this post was submitted on 22 Jul 2023
2603 points (99.2% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54758 readers
239 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

looks like rendering adblockers extensions obsolete with manifest-v3 was not enough so now they try to implement DRM into the browser giving the ability to any website to refuse traffic to you if you don't run a complaint browser ( cough...firefox )

here is an article in hacker news since i'm sure they can explain this to you better than i.

and also some github docs

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 1 year ago (1 children)

There would have to be very significant reasons for a bank to do that.

[–] [email protected] 13 points 1 year ago (3 children)

Like what? The only reason I've seen is laziness. Several banks in my area still require IE for some of their more elaborate online services. It's typically limited to business users, but they're still requiring it; to the point where they have a team of support agents that remote connect and reconfigure edge to run an IE-mode tab to the site, and install all their malware on your PC to make the service work. With the proper effort the whole thing could be reduced to little more than a chrome/firefox/opera/edge/safari/whatever extension....

But they don't. because they're lazy.

[–] [email protected] 4 points 1 year ago (1 children)

What Banks do this? USAA doesn't, and that's what I use.

I've zero issues swapping banks if needed.

[–] [email protected] 3 points 1 year ago (1 children)

On the consumer front, almost everything has a web interface layer over the grotesque monster that actually runs the services.

For any business accounts, banks are an entirely different monster. If you've only ever used consumer services, you'll never know the disgusting mess underneath it all. Banks have only done this much for consumers because if they didn't, they would have either lost, or never attracted any of the modern generations to their services, namely millennials, and all those who came after.

The older generation for the large part, is happy to continue using IE, and walking into a bank to do whatever they need to.... But starting with millennials, having browser agnostic web based services to do simple things like bill payments, account to account transfers, balances and transaction records, and most don't need much more than that.

One of the more recent, and possibly most egregious examples was a cheque scanner for a business, which was a USB attachment to a client's workstation for bringing in payments in bulk, rapidly. Think about it like the mobile cheque deposit in your favorite banks app, but on steroids. The bank provided the cheque scanner, and a business login page for the service. The way it operated, from what I could see, is that it required special drivers from the bank for the device, and a series of custom ActiveX plugins, which, as expected, only work with IE. The entire process was essentially to take a high resolution scan of the cheque, and dump the image into the website (I presume, securely), to submit the payment to the bank. This process would be complete in a matter of seconds when it's running correctly. From what I saw from what the bank technician did, remotely, was to load the site in edge, force it to display in an IE tab, then adjust the drivers and signing of ActiveX control to validate and submit the scans.

The mobile deposit does the same but much slower, potentially taking minutes to capture the cheques image and fill in all the details, per cheque. Meanwhile this process could literally process a dozen cheques in the same amount of time. What kills me is that mobile deposit is basically the same thing and they have the structure for it already. It should be relatively trivial to adapt the process to use the cheque scanner to submit the images of the cheque, compared to basically having to registry hack each client computer to work with the antiquated system instead; but they do it anyways.

[–] [email protected] 1 points 1 year ago

Partly. Financial applications aren't so easy to update for some valid reasons. No only do youave to implement the whole application on a new stack but also validate and extensively test them for flaws, things that have already been done on the ond application over many years.

Thats why some high end financial systems run on archaic architectures that needs to be emulated for lack of hardware.

Similarly for large enterprise applications that rely on decace old releases of OS and platform only performing security patches to mimimise breakages.

Its too simple to chalk it up as lazy.

[–] [email protected] -4 points 1 year ago (4 children)

So you're taking your experience, with banks only local to you, and extending that as a blanket statement for all banks...

Please list all these banks near you that require IE?

[–] [email protected] 8 points 1 year ago

I'm a totally separate person, and I can also verify that forcing business users to use IE for certain services is definitely a thing.

I'm not sure what your point is? It's not necessarily going to apply to ALL banks, but it'll probably apply to SOME of them, and that will suck if it happens to be your/my bank.

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago)

I used to work at a credit union in IT. I can confirm financial institution laziness knows no bounds. Separate from their laziness is the vendor compatibility. I can't count how many vendors do not update their software to run on modern browsers and relied on specific IE instances. Adding to all that is just the institution itself having decades old hardware and software because modernizing things can be incredibly expensive. The core my company used was incredibly outdated Unix and required a ton of different middleware just to make sure we were compliant where absolutely necessary. If it wasn't necessary nothing got done. And that's better than a lot of banks that could be running on some COBOL based core. Completely redoing the core will affect every middleware crap solution they've patchworked together to keep running over the past few decades and will be insanely resource, cost, and time intensive.

Even these days at my current company I run into this shit. Huntington bank requiring IE for check processing, or SAGE DB software requiring 2013 Access or else it won't work. These are huge companies still utilizing outdated piles of garbage.

[–] [email protected] 5 points 1 year ago

oh, I also want to point out that you completely ignored my question; you said "There would have to be very significant reasons" and I asked what that was, and instead of responding with a clarification on what is required as a reason for a bank to actually do the thing, you attacked my position asking for more clarity on which banks were actually doing this, I'm sure in an effort to minimize the scale at which my experience is relevant, yet other lemmings have already chimed in to say that they have also witnessed the same lazy behavior.

Classic misdirection. So, what justification is required for banks to actually innovate? The only thing I've seen from banks is them trying everything they can not to; so I'm genuinely curious what justification is required to actually make a bank do something.

[–] [email protected] 4 points 1 year ago

Please list all these banks near you that require IE?

yes.