#1 By: Rob Beschizza, January 21st, 2014 16:32
#2 By: Meester_Creester, January 21st, 2014 16:59
Double plus ungood reportage
#3 By: wordword, January 21st, 2014 17:30
#4 By: William Rogers, January 21st, 2014 17:52
The clarification quoted here is incoherent, much like the original article; I'm not surprised it is being reported incorrectly. What does "a number that was tested for as an example through utilizing Google’s advanced search functionality" even mean?
#5 By: Gary Montgomery, January 21st, 2014 18:01
I came to look at the comments here hoping someone could explain what the heck the correction meant. Glad I'm not the only one the found it rather incomprehensible.
#6 By: waetherman, January 21st, 2014 18:02
I agree. The fact that he says "no malicious viewing of the data was done" implies that somehow the data could have been viewed. Very confusing. Perhaps intentionally so. It's hard to post a retraction when even the person who admitted that they were misquoted can't really give a coherent explanation of what they actually said.
#7 By: Acer Platanoides , January 21st, 2014 18:07
Its sort of like a self-affirming tautology.
#8 By: wordword, January 21st, 2014 18:26
Google advanced search operators are just a way to filter the google index:
Here, he would have been using something like "site:healthcare.gov inurl:x" potentially. Where X would be a part of the url string that matched individual accounts.
Now, the pages shouldn't really show up in the search index, so gotcha Gov there. But, that also doesn't mean any sensitive information is accessible at all.
#9 By: wordword, January 21st, 2014 18:31
Another funny side note. Google "result counts" (the number that appears above the search results) are often wildly inaccurate. Often, when you click thru to additional pages in the results, that number drops significantly. Even Google says the first number returned is an inexact estimate of the total results.
#10 By: Nonentity, January 21st, 2014 19:55
I like how he quotes securityheaders.com with 2 "happy findings" and 8 "not so happy findings" and then comes out with: "I quote: “www.healthcare.gov scores worse than approximately 50% of sites out there.”. "
Of course, that's useless without actually looking at the findings. Several of the results either aren't actually security issues or may not be security issues depending on how the site is actually structured. And yet, he's quoting it without any examination as though they're an authoritative site and that it proves his point...
#11 By: Boundegar, January 21st, 2014 20:30
Confirmation bias. Obamacare bad. See? Here's the proof! Clearly those jigglypuff liberals are just trying to talk their way around this abominable result. Impeach!
#12 By: SamSam, January 22nd, 2014 12:10
His "retraction" is a lie. He's suggesting that he never suggested that he had accessed 70,000 records, and that the mdeia screwed up.
He did suggest that he had accessed 70,000 records.
Here he is on Fox News, and in response to the reporter's question
You say you can access 70,000 records [...] within 4 minutes [without hacking the site]
he goes on to use mumbo-jumbo to say how he did it, and never once says that he did not, actually, access 70,000 records.
#13 By: Rob Beschizza, January 26th, 2014 16:32
This topic was automatically closed after 5 days. New replies are no longer allowed.