Sermo’s security controversy

Uncategorized
September 24, 2007
Share
Tweet
Share

Both Medgadget and PsychCentral write about exploiting a vulnerability in physician-only site Sermo:

In the physician community, there’s been a fair amount of buzz about a physician’s-only community (or “social network,” if you prefer) called Sermo. I was curious as to how strong their registration system was to prevent non-physicians from subscribing to the service, which is free and open to all physicians that have either an M.D. or a D.O. (and a DEA prescribing number). So I asked a technology and security consultant friend of mine to check it out.

His findings didn’t surprise me. It took him five minutes and only two tries to register a valid physician account at Sermo, even though he isn’t a physician. He used information freely available on the Internet to register as someone who was a legitimate physician.

Prev

How a homeopath treats a rectal bleed

September 24, 2007 Kevin 7
Next

Grand rounds: Anniversary edition

September 25, 2007 Kevin 8

ADVERTISEMENT

More in Uncategorized

Find jobs at
Careers by KevinMD.com

Search thousands of physician, PA, NP, and CRNA jobs now.

Learn more

Leave a Comment