6 posts • joined Tuesday 31st July 2007 17:05 GMT
@ road pricing
Isn't this road pricing already in place? After all I seem to remember 50% of the amount I spend on fuel goes to the government...
I'm in the process of moving our business away from Barclays, they are a completely hideous operation.
We make 20-30 payments every day, I do not appreciate having to put my pin into this crappy little box every single time I want to pay an invoice, it has made our life hell and yet Barclays refuse to remove it - it now takes me 4x longer to pay invoices.
Not only this, we moved offices and in the process lost the pinsentry device, we needed to move money urgently or we were going to go overdrawn from direct debits. Barclays wouldn't let us pick one of the devices up at a bank, they wouldn't let us transfer money over the phone, and it took a good 7 days for the unit to arrive ... by then we were well overdrawn and they even had the cheek to charge us for going overdrawn, refusing to refund the money!
Take some advice - go with a bank who have a clue about what a business actually is, like Alliance & Leicester Commercial.
Multiple IP addresses and sessions
It should be noted that the majority of websites DO actually check that the IP address the cookie is being used from is the same that the login came from.
Although lots of companies use banks of proxy servers there is usually some session affinity to ensure that once you access a certain website your requests always come from the same proxy/cache. I have personal experience at one of my clients sites where they tried to load balance the internet connectivity across multiple DSL connections and requests would come from different IP's all the time, this broke pretty much all websites that required logins until the session affinity feature was switched on.
Although this attack is a vulnerability I think it's very insignificant in that it would be very time consuming to do, with little to no interesting/significant win for the hacker 99% of the time.