online banking with Bank of America: not quite accessible enough

Darrell Shandrow nu7i at
Sat Jan 31 14:16:26 EST 2004

Hi Janina,

Very well done, and I hope it gains some positive results.

Darrell Shandrow - Shandrow Communications!
Technology consultant/instructor, network/systems administrator!
A+, CCNA, Network+!
Check out high quality telecommunications services at
All the best to coalition forces carrying out Operation Iraqi Freedom!
----- Original Message ----- 
From: "Janina Sajka" <janina at>
To: "Speakup is a screen review system for Linux." <speakup at>
Sent: Saturday, January 31, 2004 12:12 PM
Subject: Re: online banking with Bank of America: not quite accessible

> Hi, Darrell:
> I've already written to Lainey about it. Here's the text of my message
> to her where I also included the message from Cheryl:
> Hi, Lainey:
> Are you able to help me forward the concern described in the attached
> email? I'm afraid the issue is sufficiently obscure, technically, to not
> make much sense to the first tiers of tech support people. Besides, they
> wouldn't be in the position to do anything about it.
> The bottom line here is that they're excluding users based on bad
> judgement. They've got their log very wrong, technically speaking, and I
> can prove it.
> If you read the message this woman is getting--which I also get, it
> seems very justified--the bank wants you to connect using secure,
> encrypted communications channels so that your information can't be
> stolen by someone who's eavsdropping. Unfortunately, the way they're
> actually determining whether or not the connection is encrypted isn't
> accurate and yields false results, as in this instance. Technically
> speaking, they're not actually testing for encryption, they're inferring
> based on what browser the user is using. My advice to this individual
> will be to simply lie--something that one can do with these browsers and
> masquerade as Netscape or IE. But, that's not a proper solution.
> The truth is that looking at what browser the person is using isn't
> going to really tell you whether or not they're practicing safe
> computing. As it happens, the old, and now sometimes denigrated text
> browser lynx, actually provides twice the level of security available in
> Netscape and Internet Explorer. Lynx SSL encryption, to be technical
> about it, provides 192-bit encryption, compared to Netscape and IE's
> 128-bit. In encryption, the higher this number is, the stronger the
> encryption is.
> Frankly, this isn't much different than denying service to someone
> because they wear the wrong clothes. While the users of these browsers
> may be a minority, they are a growing minority because of the growing
> popularity of Linux even among users who are blind.
> The fix is also not difficult or expensive for B of A to implement. But,
> it's a decision that obviously needs to be made at a high enough level
> inside their IT department.
> B of A has been doing an outstanding job of making their extensive on
> line services accessible. Every few months I go poke around on their web
> pages and I'm always gratified to see more and more services being made
> available accessibly. This is making B of A very attractive to potential
> customers nationwide. It would be a shame to exclude some of them for
> bogus reasons.
> Anything you can do would be much appreciated.
> -- 
> Janina Sajka
> Email: janina at
> Phone: +1 (202) 408-8175
> Director, Technology Research and Development
> American Foundation for the Blind (AFB)
> Chair, Accessibility Work Group
> Free Standards Group
> _______________________________________________
> Speakup mailing list
> Speakup at

More information about the Speakup mailing list