smart Power.

APACHEWHOKNOWS on November 7, 2013 at 4:29 PM

The test pattern from the 1950′s TV will be used until futher notice as a cost savings method.

APACHEWHOKNOWS on November 7, 2013 at 4:31 PM

Should the excuses from the Obama adm. get worse and or more boring C-Span or PBS will pick up their show reruns.

APACHEWHOKNOWS on November 7, 2013 at 4:33 PM

The test pattern from the 1950′s TV will be used until futher notice as a cost savings method.

APACHEWHOKNOWS on November 7, 2013 at 4:31 PM

Finally, a bit of good news.

mankai on November 7, 2013 at 4:34 PM

Knowing this administration he’ll show up somewhere else working for the taxpayer. Nobody gets axed with this bunch.

rich8450 on November 7, 2013 at 4:39 PM

Like this Shawn,

Jamie Dupree is just a white Juan Williams.

APACHEWHOKNOWS on November 7, 2013 at 4:13 PM

Hannity plays this game re Dupree where he compliments Jamie on his non-partisan-ness. It’s mostly professional courtesy, because Dupree’s liberal leanings are not hard to miss.

slickwillie2001 on November 7, 2013 at 4:42 PM

Tavenner should be jailed. Certifications are getting so mandatory and the ones I have to sign are extremely punitive if violated and most of them are associated with BS environmental inspection forms or submittals to our state TCEQ. They have clear statements that knowingly signing under false pretense makes you liable for HUGE daily fines and/or incarceration. And this is for crap like storm water sampling results for sediment!

DanMan on November 7, 2013 at 4:44 PM

When pretty much everything coming out of HHS (and the WH) regarding the ACA and it’s implementation / launch is little more than lying spin, it’s hard to believe that anything new coming out is not based on lies and spin.

It could be that Trenkle was permitted to ‘resign to pursue private industry opportunities’ in order to keep him quiet – because as CIO of CMS, he should have some very interesting information for Congressional oversight committees about the causes / creation of the technical aspects of this EpicClusterFark. Refusing to sign off on ‘security’ knowing that it was a farce, but being allowed to stay on a bit before getting a golden parachute is a way to buy one’s silence. And I’m sure that there are ways for HHS / Administration to keep just what is in that golden parachute relatively secret.

What is being missed here is that Trenkle, Tavenner, and Sebelius, all needed to lose their jobs, yesterday, over this EpicClusterFark implementation and launch. None of the technical issues with Healthcare.gov were a surprise. But despite these massive technical issues, contractors got paid, critical path elements were signed off on even knowing they weren’t done and didn’t work, and lies were told because the site HAD TO BE ONLINE on Day 1.

Trenkle is gone, probably with bought silence. But there is still no interest at all in the Administration to sack Tavenner and Sebelius. Why not?

Athos on November 7, 2013 at 5:15 PM

Was he pushed out or did he resign in protest because they insisted on launching a site that he knew wasn’t secure?

Um, he’s pretty slow on the ‘uptake’, the site was being condemned in Sept. for that.

socalcon on November 7, 2013 at 5:18 PM

My organization of 23 IT developers, analysts, and testers could have built this in half the time with far better results for 2% of the cost. Obviously, we weren’t given the chance to bid on it since we aren’t connected.

jediwebdude on November 7, 2013 at 5:19 PM

What is the big hullabaloo about security? The friggin website will not even accept any secure type information. Last night just for kicks I tried to create a dummy account (surprised I could get that far). No matter what username I tried it was not accepted, and because the username was not accepted it would not let me enter a password.

I would have been upset if it was my company’s HR site and I was trying to complete open enrollment, but all I could do was laugh.

NOMOBO on November 7, 2013 at 5:52 PM

May this ruin the week end for a few.

Why has the Healthcare.gov site not been hacked?

1.No challenge?
2.Nothing to hack?
3.Not yet?

The answer most likely is all of the above. Sort of!
Wait until it gets on line with the health records by 2015. Then it will be a Gold mine.
Now for the sleepless nights. The site may not have any “really important stuff” in it yet and they may some day close it up and make it secure.

Of course “Ann A. Butt” would say the site may already be setup with malware, trap doors, back doors and robots to last a decade, just waiting for the future use. Now go back to sleep and bask in the endless lies of your Government.

jpcpt03 on November 7, 2013 at 6:30 PM

Tech, schmeck. Let’s move on.

Damn, is Martha McCallum a nice looking lady.

Jaibones on November 7, 2013 at 8:00 PM

More from the Dunning-Kruger paper:

Ehrlinger et al. (2008) made an attempt to test alternative explanations, but came to qualitatively similar conclusions to the original work. The paper concludes that the root cause is that, in contrast to high performers, “poor performers do not learn from feedback suggesting a need to improve.”[8]

Sounds like the entirety of Washington to me.

AesopFan on November 7, 2013 at 10:31 PM

Security is the least of the concerns of a system that was intended to be a vacuum cleaner for personal health information.

It’s not a priority. You just need to trust that the government will keep you safe.

virgo on November 8, 2013 at 2:43 AM