hi, after a long battle LK has succeeded
---------- Forwarded Message ----------
Subject: Re: [ilug-mangalore] Meeting Agenda [Was: Re: Yo Venkat! kewl! ] Date: Friday 25 Feb 2005 11:05 am From: Laxminarayan Kamath kamathln@gmail.com To: ilug-mangalore@yahoogroups.com
Hey another Good news! ICICI heeds to open source! It's site now works on Firefox!
-- Laxminarayan Kamath Ammembal (+91) 9845 061385 kamathln@gmail.com www.geocities.com/kamathln
Find more about us at http://www.linux-mangalore.org
Yahoo! Groups Links
<*> To visit your group on the web, go to: http://groups.yahoo.com/group/ilug-mangalore/
<*> To unsubscribe from this group, send an email to: ilug-mangalore-unsubscribe@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
-------------------------------------------------------
Kenneth Gonsalves wrote:
hi, after a long battle LK has succeeded
---------- Forwarded Message ----------
Subject: Re: [ilug-mangalore] Meeting Agenda [Was: Re: Yo Venkat! kewl! ] Date: Friday 25 Feb 2005 11:05 am From: Laxminarayan Kamath kamathln@gmail.com To: ilug-mangalore@yahoogroups.com
Hey another Good news! ICICI heeds to open source! It's site now works on Firefox!
-- Laxminarayan Kamath Ammembal (+91) 9845 061385 kamathln@gmail.com www.geocities.com/kamathln
Find more about us at http://www.linux-mangalore.org
Yahoo! Groups Links
<*> To visit your group on the web, go to: http://groups.yahoo.com/group/ilug-mangalore/
<*> To unsubscribe from this group, send an email to: ilug-mangalore-unsubscribe@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
Hope the same trend is followed by other banking sites like HSBC, they still believe that IE is secure.
On Friday 25 Feb 2005 11:32 am, Rakesh wrote:
Hope the same trend is followed by other banking sites like HSBC, they still believe that IE is secure.
could you do a little trimming when you post - i nearly sprained my wrist trying to scroll down to see what you wrote -:)
Kenneth Gonsalves wrote:
On Friday 25 Feb 2005 11:32 am, Rakesh wrote:
Hope the same trend is followed by other banking sites like HSBC, they still believe that IE is secure.
could you do a little trimming when you post - i nearly sprained my wrist trying to scroll down to see what you wrote -:)
i actually thought of that, but couldnt decide what to trim , I didnt want to confuse readers who missed the earlier threads. Ne ways sorry for spraining ur wrist. I'll atleast trim the disclaimers or the yahoo ads from next time :-)
On Fri, Feb 25, 2005 at 12:56:19PM +0530, Rakesh wrote:
i actually thought of that, but couldnt decide what to trim , I didnt want to confuse readers who missed the earlier threads. Ne ways sorry for spraining ur wrist. I'll atleast trim the disclaimers or the yahoo ads from next time :-)
Why didn't you remove the list footers, yahoo ads, white space, signatures, etc? Subah subah pareshan kar diya :-(
Satya wrote:
On Fri, Feb 25, 2005 at 12:56:19PM +0530, Rakesh wrote:
i actually thought of that, but couldnt decide what to trim , I didnt want to confuse readers who missed the earlier threads. Ne ways sorry for spraining ur wrist. I'll atleast trim the disclaimers or the yahoo ads from next time :-)
Why didn't you remove the list footers, yahoo ads, white space, signatures, etc? Subah subah pareshan kar diya :-(
sorry about tht. will take care tht i dont bother you with unnecessary stuffs like these.
On Friday 25 Feb 2005 7:05 pm, Rakesh wrote:
Satya wrote:
On Fri, Feb 25, 2005 at 12:56:19PM +0530, Rakesh wrote:
i actually thought of that, but couldnt decide what to trim , I didnt want to confuse readers who missed the earlier threads. Ne ways sorry for spraining ur wrist. I'll atleast trim the disclaimers or the yahoo ads from next time :-)
Why didn't you remove the list footers, yahoo ads, white space, signatures, etc? Subah subah pareshan kar diya :-(
sorry about tht. will take care tht i dont bother you with unnecessary stuffs like these.
before i reply to mails, i ask my secretary to trim them - you could try this
Hope the same trend is followed by other banking sites like HSBC, they still believe that IE is secure.
Well, now that you have mentioned it, I have successfully used Mozilla to log into HSBC site, but only when working on Windows. Somehow I have not been successful doing it when using Mozilla on Linux. While on Windows, I used to change the "User Agent" to make Mozilla appear as IE, but the same thing with Linux fails. Is it that somehow they find out what OS is being used ?? Both (Windows & Linux) mozilla versions are same - 1.7.3. Any clues ?
Regards, Rajen. -- ... Hlade's Law: If you have a difficult task, give it to a lazy person -- they will find an easier way to do it.
On Fri, Feb 25, 2005 at 11:40:40PM +0530, Rajen M. Parekh wrote:
Well, now that you have mentioned it, I have successfully used Mozilla to log into HSBC site, but only when working on Windows. Somehow I have not been successful doing it when using Mozilla on Linux. While on Windows, I used to change the "User Agent" to make Mozilla appear as IE, but the same thing with Linux fails. Is it that somehow they find out what OS is being used ?? Both (Windows & Linux) mozilla versions are same - 1.7.3. Any clues ?
Broken web site going out of its way to be broken. Send them a nasty email.
Broken web site going out of its way to be broken. Send them a nasty email.
I tried to explain to them but they simply dont understand the difference between Linux & Windows, it seems their world starts on Windows & end there, they have asked me to install IE on Linux.
-- Rupesh
Rajen M. Parekh wrote:
Is it that somehow they find out what OS is being used ?? Both (Windows & Linux) mozilla versions are same - 1.7.3. Any clues ?
Its very trivial to find out the OS type of the system where the web request is coming in. So I wouldnt be surprised if they are checking for both the User agent and the OS type because you get both the parameters from the same string of info. I haven't tried what you have tried changing the User Agent in Firefox on windows (as I dont have a Windows$ setup) so I didnt knew what you have figured. However the concern is that we need to convince these banking sites that Linux is much more secure than the M$ flavours and they need to start building their apps to work on Linux system as well.
On Saturday 26 Feb 2005 11:01 am, Rakesh wrote:
figured. However the concern is that we need to convince these banking sites that Linux is much more secure than the M$ flavours and they need to start building their apps to work on Linux system as well.
the only way to convince them is to hack them and show them the results
Kenneth Gonsalves wrote:
On Saturday 26 Feb 2005 11:01 am, Rakesh wrote:
figured. However the concern is that we need to convince these banking sites that Linux is much more secure than the M$ flavours and they need to start building their apps to work on Linux system as well.
the only way to convince them is to hack them and show them the results
ssssssshhhhhhh. This is India they won't appreciate you for detecting flaws in their system, they would sue you instead. :-) Same is the case in US. They won't allow you to tamper with their system unless you are authorized to do so.
Sometime Today, R cobbled together some glyphs to say:
ssssssshhhhhhh. This is India they won't appreciate you for detecting flaws in their system, they would sue you instead. :-) Same is the case in US. They won't allow you to tamper with their system unless you are authorized to do so.
Actually, it looks like ICICI Direct made exactly the changes to their website that I'd mailed them a while ago. I'm not entirely sure of what LK did, but they were unwilling to listen to me until he piped up.
What we must do is:
- Lots of people tell them it's broken - Some of these people must be experienced (7+ years) web developers - At least one of the mails must contain a "fixed" version of their website - Some of these experienced web developers needs to tell them how he reduced his expenses by developing standards compliant websites that work across browsers.
This works.
Philip Tellis wrote:
What we must do is:
- Lots of people tell them it's broken
- Some of these people must be experienced (7+ years) web developers
- At least one of the mails must contain a "fixed" version of their website
- Some of these experienced web developers needs to tell them how he reduced his expenses by developing standards compliant websites that work across browsers.
This works.
I had an ICICI direct account, but everytime the market went too low or hit bottom (good time for buying shares), their site was inaccessable, it vanished. However after the market closed, their site returned back without a whimper. After a year of no use, I gave it up. It appears that they take our orders and then do the transactions at their end.
I recently added a Share Khan broker to my client list and he says that Share Khan is directly getting our transactions done at the exchange and the results are visible in a few seconds on our screen. Only Rs. 750/- for startup and nothing next year/s for simple accounts. A special paid account gets you per second results and updates. I have't tried it out yet.
Has anyone had any linuxing experience with Share Khan?
Regards,
Rony.
Sometime Today, KG cobbled together some glyphs to say:
the only way to convince them is to hack them and show them the results
You mean hack up a fixed version of their page and send them the source code so they don't have too much work to do. Right?
On Saturday 26 Feb 2005 11:01 am, Rakesh wrote:
we need to convince these banking sites that Linux is much more secure
the only way to convince them is to hack them and
^^^^ u mean to say, "crack", right??
show them the results -- regards kg
Regards, Sarfaraz.
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
On Saturday 26 Feb 2005 10:24 pm, Sarfaraz Kazi wrote:
On Saturday 26 Feb 2005 11:01 am, Rakesh wrote:
we need to convince these banking sites that Linux is much more secure
the only way to convince them is to hack them and
^^^^u mean to say, "crack", right??
wrong
On Saturday 26 Feb 2005 10:24 pm, Sarfaraz Kazi wrote:
On Saturday 26 Feb 2005 11:01 am, Rakesh wrote:
we need to convince these banking sites that Linux is much more secure
the only way to convince them is to hack them and
^^^^u mean to say, "crack", right??
[ah] We live in a country with absolutely stupid laws. Even if you intend to do ethical hacking you'll be put behind bars. [ah] There were moments during the earliest days of banking when a prospective customer would test the locks and security infrastructure in place.
Regards,
ah
Rakesh wrote:
So I wouldnt be surprised if they are checking for both the User agent and the OS type because you get both the parameters from the same string of info.
Yes, but I use the same UA string with both Linux and Windows. This string specifies the OS as Windows. When I use this with Linux, HSBC refuses to load the Login web page.
To change User Agent String with Mozilla/Firefox have look at
http://mozdev.oregonstate.edu/uabar/ http://uabar.mozdev.org/ http://extensionroom.mozdev.org/more-info/uawidget
Regards, Rajen.
-- ... If you explain so clearly that nobody can misunderstand, somebody will.
Sometime Today, RMP cobbled together some glyphs to say:
To change User Agent String with Mozilla/Firefox have look at
Please don't change the user agent string in Mozilla/Firefox only to make a site work. It gives further credibility to the site owner's contention that people only use IE to access their site.
Rajen M. Parekh wrote:
Yes, but I use the same UA string with both Linux and Windows. This string specifies the OS as Windows. When I use this with Linux, HSBC refuses to load the Login web page.
To change User Agent String with Mozilla/Firefox have look at
http://mozdev.oregonstate.edu/uabar/ http://uabar.mozdev.org/ http://extensionroom.mozdev.org/more-info/uawidget
The same thing worked out for me and I was able to access my HSBC account. However since I wasnt able to install the UA extensions available I used the one available at https://update.mozilla.org/extensions/. HSBC uses too many pop ups during the process of authentication in to the account, hope you havent enabled any pop up blocker while you were trying to access the site.
One good way to convince HSBC to change their site is to tell them that you are fedup of their site not working and you are going to switch to ICICI / HDFC / Citibank / StandardChartered.
If you are a long-term customer or have good balances or know one of the managers well, this will get them to react like someone set a fire below their asses.
Regards Saswata
Rakesh wrote:
Rajen M. Parekh wrote:
Yes, but I use the same UA string with both Linux and Windows. This string specifies the OS as Windows. When I use this with Linux, HSBC refuses to load the Login web page.
To change User Agent String with Mozilla/Firefox have look at
http://mozdev.oregonstate.edu/uabar/ http://uabar.mozdev.org/ http://extensionroom.mozdev.org/more-info/uawidget
The same thing worked out for me and I was able to access my HSBC account. However since I wasnt able to install the UA extensions available I used the one available at https://update.mozilla.org/extensions/. HSBC uses too many pop ups during the process of authentication in to the account, hope you havent enabled any pop up blocker while you were trying to access the site.
One good way to convince HSBC to change their site is to tell them that you are fedup of their site not working and you are going to switch to ICICI / HDFC / Citibank / StandardChartered.
If you are a long-term customer or have good balances or know one of the managers well, this will get them to react like someone set a fire below their asses.
Hi, That's a good talk.It hit's the point.We,the techie people talk too much of technical things. The managers need to be convinced and they only understand management and fiugures and all that.Theyhave nothing to do with tech.Let them have a feel that they are losing customers and that's all.
Pankaj
On Mon, Feb 28, 2005 at 09:43:47AM +0530, Pankaj Dekate wrote:
That's a good talk.It hit's the point.We,the techie people talk too much of technical things. The managers need to be convinced and they only understand management and fiugures and all that.Theyhave nothing to do with tech.Let them have a feel that they are losing customers
I hate this argument. If they have nothing to do with tech then they should listen to the tech when we tell them something!
Rakesh wrote:
The same thing worked out for me and I was able to access my HSBC account. However since I wasnt able to install the UA extensions available I used the one available at https://update.mozilla.org/extensions/. HSBC uses too many pop ups during the process of authentication in to the account, hope you havent enabled any pop up blocker while you were trying to access the site.
Nope. So, my question is still is that if changing the UA string in Mozilla/Firefox works with Windows, then why does not it work with Linux ? How is the web site able to know which OS is running in the background when the UA strings defines the OS to be Windows ? There has to be some way by which it is able to know this. I am not strong on networking / http technicals, but there would be some way to find out what information is exchanged between the server and client (Mozilla in our case).
Rajen.
On Monday 28 Feb 2005 2:39 pm, Rajen M. Parekh wrote:
Linux ? How is the web site able to know which OS is running in the background when the UA strings defines the OS to be Windows ? There has to be some way by which it is able to know this. I am not strong on networking / http technicals, but there would be some way to find out what information is exchanged between the server and client (Mozilla in our case).
i too dont know how it is done, but when i go to the firefox site in linux it offers me the linux download and when i go there from windoze it offers me the windoze download
Rajen M. Parekh wrote:
Nope. So, my question is still is that if changing the UA string in Mozilla/Firefox works with Windows, then why does not it work with Linux ?
It worked out for me on Linux as well after changing the UA to IE 6. I don't know why it didnt work at your place.
How is the web site able to know which OS is running in the background when the UA strings defines the OS to be Windows ? There has to be some way by which it is able to know this. I am not strong on networking / http technicals, but there would be some way to find out what information is exchanged between the server and client (Mozilla in our case).
When a Client makes a request to the webserver, some environment variables are passed and these are common for all the WebServers regardless of Linux based servers or windows based server. The exact names may differ between servers however the information remains the same.
Incase of CGI environment these variables are SERVER_NAME, REMOTE_HOST, REMOTE_ADDR, PATH_INFO, HTTP_USER_AGENT|||||| etc. Check this link for a list of complete set and who sets values for them. (http://hoohoo.ncsa.uiuc.edu/cgi/env.html)
The requesting client's hostname and IP address can be determined by the values of REMOTE_HOST and REMOTE_ADDR where as the browser he is using and the OS can be determined using HTTP_USER_AGENT. I remember in my days of ASP programming these variables were something like http_referrer and stuffs like that, I don't recollect properly.||
You write a simple cgi script and get these values as
my $server = $ENV{'SERVER_NAME'}; my $agent = $ENV{'HTTP_USER_AGENT'};
then further ....... if($agent =~ 'windows') { stuff for windows ............. }elsif($agent =~ 'linux'){ stuff for linux ......... }else{ stuff for others ......... }
pretty simple. I wrote a similar CGI script some time back that determined Windows version from the request and generated the approriate Registry file for download.
To see how the actual string goes to the server (e.g. Apache) you can startup your HTTPD webserver on your machine and try to access http://localhost/ from your browser and see the /var/log/httpd/access_log file for the string.
Sometime Today, KG cobbled together some glyphs to say:
Hey another Good news! ICICI heeds to open source! It's site now works on Firefox!
ICICI direct you mean. ICICI always worked.
IAC, the registration page still doesn't work. All they've done is moved the <A HREF> tags inside the <TD> tags instead of keeping them outside as they had before.
We have more work to do.
Go to http://www.icicidirect.com/ Click on Login Click on the "click here" link next to Want to register (that's really something for accessibility eh?)
Works in IE, 404 in other browsers.
On Friday 25 Feb 2005 3:53 pm, Philip Tellis wrote:
Sometime Today, KG cobbled together some glyphs to say:
Hey another Good news! ICICI heeds to open source! It's site now works on Firefox!
ICICI direct you mean. ICICI always worked.
dunno - just forwarded it. check out mangalore lug mail archves for the full story
Go to http://www.icicidirect.com/ Click on Login
Clicking on Login didn't take me anywhere. Just got this message
"The connection to "secure.icicidirect.com has terminated unexpectely. Some data may have been transferred."
I am using Mozilla 1.7.3.
Regards, Rajen.
-- ... "My weight is perfect for my height -- which varies"
Kenneth Gonsalves wrote:
hi, after a long battle LK has succeeded
---------- Forwarded Message ----------
Subject: Re: [ilug-mangalore] Meeting Agenda [Was: Re: Yo Venkat! kewl! ] Date: Friday 25 Feb 2005 11:05 am From: Laxminarayan Kamath kamathln@gmail.com To: ilug-mangalore@yahoogroups.com
Hey another Good news! ICICI heeds to open source! It's site now works on Firefox!
The internet banking site (icicibank.com) has been working with firefox for quite some time. Or is this about icicidirect.com only? -- Soumen Dass [Registered Linux User # 272639 - Linux nova 2.4.22-1.2115.nptl i686]
-
Amol Hatwar -
Kenneth Gonsalves -
Pankaj Dekate -
Philip Tellis -
Rajen M. Parekh -
Rakesh -
Rony Bill -
Rupesh -
Sarfaraz Kazi -
Saswata Banerjee & Associates -
Satya -
Soumen Dass