[kde-linux] Am I Alone?

Thu Oct 1 09:59:58 UTC 2009

Kevin Krammer posted on Thu, 01 Oct 2009 10:03:10 +0200 as excerpted:

> On Thursday, 2009-10-01, Dale wrote:
> 
>> Try this one then:
>> 
>> http://www.cadencebanking.com/
>> 
>> It's VeriSign as well.  Do you have some plug-in, add-on or something
>> installed that could mess this up on some sites?  I don't know how this
>> works so it may not even be possible for this to be blocked.
> 
> This one doesn't even use SSL for me (no SSL shield in URL/address bar).
> As I said, the other one already worked for me, but so did the link
> originally posted while it failed earlier today.

Indeed.  It's a standard http:// address, not https://, so wouldn't be 
encrypted.  And attempting to connect to 

https://www.cadencebanking.com/

returns connection refused -- they don't take https connections to that 
server.  So apparently whatever their login is, it's served from an 
address other than the encrypted https://www.cadencebanking.com/ .

FWIW, here's my bank:

https://bankofamerica.com

That should fail the authenticity check, because the certificate is 
issued to www.bankofamerica.com , while the address is simply 
bankofamerica.com , the same thing I noted with capitalone.com vs 
www.capitalone.com earlier in the thread.  HOWEVER, in this case (unlike 
with capitalone), it's a valid certificate chain, with two verisign certs 
in addition to the BofA cert.

Attempting to connect to the www variant, as

https://www.bankofamerica.com

is interesting in a different way, however.  It stays https://
www.bankofamerica.com , but I don't get the encryption shield, and 
viewing document information yields no hint that it's encrypted, either.  
AFAIK, that means I was served a standard unencrypted page over the 
standard https:// port, which is normally for encrypted http, but of 
course doesn't /have/ to be, and doesn't appear to be encrypted here.  
I'm thus a bit confused.

Meanwhile, it's entirely possible others will get slightly different 
behavior since I DO have an account there, and thus have various cookies 
set, scripting enabled tho I run with scripting disabled by default, etc.

Anyway, I tried checking history to see if I could figure out which 
bugzilla I was on that wouldn't let me see the details, but funny thing, 
despite the fact that I have history set for 90 days, 500 URLs, it's 
entirely blank!  Now I don't know if that's because I've crashed 
konqueror a couple times recently, or due to another bug or something, 
but it was certainly surprising to go looking at the history tab of the 
navigation pane, and see *NOTHING* there, *ENTIRELY* blank.  I'd have 
expected that on firefox on my netbook, since I have it clear history at 
every shutdown, but not here on konqueror, where I have it configured 
for, as I said, 90 days, 500 URLs worth.  But I do believe it's the first 
time I've had reason to actually check history since I switched to kde4, 
so maybe it has simply not worked at all. <shrug>  (In this case, it's 
also possible konqueror-4 history now depends on nepomuk or some other 
bit of the semantic desktop I have disabled or not installed at all.  So 
I'm not blaming this on a kde bug, tho some would argue that in such a 
case, it's a bug that the history UI isn't shown as disabled or removed 
from the menu entirely, if it does indeed depend on a component I have 
disabled or configured out at build time or whatever.)

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman