After spending a couple of hours on a post, I inadvertently forgot to:
1. Copy my work
2. Log back in
3. Recreate the title
4. Post my work
However, no message forum user should ever have to remember to follow these four steps during a single session. Unfortunately, since one of my favorite message forum’s installation of vBulletin does not preserve the post (it does on most other vBulletin forums, including my own), the inevitable result is that the post (and my time) is lost. A user’s long, hard work winds up being met with the following message, along with the complete loss of his or her work:
Therefore, I’m going to ask them again to please change the timeout from its current setting.
Here’s why: Overly short timeouts are the least effective way to increase forum security. By changing other parameters, you can make your forum many millions of times more secure than by greatly inconveniencing users with puny timeouts.
Only slightly complicating this problem is the fact that there are two issues at work. Actually, there are many, but given what the admins can quickly and easily change, it only involves two issues: Brute-force attacks and man-in-the-middle attacks. The login timeout involves man-in-the-middle attacks. Put simply, while you’re logged in, someone listening in to the data transmissions between your computer and the forum’s servers can easily locate the session key. However, that’s useless to them unless they’re able to crack it while the session key is in play, then use it to log into using the sniffed user’s account, and change their password, e-mail information, etc.
All that nets them, however, is that individual user’s login credentials. It cannot hack the system itself. Furthermore, even the guest session uses a 32 character session hash. Given 96 available characters, that’s a keyspace of 2.70819E+63. In case you’re wondering, and according to Steve Gibson of Gibson Research Corporation, it would take a massive cracking array capable of one hundred trillion guesses per second at least 6.22 thousand trillion trillion trillion centuries to exhaust this session hash. If one wanted to be 99.9999% certain it couldn’t be found, then it would still take 6.22 billion trillion trillion centuries to crack.
Not only is that an extremely long time, more than a trillion trillion times longer than the age of the entire universe, it’s also the reason why maintaining a short login time is not merely petty, but it’s pathetic, as well.
Let’s work through some examples to see how this works:
– Login timeout: 20 min
– Min password length: 7 characters
– Max number of retries: 5
– Retry lockout: 15 minutes
Example 1: Change login timeout to 10 min
Result: This halves the time a man-in-the-middle attack can intercept a login. However, these attacks are only good during that particular session. Unless the attack cuts off communication with the user, the moment that user logs off, that key is cleared and the attack is halted. In the meantime, users are greatly inconvenienced by constantly being booted off the server every time they grab a lock snack, make dinner, or are busy working on a long post.
Result: It only makes the bad guys work twice as hard.
Bottom line: Login timeouts are so pathetically and ridiculously ineffective (see the 6.22 trillion trillion trillion centuries explanation above) that it’s best to set them to 12 hours, if not 24 hours, and use other, far, far, far more effective means as described below:
Example 2: Change the min password length to 8 characters.
Result: Since 96 characters are available for passwords, this makes the bad guys work 96 times harder. That’s 48 times more effective than halving the login timeout.
Bottom line: Increase the min password length to 8, thereby gaining 48 times more effectiveness in deterring a brute-force attack.
Speaking of passwords, you can also enforce a ban on dictionary passwords and/or the use of at least one each of upper, lower, numbers, and special characters. That results in an increase in security of between several thousand-fold to trillions.
Example 3: Reduce the max number of retries to 2 (total of 3 tries)
Result: This halves the number of times a brute-force approach can crack the password. However, if the min password length is set to 7, that’s 75,144,747,810,816 possible passwords. Thus, instead of giving them 6 chances to work miracles, you’re giving them 3 chances to work miracles. Regardless, merely by using reasonable values for the max retries and retry lockout, you’ve already defeated the brute force approach, completely.
Bottom line: It’s better to leave it at 5 retries.
Example 4: Increase the Retry Lockout to 30 minutes.
Result: This just ticks people off. The whole point of combining the use of the min password retries and retry lock out is to limit the long-term ability of anyone to brute-force attack any particular user’s login.
Bottom line: Leave it at 15 minutes.
With 5 total tries and a retry delay of 15 minutes, you’re limiting the system to a maximum of 20 tries per hour, or 480 tries in a 24-hour period. Compared to 75,144,747,810,816 possible passwords, that’s nothing. Well, actually, it’s next to nothing. Specifically, it’s 6.387671e-12. Put another way, you’re at least 99.999999999361% “safe.” However, that’s simply by combining an attempt limit and retry lockout with an 8 character password minimum. Those who use a 9 or 10 char password receive 96 to 9,216 times more protection.
With all of the above in mind, here’s an expert vBulletin administrator’s advice:
– Login timeout: 24 hours (1,440 min)
– Min password length: 8 characters
– Enforce no dictionary words: Yes
– Enforce the use of upper, lower, numbers, and special chars: No
– Max number of retries before lockout: 3
– Retry lockout: 5 minutes
Now, if you’d like to double the trillion trillion trillion centuries (or more) level of protection afforded with the settings above, for just $18 a year, you can Convert Your vBulletin Installation to HTTPS (SSL/TLS).
There are even four pages on Facebook’s user community wherein a growing number of people are reporting the same issue.
These facts and the details I provide below form the basis of my belief that Facebook’s “malicious software” detection is either riddled with errors or is totally bogus, perhaps even Facebook’s way of getting people to download their “partnered” anti-“malicious software” on an individual’s computer in order to spy on users’ machines.
When this happened two weeks ago, I wrote them the following letter. I promised I would hide this blog post if they permanently removed the “malicious software” flag in their system. After five days, they did just that and I was able to log in. This morning, however, I receive the “malicious software” message again, so I made this blog post visible once more, and will likely keep it until Facebook publically acknowledges that at the very least, their “malicious software” flag has nothing to do with whatever Facebook detects on a users’ computer (it can’t, due to the browser’s security), but rather, it’s tied to individual user accounts.
On the afternoon of June 6th, 2017, while in the middle of typing a post on Facebook via my primary FB account, I received the following popup message from Facebook that states:
“Hi (name), we’re continuously working to keep your account secure. We’ve noticed that this device may be infected with malicious software. To continue to use Facebook, you can either use other devices or clean this device by downloading the scanner provided by Facebook and Trend Micro.”
In your Terms of Service, under Section 2, “Sharing Your Content and Information,” you specifically state, “You [the user] own all of the content and information you post on Facebook.”
Since that’s indeed the case under U.S. Copyright Law, why are you blocking MY access to MY information?
I am an IT security specialist with 29 years of experience. I have written 24 security-related articles for Network World, and authored security-related documentation during my 20+ years as an officer in the U.S. Air Force. Therefore, please take me seriously when I affirm this problem does not exist on any local computer which I have used to log into Facebook, but rather, on your network, and specifically, my account on your network.
Just to be absolutely certain, however, I conducted the following series of tests:
I tried “other devices.” In fact, I tried 7 completely different machines:
- neighbor 1
- neighbor 2
- public library 1
- public library 2
- my spare computer
- my local machine
I tried them in 6 different geographic locations, using 3 different ISPs:
- Peak Internet
I also tested two browsers (Chrome and Firefox) on all of those, along with Opera on two of them.
In all seven cases (19 test cases, total), the following results remained consistent: Logging in with my primary account resulted in the “malicious software” error message on all machines, locations, and ISPs, but logging in with any other account resulted in a clean login regardless of machine, location, or ISP. Of these 7 machines, four were running Norton Security, and the other three ran Kaspersky, Avast, and AVG.
Therefore, it is unequivocally clear that this issue is not a problem inherent in any of the local machines, subnets, geographical locations, browsers, Internet Service Providers, or antivirus software.
Rather, it is most certainly a problem with either Facebook’s servers in general, or with my primary Facebook account as hosted on your servers.
Since that is without a doubt the case, running your mandated software from any four of your partners on my local machine would accomplish absolutely nothing, yet risks unauthorized disclosure of my personal information, infection of my computer, or even the introduction of a virus at the local machine’s administrator level by whoever hacked my Facebook account.
To be quite fair, as a direct result of your non-communication policy, I have absolutely no way of knowing whether or not this “malicious software” pop-up is legitimate or if it is itself a malicious hack of my account designed to get me to run ransomware as an administrator on my local machine. At the very least, the way you go about holding the account hostage and forcing us to download the software not from one of your security partners but from some other site is highly suspicious.
However, to that end, I made a note of your partners: Trend Micro, Kaspersky, ESET, and F-Secure. I then proceeded to use their trial versions (only three had trial versions) to thoroughly scan and clean my machine.
I then repeated the above tests to see if my local machine had absolutely anything to do with the issue, at all.
No. The results of the tests remained the same. Furthermore, five people successfully logged onto Facebook using both my primary and backup machines, regardless of their geographic location, the browser used, or the ISP.
Clearly, my machine is not the issue. It’s my account. Either Facebook wrongly blocked my account with their “malicious software” hack, believing that a virus exists on my side of their firewall (absolutely not, as has been abundantly demonstrated by the test procedures given above), or my account has been hacked from inside of Facebook’s firewalls by someone who really is trying to use it as a way of hacking my local machine.
Facebook: The problem resides solely on your side of the net. Please stop trying to get us to run your software on our machines. We’re already running the world’s best anti-virus and anti-malware software, including from at least one of your four security partners. As I have clearly demonstrated, there is absolutely nothing I can do on my end that will fix this problem, and that includes running your mandated software. The problem is on your end. Fix the problem on your end, and the problem will be solved.
Again, I am an IT security specialist with 29 years of experience. I have written 20+ security-related articles for Network World, and authored security-related documentation during my 20+ years as an officer in the U.S. Air Force. Therefore, please take me seriously when I affirm this problem does not exist on local computers, but rather, on your network.
Name witheld by request
M.S. Management (Project Management)
MBA (Technology Management)
B.S. Finance, Insurance, and Business Law
This morning’s news was abuzz with liberals attempting to further obfuscate the firing of former FBI Director James Comey:
“Acting FBI Director Andrew McCabe told lawmakers Thursday there has been “no effort to impede” the Russia investigation…” ”
This strongly supports the fact that Trump did NOT fire Comey to impede any sort of investigation.
“…and said former FBI Director James Comey continues to have “broad support” in the agency even after the White House claimed he lost the trust of his employees.”
I hear that Comey was well-liked, that he was a good leader of men.
That doesn’t for one second negate the Department of Justice’s claims that both his decisions and actions routinely violated both FBI and Department of Justice policy, and in ways which undermined the trust of the American people — from BOTH political parties — over the last year.
Ok, liberals, I’m going to stretch your brains a bit. Hopefully, most of you can handle it. This goes for conservatives, too, as most of you haven’t read Deputy Attorney General Rosenstein’s recommendations on Comey, either. This memorandum was sent to AG Sessions, who in turn recommended Comey’s dismissal to President Trump, who considered the matter, concurred, and sent Director Comey a termination letter.
This letter details precisely WHY Comey was fired:
May 9, 2017
MEMORANDUM FOR THE ATTORNEY GENERAL
FROM: ROD J. ROSENSTEIN
DEPUTY ATTORNEY GENERAL
SUBJECT: RESTORING PUBLIC CONFIDENCE IN THE FBI
The Federal Bureau of Investigation has long been regarded as our nation’s premier federal investigative agency. Over the past year, however, the FBI’s reputation and credibility have suffered substantial damage, and it has affected the entire Department of Justice. That is deeply troubling to many Department employees and veterans, legislators and citizens.
The current FBI Director is an articulate and persuasive speaker about leadership and the immutable principles of the Department of Justice. He deserves our appreciation for his public service. As you and I have discussed, however, I cannot defend the Director’s handling of the conclusion of the investigation of Secretary Clinton’s emails, and I do not understand his refusal to accept the nearly universal judgment that he was mistaken. Almost everyone agrees that the Director made serious mistakes; it is one of the few issues that unites people of diverse perspectives.
The director was wrong to usurp the Attorney General’s authority on July 5, 2016, and announce his conclusion that the case should be closed without prosecution.
It is not the function of the Director to make such an announcement. At most, the Director should have said the FBI had completed its investigation and presented its findings to federal prosecutors. The Director now defends his decision by asserting that he believed attorney General Loretta Lynch had a conflict. But the FBI Director is never empowered to supplant federal prosecutors and assume command of the Justice Department. There is a well-established process for other officials to step in when a conflict requires the recusal of the Attorney General. On July 5, however, the Director announced his own conclusions about the nation’s most sensitive criminal investigation, without the authorization of duly appointed Justice Department leaders.
Compounding the error, the Director ignored another longstanding principle: we do not hold press conferences to release derogatory information about the subject of a declined criminal investigation. Derogatory information sometimes is disclosed in the course of criminal investigations and prosecutions, but we never release it gratuitously. The Director laid out his version of the facts for the news media as if it were a closing argument, but without a trial. It is a textbook example of what federal prosecutors and agents are taught not to do.
In response to skeptical question at a congressional hearing, the Director defended his remarks by saying that his “goal was to say what is true. What did we do, what did we find, what do we think about it.” But the goal of a federal criminal investigation is not to announce our thoughts at a press conference. The goal is to determine whether there is sufficient evidence to justify a federal criminal prosecution, then allow a federal prosecutor who exercises authority delegated by the Attorney General to make a prosecutorial decision, and then – if prosecution is warranted – let the judge and jury determine the facts. We sometimes release information about closed investigations in appropriate ways, but the FBI does not do it sua sponte.
Concerning his letter to the Congress on October 28, 2016, the Director cast his decision as a choice between whether he would “speak” about the decision to investigate the newly-discovered email messages or “conceal” it. “Conceal” is a loaded term that misstates the issue. When federal agents and prosecutors quietly open a criminal investigation, we are not concealing anything; we are simply following the longstanding policy that we refrain from publicizing non-public information. In that context, silence is not concealment.
My perspective on these issues is shared by former Attorneys General and Deputy Attorneys General from different eras and both political parties. Judge Laurence Silberman, who served as Deputy Attorney General under President Ford, wrote that “it is not the bureau’s responsibility to opine on whether a matter should be prosecuted.” Silberman believes that the Director’s “Performance was so inappropriate for an FBI director that [he] doubt[s] the bureau will ever completely recover.” Jamie Gorelick, Deputy Attorney General under President Clinton, joined with Larry Thompson, Deputy Attorney General under President George W. Bush, to opine that the Director had “chosen personally to restrike the balance between transparency and fairness, departing from the department’s traditions.” They concluded that the Director violated his obligation to “preserve, protect and defend” the traditions of the Department and the FBI.
Former Attorney General Michael Mukasey, who served under President George W. Bush, observed the Director “stepped way outside his job in disclosing the recommendation in that fashion” because the FBI director “doesn’t make that decision.”
Alberto Gonzales, who also served as Attorney General under President George W. Bush, called the decision “an error in judgement.” Eric Holder, who served as Deputy Attorney General under President Clinton and Attorney General under President Obama, said the Director’s decision”was incorrect. It violated long-standing Justice Department policies and traditions. And it ran counter to guidance that I put in place four years ago laying out the proper way to conduct investigations during an election season.” Holder concluded that the Director “broke with these fundamental principles” and “negatively affected public trust in both the Justice Department and the FBI.”
Former Deputy Attorneys General Gorelick and Thompson described the unusual events as”real-time, raw-take transparency taken to its illogical limit, a kind of reality TV of federal criminal investigation,” that is “antithetical to the interests of justice.”
Donald Ayer, who served as Deputy Attorney General under President H.W. Bush, along with former Justice Department officials, was”astonished and perplexed” by the decision to “break with longstanding practices followed by officials of both parties during past elections.” Ayer’s letter noted, “Perhaps most troubling… is the precedent set by this departure from the Department’s widely-respected, non-partisan traditions.”
We should reject the departure and return to the traditions.
Although the President has the power to remove an FBI director, the decision should not be taken lightly. I agree with the nearly unanimous opinions of former Department officials. The way the Director handled the conclusion of the email investigation was wrong. As a result, the FBI is unlikely to regain public and congressional trust until it has a Director who understands the gravity of the mistakes and pledges never to repeat them. Having refused to admit his errors, the Director cannot be expected to implement the necessary corrective actions.
You can also read photocopies of all three letters, at The New York Times article entitled, “White House Announces Firing of James Comey.”
So, STRIKE ONE.
Intermission: The Comey Chronology:
But this isn’t all. There’s another reason Comey may also have been fired.
20 years ago James Comey was an attorney on the Senate Whitewater Investigation looking into the conduct of President Bill Clinton and first lady Hillary Clinton. The investigation was to determine whether Bill Clinton used his political position as governor of Arkansas (in the 1980s) to push through an illegal loan to benefit Bill and Hillary’s business partner in Whitewater.
Several people involved in Whitewater went to jail, but no criminal prosecution was in the cards for Bill and Hillary. Remember James Comey was the Deputy Special Counsel for the Whitewater investigation.
In Christopher Anderson’s book, “American Evita: Hillary Clinton’s Rise to Power”, Anderson gives details of the New Square offenders pardon by Bill Clinton (they had been convicted of bilking the government of $30 million dollars). Christopher Anderson relates that at Hillary’s urging Bill gave clemency to 16 Puerto Rican terrorists who took the lives of 16 Americans and wounded many others.
Anderson tells us that Hillary admired the Marxist Carl Oglesby and Saul Alinsky. It is from her admiration for Saul Alinsky that she formed her belief that “the only way to make a real difference is to acquire power.”
The pardon of billionaire Marc Rich (who traded illegally with America’s enemies including Iran) by President Bill Clinton was something that everyone knew reeked of impropriety after learning that Rich’s wife donated $450,000 to the Clinton Library.
Again, James Comey oversaw investigations of the pardon matters as well. Unbelievably, James Comey did not recommend charging the Clintons in any of these matters. Wouldn’t it be fair and balanced to give news coverage to these facts?
The Clintons controlled Comey for DECADES.
So, STRIKE TWO
But even that’s not the end of it! No…
Trena Jarnagin-Blackburn Here’s the real reason COMEY got fired.
BOMBSHELL: Young Congresswoman Gets Comey Fired, Here’s What He Was Hiding
Re: Former FBI Director James Comey and Rep. Elise Stefanik
The firing of James Comey comes as a relief to most patriotic Americans who lost trust in his leadership over his handling of the Hillary Clinton investigation, but most people don’t know all the events that led up to President Donald Trump actually firing him. It involves a young congresswoman, who uncovered Comey’s explosive secrets, and that’s all Trump needed to get rid of the disgraced FBI Director.
This will blow your mind.
Rep. Elise M. Stefanik (R-NY) is the youngest member of congress at 32 years old, and on March 20, she singlehandedly finished Comey’s career. Not many people were paying attention to a junior congresswoman questioning the FBI Director, but what she uncovered is pure gold. Remember, at this time, Trump had accused Obama of wiretapping him and the Democrats were accusing Trump of colluding with Russia.
During questioning, Rep. Stefanik lured Comey into a trap. She got Comey to admit that a counter-intel investigation into the Russia-Trump connection started way back in July 2016. Think about that; this is so fishy because Trump had just been nominated by the GOP, and immediately, the Obama White House starts a bogus investigation trying to link Russia to Trump. That’s called a political witch hunt.
But, that’s not all.
The damning admission leads to questions about wiretapping private citizens like Trump and his staff. Then, Comey tripped up and couldn’t recover. Rep. Stefanik knew Comey was required to alert congress about this investigation into Russia and Trump, but he couldn’t do that, could he? If Comey followed the rules set out by the Department of Justice, he had to inform congress, but if he did, the GOP would have blown up and exposed this as an obvious political witch hunt to destroy their presidential candidate.
“On March 20th the mask fully came off. Comey was a solid Black Hat. The March 20th appearance before congress was the final straw in showcasing just how politically corrupt James Comey was,” The Conservative Treehouse reports.
Rep. Stefanik cornered Comey on the timeline and got him to stumble and squirm.
She asked, “When did you notify the White House, the DNI, and congressional leadership [of the bogus investigation]?” Comey immediately started sweating after admitting that it’s protocol to inform congress quarterly and the investigation started in July 2016. Then, came the kicker. Comey didn’t inform congress until March 2017, only after he had no other choice as these hearings were set to begin.
Watch as Rep. Stefanik outsmarted Comey and lured him into admitting he was in essence spying on GOP candidate Trump for former President Barack Obama. One other point of note, James Comey outright lies by claiming there was no active DNI (Department of National Intelligence), which is entirely false since James Clapper was Obama’s DNI.
The Conservative Treehouse weighed in, explaining, “Former FBI Director James Comey intentionally kept congress in the dark on his investigative activity. Our system of checks and balances are specifically set up to stop this from happening, and to keep a watch on the ‘watchers.’ Director Comey subverted the oversight for his own political purposes.”
There is no defense for the former FBI director acting alone and not notifying congress of what he is doing through the established protocols. It doesn’t matter who the FBI director is. Comey should have been fired on March 20th after he told congress he was intentionally not allowing them oversight over his conduct.
So, when the liberal loons accuse President Donald Trump of firing James Comey to stop an investigation into Russia, that’s a pile of crap. They have investigated it ad infinitum, and they can’t prove a damn thing because it is something the Obama White House and former Director Comey invented way back in July 2016.
So, STRIKE THREE.
When then FBI Director James Comey attested to Hillary’s criminal wrongdoing just a couple of weeks before the election, I was elated, as the truth was being confirmed by a credible source, the principle investigative agency of the U.S. Federal Government. Sadly, it was a great litany, but it ended in… NOTHING. That’s
I found this on the web a couple of days ago. It’s taken me that long to review it against the text of the AHCA. It seems to hit the nail on the head. At least I couldn’t find any discrepancies between this synopsis (summary) of the American Health Care Act and the act itself. Disclaimer: You should probably read the Act yourself.
And Remember: If you want to obtain or switch insurers, you have less than two months to sign up before you run the risk of being put into a high risk pool. Most states have such pools. Some do not! Better to act now!
Here’s the text:
Let me begin this post by saying I am a licensed Independent health insurance broker with 10 years of experience mostly in the Medicare, Group & Individual insurance markets. I represent my CLIENTS and myself, not one particular company or lobbying organization. My goal is to have happy customers and to be able to make a living with products that are valuable and affordable to people so they will want them.
The House GOP congress recently passed a bill to repeal and replace Obamacare this past week. It is called the AHCA or “American Health Care Act”. Partisan politics has once again reared its ugly head and the Democrats are using scare tactics and outright lies (much like they did to pass Obamacare) to try and dissuade people from supporting this bill. Much has been made about “Pre-Existing Conditions” and how this bill would supposedly not protect those consumers. This is an outright LIE. I will explain what Pre
Existing condition really means, who it applies to and what options are available pre Obamacare, during Obamacare and if this bill passes the senate, post Obamacare under this new bill.
What are “Pre Existing Conditions” and who does this apply to?
The Democrats with their overtly theatrical rhetoric would have you think that Pre Existing Conditions applies to everyone with a hangnail and that those mean Republicans will have every person in the country re-evaluated for hangnails and thrown off their current insurance plan if a hangnail is found.
This is of course NOT TRUE.
First of all, Pre-Existing conditions don’t even apply to about 85% of consumers. If you are one of the following, then the new law will NOT affect you AT ALL:
•If you have Medicare or a Medicare Advantage plan
•If you have VA Benefits or Tri-Care
•If you have health insurance through your Employer
•If you have Medicaid and are below the Federal Poverty Level
•If you currently have individual or group health insurance and do not allow a 63 day gap in coverage from your current plan to your next plan.
Thats the majority of people in the country. So the majority of people in the country will NOT be affected by the Repeal & Replace of Obamacare’s Pre Existing Conditions law.
So that begs the question. Who will be affected by these changes and how?
The people that will be affected by these changes are people who:
•People who do NOT have insurance through Medicare, Medicare Advantage, Va benefits, Tri Care,or Medicaid below poverty level (ie they are not on any government program) and allow their current insurance to expire and do not secure new coverage within 63 days.
This would be people who are under 65, not veterans and not disabled and they allow their current insurance to expire and then do not get new coverage within 63 days.
What happens to these people if they allow their insurance to expire and don’t new coverage in 63 days?
So whats next for these people? Do they get sent to Mars? Do we let them die in the streets? Of course not.
These people will be eligible for High Risk Pool Insurance through their state, backed the federal government. If they wait more than 63 days to get coverage and are denied new coverage due to a Pre existing condition they will get a letter telling them how to apply for the high risk pool plan to get guaranteed insurance.
So alas, they will NOT be left out in the cold to die like the Democrats would like you to believe.
Will they pay more for this coverage had they not waited?
They might, depending on their states rules. Some states have subsidies based upon income to help people afford the high risk pool plan premiums. They might also have broader access to doctors and hospitals then if they were stuck in their old HMO so there could be a silver lining there as well. High risk pool plans were largely successful Pre Obamacare. The problem was there were only 33 states that offered them so 17 states did not have this option before. All 50 states will have this option under the Republican plan.
What is a Pre Existing Condition?
So what is a Pre Existing condition anyways?
Its definitely not a hang nail. Its not even high cholesterol. The only Pre existing conditions underwriters take into account when deciding the issue coverage or not are conditions like Diabetes or Cancer for example. Some companies will insure conditions like Epilepsy, others won’t. Some companies will issue a policy covering everything except the Pre existing condition or some companies may have a waiting period for the Pre existing condition to be covered.
In any case, there will always be the high risk pool plan options if people get denied.
Nobody will ever be left in the cold.
Also its important to remember that people with Diabetes and Cancer and other serious conditions cannot be denied coverage if they already have insurance. They cannot be kicked off their current plans and they cannot be denied by an insurance company if they do not allow their current plan to lapse more than 63 days without a new plan.
Also remember this NEVER applies to folks on Medicare, Medicaid or Tri Care or with VA benefits or anyone obtaining insurance through their employer. Pre Existing conditions never apply to those people.
What other changes are in this law? Will it help or hurt anyone?
Now that we have covered Pre Existing Conditions, what else is in this bill and how will it affect people?
•Insurance Companies can offer more types of plans. With the elimination of mandated benefit packages, you will have more choices to choose the type of plan you want, what you want it to cover and how high or low you want your deductibles.
•Abortions are no longer mandated coverage.
•Medicare & Medicare Advantage funding will increase and has been restored to pre Obamacare levels. Originally Obamacare had stolen about $700 billion from Medicare to pay for subsidies for non disabled adults to get their premiums subsidized. This will help the folks on Medicare & Medicare Advantage.
•Medicaid will only be for people below the poverty line. The Medicaid expansion under Obamacare had people making over poverty level getting Medicaid benefits. This will cease.
•There will no longer be a government mandated IRS fine/penalty for not buying insurance.
•If you wait more than 63 days to buy new insurance from your old insurance a company can elect to charge you 30% more on your premium. Its best to be a responsible adult and keep your insurance if you can.
•With people with Pre existing conditions now in high risk pools, the regular insurance market for those without Pre existing conditions just got alot cheaper.
In conclusion this bill stops robbing Peter to pay Paul. It is much more fair in its pricing laws and it ensures every American has access to health insurance without a heavy emphasis on redistributing wealth and rewarding bad behavior. This bill rewards responsible behavior while still protecting our most vulnerable.
If you feel this DETAILED review of the new federal healthcare legislation is helpful, and counters all the crap we’ve been seeing from mudstream news, please share it.