back to article Santander blames Firefox 4 for website fail

Customers unable to log-in to Santander's personal banking site this morning need to try another browser. Several Reg readers got in touch with us this morning because they were met by a holding page which said: "We're sorry, but the online logon service for Online Banking is temporarily unavailable." Customers were offered …

COMMENTS

This topic is closed for new posts.
Stop

Blame?

Doesn't look like they're blaming FF4 to me. From the quote it seems they've acknowledged it's their end and are fixing it.

8
1
Anonymous Coward

Re: Blame

"From the quote it seems they've acknowledged it's their end and are fixing it."

------------

Yes, unlike Vimeo (who have been trying to shift the blame for their broken video playback in Firefox onto anyone or anything for the last 8 or 9 weeks).

0
0
Coat

wtf?

"experiencing difficulties accessing their account details online"

Why does everyone in business talk such gobbldeyshite? I am not experiencing any difficulties thank you, I am unable to use the site at all.

Even bloody windows does it. "Word has experienced difficulties and needs to close". No it hasn't, it is a program, an inanimate object, and it doesn't experience anything. It has crashed. Sheesh!

Mine is the one experiencing fashion difficulties

6
0
Thumb Down

Santander never liked firefox

It used to make their 'download Trustee software pop up go a little bit loopy. So no big surprise that it has barred Firefox completely.

Wish Santander hadn't bought A&L. A&L was a good bank before Santander got their claws into them.

Santander - Ripping off their customers for years

9
4
Thumb Down

A&L was a good bank?

Is this the same Alliance and Leicester whose agent, when I had the temerity to call the "overseas customers only" landline number to avoid the 0870 tax, told me off and said that she would co-operate just this once but that I was a very naughty boy and she would put a mark against my account and not let me do it again?

Is this the same Alliance and Leicester which, when I pointed them at the Banking Code in relation to their tax certificate ordering system stating "you may be charged for this," "clarified" matters by deciding to charge for ALL certificates instead?

Is this the same Alliance and Leicester which makes it so hard to find the interest rates on your accounts, doesn't tell you when the bonuses expire (unlike, for instance, Nationwide), and when asked when they expire tell you "a year after you opened the account"?

A cheap bank yes. A good bank no. I guess you pays your money and you takes your choice, which is why I still suffer them when they are competitive.

4
1
Silver badge
Grenade

Yes...

... it is indeed the bank that told you off for utilising a service you're not eligible to use. You probably also use the disabled toilets at train stations to save 20p, and sit in the seats on buses reserved for the elderly to avoid climbing unnecessary stairs.

2
14
Anonymous Coward

You probably

...assume too much, and show yourself up as a bit silly by trying to bring such emotive irrelevant issues into the argument. I have never come across a company which cares about bypassing 0870 before or since, and as 0870 pays the company to keep you in the queue for as long as possible, only an idiot would use it. I guess you just call from your employer's phone instead, eh? Or am I just assuming too much?

5
2
Anonymous Coward

Just a couple of others

Lloyds TSB

National Rail Enquiries

0845 is a money making machine - OfCon were duped into allowing it as people supposedly needed the ability to call a local rate number from anywhere. This was all before the mass take up of mobile phones...

0
0
FAIL

Try phoning 0870 from a mobile

It's more expensive than phoning from overseas.

Not eligible to use, my foot.

I'm not going to sit on hold at 25p a minute to listen to terrible music and poorly trained, overworked phone droids muck up my financial affairs.

http://www.o2.co.uk/mobilestariffs/tariffs/specialnumbers

I always, always phone the 'overseas only' number for any service.

0870 - It's only the marketing people wanting to make it look 'official'

(and I know this as I've sat in on the meetings as the web developer for a number of organisations, pleading for them to have a sensible number for mobile users, only to be overridden by the marketing muppets).

2
1
Go

Say no to 0870

Find normal land line numbers for 0870 and 0845 etc numbers:

http://www.saynoto0870.com/companysearch.php

1
0
Flame

Firefox 4 is broken

with NO notice it does not work on non-WIntel Macs. Found out hard way after upgrading wife's older Macbook this AM.

Not impressed.

3
10
Go

MacBook, then you're ok

If you have a MacBook you have an intel CPU so no worries

3
1
FAIL

FF4 PPC

FF4 was announced to be unsupported on PPC and Mac OS tiger, it's your fault you didn't read the release notes, AC.

That said, there is a community version of FF4 for PPC here: http://www.floodgap.com/software/tenfourfox/

3
0

Incompatible with your system != broken

I can't run iLife on Windows, but I don't call iLife broken.

12
1

untitled

A Macbook is an Intel Mac though. Do you mean iBook or PowerBook?

0
0
Anonymous Coward

10 years ago

Back 10 years or so banks were very twitchy about this new internet thingy and they'd explicitly check that people were connecting with an "approved browser" ... so back then it was quite common to find that if you upgraded to Browser(N+1) you'd find you could no longer log in as they'd only validated Browser(N) ... plus normally there was an additional check of "Browser==IE" :-)

5
0
Anonymous Coward

Wasn't using FF

I couldn't access the site via IE so I think they need another excuse.

2
0
Silver badge

Re: Wasn't using FF

IE9 isn't supported either.

I have 5 browsers on my machine - IE9, FF4, Chrome 10, Safari 5 and Opera 11. Seemingly none of those are supported by Santander. It appears that "in the interests of security", I am required to downgrade to a browser that accepts fake Comodo security certificates.

1
0
Thumb Down

FF4 isn't working for me

I've been trying FF4 for the past couple of days and found problems with several websites I normally use (Farnell, RS Components, and others), so I've gone back to FF3.

2
1

Santander notorious for badly coded sites

Aside from the fact that a bank this size (nay, any size!) should be testing their online banking sites against popular browsers using betas/release candidates well in advance of release date, Santander is well known for having badly coded sites.

Tried to apply for an online business banking account only for the form to repeatedly tell me my birthdate was incorrect.

In what way? Does it know better than I do when I was born?

Useless.

5
0

works fine for me on FF4

Have no problems logging into my account on my FF4 machine.

Agree tho that they really seem to have been caught napping in their online compatibility testing

0
0
Thumb Down

not FF problem

The problems isn't from FF4 it is from those who developed that site. If they say to clients to enter with IE it seems that they fixed IE issues but didn't coded by respecting web standards.

4
0
FAIL

But wait.....

I tried to log in from Safari on the iPad at around 7am this morning - not a supported browser (I think), but I've logged in using this before. I was seeing a "page cannot be found" error at www.santander.co.uk at this point, initially a default one from the webserver and then a Santander branded one shortly after that. So it sounds as if there was more to this than an issue with FF.

Fail, as the online banking experience from Santander seems to have hiccups quite regularly.

2
0
Bronze badge

Safari probs

I have been having problems loging in on the iPhone for some time (i think since they changed to a 2 page log in system)

Have recently installed Mercury from the Appstore, seems to work in that ok.

0
0
Anonymous Coward

Same with HSBC

I'm having the same problem with one of my HSBC accounts (though one of them is fine). Every time I try and log-in, I am returned to the home page.

0
0

Could be worse..

Islington Council's online street problem reporting service doesn't work with IE9, Firefox 4, or Opera 11. In other words I simply cannot use it. Maybe its a convenient way for them to have less work to do..

1
0
Silver badge

if !whitelist.contains(userAgent)

Stupid banks have been doing this for years.

1
0

Not a Firefox issue

I think the Firefox issue is red herring - I was getting an asp error logging in with both Chrome and IE this morning....

BTW - is there anyway to stop the bl**dy Trusteer pop-up? I don't want your shonky security software thanks very much - I shouldn't have to tell you every time!

1
0
Anonymous Coward

Oh yes it will!!!

"...advise customers in the meantime to use... or Internet Explorer.

"This will not impact customers' online security..."

Shows how much they know about software security.

4
1

Worked for me for the last 3 months

I"ve been using FF4 beta with Santander's banking site for months with little trouble apart from a warning about unsupported browsers each time I log in.

0
0
Thumb Down

You have to wonder...

...who the developers are that manage to build websites that only work in certain browsers?

In this day and age if they can only make a public facing site work in a single browser they shouldn't be allowed to call themselves developers.

2
2
FAIL

Simple answer:

The type that develops their site in ASP.NET? Because the marketroids of the companies bought into Microsoft's FUD about Java and Python?

2
0
FAIL

Same wankers

These are the same wankers who implemented a security system for their online banking - the basic premise of which was that you had a mobile phone and reception - I live in Wales so no mobile phone reception for me which means a trip into town every time I want to set something up on my account. It had to have been designed by a graduate!!

3
0

Remote XUL?

Possibly due to Remote XUL support being removed (by default)?

https://developer.mozilla.org/en/Firefox_4_for_developers#Remote_XUL_support_removed

I have a similar issue with accessing webmail from my hosting provider. Their response was that their webmail component they use is written by a third party and there are no plans to change/upgrade it.

1
0
FAIL

Dear Santander online back software support

Yes, I completely understand your problem. Mozilla has put this new version out completely by surprise and did not, at any point in time, publish a GAZILLION BETAS for you to try your dopey online bank on.

9
0
Coat

Obviously very badly uninformed!

"We are aware that some customers using the latest version of the browser Firefox, version 4, may currently be experiencing difficulties accessing their account details online. We are in the process of rectifying this and would advise customers in the meantime to use a previous version of Firefox or Internet Explorer.

"This will not impact customers' online security..."

No one should be using IE at the moment due to the MHTML bug that allows drive by attacks that can compromise the system. Stupid, stupid people. Just because they have particularly stupid management when it comes to deploying a web service, and/or particularly stupid web developers doesn't mean that they should be giving poor advice that can lead to their customers having their bank accounts hijacked.

Walk away from Santander, and any other monkeys, that want your cash and can't write a proper website that works across browsers.

3
0
Coat

Cookies ?

I have seen internet banking sites behave appallingly if cookies are not enabled. Worse, they don't always indicate that cookies not being enabled is the issue.

The user experience above does not strike me as consistent. Suggests it's something configurable, and given my past experience, it makes me think of cookies.

My 2p. Don't spend it all at once.

0
0
Silver badge

Cookies.

As a web developer, I'll address your concern.

Thanks to all the FUD put out about cookies by the media, most people are now paranoid about them. That has made our job that much harder.

There are two ways we can preserve state across pages on a site. By that I mean how we know that it's you asking for a page as distinguished from the other million visitors using the site at the same time. The two ways are: cookies, and session ids. Both do essentially the same thing. but in different ways.

A cookie stores the state id on your computer, while a session id stores the state id in the URL if using a GET method (you've probably seen these; they look like a mess of numbers and letters, like "www.mysite.com/do.php?sid=a5011C6&p=5 etc... the "a5011C6" bit is the session id) or passed as a parameter if using a POST method.

The main difference between them is that cookies preserve state even if you leave the website - the cookie can be used to remember that you logged in and to restore that logged-in state if you return before the cookie expires. Session ids, on the other hand, lose state when you leave the site (because other sites obviously won't carry your session id), so with them you have to log back in for each visit.

Finally, cookies can be turned off by the user, while session ids can't (unless you delete them from the URL in which case the site will fail anyway.) So we have to choose between preserving state when the user has gone offsite, but can turn that off and screw it up, or prevent the user turning it off and screwing it up, but losing state if they go offsite.

Either way, the site needs to know that it's you who requested a page. That's so we don't go showing your account balance to all and sundry. By disabling cookies, you make our job that much harder. In some cases, you make it impossible.

In essence, what you are doing by disabling cookies on your bank's website is like going into a bank branch without your bank card, passbook or any ID and asking to transact on your account. It isn't going to happen, for obvious reasons.

So please, just enable the cookies, at least for sites you need to log in and preserve state on. It'll save you a lot of headfuck in the long run, and save many a poor web developer from tearing their hair out having to track state with people who insist on refusing to be tracked!

1
1
Happy

@Dropped Tables (Ooops - did you back up beforehand ?)

I'm fully aware of the difficulties web developers face.

Most users have no problem with being tracked for legitimate reasons.

Neither cookies or session ids are the problem if used properly and legitimately. As you say they have their purpose.

But please understand that legitimate mechanisms can be used as attack vectors. It's a while back now I admit, but I seem to recall some browsers leaking cookies from users' machines. So people, including me block cookies not to mess up good sites, but to avoid being caught by the bad ones. With increases in e-commerce, I can't see this changing.

Back to FF, what I was trying to say is that some sites I've seen don't even tell you that they need cookies enabled. They just behave stupidly. As a developer I'm sure you'll agree this is unacceptable. This may or may not be the problem, but the differing user experience does suggest something user configurable - again I'm sure you'd agree to more than a whiff of this possibility ? I just used cookies as an example that came to mind at the time.

I really do apologise if I caused you any defolicification (hair loss). I ceased to suffer from that problem a long time ago when the 'egg' finally poked through !

0
0

35,000

This same bank mixed up 35,000 statements. "when you pay peanuts you get monkeys" I thought this was just a saying but now I'm not sure . Watch out for the monkey flinging crap .

0
0

FF4 Woes - Addons?

I found a number of websites to be broken after the FF4 upgrade - clicking on links would take you back to the main site again. I have disabled most of my Addons and this seems to have fixed it. Will add them back on again one by one this evening to find the culprit. Maybe Add Block Plus or No-Scripts or somesuch.

0
0
Grenade

Re Cookies and the EU

Have you see this?

http://www.jisclegal.ac.uk/ManageContent/ViewDetail/tabid/243/ID/1347/EU-Cookie-Directive--Directive-2009136EC.aspx

0
0
Stop

Upgrade

to Opera 11. Works here... You also benefit from a far better browser than FF4 too...

1
1
Badgers

@two00lbwaster

You typo...

"giving poor advice that can lead to their customers having their bank accounts hijacked."

"giving poor advice that WILL lead to their customers having their bank accounts hijacked."

There fixed.

0
0
Anonymous Coward

Temporary solution to FF4 problem

My problem was not Santander. I couldn't get into my webmail account with FF4, nor login to the related forum to complain.

Temporary solution is to give the offending web-site a FF browser ID it will accept:

1) Open about:config in a new tab

2) Right click in the middle and choose: New -> String

3) In the first box that pops up, enter:

general.useragent.override

4) In the second box that pops up, enter:

Mozilla/5.0 (Windows NT 5.1; rv:2.0) Gecko/20100101 Firefox/3.6.15

5) Close about:config

Once FF4 problem is fixed, you should reset to avoid other problems:

To reset the user agent back to normal:

1) Go to about:config

2) Type general.useragent.override in the filter box

3) Right click the entry that shows up and press reset

Not the best of temporary fixes, but this method has been necessary in the past for earlier releases too.

0
0
This topic is closed for new posts.

Forums