Skip to main content

I'm putting my tin foil hat on this morning and am going to do some speculating.  The ACA websites seem to be having a lot of problems this morning. There should be only 2 reasons for this; 1) Millions of people are rushing to get low cost insurance or 2) The websites are under a Denial of Service attack.

I can't get to my Colorado exchange this morning, and many are complaining about getting to the national exchange.  This isn't making sense that so many independent sites should be having problems at the same time.  If other people know that their state is running their own exchanges, it would be nice if they would post how their experience has been.

I used to be a web administrator for a NASA data center and often had to deal with DDS attacks, and even big news events would increase our web traffic by factors of 100.  We used a common webserver called Apache.  When someone tries to connect to the website, this piece of software creates a copy of itself, in whole or part, to handle your browsers request to retrieve some information.  There's a limit to how many requests it can handle before it starts slowing down and then starts rejecting requests or simply uses all the computers CPU just trying to make those copies.

A DDS attack is simply a computer or computers out on the internet that just make requests as fast as they can, (10s of thousands or more per second) until the webserver can't handle it anymore.  We've had a pretty good idea for some time about how many people would be seeking insurance through Obamacare, so it seems the systems would have been scaled to handle many more than those expectations.  This is why I'm wondering (and it's nothing but pure speculation) if there is an effort to try and crash these sites.

The last thing we should be doing is jumping up and down and screaming about how terrible the system is.  If these sites are down because so many people are seeking insurance, that's great news.  If they're down because of an attack, it won't be long before it's found and it gets reported in the media.

So with tin foil hat firmly in place, we all need to calm down until we find out what the problems so many independent exchanges are experiencing.

Your Email has been sent.
You must add at least one tag to this diary before publishing it.

Add keywords that describe this diary. Separate multiple keywords with commas.
Tagging tips - Search For Tags - Browse For Tags


More Tagging tips:

A tag is a way to search for this diary. If someone is searching for "Barack Obama," is this a diary they'd be trying to find?

Use a person's full name, without any title. Senator Obama may become President Obama, and Michelle Obama might run for office.

If your diary covers an election or elected official, use election tags, which are generally the state abbreviation followed by the office. CA-01 is the first district House seat. CA-Sen covers both senate races. NY-GOV covers the New York governor's race.

Tags do not compound: that is, "education reform" is a completely different tag from "education". A tag like "reform" alone is probably not meaningful.

Consider if one or more of these tags fits your diary: Civil Rights, Community, Congress, Culture, Economy, Education, Elections, Energy, Environment, Health Care, International, Labor, Law, Media, Meta, National Security, Science, Transportation, or White House. If your diary is specific to a state, consider adding the state (California, Texas, etc). Keep in mind, though, that there are many wonderful and important diaries that don't fit in any of these tags. Don't worry if yours doesn't.

You can add a private note to this diary when hotlisting it:
Are you sure you want to remove this diary from your hotlist?
Are you sure you want to remove your recommendation? You can only recommend a diary once, so you will not be able to re-recommend it afterwards.
Rescue this diary, and add a note:
Are you sure you want to remove this diary from Rescue?
Choose where to republish this diary. The diary will be added to the queue for that group. Publish it from the queue to make it appear.

You must be a member of a group to use this feature.

Add a quick update to your diary without changing the diary itself:
Are you sure you want to remove this diary?
(The diary will be removed from the site and returned to your drafts for further editing.)
(The diary will be removed.)
Are you sure you want to save these changes to the published diary?

Comment Preferences

  •  I think you've described a DDS attack (1+ / 0-)
    Recommended by:

    That's a distributed denial of service attack.

    There are ways of corrupting the DNS system, but that isn't what's happening.

    Others have simply gotten old. I prefer to think I've been tempered by time.

    by Just Bob on Tue Oct 01, 2013 at 07:18:25 AM PDT

  •  It's more likely that... (3+ / 0-)
    Recommended by:
    johnny wurster, JBL55, ladybug53

    ...they never considered high load testing and scaling out to the level of usage it is experiencing this morning as many rushed to their computers to sign up.

    That's my guess.  

    That, and from reading other diaries, whatever company did the contract for the site didn't bother doing user testing to improve the UI flow.

    •  But it's multiple sites, not just one (5+ / 0-)
      Recommended by:
      nyceve, mumtaznepal, dzog, yellowdog, JBL55

      Many states, including mine, are running their own exchanges and having the same traffic problems.  That doesn't sound right that they all underestimated the traffic.

      Of course, if they're not under attack, it means the sign up numbers for Obamacare are going to be much larger than expected.

      •  It appears this is systemic (2+ / 0-)
        Recommended by:
        dzog, JBL55

        something is not right.

      •  My Kentucky site is slow, they have a box up (2+ / 0-)
        Recommended by:
        JBL55, ladybug53

        saying thousands are trying to access, it's just slow.

        "Privatize to Profitize" explains every single Republican economic, social and governing philosophy. Take every taxpayer dollar from defense, education, health care, public lands, retirement - privatize it, and profit from it.

        by mumtaznepal on Tue Oct 01, 2013 at 08:05:29 AM PDT

        [ Parent ]

        •  I registered on Kentucky Connect (3+ / 0-)
          Recommended by:
          dzog, JBL55, mumtaznepal

          But is was around 6:00 a.m.  Afraid I might not be able to get back in later, I emailed the page of insurance plans to myself.  They are extremely reasonable, but I'll probably wait a week or so before going back in to look at the details of the plans..

          "This isn't for the ones who would gladly swallow everything their leaders would have them know". Mary Chapin Carpenter

          by malenda on Tue Oct 01, 2013 at 08:54:08 AM PDT

          [ Parent ]

          •  Me, too - I'm very excited to be covered for (0+ / 0-)

            my pre-existings, but a week is worth a wait :-)

            "Privatize to Profitize" explains every single Republican economic, social and governing philosophy. Take every taxpayer dollar from defense, education, health care, public lands, retirement - privatize it, and profit from it.

            by mumtaznepal on Tue Oct 01, 2013 at 07:10:07 PM PDT

            [ Parent ]

      •  Could easily just be (2+ / 0-)
        Recommended by:
        JBL55, ladybug53

        ...that people have been desperately awaiting the availability of the exchanges and the traffic is far greater than the site managers ever expected.  40 million plus uninsured people could crash the system!

        I imagine the servers were scaled for typical daily use, which would be fine for Febuary 1, 2014, months after most have gotten on new plans, etc, but not for the onslaught of the first day.  

  •  Nope... (8+ / 0-)

    ...just overloaded. Happens all the time with federal websites, most often during the grant funding cycles when everyone is trying to submit grant proposals at the same time through the electronic portal (instructions frequently mention the need to start the submissions process DAYS---not hours---before the deadline, which tells you something). They test server capacity based on best projections but they generally tend to underestimate load during peak hours (beginning and end of workday, in particular). Just the usual bottleneck. It'll smooth out when people start trying to access the site at different times, instead of all at once.

    "We are the sum of our experiences, plus a bit of biology tossed in." © grover

    by Vacationland on Tue Oct 01, 2013 at 07:25:11 AM PDT

    •  multiple sites, not just one (3+ / 0-)
      Recommended by:
      Fury, Vacationland, JBL55

      That's where my concerns are.  Independent sites having the same problems, and all of them underestimating the traffic to the point that they all crash?  Hmmm, let me adjust my hat, but that sounds suspicious.

      •  Yeah, actually. (1+ / 0-)
        Recommended by:

        Almost nobody can anticipate the kind of load you get on Day 1 of a massive federal program roll-out. Many government sites use the same servers; many corporate entities also share the same ISP real estate. Both federal and corporate entities (and their IT staff) tend to estimate load based on past "worst case scenario" events, not future projections; it's also likely that they can't  (or decide not to) create/maintain a system scaled for Big Event days like this, but rather one scaled for the average anticipated load going forward.

        I've worked in academia, public and private sector jobs (Ivy research institutions, NIH-funded projects, government banking, Big Insurance data warehouse setup and troubleshooting, and my current job is to help evaluate state agencies and state-level programs nationwide) -- so I've had some direct experience at virtually all of these types of settings.  

        I promise can put away the tin foil chapeau; these things happen more often than you would suspect, it's just more high profile today because of of the size and scope of the project.

        "We are the sum of our experiences, plus a bit of biology tossed in." © grover

        by Vacationland on Tue Oct 01, 2013 at 09:40:49 AM PDT

        [ Parent ]

        •  I really really really hope you're right. (1+ / 0-)
          Recommended by:

          But I'm not putting away my tin foil hat just yet.  :-)

        •  It doesn't take that much if there's a bottleneck (0+ / 0-)

          While it's not at this scale, the 3-4000 new freshmen (freshpeople?) at my august institution routinely crash the registration/email account facilities in the fall when they register.

          There is at least one, and possibly several places where ensuring that one student equals one email address equals one seat in a course requires an exclusive update.  I would think that signing up for health insurance runs through similar choke points.

          So I can just imagine what happens when 4/5 of the 2.5Million uninsured New Yorkers decide to check out the exchange on the same day.

          In one sense it is a DDOS - a lot of people trying for limited resources - but it's almost certainly not real DDOS (though to tell for sure you'd need to look at the webserver logs).

    •  Wouldn't surprise me if it was both. (2+ / 0-)
      Recommended by:
      Vacationland, JBL55

      Overload - certainly.

      Deliberate sabotage - now who would have a motive for that?

      The thing about quotes on the internet is you cannot confirm their validity. ~Abraham Lincoln

      by raboof on Tue Oct 01, 2013 at 08:48:13 AM PDT

      [ Parent ]

  •  Possibly, but they have some very specific notices (9+ / 0-)

    ...up on the site right now:

    Health Insurance Marketplace: Please wait

    We have a lot of visitors on our site right now and we're working to make your experience here better. Please wait here until we send you to the login page. Thanks for your patience!

    The home page of loads quickly; it's only when you try to actually log in that it gives this message. Then it's set to auto-refresh every once in awhile.

    Plus, the live chat is up and running...slow, but it's running.

    I suspect (hope) that it's simply swamped with actual traffic, not due to DDS/external attacks or (worse yet) the system itself simply not being prepared for heavy traffic (which should have been expected).

    •  Having said that, I'm recommending your diary (9+ / 0-)

      ...because certainly that IS a distinct possibility. The Koch/Teabaggers/GOP have already shut down the Federal fucking Government to try and sabotage the ACA; what makes anyone think that they wouldn't resort to cyberterrorism as well?

      This, of course, is on top of the shitload of real traffic in the first place.

      The worst possibility would be if they truly didn't set up the websites/servers to be able to handle heavy traffic in the first place--that would be an example of exactly what anti-government types claim all the time, that governments are incompetent, etc etc.

      I should also note that people should be on the lookout for scams (phishing and otherwise) related to well as other types of confusion. For instance, if you go to healthcare.COM, you'll go to a completely different website, which may or may not be an intentional attempt to confuse people (it makes references to the "New Healthcare Bill" but never outright claims to be part of the HHS, etc).

      •  All good observations (3+ / 0-)
        Recommended by:
        Brainwrap, JBL55, ladybug53

        I'm glad to hear there are some messages like the one you highlighted to queue the activity.

        I am also guessing that a lot of traffic could be from people who are not needed insurance but are just really curious to see what the plans are like and how the sign up works.

        Still, I would also be disappointed if it turns out that the many system architects missed some methods they needed to scale this up.

        We shall soon see.

        I'm not liberal. I'm actually just anti-evil, OK? - Elon James White

        by Satya1 on Tue Oct 01, 2013 at 07:49:21 AM PDT

        [ Parent ]

      •  Possibly (2+ / 0-)
        Recommended by:
        sneakers563, JBL55

        But ORCA.


        © grover

        So if you get hit by a bus tonight, would you be satisfied with how you spent today, your last day on earth? Live like tomorrow is never guaranteed, because it's not. -- Me.

        by grover on Tue Oct 01, 2013 at 08:16:17 AM PDT

        [ Parent ]

    •  same with the NYS log in (2+ / 0-)
      Recommended by:
      Brainwrap, JBL55

      You get to the log in and them you get the error message.

    •  No live chat in SC (1+ / 0-)
      Recommended by:
  •  For Massachusetts, the fed site sends you (2+ / 0-)
    Recommended by:
    Just Bob, JBL55

    to the old Commonwealth choice site but you can only sign up for "RomneyCare" for Nov & Dec there.  I did find the correct site for MA ACA, which is but after i was able to create a username/password around 8 am, the site crashed and now cannot get beyond the opening screen - get a fatal error message.

  •  No need to rush (2+ / 0-)
    Recommended by:
    Fury, JBL55

    Yes, we all want to see what it looks like, and some want to be the first on their block to get signed up.

    Thanksgiving morning seems to be the best time to go there.  Any time until mid December (actual day varies by state) will get opening day coverage.

  •  I'm not into CT (4+ / 0-)
    Recommended by:
    jabney, Fury, pollwatcher, JBL55

    but I am also wearing a tinfoil style of haberdashery this AM.

    We'll see.  I think much traffic could just be from curious people who don't actually need insurance.

    I'm not liberal. I'm actually just anti-evil, OK? - Elon James White

    by Satya1 on Tue Oct 01, 2013 at 07:52:54 AM PDT

  •  probably not (2+ / 0-)
    Recommended by:
    pollwatcher, JBL55

    just issues with the services not working correctly

    and IT has been furloughed.


    -You want to change the system, run for office.

    by Deep Texan on Tue Oct 01, 2013 at 08:08:03 AM PDT

  •  Health Insurance Marketplace: Please wait (1+ / 0-)
    Recommended by:

    I'm in SC and get this message now...

    Health Insurance Marketplace: Please wait

    We have a lot of visitors on our site right now and we're working to make your experience here better. Please wait here until we send you to the login page. Thanks for your patience!

    I actually got in earlier but had to abort because at step 3 of the application process, where you pick your security questions, was not working....the drop down menus were empty ie you could not pick a security question.

  •  considering the teabagger mentality (1+ / 0-)
    Recommended by:

    this is exactly what I thought when I heard they were some technical problems.  It wouldn't surprise me if RWNJ money was used to hire hackers is some other country to distrupt the system.

  •  Been saying this all morning (1+ / 0-)
    Recommended by:

    Obviously there's more than one way to kill off ACA if certain people don't get their way...

  •  Why would dentists in particular hate the ACA? (1+ / 0-)
    Recommended by:

    Do they think President Obama is a closet anti-dentite?

    "When I give food to the poor, they call me a saint. When I ask why the poor have no food, they call me a communist." --Dom Helder Camara, archbishop of Recife

    by JamesGG on Tue Oct 01, 2013 at 08:39:35 AM PDT

  •  I don't think most of the visitors understand (2+ / 0-)
    Recommended by:
    TexasTwister, JBL55

    that this is just the opening of the enrollment period for health insurance in calendar 2014. At least half of them probably think they can get coverage that starts right now. (For that matter some of them probably think there are only so many policies available & when they're gone, they're gone--victims of the vicious endless repetition of Rethug "rationing" lies.)

    If in fact everyone's jumping on the server right now, what they really need is a message like this:

    We have a lot of visitors on our site right now and we're working to make your experience here better.
    Did you know that the health insurance plans on this exchange do not take effect until January 1, 2014?

    Did you know that you have until December 31, 2013 to sign up for a plan taking effect on January 1, 2014?

    You can wait until tomorrow, or next week, or next month to come back to this site and sign up for health insurance in 2014. The same plans will be available for you.
    Please consider coming back in a day or two.

    But if you'd still like to connect today, please wait here until we send you to the login page. Thanks for your patience!

    Something like that.

    Frankly I blame the media and their Chuck-Toadish attitude that it's not their responsibility to report the actual facts & details of the ACA.


    by Uncle Cosmo on Tue Oct 01, 2013 at 09:05:41 AM PDT

  •  Another possible explanation (1+ / 0-)
    Recommended by:

    I'll be frank - there are 50 million uninsured. Most don't even know about the ACA. The people going to the various websites are seniors afraid that the ACA is replacing their Medicare, people with expensive junk insurance hoping that the ACA will be better, people with expensive employer insurance looking for a deal, married people with questions about family plans and individual eligibility, people like me (I am selling a business license and retiring this year. Therefore my income will be $236k this year and $0 next year. Do I qualify for MediCal or do I have to buy insurance on the exchanges without the subsidy? I asked the county provided counsellor at my clinic two weeks ago and she said they hadn't been told yet.)

  •  The thought of a DDoS attack crossed my mind too (1+ / 0-)
    Recommended by:

    but someone in another comment section pointed out that it wouldn't make sense to scale it up to 1500% of expected use just because you're expecting to get slammed on opening night.

    If it DID turn out to be an attack, and it could be traced back to the GOP's doorstep, it would be the kiss of death for them.  And you have to think they know this, so either they figure they can cover their tracks sufficiently, or they don't care if they can't -- or most likely, it's simply what it appears to be; a lot of people anxious to enroll are overwhelming the servers.

    I'll believe corporations are people when one comes home from Afghanistan in a body bag.

    by mojo11 on Tue Oct 01, 2013 at 10:03:25 AM PDT

  •  RI site reportedly up and running (2+ / 0-)
    Recommended by:
    JBL55, lesliet

    after problems early this morning, which they say peaked at 8 am. That's weirdly early for people to be dialing in.

    I hope the FBI (if it's still functional given the shutdown) is at least looking at the possibility of some sort of intentional hack of the sites.

    It reminds me of the GOP contractors who jammed the telephone lines of the Democrats' GOTV (call for a ride to the polls) efforts during the 2002 (I think) Senate election. They did get traced and prosecuted.

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site