These days, in the computer security world, it's pretty well known that if you're relying on security by obscurity, you're not being secure. Somehow that message has not reached the techies working on Healthcare.gov. I guess it shouldn't be much of a surprise, given what a disaster the rollout of that site was, but everyone was claiming that the whole thing was under control these days, since real techies had been brought in to fix things. In fact, everyone was so happy with Mikey Dickerson's miraculous saving of the program that the White House set up a special US Digital Service for him to lead, allowing him to save other US government projects from near certain disaster.
But when the Associated Press filed a Freedom of Information Act request to find out how Healthcare.gov was handing its security it got rejected because, according to the White House, it might teach hackers how to break into the system:
In denying access to the documents, including what's known as a site security plan, Medicare told the AP that disclosing them could violate health-privacy laws because it might give hackers enough information to break...