ObamaCare: Hackers in, garbage out

How are you enjoying that “new and improved” experience?  It looks like the sum total achievement from two months of expensive work by no-bid contractors was a modest improvement in traffic capacity – the $500 million federal exchange website can now handle about as many shoppers as the average custom T-shirt site – and a remodeled 404 Error page that pretends to be a “waiting room,” where you can “queue up” and leave an email address to be notified when Barack Obama’s boondoggle is ready to receive your business.  You know, just like absolutely none of the private sector websites which have been successfully selling health insurance for years handle their traffic.  But hey, the entire ObamaCare project is built upon the premise that the private sector is far better at handling these things than government.  No, wait a second… as Willy Wonka would say: strike that, reverse it.

So there you were, enjoying the new ObamaCare waiting room – where the technology of 2013 is employed to re-create the nostalgic experience of using 1993 dial-up Internet – when the whole thing crashed yesterday, including the waiting room.  Over the weekend, Team Obama claimed the extensively refurbished system could now handle 800,000 visitors per day; Monday morning they made sketchy claims of 375,000 visitors… and it was enough to crash again.  Such is the magic of the Obama era of lowered expectations and curbed enthusiasm.  Oh, well, at least the system can now provide instantaneous visitor counts.  Remember when compiling that number supposedly required the robed monks of Health and Human Services to labor in windowless basements with parchment and abacus for days?

I guess it’s easy to understand why Team Obama doesn’t want to do any live demonstrations while patting itself on the back at its “triumphant” press conferences, where the media has become noticeably more cynical and less credulous.  Why, they’ve almost reached the level of skepticism and curiosity a real press corps would have maintained during the last two presidential elections!  Whatever will become of King Barack I, if the situation degenerates to the point where he’s treated like a Republican?

While you were dealing with the latest round of crash bugs from a system that still hasn’t reached what any reputable software company would call “beta stage,” you might have wondered if’s other problems will be magnified by the increased traffic passing through a front end that has at least evolved beyond the non-functional junk pile that Obama dumped on the American people at the beginning of October.  That’s a valid concern, because much of the “back end” of the site doesn’t exist at all.  It’s like you’re following the map from “Time Bandits,” and you open a magic door, and BOOM – it drops you a thousand feet, right off a cliff made out of giant basalt alphabet blocks, into a sea of slowly turning brass gears covered with animated faces that argue about the best flavor of tea to drink when you can’t get to sleep at night.

For one thing, there’s the little problem of insurance companies receiving useless garbage data from the ObamaCare system, which is going to result in a series of nasty surprises for many people who stroll into doctors’ offices this January under the mistaken impression that they’ve purchased valid insurance policies.  Naturally the White House propaganda team doesn’t want to talk about this, but insurance companies are piping up.  They’re still under the Administration’s intimidating thumb, and terrified of the financial consequences if ObamaCare collapses on them, but they might have gotten the idea that they’ll be scapegoated for the chaos next year, even though it’s not their fault.  Fox News reports:

Insurers continue to deal with the same set of problems that have shaken their confidence for weeks in the system they have to rely on to enroll new customers.

“Until the enrollment process is working from end-to-end, many consumers will not be able to enroll in coverage,” Karen Ignagni, president of America’s Health Insurance Plans, said in a statement.

She said “significant ‘back-end’ issues'” need to be addressed, and particularly the “ongoing problems” processing enrollment files known as “834 files.”

These are forms that give insurance companies basic information about would-be customers.

But they’ve had problems for weeks. AHIP spokesman Robert Zirkelbach told that companies are receiving duplicative and inaccurate forms, and “in some cases, plans are not getting the enrollment files at all.

Getting that fixed, he said, is “critical.”

Why, yes, that does sound rather critical.  Especially if the number of useless distorted forms blowing from the exhaust pipes of ObamaCare into the faces of insurance providers is about to increase dramatically.  As much of a P.R. hit as the botched rollout has been, it’s also been a godsend for the Administration, because it kept the rest of the tottering system from collapsing into fiery ruin.

It has also allowed Administration flacks to fudge the numbers like crazy, concealing the true magnitude of the disaster from reporters who don’t think to ask if “website visitors” means unique visitors, whether they actually signed up for anything during their visit, or precisely what officials mean by “enrollment” when they claim to have processed 100,000 of them.  That’s still just a small fraction of the 800,000 enrollment target, but given the general air of deception and fraud surrounding every ObamaCare proclamation, there’s no reason to accept the 100k number as meaningful until we’re told how the count was tabulated, and whether these are valid insurance policies we’re talking about.  Because only valid policies will count on January 1.  Who cares how many half-completed enrollment forms are sitting in online shopping carts… or the in-boxes of harried insurance providers?

Fox News refers to a New York Times article with more details about the madhouse conditions in the insurance industry, but before we leave Fox, their account of trying to use the “new and improved” on Sunday is too amusing to leave unquoted:

After the site allowed the user to fill in personal information like a Social Security number, a notice came up that said: “Verification system temporarily unavailable.”

In addition, the site asked if a navigator or insurance broker was helping with the application. After “none of these people” was selected, a screen came back that said, incorrectly: “You’ve told us another person is helping you complete the application.”

Let’s have a round of applause for ObamaCare crisis manager Jeff Zients and the A-team of programmers he bought into fix the disaster left behind by the $500 million B-team!

Here’s what the insurance companies are up against, according to the New York Times: 

The issues are vexing and complex. Some insurers say they have been deluged with phone calls from people who believe they have signed up for a particular health plan, only to find that the company has no record of the enrollment. Others say information they received about new enrollees was inaccurate or incomplete, so they had to track down additional data ??? a laborious task that will not be feasible if data is missing for tens of thousands of consumers.

In still other cases, insurers said, they have not been told how much of a customer???s premium will be subsidized by the government, so they do not know how much to charge the policyholder.

In trying to fix, President Obama has given top priority to the needs of consumers, assuming that arrangements with insurers can be worked out later.

What a lovely editorial insertion by the loyal Obama-worshippers at the Times!  President Carebear was only thinking about the “needs of consumers” when he blew a gigantic pile of their money to produce a crap website, lied through his teeth about their ability to keep the old plans they loved, menaced them with a trans-Constitutional tax/penalty if they fail to navigate the broken system correctly, left an unknown number of them wondering if they really have the coverage they paid a possibly incorrect price for… and, by his own account, never once asked how any of this was coming along before Launch Day.  I suppose readers who sleep in the comfortable left-wing cocoon woven by the New York Times cannot be sent into the harsh wilderness of reality without their safety blankets, lest they begin thinking they might have been absolute fools for accepting the editor’s presidential endorsements.

Call me an old-fashioned reactionary right-winger stuck in the 1950s with Ozzie and Harriet if you will, but I would have thought the primary “need of consumers” involved successfully purchasing insurance at the accurate price.  Giving them the illusion of a functioning online marketplace is worse than admitting the damn thing doesn’t work, and locking it down until it does.  Private corporations get sued into oblivion, or taken to the mat by federal regulators, for pulling the kind of scam the New York Times celebrates as prioritizing the needs of consumers.

How bad are things going to get in January?  The Washington Post has sources that claim fully one-third of the enrollments processed for ObamaCare to date are invalid.  Given how much the Administration has been padding the enrollment number (and mixing Medicaid in with Affordable Care Act purchases) that’s probably north of 10,000 invalid policies, and it’s going to get worse.

Speaking of scams, another major part of ObamaCare that’s missing is security.  And when I say “missing,” I mean that fairly literally, if the testimony of a cybersecurity expert and skilled hacker interviewed by CNBC is accurate:

It could take a year to secure the risk of “high exposures” of personal information on the federal Obamacare online exchange, a cybersecurity expert told CNBC on Monday.

“When you develop a website, you develop it with security in mind. And it doesn’t appear to have happened this time,” said David Kennedy, a so-called “white hat” hacker who tests online security by breaching websites. He testified on Capitol Hill about the flaws of last week.

It’s really hard to go back and fix the security around it because security wasn’t built into it,” said Kennedy, chief executive of TrustedSec. “We’re talking multiple months to over a year to at least address some of the critical-to-high exposures on the website itself.”

Kennedy called shenanigans on Administration claims that security concerns have been addressed:

HHS had explained then that steps were taken to ease security concerns after the memo was written, and that consumer information was secure. Technicians fixed a security bug in the password reset function in late October, the agency said.

But on CNBC, Kennedy disputed those claims, saying vulnerabilities remain on “everything from hacking someone’s computer so when you visit the website it actually tries to hack your computer back, all the way to being able to extract email addresses, users names???first name, last name???[and] locations.”

And he’s not the only cybersecurity expert leveling these charges at Team Obama:

Another online security expert???who spoke at last week’s House hearing and then on CNBC???said the federal Obamacare website needs to be shut down and rebuilt from scratch. Morgan Wright, CEO of Crowd Sourced Investigations said: “There’s not a plan to fix this that meets the sniff test of being reasonable.”

The state insurance exchanges are also said to have severe vulnerabilities.  But at least the good people of “tech-savvy” Oregon don’t have to worry about that… because their crappy insurance exchange doesn’t work at all.  They’ve got 400 people sitting in a room shuffling paper applications and communicating with customers via snail mail.  And, of course – as always, as everywhere – referring the vast majority of them to the equally antiquated welfare program known as Medicaid.

How bad is the security situation?  So bad that, according to Rep. Mike Rogers (R-MI), chairman of the House Intelligence Committee, the Administration refuses to brief Congress about it.  (Let me put that into context for you, given the general M.O. of this corrupt Administration: there have probably already been serious hacker attacks, but they’re keeping it secret to head off a panic.)  In a sane world, that would result in an emergency veto-proof vote to shut down ObamaCare, but no Democrat in this Congress cares more about the security of the American people than they care about the Party’s political fortunes, and the power they have seized by nationalizing an industry the government is clearly unfit to control.

It really shouldn’t take an online security expert to explain that when a massive pile of badly-written, bloated code – five hundred million lines of it, bigger than the top five commercial websites combined – is hastily rewritten under intense pressure, security falls by the wayside.  There is literally no way to secure a project written on the fly, because that process takes at least half a year for well-written systems.  As you can see from the misadventures of Fox News and other media organizations that have tried to use since November 30, the Administration isn’t even testing basic functionality adequately.  Stories continue to appear about pages that don’t load, prompts that don’t produce the expected responses, incorrect information displayed for users, and menu options that don’t work.  This is the Garden of Eden for hackers, the happy hunting ground of data theft. practically hacks itself.

I’ve had my chips on a major hacking incident as the final blow that will bring ObamaCare crashing down, and I think I’ll leave them on that bet, because it might well happen before the absolute chaos of invalid insurance policies rips through doctors’ offices as a hurricane of failure in January.  And once there’s been a high-profile security breach, the few people still interested in buying ObamaCare insurance policies, and fighting the bug swarms that still surround, will never go anywhere near that misbegotten website again – especially the young, healthy, web-savvy suckers ObamaCare needs to milk for revenue.

There’s an old warning among computer programmers about how improper input ruins a system: garbage in, garbage out.  With ObamaCare, it’s hackers in, garbage out.  Insurance companies aren’t getting complete data, but rest assured, the hackers will.

Update: You know who has no intention of going anywhere near that crash-prone, bug-riddled, insecure website?  Barack Obama, that’s who.  He still hasn’t made good on his promise to sign up for ObamaCare.  The White House refuses to say why.  What a ringing endorsement for the system he’s mandated the rest of us to use by law!

Maybe some plucky Republican in Congress will make President Obama a deal: sign up for ObamaCare by sundown today, live on camera, to prove how wonderful and secure the rebuilt system is, and we won’t file a repeal bill.  Oh, and we’ll need a sworn affidavit that the President will not change any of his personal information or security after using  Join the rest of America in the system you’ve created, Mr. President!  Show us all how it’s done!

Update: God help you if you need to change or reset your password, because the procedure is more complicated that mainframe system administration, circa 1970.  It’s probably easier just to hack your way back in.