All the Perl that's Practical to Extract and Report

Bad banking software

Ovid on 2006-03-10T19:24:41

I recently logged into my online banking service. I get the following error:

an exception occurred: Unable to complete your request at this
time, ReferenceID = "****-*********-**"

So the next day, I tried again. Same error. A few days later, I tried again. Same error. It's not something critical I needed to fix, but I assumed they knew they had a problem and were working on it.

Today I called to find out what was going on. I found out that they do not support Firefox. Rather than have their app say "We only support the following ...", their app crashes and burns.

So I had Firefox lie and say it was Internet Explorer. Then everything worked fine. Grr ...

If this was someone's home-grown site, I wouldn't care that much, but banking software? That's scary.

Banking Software

Shlomi Fish on 2006-03-10T20:50:10

Quite an amusing story! Of course, it's hard to tell whether it's more funny or sad.

There are some Israeli banks whose sites do not support Firefox, or have some out-of-the-way support for it. I switched banks so I can use Firefox to manage my account. The client-side code of some of the Israeli banks' sites is reportedly full of typos and bugs.

Did your bank's site used to work well with Firefox in the past?

Re:Banking Software

Ovid on 2006-03-10T21:12:14

Yes, it's worked fine with Firefox before. Actually, I "cut down" the story a bit to avoid rambling. I can log into the site. It's when I go into a special "bill pay" section that I get the error. That's why I didn't start out thinking "hmm, maybe it's an IE/Firefox thing".

In a remarkable coincidence, I was recently chatting with a gentleman who does security for this bank's online software. He told me that he's struggled with the company to get them to take care of some of their more egregious security holes, but with mixed results. He claims that if he were inclined, he could steal a lot of money through the Web site if he were caught, but that's only through "obscure" means. He feels at this time their greatest risk is DNS cache poisoning. That's scary because really, there's not a lot the average user can do about this.

Hmm, maybe a Firefox extension which caches IP addresses for secure sites and warns you whenever they change?