HealthCare.gov targeted by more than a dozen hacking attempts

Hackers have attempted more than a dozen attacks on HealthCare.gov, the struggling website at the center of President Obama's signature healthcare law, according to published news reports citing a top US official.

All of the attacks, which occurred from November 6 through November 8, failed and remain under investigation, Acting Assistant Homeland Security Secretary Roberta Stempfley of the Office of Cybersecurity and Communications told a US House of Representatives committee Wednesday. She said she was also aware of the recent discovery of software designed to overload HealthCare.gov with more traffic than it could handle. As was the case when it was first spotted last week, there's no evidence that the DIY denial-of-service tool was ever actively used.

"We received about 16 reports from HHS that are under investigation and one open source report about a denial of service," Stempfley told members of the House Homeland Security Committee, according to this report from CNN.

Read 1 remaining paragraphs | Comments


    






Internet architects propose encrypting all the world’s Web traffic

A vastly larger percentage of the world's Web traffic will be encrypted under a near-final recommendation to revise the Hypertext Transfer Protocol (HTTP) that serves as the foundation for all communications between websites and end users.

The proposal, announced in a letter published Wednesday by an official with the Internet Engineering Task Force (IETF), comes after documents leaked by former National Security Agency contractor Edward Snowden heightened concerns about government surveillance of Internet communications. Despite those concerns, websites operated by Yahoo, the federal government, the site running this article, and others continue to publish the majority of their pages in a "plaintext" format that can be read by government spies or anyone else who has access to the network the traffic passes over. Last week, cryptographer and security expert Bruce Schneier urged people to "make surveillance expensive again" by encrypting as much Internet data as possible.

The HTTPbis Working Group, the IETF body charged with designing the next-generation HTTP 2.0 specification, is proposing that encryption be the default way data is transferred over the "open Internet." A growing number of groups participating in the standards-making process—particularly those who develop Web browsers—support the move, although as is typical in technical deliberations, there's debate about how best to implement the changes.

Read 8 remaining paragraphs | Comments


    






Webinar: 10 Sure-Fire Tips for Getting Stakeholder Buy-In to your Architecture Projects

As you may have read on my blog or even when you hear me present, I talk about how crucial soft-skills are to Enterprise Architects. In my personal opinion I think the majority of our success hinges on our ability to leverage these skills.  So when I run across resources I want to make sure I share them with all of you.

While I haven’t sat in on this particular webinar, I do agree with the themes and messages this is built upon. I believe this derives from a training course called, “Elevating Enterprise Architecture” which serves as a guide to hone in on those soft-skills or in more scientific terms, EQ. I did a full review of this course that you should check out to get a better idea on the foundations in which this webinar is built: http://www.mikethearchitect.com/2013/01/review-elevating-enterprise-architecture.html

I would highly recommend all architects check this out.

 

Webinar Overview: 10 Sure-Fire Tips for Getting Stakeholder Buy-In to your Architecture Projects

For the best part of the last three-years Keith Flanagan has been helping architects across all of the domains and industries develop relationships with their stakeholders. A good architect/sponsor-relationship is the first step to success. After all, would you risk your professional reputation by endorsing an IT or architecture project if you didn’t trust the people that were proposing it?

Date: 19 Nov, 2013
Time: 15.30 GMT, 10:30 EST, 16:30 CET
Cost: Free
Webinar Registration: Click Here

“We still don’t encrypt server-to-server data,” admits Microsoft

Shutterstock

A senior Microsoft executive has told a European parliamentary committee that the company does not encrypt its server-to-server data communications.

Dorothee Belz, EMEA VP for Legal and Corporate Affairs, made the remark when answering a question from Claude Moraes, MEP, during a meeting at the European Parliament on Monday.

"Generally, what I can say today is server-to-server transportation is generally not encrypted," she said. "This is why we are currently reviewing our security system."

Read 18 remaining paragraphs | Comments