# Banking website refuses connection from FreeBSD



## phalange (Jun 1, 2021)

There is one bank website I connect to that does not work in FreeBSD (using Firefox or Falkon). I get a message that the site is not compatible with the browser.

It's not the version of Firefox, since FreeBSD is at the same version as my Linux devices. It's not a special plugin either. It's also not a new issue; it's been true for several versions of FF on FreeBSD.

Anyone know what's happening here?


----------



## SirDice (Jun 1, 2021)

phalange said:


> Anyone know what's happening here?


They're probably looking at the browser's user-agent string, it includes the OS. Fake it, replace it with one from a working Linux Firefox browser and see what happens.


----------



## neel (Jun 1, 2021)

I have a bank whose website only allows Windows or macOS, they don't even allow Linux. But if I change the user agent to Firefox on Windows, I get in fine.

Leaving the bank sadly is not an option for me.

My apartment's main website also disallows FreeBSD (but not Linux) thinking FreeBSD = bot (which it's not), but their portal is hosted elsewhere and that fortunately works fine on FreeBSD.

For "security", I shouldn't need a user agent switcher which could be made by Russian hackers and suck in all your information to some OVH server paid on stolen credit cards.

Microsoft's Outlook web interface formerly blocked FreeBSD, but does not block it anymore.

Disclaimer: I work at Microsoft, but not on Windows or Edge. I do work in the Exchange/Outlook umbrella, but neither runs my personal email (that runs Postfix/Dovecot on FreeBSD).


----------



## SirDice (Jun 1, 2021)

neel said:


> For "security", I shouldn't need a user agent switcher which could be made by Russian hackers and suck in all your information to some OVH server paid on stolen credit cards.


For "security" the user-agent is absolutely useless to check because you can easily fake it and make it show whatever you want.


----------



## phalange (Jun 2, 2021)

SirDice said:


> They're probably looking at the browser's user-agent string, it includes the OS. Fake it, replace it with one from a working Linux Firefox browser and see what happens.



I looked around in about:config but there's nothing about FreeBSD that I could find. And no user-agent as such, just an alpha-numeric string. Is there a specific item to switch?


----------



## neel (Jun 2, 2021)

phalange said:


> I looked around in about:config but there's nothing about FreeBSD that I could find. And no user-agent as such, just an alpha-numeric string. Is there a specific item to switch?


You will need a user agent switcher. This is an extension you need to download (the way you download an adblocker).


----------



## Aeterna (Jun 2, 2021)

phalange said:


> I looked around in about:config but there's nothing about FreeBSD that I could find. And no user-agent as such, just an alpha-numeric string. Is there a specific item to switch?


you can try various user agent switchers e.g.
https://addons.mozilla.org/en-US/firefox/addon/uaswitcher/
I don't know how good it(user switcher is (I don't have issues with online banking using FreeBSD but the issue may be related to specific bank).


----------



## Vull (Jun 2, 2021)

Have not tested it, but KDE5 desktop has a feature in System Settings to do it for you:


----------



## aragats (Jun 2, 2021)

I need to access several banks' sites. They all tend to change their UIs from time to time. Sometimes I have to disable "Privacy Badger" and/or "uBlock Origin" ad-ons to make them working again. E.g. _online.citi.com_ won't let me logging in with "Privacy Badger", but has nothing against "uBlock Origin", but _myaccounts.pmcu.org_ is opposite: I have to disable "uBolck Origin".


----------



## Menelkir (Jun 2, 2021)

Vull said:


> Have not tested it, but KDE5 desktop has a feature in System Settings to do it for you:
> View attachment 10034


I think firefox doesn't use the internal settings of kde, this is used by things like x11-fm/konqueror or www/falkon.


----------



## Deleted member 30996 (Jun 2, 2021)

I use User-Agent Switcher by Linder.


----------



## memreflect (Jun 2, 2021)

While it's definitely not the only UA switcher, I prefer the User-Agent Switcher and Manager add-on.  It contains many useful features, though that feature set makes it more complicated than many other UA switchers that simply require you to select the UA you want.  Basically, click the "Apply (container)" button after you've selected a UA, refresh, and see if it works.  If you find a particular UA string allows the website to work as expected, you might want to open the Options, enable Custom Mode, and modify the JSON to make the UA string persistent for that domain.  Don't forget to click the "Save" button once you've made your changes.  If you need to use the UA switcher toolbar for some reason (e.g. the site stops working under that UA string), remove the domain and Save.  For more information, click the "FAQs page (Help)" button at the bottom of the Options screen.

If you don't like add-ons, I'll at least mention the `general.useragent.override` String preference in about:config that lets you specify a UA string for all sites so long as it's enabled.  Since changing UA strings can sometimes cause pages to break, I don't recommend leaving it enabled.  However, I definitely recommend installing an add-on you're comfortable using instead of changing that preference.  With an add-on, you can enable/disable the UA switching whenever you want.

To test your UA settings, DuckDuckGo actually displayed my user agent information when I searched for "user agent", and Google displayed it when I queried "what is my user agent".  Of course, there are various sites dedicated solely to displaying things like UA information and request headers as Trihexagonal demonstrated above.  You can also open Firefox's Web Developer Tools, click the Network tab, and refresh the page.  Select one of the items in the newly created list, choose the Headers tab in the new subwindow, and scroll through the headers until you see the User-Agent request header to see what UA string was sent to the site.


----------



## a6h (Jun 2, 2021)

When I was trying to not to use Chromium; finding a way to run Skype and Team on Firefox, I achieved mixed results. I installed different User-Agent Switchers. Team ran, but Skype didn't. At the time I tracked down the problem to the WebRTC, and the way Firefox handles it. The other day -- after reading this thread, I tried Skype again. Same old.


----------



## drhowarddrfine (Jun 2, 2021)

SirDice said:


> They're probably looking at the browser's user-agent string


Speaking as a web developer for 17 years for some well-known companies, this shows the work of a fool. That you were rejected based on it is evidence of the reason we call it a folly on the part of any program to do this.

There are a lot of fools working at big companies out there.


----------



## SirDice (Jun 2, 2021)

drhowarddrfine said:


> this shows the work of a fool.


I fully agree.

I've actually seen malware sites that, when looked at with a "regular" desktop browser will show you a rather harmless website. When you fetch the website with a user-agent from an Android or iPhone browser then it'll show a completely different website, one containing malware specific for that type of phone. Real nasty stuff.


----------



## Vull (Jun 2, 2021)

Menelkir said:


> I think firefox doesn't use the internal settings of kde, this is used by things like x11-fm/konqueror or www/falkon.


With this, though, I can still "look like" I'm browsing with Firefox. xD


----------



## Deleted member 30996 (Jun 2, 2021)

I usually try not to stand out in someones logs as a FreeBSD usr. Unless it's at a Linux forum that shows what OS you're using when I post, then I want it to show the Devil, not Win10. I never pretend to be Linux and am dearly loved by everyone there.

So I picked up where I left off when Vladimir called and finished posting to that thread. Anna Chapman said Руддщ  and that she hoped you could make it to the next meeting, grahamperrin. Take the teleport chair, and no off-world side trips this time. We're having Cult of the Dead Cow braised beef b00b brisket, best to Vlad and his boys.

I have to disable uBlock Origin sometimes but only if I need to do something on specific and that site that won't work unless I do. If a random site doesn't functional minimally I move on to another.

I'll use paypal and ebay with no hesitation but don't do online banking. There was another guy in town with the same first and last name, different middle initial, that could go there and withdraw money from my account at will.

The Bank Manager fell all over herself saying it would never happen again after a bad check of his was debited toward my account the first time. He withdrew money from my checking account on 3 occasions after that. I had them put my SS# on my page and they were supposed to verify it was me every time, but I could call down myself an get my balance without them asking for it. I just sucked it up because I didn't want to ruin some old lady's day for answering the phone.

I went to Walgreens and they had misplaced a prescription I had called in. They were back there looking high and low for it. I said did you give it to my doppleganger? "No, he was in here earlier but got something else." Yeah, right, explain that on your pill count sheet at the end of the month, and get my script refilled.

He's passed on to where he doesn't need money anymore, or my script on top of his. Now it's just Weixiong, ruebot, izezi, bête noire, pox, Ivy, jitte and me here at trihexagonal.org. Harley wanted to stay and visit with Anna.

Ebay sends me an internal warning every time I login. MasterCard will freeze my card if I do business across the water in Sofia, Bulgaria with my web host as suspicious activity, paypal will still work till I fix it. I switched to a local pharmacy where they know me when they see me and talk about "You're right, he does look good in a mask".


----------



## VladiBG (Jun 2, 2021)

SirDice said:


> I've actually seen malware sites that


I've reported some malware and phishing sites to the Domain Registrar with copy to the RIPE abuse and for my surprise they got removed in less than an hour. In my case those sites was hosted by GoDaddy and they remove them pretty fast.


----------



## phalange (Jun 2, 2021)

memreflect said:


> To test your UA settings, DuckDuckGo actually displayed my user agent information


This is cool, I entered "what's my user agent" in duck duck go and got a very detailed profile.

I compared the output to Firefox in Linux and the ONLY difference is that on FreeBSD the string says `FreeBSD amd64`. Is this bank really screening FreeBSD specifically, or are they just only accepting Win-Mac-Linux?

Either way, this:



drhowarddrfine said:


> There are a lot of fools working at big companies out there.


----------



## Deleted member 30996 (Jun 2, 2021)

My tutorial was scraped and appears in part plagiarized bot babble on some site in Palau:



			Freebsd desktop. Beginners Guide - How To Set Up A FreeBSD Desktop From Scratch
		


They didn't respond to my initial civil message to take it down, except to post this up top of the page:

"similar. You are not right. assured..               

Now I'm mad.

I just cursed them and cussed them and said I was sending my jinn. I'll have to write a letter telling them I have a jinn on the way and they better get that down before the Sun sets today:


```
organisation: Micronesia Investment and Development Corporation
address:      P.O. Box 1256
address:      Koror  96940
address:      Palau

contact:      technical
name:         .pw Technical Contact
organisation: Radix FZC
address:      F/19, BC1, Ras Al Khaimah Economic Zone
address:      P.O Box # 16113, Ras Al Khaimah - 16113
address:      United Arab Emirates
phone:        +1.4154494774
fax-no:       +1 781 823 8911
e-mail:       admin@radixregistry.com
```

Now to go find a spotlight seeking gloryhound who lies like a dog and has no spine to get this directed to who deserves it.


----------



## scottro (Jun 2, 2021)

Dogs are actually pretty honest. When a dog is happy, you know it. When they're upset you know it. 

(Sorry, just trying to add a bit of levity, and I've noted you usually give me a pass on stupidity, so I abuse it.) 

That's really annoying though. I have a very minor issue, that on one of the mutt sites, they took something from my mutt page. I actually noticed because I tend to use, as an example, user john with a password of 1234, and it caught my eye. Then I though, Hey, this is actually from my page. But as it's the main mutt wiki or whatever it was, I was more flattered than angry. But that's FAR different than some random site taking a tutorial that you put a lot of time and effort into creating then just denying it. If I use something, and know the source, I attempt to get permission. If they don't answer after awhile, I still attribute it, and if I don't remember where I saw it, I still do my best to point out that I got it from someone else.

I would just say that obviously, their English is less than perfect and it may be that they aren't denying it as strenuously as it seems.


----------



## Deleted member 30996 (Jun 3, 2021)

scottro said:


> Dogs are actually pretty honest. When a dog is happy, you know it. When they're upset you know it.
> 
> (Sorry, just trying to add a bit of levity, and I've noted you usually give me a pass on stupidity, so I abuse it.)


You and I are good and have known each other since the PC-BSD days.

I wasn't talking about him. I have more than one forest fire burning right now. 

I just caught Squarebear in a lie and I hate a liar. There is a private board at Bizarro World where I countered his word play with his own words, and those are always best when you can use them.

Now I am going to log off and unplug my cable modem for the night. I want to have a fresh IP and clear mind to start the day with tommrrow morning. Sunup. 

I fiddled around with trying to get his host to respond and their intake box is so full it will not take an abuse report.

I had that info in 5 minutes. I mailed him from mine and sent him his photo. That's always an attention grabber.


----------



## scottro (Jun 3, 2021)

Dang, sounds like a rough and aggravating day. Let's hope tomorrow is better.


----------



## Alain De Vos (Jun 3, 2021)

For my bank falkon browser is just fine.
For google/youtube my falkon browser is insecure.
I believe google wants me to force chromium...


----------



## grahamperrin@ (Jun 18, 2021)

*Opening poster's case*



phalange said:


> … Is this bank really screening FreeBSD specifically, or are they just only accepting Win-Mac-Linux? …



I doubt that there's active screening against FreeBSD. More likely, it wasn't given thought in whatever solutions were chosen by the bank (you can't always blame the bank).

I use Custom UserAgent String.

If you add overrides for sites used by your bank, you might have better luck with strings that are *terse*, or *Windows-specific*.

With <https://udger.com/resources/online-parser> returning this, at the time of writing:

`Mozilla/5.0 (X11; FreeBSD amd64; rv:89.0) Gecko/20100101 Firefox/89.0`

– try this override, for example:

`Mozilla/5.0 Gecko/20100101 Firefox/89.0`


Firefox aside, here are two (old) examples of *terse* site-specific overrides that worked with Waterfox Classic:

<https://github.com/MrAlex94/Waterfox/issues/985#issuecomment-568163462>
<https://old.reddit.com/r/waterfox/comments/buqvm2/-/epi7q68/>
<https://github.com/MrAlex94/Waterfox/issues/978#issue-445841850> was probably the most unusual example of a site that benefited from an override:

a Linux-specific string failed
a FreeBSD-specific string succeeded.


----------



## Argentum (Jun 18, 2021)

neel said:


> Leaving the bank sadly is not an option for me.


Some banks may have customer support line...


----------



## grahamperrin@ (Jun 18, 2021)

*Falkon*



Alain De Vos said:


> … For google/youtube my falkon browser is insecure. …



I see the padlock icon (below) at https://www.youtube.com/watch?v=J3GJvSYykio/

Please: in what way do you see insecurity?








Menelkir said:


> … settings of kde, this is used by things like x11-fm/konqueror or www/falkon. …



As far as I know, those settings are not used by Falkon. Falkon has an integral _User Agent Manager_:


----------



## Alain De Vos (Jun 18, 2021)

Thanks. After changing user agent to opera it worked.
What's in the brain of the youtube's web developers ...


----------



## grahamperrin@ (Jun 18, 2021)

*Microsoft Teams, Microsoft Teams for friends and family*



vigole said:


> … Team on Firefox, …



▶ Mozilla bug 1623340 _keyword_ *webcompat:site-wait* | (1623340) Firefox compatiblity with Microsoft Teams and Teams for friends and family - Firefox Development - Mozilla Discourse


----------



## Alain De Vos (Jun 18, 2021)

Let's say you have one life. You wake up one morning and you have that day working for that company waste your valuable time just to add a "user-agent" sniffer , in order to make a living.
Maddness is the best word i have to describe it.
I'm gone install dconf-editor en gconf-editor against the maddness.


----------



## grahamperrin@ (Jun 18, 2021)

*Outlook Web App*



neel said:


> … Microsoft's Outlook web interface formerly blocked FreeBSD, but does not block it anymore.
> 
> Disclaimer: I work at Microsoft, but not on Windows or Edge. I do work in the Exchange/Outlook umbrella, …



The OWA that I use is (at a glance) at Exchange Server 2016 level. Currently overridden by me with:

`Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0`

I expect an eventual shift to the Microsoft-hosted service.

*Threats*



VladiBG said:


> I've reported some malware and phishing sites to the Domain Registrar with copy to the RIPE abuse and for my surprise they got removed in less than an hour.



Cool. I typically report to Newest IP or URL Threats - Malwarebytes Forums.



VladiBG said:


> In my case those sites was hosted by GoDaddy and they remove them pretty fast.



There's a parallel world where take-down requests are meaningless. I haven't kept abreast of things for the past year or so, but see for example the two bullet points under <https://forums.malwarebytes.com/top...rough-firefox/?do=findComment&comment=1353171>

Side note: I mention use of NoScript; I no longer use it.


----------



## Alain De Vos (Jun 18, 2021)

grahamperrin said:


> *Opening poster's case*
> 
> 
> 
> ...


Thanks Falkon works now. But the following did not worked out for epiphany (web),

```
gsettings set org.gnome.Epiphany.web:/org/gnome/epiphany/web/ user-agent "Opera/9.80 (X11; BSD 4.4 x86_64) Presto/2.12.388 Version/12.16"
```
For midori i have no user-agent key found.


----------



## drhowarddrfine (Jun 18, 2021)

grahamperrin said:


> I use Custom UserAgent String.


No customer or user should ever have to do that. Any web site that uses that unreliable indicator to determine deliverance is a moron of the highest level. It was a much talked about subject years ago and it was years ago that it was declared that any web site that uses it is a moron of the highest level.


----------



## SirDice (Jun 18, 2021)

drhowarddrfine said:


> No customer or user should ever have to do that. Any web site that uses that unreliable indicator to determine deliverance is a moron of the highest level. It was a much talked about subject years ago and it was years ago that it was declared that any web site that uses it is a moron of the highest level.


Any fool can use a computer, many do.


----------



## grahamperrin@ (Jun 18, 2021)

drhowarddrfine said:


> No customer or user should ever have to do that. … a much talked about subject years ago …



… and I have no doubt that future years of talking will not reduce, to near-zero, the percentage of servers that use user agent strings to determine the suitability of client software.

Not all of these server administrators are morons. Some simply have better things to do with their time than adopt the latest technologies. If it ain't broke for most people, don't fix it, I can empathise.


----------



## SirDice (Jun 18, 2021)

grahamperrin said:


> Not all of these server administrators are morons.


It's typically not the server administrators that build web applications. They get told, "here's something company XYZ built for us, you make that run in our environment". They'll have zero say in this, and are often not even involved in setting the requirements (speaking from my own experience).


----------



## drhowarddrfine (Jun 18, 2021)

As SirDice said. This has nothing to do with servers or sysadmins. The web app developers are the ones who check for user agent strings and it is they who respond to it.


----------



## Alain De Vos (Jun 18, 2021)

And many things are subcontracted. Wich in themselves are subcontracted.


----------



## phalange (Jun 18, 2021)

The error message is something to the effect of "use our app or try a supported os"

I suspect the sysadmins could care less. My guess is that the bank wants its customers using platforms (1) that it has tested and (2) where can harvest data. This blanket policy probably affects too few customers to even measure.


----------



## SirDice (Jun 18, 2021)

phalange said:


> This blanket policy probably affects too few customers to even measure.


Many, many years ago I had a discussion, I worked for a large banking/insurance company back then, I mentioned that their brand new website didn't work properly with Firefox and they should fix this to support it. Their answer, no it's not a priority, we can see in the logs that 100% of our visitors use Internet Explorer, nobody seems to use Firefox. The website didn't work on Firefox and only worked with IE. How many Firefox users would end up in the logs if the site didn't work for them? It's just another form of survivorship bias.


----------



## phalange (Jun 18, 2021)

SirDice said:


> Many, many years ago I had a discussion, I worked for a large banking/insurance company back then, I mentioned that their brand new website didn't work properly with Firefox and they should fix this to support it. Their answer, no it's not a priority, we can see in the logs that 100% of our visitors use Internet Explorer, nobody seems to use Firefox. The website didn't work on Firefox and only worked with IE. How many Firefox users would end up in the logs if the site didn't work for them? It's just another form of survivorship bias.



That's a fair point, but as much as I enjoy FreeBSD, I don't think they're going to discover a few years from now that the majority of their users have switched to FreeBSD and they should have planned better.

Even Linux is probably a statistical blip of their total users, and BSD desktop users are fewer still.


----------



## bsduck (Jun 18, 2021)

www/otter-browser, www/falkon and x11-fm/konqueror all have a built-in function to change the user agent in order to mimick another browser.


----------



## scottro (Jun 18, 2021)

I think I even have an old page, about using flash on Linux with Citibank--hrrm, why was I using Citibank, I never had an account there--ahh, credit card at one point. I can't find that page now but I do remember their support writing back, We do not support LINUX (and yes, they did write Linux in all caps).  I think it's pretty much what SirDice said, survivorship bias. Even if all Linux/*BSD users united and said, we won't use you anymore, I picture them like the Catherine Tate character, Lauren, going, Am I bovvered?

(For those unfamiliar with the character but who like Dr. Who, there's a great thing they did for some BBC benefit, which is pretty funny--I don't think you need to know the Lauren Cooper character to like it)




_View: https://www.youtube.com/watch?v=YHAJ4VFStUE_


----------



## Deleted member 30996 (Jun 19, 2021)

SirDice said:


> I mentioned that their brand new website didn't work properly with Firefox and they should fix this to support it. Their answer, no it's not a priority, we can see in the logs that 100% of our visitors use Internet Explorer, nobody seems to use Firefox.


Logic: It's not just for breakfast anymore.

Google will refuse to do anything if I spoof an outdated version of a certain browser. I remember when certain webdesign features were "intended for IE", because it wouldn't render everything like Firefox. Or something along those lines that good markup should take care of.


----------



## drhowarddrfine (Jun 19, 2021)

phalange said:


> I don't think they're going to discover a few years from now that the majority of their users have switched to FreeBSD and they should have planned better.


That's not the point. Or at least not my point. My point is that no intelligent web programmer uses the user agent string to determine the makeup of a web page. That ANY operating system fails to render a web page is a blunder by an incompetent programmer  who thinks he knows computers and stuff.


----------



## grahamperrin@ (Jun 19, 2021)

phalange said:


> The error message is something to the effect of "use our app or try a supported os"



Thanks, which strings did you try?


----------



## Alain De Vos (Jun 19, 2021)

bsduck said:


> www/otter-browser, www/falkon and x11-fm/konqueror all have a built-in function to change the user agent in order to mimick another browser.


Otter-browser can't play youtube videos. Neither epiphany (web)


----------



## bsduck (Jun 19, 2021)

It's quite choppy on my computer too. I find Otter's performance surprisingly poor compared to Firefox and Falkon. I tried switching the backend to QtWebEngine (default is QtWebKit) but then it becomes very buggy and crashes.


----------



## grahamperrin@ (Jun 19, 2021)

Otter performance: https://forums.FreeBSD.org/threads/testing-otter-browser.72576/post-518230


----------



## phalange (Jun 20, 2021)

drhowarddrfine said:


> That's not the point. Or at least not my point. My point is that no intelligent web programmer uses the user agent string to determine the makeup of a web page. That ANY operating system fails to render a web page is a blunder by an incompetent programmer  who thinks he knows computers and stuff.


I don't get a sense of incompetence here. Rather it seems like extra work was done to specifically disqualify FreeBSD as an acceptable client. Paranoia maybe, greed maybe, muscle flexing maybe, but probably not incompetence.



grahamperrin said:


> Thanks, which strings did you try?



I've decided that's a no go. I'm not going to waste any time fiddling with user agent settings for this bank. Frankly I'd rather close the account. Banks are many. Operating systems few.


----------



## drhowarddrfine (Jun 21, 2021)

phalange nope. Incompetence. They are basing their page code on the operating system but browsers don't follow operating system code. They have their own standards. Why would one make their page display differently or at all based on O S?
 Stupidity on display


----------



## SirDice (Jun 21, 2021)

It would make sense to check the OS if they used a plugin that only works on Windows, MacOS and Linux. But even then it's not very useful to look at the User-Agent string.


----------



## obsigna (Jun 21, 2021)

Some banks here in Brazil utilize a module which is called Warsaw, that needs to be installed on the local computer. This technology belonged to Diebold but seems to have been taken over by the Stefanini Group:

https://stefanini.com/en/solutions/products/topaz

I would not buy a used car from them, but seems that Banco do Brasil and Caixa Economica trust them to the extend of deploying the Topaz module for their security solutions. This modules are available for Windows, Mac and Linux. I analysed what it does on the Mac.

In Portuguese language: https://obsigna.com/articles/1487785556.html
In English by the Bing-Translator: https://www.microsofttranslator.com...=https://obsigna.com/articles/1487785556.html

It installs a local self-signed X.509 CA certificate, and a service which listens on 127.0.0.1. On connecting the bank, the local service provides said certificate to the web application for the obvious purpose of authenticating the client’s computer with the bank’s server.

Probably this kind of solution, that is limited to said OS's, is not only used by Banks in Brazil.


----------



## Alain De Vos (Jun 21, 2021)

What is wrong with a self-signed certificate or a service which listens on a non-routable IP-address ?


----------



## obsigna (Jun 21, 2021)

Alain De Vos said:


> What is wrong with a self-signed certificate or a service which listens on a non-routable IP-address ?


Nothing, besides that this security solution is not available for FreeBSD 

PS: Of course we want this only be installed by a trusted site on our systems. Who guarantees that this service which runs as root on the Mac does only submit the certificate via the web application to the other end. It could well submit any document of my computer as well.


----------



## astyle (Jun 21, 2021)

FWIW, in the US, Intuit has a central service (and a few datacenters around the country) that acts as proxy between you and the banks. It used to be free until a little over a year ago. I spent a few months trying to make GnuCash work instead of Quicken, but that was a no go. Browsers and phone apps are all that's left for me. At least in my case, the bank doesn't care what I use, filtering is based on IP and MAC address.


----------



## decuser (Jun 21, 2021)

No need for addons - In Firefox - about:config
search for _*general.useragent.override*_
make it a string and put whatever you want in there. Here's a list (71.1 million, to date) of some you might want to add: https://developers.whatismybrowser.com/useragents/explore


----------



## sidetone (Jun 21, 2021)

I thought I was having a problem like this from trying to access my email from my computer. Then, later I couldn't get into FreeBSD forums, so I thought, this wasn't a similar problem.

I upgraded GNUTLS, and the forums worked. Then, I upgraded NSS and I could access my email. I had a similar problem from when I needed to upgrade an encryption dependency for OMEMO to work on XMPP. With the latest issues of a browser or application, this has happened, because of an outdated dependency. This may not be the problem you're having, but it will help with many similar problems.

Edits: then, my email stopped working again.

A lot of bots have an irregular internet client. FreeBSD isn't well known, so maybe it gets caught in the filter with that.


----------



## grahamperrin@ (Jun 22, 2021)

phalange said:


> … I'd rather close the account. …



Would you like to mark the topic _Solved_? Through the *More options* menu above your opening post.


----------

