Banking website refuses connection from FreeBSD

phalange

Active Member

Reaction score: 107
Messages: 234

There is one bank website I connect to that does not work in FreeBSD (using Firefox or Falkon). I get a message that the site is not compatible with the browser.

It's not the version of Firefox, since FreeBSD is at the same version as my Linux devices. It's not a special plugin either. It's also not a new issue; it's been true for several versions of FF on FreeBSD.

Anyone know what's happening here?
 

neel

Active Member
Developer

Reaction score: 57
Messages: 135

I have a bank whose website only allows Windows or macOS, they don't even allow Linux. But if I change the user agent to Firefox on Windows, I get in fine.

Leaving the bank sadly is not an option for me.

My apartment's main website also disallows FreeBSD (but not Linux) thinking FreeBSD = bot (which it's not), but their portal is hosted elsewhere and that fortunately works fine on FreeBSD.

For "security", I shouldn't need a user agent switcher which could be made by Russian hackers and suck in all your information to some OVH server paid on stolen credit cards.

Microsoft's Outlook web interface formerly blocked FreeBSD, but does not block it anymore.

Disclaimer: I work at Microsoft, but not on Windows or Edge. I do work in the Exchange/Outlook umbrella, but neither runs my personal email (that runs Postfix/Dovecot on FreeBSD).
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 12,273
Messages: 38,775

For "security", I shouldn't need a user agent switcher which could be made by Russian hackers and suck in all your information to some OVH server paid on stolen credit cards.
For "security" the user-agent is absolutely useless to check because you can easily fake it and make it show whatever you want.
 
OP
P

phalange

Active Member

Reaction score: 107
Messages: 234

They're probably looking at the browser's user-agent string, it includes the OS. Fake it, replace it with one from a working Linux Firefox browser and see what happens.

I looked around in about:config but there's nothing about FreeBSD that I could find. And no user-agent as such, just an alpha-numeric string. Is there a specific item to switch?
 

neel

Active Member
Developer

Reaction score: 57
Messages: 135

I looked around in about:config but there's nothing about FreeBSD that I could find. And no user-agent as such, just an alpha-numeric string. Is there a specific item to switch?
You will need a user agent switcher. This is an extension you need to download (the way you download an adblocker).
 

Aeterna

Member

Reaction score: 30
Messages: 99

I looked around in about:config but there's nothing about FreeBSD that I could find. And no user-agent as such, just an alpha-numeric string. Is there a specific item to switch?
you can try various user agent switchers e.g.
https://addons.mozilla.org/en-US/firefox/addon/uaswitcher/
I don't know how good it(user switcher is (I don't have issues with online banking using FreeBSD but the issue may be related to specific bank).
 

Vull

Aspiring Daemon

Reaction score: 435
Messages: 731

Have not tested it, but KDE5 desktop has a feature in System Settings to do it for you:
Screenshot_20210601_204431.png
 

aragats

Daemon

Reaction score: 701
Messages: 1,618

I need to access several banks' sites. They all tend to change their UIs from time to time. Sometimes I have to disable "Privacy Badger" and/or "uBlock Origin" ad-ons to make them working again. E.g. online.citi.com won't let me logging in with "Privacy Badger", but has nothing against "uBlock Origin", but myaccounts.pmcu.org is opposite: I have to disable "uBolck Origin".
 

memreflect

Well-Known Member

Reaction score: 220
Messages: 257

While it's definitely not the only UA switcher, I prefer the User-Agent Switcher and Manager add-on. It contains many useful features, though that feature set makes it more complicated than many other UA switchers that simply require you to select the UA you want. Basically, click the "Apply (container)" button after you've selected a UA, refresh, and see if it works. If you find a particular UA string allows the website to work as expected, you might want to open the Options, enable Custom Mode, and modify the JSON to make the UA string persistent for that domain. Don't forget to click the "Save" button once you've made your changes. If you need to use the UA switcher toolbar for some reason (e.g. the site stops working under that UA string), remove the domain and Save. For more information, click the "FAQs page (Help)" button at the bottom of the Options screen.

If you don't like add-ons, I'll at least mention the general.useragent.override String preference in about:config that lets you specify a UA string for all sites so long as it's enabled. Since changing UA strings can sometimes cause pages to break, I don't recommend leaving it enabled. However, I definitely recommend installing an add-on you're comfortable using instead of changing that preference. With an add-on, you can enable/disable the UA switching whenever you want.

To test your UA settings, DuckDuckGo actually displayed my user agent information when I searched for "user agent", and Google displayed it when I queried "what is my user agent". Of course, there are various sites dedicated solely to displaying things like UA information and request headers as Trihexagonal demonstrated above. You can also open Firefox's Web Developer Tools, click the Network tab, and refresh the page. Select one of the items in the newly created list, choose the Headers tab in the new subwindow, and scroll through the headers until you see the User-Agent request header to see what UA string was sent to the site.
 

vigole

Daemon

Reaction score: 1,453
Messages: 1,267

When I was trying to not to use Chromium; finding a way to run Skype and Team on Firefox, I achieved mixed results. I installed different User-Agent Switchers. Team ran, but Skype didn't. At the time I tracked down the problem to the WebRTC, and the way Firefox handles it. The other day -- after reading this thread, I tried Skype again. Same old.
 

drhowarddrfine

Son of Beastie

Reaction score: 2,340
Messages: 4,306

They're probably looking at the browser's user-agent string
Speaking as a web developer for 17 years for some well-known companies, this shows the work of a fool. That you were rejected based on it is evidence of the reason we call it a folly on the part of any program to do this.

There are a lot of fools working at big companies out there.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 12,273
Messages: 38,775

this shows the work of a fool.
I fully agree.

I've actually seen malware sites that, when looked at with a "regular" desktop browser will show you a rather harmless website. When you fetch the website with a user-agent from an Android or iPhone browser then it'll show a completely different website, one containing malware specific for that type of phone. Real nasty stuff.
 

Trihexagonal

Son of Beastie

Reaction score: 2,403
Messages: 2,930

I usually try not to stand out in someones logs as a FreeBSD usr. Unless it's at a Linux forum that shows what OS you're using when I post, then I want it to show the Devil, not Win10. I never pretend to be Linux and am dearly loved by everyone there.

So I picked up where I left off when Vladimir called and finished posting to that thread. Anna Chapman said Руддщ and that she hoped you could make it to the next meeting, grahamperrin. Take the teleport chair, and no off-world side trips this time. We're having Cult of the Dead Cow braised beef b00b brisket, best to Vlad and his boys.

I have to disable uBlock Origin sometimes but only if I need to do something on specific and that site that won't work unless I do. If a random site doesn't functional minimally I move on to another.

I'll use paypal and ebay with no hesitation but don't do online banking. There was another guy in town with the same first and last name, different middle initial, that could go there and withdraw money from my account at will.

The Bank Manager fell all over herself saying it would never happen again after a bad check of his was debited toward my account the first time. He withdrew money from my checking account on 3 occasions after that. I had them put my SS# on my page and they were supposed to verify it was me every time, but I could call down myself an get my balance without them asking for it. I just sucked it up because I didn't want to ruin some old lady's day for answering the phone.

I went to Walgreens and they had misplaced a prescription I had called in. They were back there looking high and low for it. I said did you give it to my doppleganger? "No, he was in here earlier but got something else." Yeah, right, explain that on your pill count sheet at the end of the month, and get my script refilled.

He's passed on to where he doesn't need money anymore, or my script on top of his. Now it's just Weixiong, ruebot, izezi, bête noire, pox, Ivy, jitte and me here at trihexagonal.org. Harley wanted to stay and visit with Anna.

Ebay sends me an internal warning every time I login. MasterCard will freeze my card if I do business across the water in Sofia, Bulgaria with my web host as suspicious activity, paypal will still work till I fix it. I switched to a local pharmacy where they know me when they see me and talk about "You're right, he does look good in a mask".
 

VladiBG

Daemon

Reaction score: 553
Messages: 1,200

I've actually seen malware sites that
I've reported some malware and phishing sites to the Domain Registrar with copy to the RIPE abuse and for my surprise they got removed in less than an hour. In my case those sites was hosted by GoDaddy and they remove them pretty fast.
 
OP
P

phalange

Active Member

Reaction score: 107
Messages: 234

To test your UA settings, DuckDuckGo actually displayed my user agent information
This is cool, I entered "what's my user agent" in duck duck go and got a very detailed profile.

I compared the output to Firefox in Linux and the ONLY difference is that on FreeBSD the string says FreeBSD amd64. Is this bank really screening FreeBSD specifically, or are they just only accepting Win-Mac-Linux?

Either way, this:

There are a lot of fools working at big companies out there.
 

Trihexagonal

Son of Beastie

Reaction score: 2,403
Messages: 2,930

My tutorial was scraped and appears in part plagiarized bot babble on some site in Palau:


They didn't respond to my initial civil message to take it down, except to post this up top of the page:

"similar. You are not right. assured..

Now I'm mad.

I just cursed them and cussed them and said I was sending my jinn. I'll have to write a letter telling them I have a jinn on the way and they better get that down before the Sun sets today:

Code:
organisation: Micronesia Investment and Development Corporation
address:      P.O. Box 1256
address:      Koror  96940
address:      Palau

contact:      technical
name:         .pw Technical Contact
organisation: Radix FZC
address:      F/19, BC1, Ras Al Khaimah Economic Zone
address:      P.O Box # 16113, Ras Al Khaimah - 16113
address:      United Arab Emirates
phone:        +1.4154494774
fax-no:       +1 781 823 8911
e-mail:       admin@radixregistry.com

Now to go find a spotlight seeking gloryhound who lies like a dog and has no spine to get this directed to who deserves it.
 

scottro

Daemon

Reaction score: 893
Messages: 2,040

Dogs are actually pretty honest. When a dog is happy, you know it. When they're upset you know it.

(Sorry, just trying to add a bit of levity, and I've noted you usually give me a pass on stupidity, so I abuse it.) :)

That's really annoying though. I have a very minor issue, that on one of the mutt sites, they took something from my mutt page. I actually noticed because I tend to use, as an example, user john with a password of 1234, and it caught my eye. Then I though, Hey, this is actually from my page. But as it's the main mutt wiki or whatever it was, I was more flattered than angry. But that's FAR different than some random site taking a tutorial that you put a lot of time and effort into creating then just denying it. If I use something, and know the source, I attempt to get permission. If they don't answer after awhile, I still attribute it, and if I don't remember where I saw it, I still do my best to point out that I got it from someone else.

I would just say that obviously, their English is less than perfect and it may be that they aren't denying it as strenuously as it seems.
 

Trihexagonal

Son of Beastie

Reaction score: 2,403
Messages: 2,930

Dogs are actually pretty honest. When a dog is happy, you know it. When they're upset you know it.

(Sorry, just trying to add a bit of levity, and I've noted you usually give me a pass on stupidity, so I abuse it.) :)
You and I are good and have known each other since the PC-BSD days.

I wasn't talking about him. I have more than one forest fire burning right now.

I just caught Squarebear in a lie and I hate a liar. There is a private board at Bizarro World where I countered his word play with his own words, and those are always best when you can use them.

Now I am going to log off and unplug my cable modem for the night. I want to have a fresh IP and clear mind to start the day with tommrrow morning. Sunup.

I fiddled around with trying to get his host to respond and their intake box is so full it will not take an abuse report.

I had that info in 5 minutes. I mailed him from mine and sent him his photo. That's always an attention grabber.
 

Alain De Vos

Daemon

Reaction score: 642
Messages: 2,153

For my bank falkon browser is just fine.
For google/youtube my falkon browser is insecure.
I believe google wants me to force chromium...
 

grahamperrin

Daemon

Reaction score: 663
Messages: 2,119

Opening poster's case

… Is this bank really screening FreeBSD specifically, or are they just only accepting Win-Mac-Linux? …

I doubt that there's active screening against FreeBSD. More likely, it wasn't given thought in whatever solutions were chosen by the bank (you can't always blame the bank).

I use Custom UserAgent String.

If you add overrides for sites used by your bank, you might have better luck with strings that are terse, or Windows-specific.

With <https://udger.com/resources/online-parser> returning this, at the time of writing:

Mozilla/5.0 (X11; FreeBSD amd64; rv:89.0) Gecko/20100101 Firefox/89.0

– try this override, for example:

Mozilla/5.0 Gecko/20100101 Firefox/89.0



Firefox aside, here are two (old) examples of terse site-specific overrides that worked with Waterfox Classic:
<https://github.com/MrAlex94/Waterfox/issues/978#issue-445841850> was probably the most unusual example of a site that benefited from an override:
  • a Linux-specific string failed
  • a FreeBSD-specific string succeeded.
 
Top