Jump to content

Recommended Posts

Posted

I can load my bank's home page,

http://www.nationwideinternational.com

but when I click on the "Log on" button on the left of that page I get a

"Secure Connection Failed" message from Firefox.

I can successfully logon to my Kasikorn bank which is a https: site.

Anybody else having problems?

Firefox 37, Windows XP, Panda anti-virus

Fortunately I am registered for telebanking so I used that this time.

It worked, no problem.

Posted (edited)

There was an 'end of life' for certain cipher suites which kicked in during a recent firefox update. It affected Firefox SSL connections, especially on old OS versions. The effect is to disable SSL if it's not secure enough for you. Firefox made this decision for you.

Try Internet Explorer, that might work.

Edited by ukrules
Posted

OK, thanks everybody. I've just downloaded Opera and it has no problem getting to the Nationwide International login page.

So Firefox is the problem. I like its addons too much to ditch it over this one problrm. Thanks again.

Posted

OK, thanks everybody. I've just downloaded Opera and it has no problem getting to the Nationwide International login page.

So Firefox is the problem. I like its addons too much to ditch it over this one problrm. Thanks again.

I can connect to the secure site with Firefox 35.0.1 but rather slow. You might disable your addons temporarily and see if one may be an issue.

Posted

OK, thanks everybody. I've just downloaded Opera and it has no problem getting to the Nationwide International login page.

So Firefox is the problem. I like its addons too much to ditch it over this one problrm. Thanks again.

That might be because you appear to be using a BETA version of Firefox i.e. 37 which hasn't yet been approved by your bank.

The current version of Firefox version is 36 and I can access the login page you mentioned using that version without a problem.

Posted

OK, thanks everybody. I've just downloaded Opera and it has no problem getting to the Nationwide International login page.

So Firefox is the problem. I like its addons too much to ditch it over this one problrm. Thanks again.

I disable my addon..."Ghostery", when I need to logon to my online banking. Could that be your problem? It is definitely an add-on. Alternative. I use IE or Opera. I hate all those google updates and privacy issues with Google Chrome.

Posted

When I have a moment I'll try Firefox without all the addons. I confirm I am using a beta version, 37, but otherwise no problem has shown itself. I'll also try dropping back to the latest official released version. But Opera is fine and I can use that when necessary. I don't use Ghostery although I have done in the past.

Thanks again for the input gentlemen.

Posted

Xircal is correct. It was running the beta 37 version of Firefox that was causing the problem.

I tried version 37 beta with no addons and it had the same fault, so it wasn't an addon problem

Overloaded beta 37 with the official latest version, 36, and everything's fine.

I just hope that when 37 is officially released it doesn't cause this problem again.

Posted (edited)

Use Chrome and click on the locker symbol.

Read the text on the "Connection" tab.

All clear?

This nationwide server uses bloody outdated TLS 1.0 and other shortcomings!

(one of the worst I have seen)

EDIT:

Kasikorn is similarly bad.t uses TLS 1.0, RC4 128 bit.

I explicitely disabled this for Firefox.

One can not really accuse Firefox 37(?) that it (by default) disables such insecure connections.

Guess there is a way to force FF to accept such crap (some "about:config" stuff).

But too lazy to Google.

Footnote:

my FF 35 installation accepts the connection. Bad as it may be.

Edited by KhunBENQ
Posted (edited)

Someone might find this page useful : https://www.ssllabs.com/ssltest/analyze.html?d=olb.nationwideinternational.com

Their grading system (F for this bank) is a little controversial as some of the exploits they mark you down for can only really be carried out by someone with direct access to your PC communications via malware or the backbone infrastructure - someone like an ISP or government for example.

Edited by ukrules
  • Like 1
Posted (edited)

You were quicker!

The results for nationwide are really bad.

A bank that is way behind in taking care for online security.

Conspiracy theory: they are not allowed to implement better security/ciphering.

You know what I mean.

There are always certain people who want to monitor your transactions cheesy.gif

Way better:

Bangkok Bank https://www.ssllabs.com/ssltest/analyze.html?d=ibanking.bangkokbank.com

Siam Commercial (SCB): https://www.ssllabs.com/ssltest/analyze.html?d=scbeasy.com

Kasikorn, much better than nationwide but lacking behind Bangkok and SCB:

https://www.ssllabs.com/ssltest/analyze.html?d=online.kasikornbankgroup.com

Edited by KhunBENQ
  • Like 1

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...