EEVblog Electronics Community Forum
General => General Technical Chat => Topic started by: GlennSprigg on October 28, 2021, 01:17:44 pm
-
The 'topic' here is truly broad spectrum, sorry...
The 'CommBank', (to outsiders, one of our Countries Major Banking infrastructures, "The Commonwealth Bank of Australia"),yy
has 'updated' it's 'Phone-Banking' .APP for our Phones... Well & good, NOT! I can log on to my Bank on-line from my Laptop etc., and that's fine!
I can view all my Accounts details, and make Payments if/when I choose... but 'SOME' functions require the sending of a 'NetCode' to my Phone,
for me to verify first... OK... I understand this security step, as many organizations use such a step to 'verify' who you are, linked to your phone...
MOST Companies/Departments, usually do this via a simple 'SMS' text msg to your phone, but no longer the 'Comm-Bank' !! :(
They still utilize such 'Codes', but NOW it requires logging in to your Phone-App to see the 'Code' that you need to quote to complete the transaction!
Ok... That's more of a pain... Except now you have to use their 'Latest' App version to work, and my $700 Samsung-S4 (then) is no longer good enough
to install/update their bloody APP !!!! It has Android Ver. 5 but needs at least Android Ver. 6, and can 'not' be simply updated.... >:D
So NOW, myself & my 'missus', (we have the same phones that I paid cash for, not on a 'plan'), can not even perform on-line transactions, without me being
forced to buy new phones/OS-Versions, just so I can do basic business transactions!!! Well, 'F.U.' Comm bank. Others don't do this to long standing customers!
I spent an hour & half on the phone, trying to perform a simple transaction (UN-resolved!. Not any more though, am changing Banks after 45 years!)
The 'follow-on' to this, is that a lot of 'Programmers' today could not give a flying fuck about backward-compatibility, and must literally think...
"Well, so update your Hardware & Software then!..." For those who think I'm just not understanding new tech requirements though, I'm 'NOT' talking
about new technology software better aimed at defeating crime/fraud etc... All well and good!! I'm talking about a 'Platform' where obviously one extra level
of Security is to 'verify' who you are, by having to access your Phone/Number TOO, as all others do via a Text 'SMS' message to your phone, for a 'Code'... :phew:
P.S....
I've now reviewed ways of totally re-setting ones 'S4' phones, via various external (illegal Who Gives a Fuck!) methods, to still have a FULLY functional 'Samsung-S4'
phone set up with Android-10, and all the Apps you want!!! Lost Guarantee?? Who gives a fuck. Will explain later for those interested! :-+
-
It's the common Android update disaster. Banks over here all require some additional authorization/verification for a long time. The current authorization methods are an app or a hardware token (more secure). So customers can choose which method to use and they may also add multiple app IDs or hardware tokens to one account.
-
I honestly don't understand why you 'use' a lot of 'single quotation' marks in your posts, along with random boldface.
-
In non-US English-speaking countries, "-quotation marks are nested inside '-quotation marks, while in the US it is typical to nest '-marks inside "-marks.
For example, "He called me a 'Yankee' online", she complained.
-
In non-US English-speaking countries, "-quotation marks are nested inside '-quotation marks, while in the US it is typical to nest '-marks inside "-marks.
For example, "He called me a 'Yankee' online", she complained.
Sure, yeah, but that's not what I'm getting at. Glenn just sprinkles single-quote marks around random words for no apparent reason.
-
What I see often in US supermarkets and other commercial establishments is another misuse of quotation marks, such as "Fresh" lettuce.
(It's an interesting punctuation question to quote quotation marks.)
-
such as "Fresh" lettuce.
That immediately says to me it's not fresh. It is pseudo-fresh.
-
What I see often in US supermarkets and other commercial establishments is another misuse of quotation marks, such as "Fresh" lettuce.
(It's an interesting punctuation question to quote quotation marks.)
Hah, when I see that, I assume the lettuce has been sitting there for a long time!
-
Literally, the punctuation indicates that it is "so-called fresh". I assume that Glenn meant that when writing " 'programmers' ". (White space added for clarity.)
-
SMS is notoriously insecure for 2FA, whereas app-based "authenticators" are less so (app-arrently) - SIM swapping and social engineering means that I can EASILY do a SIM swap, online, right now, take over my parent's phones, and drain them dry!
Does a thread about 2FA really NEED to be de-railed into an ad-hominem gripe about someone's personal typing style? We all do things which annoy others - maturity is in grinning one's teeth and overlooking faults - we ALL have them (would you like me to start a fault-finding thread for EEVblog members? I'd never stop!)
GlennSprigg is a really nice chap - please do not pick fault.
-
It's the common Android update disaster. Banks over here all require some additional authorization/verification for a long time. The current authorization methods are an app or a hardware token (more secure). So customers can choose which method to use and they may also add multiple app IDs or hardware tokens to one account.
Android updates (or the lack of them when the manufacturer wants to stop supporting devices) are a serious problem for providing digital access to critical services. Using a device for 2FA that depends on the manufacturer to authorize updates to be able to patch security flaws might not be the best decision that banks have taken…
It is quite annoying that, being android based on Linux, mobile phones limit the user from changing their operating system so much without authorization from their manufacturers
-
P.S....
I've now reviewed ways of totally re-setting ones 'S4' phones, via various external (illegal Who Gives a Fuck!) methods, to still have a FULLY functional 'Samsung-S4'
phone set up with Android-10, and all the Apps you want!!! Lost Guarantee?? Who gives a fuck. Will explain later for those interested! :-+
Nothing illegal about installing LineageOS.
-
P.S....
I've now reviewed ways of totally re-setting ones 'S4' phones, via various external (illegal Who Gives a Fuck!) methods, to still have a FULLY functional 'Samsung-S4'
phone set up with Android-10, and all the Apps you want!!! Lost Guarantee?? Who gives a fuck. Will explain later for those interested! :-+
Nothing illegal about installing LineageOS.
I run "Pixel Experience" on my Xiaomi RedMi Note 7, and it's transformed it into a phone which is actually DECENT. Still, it's not iOS, but for Android it's nice.
-
No need to reply to this I'll delete it.
Locally or on EEVBlog?
-
Always an alternative:
https://www.commbank.com.au/support.digital-banking.explain-netcode-token.html (https://www.commbank.com.au/support.digital-banking.explain-netcode-token.html)
Let them provide the hardware.
-
That could be an RSA SecurID.
-
Let them provide the hardware.
My UK bank did that many years ago, providing a kind of card reader affair. On demand you shove the card in, type your PIN and it gives you an 8-digit code to supply to whatever is asking. That's when I stopped using that account for day-to-day stuff - when I'm using a PC I never have my card with me, so it was a big drag to log onto online banking or anything else requiring that thing.
Now, they've done a phone app which basically does the same thing, but instead of the card you use your fingerprint (or, presumably, a PIN if you don't have a finger or reader). Since I nearly always have my phone with me I've started to use that account in anger again.
Security is fine until it becomes intrusive, and then it's just a matter of whether you can find a workaround (negating the point of it) or stop using it (again, defeating the point of it).
-
Let them provide the hardware.
My UK bank did that many years ago, providing a kind of card reader affair. On demand you shove the card in, type your PIN and it gives you an 8-digit code to supply to whatever is asking. That's when I stopped using that account for day-to-day stuff - when I'm using a PC I never have my card with me, so it was a big drag to log onto online banking or anything else requiring that thing.
Now, they've done a phone app which basically does the same thing, but instead of the card you use your fingerprint (or, presumably, a PIN if you don't have a finger or reader). Since I nearly always have my phone with me I've started to use that account in anger again.
Security is fine until it becomes intrusive, and then it's just a matter of whether you can find a workaround (negating the point of it) or stop using it (again, defeating the point of it).
As the OP states quite clearly, its all convenient if you have some device that you would otherwise need (which you do). Nice to provide options for people, rather than forcing everyone a single method causing hate either way:
A everyone must carry around an additional device when they don't see the point (you complain), or
B everyone must own a recent smartphone with a supported OS (OP complains)
Whats silly is that many of the apps which are being pushed out by companies to secure their platforms are just a standard (RFC 6238) but wrapped up in their branded app. Which might come with some extra functionality convenient for some, but because its an app then locks in end users to specific OS/platforms/versions. If they'd offer the app as a (default) option but make it easy to set up your own code generator if you preferred then most of the problems would disappear.
-
In non-US English-speaking countries, "-quotation marks are nested inside '-quotation marks, while in the US it is typical to nest '-marks inside "-marks.
For example, "He called me a 'Yankee' online", she complained.
Sure, yeah, but that's not what I'm getting at. Glenn just sprinkles single-quote marks around random words for no apparent reason.
FIRSTLY, thank you, to the many other people who responded as intended/expected. Like one of 'Eti's responses saying...
"SMS is notoriously insecure for 2FA, whereas app-based "authenticators" are less so (app-arrently)".
That was very helpful, as I've (until now), not even heard of *2FA*. Now I can research further. To certain others, I stated that my Post covered
multiple topics, and even apologized for that, sigh... Was as much about Customers, and Options and more, as well as 'security'.
Now...
"TimFox" at least explained 1 reason, why I might have had quote-marks around the word, 'programmer'.
however, you kept going on about how 'random' (*random*!!) my usage was, and how it making no sense!??
*Others* had nicely pointed out though, that maybe you should be less pedantic about ridiculing me,
(or anyone!), instead of just taking the whole post for what it was, and what was intended !!!
I don't know why I'm bothering here, but I'm a human being, with feelings, and I feel that I have a right to defend
myself, even though I shouldn't *have* to, apart from now *wasting-time* and space on the Forum. However!...
I had explained ages ago, when certain people used to complain, that I do not think that a sentence or paragraph in
posts/replies should have to be grammatically structured, as in a book, or literary work! It's a SHORT description,
purely aimed at getting a brief message across, and including often certain simply key 'highlighted' words/names!
And when I use them, it is NOT *random*, but simply highlighting some of those 'key' words, to gloss over. For that,
I make no apologies, as it is obvious to many others that know me, and not your right to condescension & arrogance!
WORST OF THE WORST though, however, was the simply 'ABOMINAL' rant that "Shock" above, attacked me!!! It's one thing
to ask/mention a downfall of mine or two... and a totally separate thing to go on & on talking about my intelligence,
social standing & mental competence, under the guise of being a 'professional' responder, and being a Moderator??
I say that, because he 'finished' by saying that if I even dare to respond to him, he'll delete it all !! W.T.F. ??
Well my response to 'him' is simply that I feel sorry for him, and how can he even fit hit head through a doorway!!
P.S. dear "Shock". It might make you 'happy' to know that no, I am NOT well, physically, mentally, medically now, after
many decades of useful & intelligent/productive employment, and now left with not much time & very limited capacity.
*Some* people here get that, from what I've said/hinted at for many months, and realize "that's just Glenn"...
I've certainly learned/learnt this year that 'Brain-Power'/knowledge has 'little' to do what is necessary for humans
to 'get-along'. True Understanding & Compassion with Humanity leave the likes of you 'Savant-ly' isolated.
Do with me what you wish, if that 'power' brings you joy. Certain Personal Messages have led to MY joy.
P.S. EDIT...
It seems his comment has been deleted....
-
Withdrawn: should have been a private message.
-
I do not think that a sentence or paragraph in
posts/replies should have to be grammatically structured, as in a book, or literary work!
Indeed, and we would normally make allowances for English being a second or third language, dyslexia, and plain old faux spelling correction.
It's a SHORT description,
purely aimed at getting a brief message across
But this is the crux of it. You want to get your message across, so it's incumbent on you to try to do that clearly. Ignoring any of the grammer issues, the use of multiple different emphasis schemes and inappropriate quotes (regardless of whether they are single or double, or now even asterisks!) just makes your text really very hard to read. It's almost as if you want it to be hard to read. Just dropping everything that isn't plain text and punctuation would make it a lot easier to get your message across.
Think about a nice schematic diagram, and then consider the same thing but now with three different symbols for resistors, dashed lines for connections in random places and coils labelled D1 etc.
The other aspect is that people judge a book from the cover. It's something humans do in all sorts of fields, from noticing what people wear through to how they pronounce words. Your prose looks like something a poorly-educated juvenile delinquent would write. Granted, you use whole words mostly correctly spelled so it's actually much better than that but, to notice, one has to want to read the stuff and the world-view look of it doesn't encourage that.
So, maybe try not using bold, no italics, no quotes (not needed unless you are quoting what someone actually said). Just trying writing something that is simple text, and once that feels OK then you might better use emphasis (in moderation).
Ah-ha... Ah-ha... So you think those comments in Red say anything about your compassion/understanding ??? Just another Trolling bully!!!!
Maybe read the last Paragraph I wrote above, in my last main answer, before feeling a need to troll/abuse!! you sanctimonious excuse for a compassionate human!
(https://i.imgur.com/O16QYyM.jpg)
-
Similarly, should have been a private message.
-
I do not think that a sentence or paragraph in
posts/replies should have to be grammatically structured, as in a book, or literary work!
Indeed, and we would normally make allowances for English being a second or third language, dyslexia, and plain old faux spelling correction.
It's a SHORT description,
purely aimed at getting a brief message across
But this is the crux of it. You want to get your message across, so it's incumbent on you to try to do that clearly. Ignoring any of the grammer issues, the use of multiple different emphasis schemes and inappropriate quotes (regardless of whether they are single or double, or now even asterisks!) just makes your text really very hard to read. It's almost as if you want it to be hard to read. Just dropping everything that isn't plain text and punctuation would make it a lot easier to get your message across.
Think about a nice schematic diagram, and then consider the same thing but now with three different symbols for resistors, dashed lines for connections in random places and coils labelled D1 etc.
The other aspect is that people judge a book from the cover. It's something humans do in all sorts of fields, from noticing what people wear through to how they pronounce words. Your prose looks like something a poorly-educated juvenile delinquent would write. Granted, you use whole words mostly correctly spelled so it's actually much better than that but, to notice, one has to want to read the stuff and the world-view look of it doesn't encourage that.
So, maybe try not using bold, no italics, no quotes (not needed unless you are quoting what someone actually said). Just trying writing something that is simple text, and once that feels OK then you might better use emphasis (in moderation).
Did you READ his explanation? (different to the photons striking your retina). Could you not maybe consider to calm down with the style/grammar policing? (btw, you've spelt "grammar" incorrectly, if we are to follow your example of correctness in all things - how utterly tedious)
Give the guy a break, he's a nice chap, you're bringing out the worst in people through your need to "be right" and utter pedantry.
-
I'd love to install MY 'Turn The Tables App'...
To them 'Adnoid Op Sys' folks I'd require every damn thing, passwords must be 15 or more disassociated characters... THEN, I'd take their complaint:
OXYGEN not working, (spaceship whiners),
Folks having a house fire: "What...oh sir...please log in, while I Google 'house fire procedure...'
Oh, what, no food, in your mansion, please enter password, / user name to 'get started' with my helping you...
-
Ah-ha... Ah-ha... So you think those comments in Red say anything about your compassion/understanding ??? Just another Trolling bully!!!!
After reflecting on this I accept your accusation and criticism. Although I stand by what I wrote, and espectially the intent behind it, I should have sent it as a private message rather than post it in public. For that I apologise and have withdrawn my post.
(Of course, since you and my good friend ETI have quoted it in full that makes little difference, but the option is there for you to edit your quote if you wish.)
-
I feel your pain. The accounting website my employer uses told me I have to download an app to use their website. I only use it to claim expenses. I found it dumb so I refused. I ate one expense and now I refuse to use my money for work.
-
They still utilize such 'Codes', but NOW it requires logging in to your Phone-App to see the 'Code' that you need to quote to complete the transaction!
Galaxy S4 is eight years old. Use a mobile web browser, you can use NetBank as normal. It will send you an SMS if required.
-
Yeah, about that 'App' thing:
OLD SCHOOL VIEW WOULD SAY: " This is classic MONOPOLY Power, being asserted / exerted..."
Right now, I've got a (routine, thank God) email, from a 'PORTAL': Requesting I confirm upcoming appointment. Trouble is, that does not seem 'optional',
so I start to bristle (heat up, behind the neck). Now, I usually try to behave, reasonable.
Think about it ( before dismissing, as trivial); YOU WILL get signed up, with password, to that specialized medical 'portal'. AND, (capitalized for DRAMA); YOU WILL enter password, upon request, to confirm office appointment, 48 hours in advance. (Normal typical office stuff, am I right?).
OR: ... Or what? ...oh, I don't get the medical service access. Soo, I suck in the pride, shut-up, and get the App, installed............
NOooooooooooooooooooo.
OR, as Glenn sez:
Arrrrrggggggggrrrrrrphhhllllllaaa
That's a MONOPOLY, and it ain't pretty, they exert all kinda mayhem and havack. Just do (that) and things will go smoother for me..
.CLASSIC VICTIM DYNANMIC!
Oh, and I want to request, a FREE DEVICE, for me to comply to your simple App Spyware Installation REQUIREMENT.
NOW, knowing some of this (serious) concern is presented various in 'sarcastic' forms, that's my nature.
Tomorrow morn, I am going to attempt a simple, voice phone call, to confirm foot Doctor appointment this week. Probably, no problem, to confirm and keep the scheduled appointment.
And, yes, I've always turned a confused Grammer hand, to the 'single' quotations; Couldn't tell you, the reasoning, or Grammer rule though.
-
This general screw the customer attitude seems to be a worldwide banking attitude. It is not peculiar to the IT department. Several years ago the bank system I had been doing business with for several decades was absorbed by a larger system. For about three months after the "merger" I received letters about every three weeks describing how they were going to improve service by eliminating a service I used and liked. Everything from safety deposit boxes, hours of operation, banking locations and various financial services (lines of credit, overdraft protection ....).
I left and have never looked back. Similar things have happened a couple of times since.
Corporations have no loyalty to customers. There is no reason to reward them with loyalty. While few of us have assets large enough to make them beg for our business, if enough overcome inertia to respond to these insults it is possible they will take notice. And moving to smaller institutions does give you the opportunity to become a bigger fish relative to the pond.
-
ACTUALLY: I recall, I believe one way they do the bit where you read some cursive style wording, and enter it in, is that they are actually performing a live 'Security Check' if you are a human, not machine bot.
So, some of this frustrating verification activities are used, (but again, for the Big Bank's purpose). They just use you, to easy identify some item.
Maybe, but just a speculation. Actually makes more sense, that an entity like Tesla could use such short verification / human recognition abilities (in the machine vision sys).
-
Had the same problem with 2FA banking apps and my S4. Simply asked around in the family and with friends for an S5 lying around in some drawers. Got one at the cost of a new rechargeable battery, for that matter, and now Bob's my uncle :) The S4 then met its end in a sheet metal folding machine. Simply love that noise.
-
Similarly, should have been a private message.
Thank you for your latest responses 'dunkemhigh'. And thank you to the others here too!!! :-+
Not having much else in my life now, I've often talked to people about the proverbial "Water off a Ducks back" So 'not' knowing you from a
bar of soap, (and visa-versa), I would happily just put it all behind me/us, and continue in the capacity while we (I) can, while we(I) can!! :-+
Sometimes, such 'Posts' can be mere technical questions, and sometimes they appear as 'rants'. That's because we are human, with failings.
I've been given a few ideas though! now, and will be upgrading my (and my 'missus's) phones, to the ubiquitous "LineageOS", as then all the
magic will happen! hahaha. It's not a 'simple' (excuse the quotes again) procedure, but the result at least will be a still 'usable' SmartPhone,
that will at least allow me to perform certain Banking functions, while I still have some of the mental faculty to perform such tasks!!! hahaha...