eircom's webmasters suck
This is getting on my wick. For years (really – years), Eircom has had a stupid annoying JavaScript alert on its front page warning that Netscape was somehow insecure and that entering your username or password anywhere in the site could somehow open your computer up to all sorts of malicious hacker damage.
Are they idiots? “Netscape” is based on Gecko, which is many times more secure than IE. There is no alert when you visit in IE!
I’ve contacted them twice so far in the past about this, and twice, they’ve replied saying basically that I was smoking crack, and that the alert I was talking about did not exist – oh and am I sure I’m talking about eircom.ie and not eircom.net (which, by the way, does not have an alert, so that question was stupid anyway).
Here is a screenshot taken in Konqueror (note: this is not Netscape, or even Firefox).
I am not imagining this!
Here is the message I just sent to them – again.
I’ve been in contact a few times in the past about this problem, and each time, I’ve been basically brushed off with a “this problem does not exist – you’re making it up” response.
Please look at this screenshot:
http://verens.com/i/eircom.ie.png
That alert pops up every time I visit eircom.ie with a browser which is not Internet Explorer (which, by the way, does not work on my operating system (Linux), so you can’t say “well, just use Internet Explorer, then”)
Please stop discriminating against non-IE users. My browser is /not/ insecure. And, by the way, it’s not Netscape either, so the alert is irrelevant anyway.
In the past, I’ve tried getting you lot to fix this, and have had replies such as “You should be talking to the eircom.NET support team” – look – this problem is on the .IE website – please fix it.
I went to this site in FireFox and sure enough that message was displayed. So you are right on that count.
I clicked on the OK button for further information where I read that they are referring to the Password Manager functionality found in Netscape and Firefox. The name of the function that causes the message is even called showNetscapePasswordManagerPage.
It’s perfectly true that in FireFox and Netscape, unless you have a master password set for the Password Manager, someone could bring up the Password Manager dialog box and click on the ‘Show Passwords’ button to see what passwords are being stored.
Konqueror also has Password Manager functionality – so there’s no reason to think that the eircom.ie webmaster has got things wrong at all with regards to identifying browsers that have this functionality.
Though they should mention that setting a master password which FireFox et al would then require you to type in when using the Password Manager’s functions.
And they should have the message properly identify/name the browser being used – it should say FireFox, or Konqueror if that’s the name of the browser that you are using to view the site.
Any browser that has the ability to show you what passwords are used for the sites you visit should only do so if you have a master password set – that’s what the problem is and I’d like to think if Internet Explorer also had similar Password Manager functionality that users of that browser would get a similar message.
So in regards to this aspect, Netscape, Firefox and Konqueror are insecure.
It seems to me that they wish to safeguard against any chance of someone discovering what your eircom password is, so I personally I think they ought to be applauded for bringing this to the public’s attention, not ridiculed.
Again they do need to fix their bug so that the message doesn’t always say ‘Netscape’ but that seems a relatively minor issue.
Just my two cents on the matter.