[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV more about wells fargo, schwab
|
From: |
Matt Ackeret |
|
Subject: |
Re: LYNX-DEV more about wells fargo, schwab |
|
Date: |
Wed, 11 Mar 1998 18:20:29 -0800 (PST) |
On Thu, 12 Mar 1998, Nelson Henry Eric wrote:
>> >> >some sites (eg Schwab, Wells Fargo) which check for 128-bit browser
>> > |||||||||||
>> >Are you absolutely sure they are checking the agent string? In the past,
>
>I confirmed that they ARE checking the agent string. The reasons why
>they are doing this I explained in my previous message. I might add that
>it boils down in the final run to "who do you sue" when the security
>fails. Netscape and MS carry HUGE liability insurance. Lynx?
Umm.. Then it seems to me that it would be useful to tell Wells Fargo
that they *aren't* actually promoting security.
In other words, if I can phony up my agent string, and log into Wells Fargo
with Lynx.. then it seems to be showing to me that Wells Fargo *isn't* actually
promoting security as much as they say they are.
In other words, they should *actually* check the security level of the
browser. Even if *telling* them gets Lynx to somehow be "actively disallowed",
it would seem to be better in the overall security issue.
Ugh, I can't word that very well.. What I mean is that at the moment it seems
that they are basically *lieing* about the security requirements.
Sort of like what I have heard third-hand about something involved with
Windows (possibly Windows95?).. If you mess up the password 3 times in a row,
it lets you CHANGE the password? That is *WORSE* than no security, since it
implies there is security but there really is none. (Note, I'm not bashing
Windows/Microsoft as an entity in general -- even though I work for Apple.
I think you've *got* to admire someone worth $18 billion.)
>> *BUT WHAT DO I CHANGE IT TO*?
>My conscience will not allow me to encourage you, but simply search
>the lynx-dev archives for "agent string". TZ has it down to state-of-
ARGH. Sorry this is just starting to tick me off.. You're unwilling to
engage in the free flow of information? Now I've got to find the lynx-dev
archives.
Would a patch allowing the User-Agent string to be a "cycle through the
given values" be accepted? Such as letting the user easily switch to
Netscape?
- LYNX-DEV more about wells fargo, schwab, Matt Ackeret, 1998/03/08
- Re: LYNX-DEV more about wells fargo, schwab, Nicholl Environmental, 1998/03/11
- Re: LYNX-DEV more about wells fargo, schwab, Nelson Henry Eric, 1998/03/11
- Re: LYNX-DEV more about wells fargo, schwab, Nelson Henry Eric, 1998/03/11
- Re: LYNX-DEV more about wells fargo, schwab,
Matt Ackeret <=
- LYNX-DEV More security stuff., Matt Ackeret, 1998/03/12
Re: LYNX-DEV more about wells fargo, schwab, Nelson Henry Eric, 1998/03/12
Re: LYNX-DEV more about wells fargo, schwab, Brian Tillman, 1998/03/12
Re: LYNX-DEV more about wells fargo, schwab, Personal, 1998/03/12