online banking with Bank of America: not quite accessible enough

Sean McMahon smcmahon at usgs.gov
Mon Feb 2 11:24:03 EST 2004


As someone who occationally puts together a webpage or two, how do you check
for encryptian?
Sean
----- Original Message ----- 
From: "Janina Sajka" <janina at rednote.net>
To: "Speakup is a screen review system for Linux." <speakup at braille.uwo.ca>
Sent: Saturday, January 31, 2004 12:12 PM
Subject: Re: online banking with Bank of America: not quite accessible
enough


> Hi, Darrell:
>
> I've already written to Lainey about it. Here's the text of my message
> to her where I also included the message from Cheryl:
>
>
> Hi, Lainey:
>
> Are you able to help me forward the concern described in the attached
> email? I'm afraid the issue is sufficiently obscure, technically, to not
> make much sense to the first tiers of tech support people. Besides, they
> wouldn't be in the position to do anything about it.
>
> The bottom line here is that they're excluding users based on bad
> judgement. They've got their log very wrong, technically speaking, and I
> can prove it.
>
> If you read the message this woman is getting--which I also get, it
> seems very justified--the bank wants you to connect using secure,
> encrypted communications channels so that your information can't be
> stolen by someone who's eavsdropping. Unfortunately, the way they're
> actually determining whether or not the connection is encrypted isn't
> accurate and yields false results, as in this instance. Technically
> speaking, they're not actually testing for encryption, they're inferring
> based on what browser the user is using. My advice to this individual
> will be to simply lie--something that one can do with these browsers and
> masquerade as Netscape or IE. But, that's not a proper solution.
>
> The truth is that looking at what browser the person is using isn't
> going to really tell you whether or not they're practicing safe
> computing. As it happens, the old, and now sometimes denigrated text
> browser lynx, actually provides twice the level of security available in
> Netscape and Internet Explorer. Lynx SSL encryption, to be technical
> about it, provides 192-bit encryption, compared to Netscape and IE's
> 128-bit. In encryption, the higher this number is, the stronger the
> encryption is.
>
> Frankly, this isn't much different than denying service to someone
> because they wear the wrong clothes. While the users of these browsers
> may be a minority, they are a growing minority because of the growing
> popularity of Linux even among users who are blind.
>
> The fix is also not difficult or expensive for B of A to implement. But,
> it's a decision that obviously needs to be made at a high enough level
> inside their IT department.
>
> B of A has been doing an outstanding job of making their extensive on
> line services accessible. Every few months I go poke around on their web
> pages and I'm always gratified to see more and more services being made
> available accessibly. This is making B of A very attractive to potential
> customers nationwide. It would be a shame to exclude some of them for
> bogus reasons.
>
> Anything you can do would be much appreciated.
>
> -- 
>
> Janina Sajka
> Email: janina at rednote.net
> Phone: +1 (202) 408-8175
>
> Director, Technology Research and Development
> American Foundation for the Blind (AFB)
> http://www.afb.org
>
> Chair, Accessibility Work Group
> Free Standards Group
> http://a11y.org
>
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup





More information about the Speakup mailing list