Reply
Thread Tools
Posts: 3,841 | Thanked: 1,074 times | Joined on Nov 2006
#11
Originally Posted by livefreeordie View Post
Then they whine about how they can't do online banking due to a lack of Java support. How about switching to a bank that isn't ******ed?
It's a Norwegian review, and that's one of the countries where all bank transactions are changing to a system where the authentication is done by a central authority. That authority happens to use a java applet for authentication. In other words, while there still may be a bank or two there that doesn't use this java applet authentication, it won't last: Every bank will, in time.

A java dependency is pretty annoying, and for people with some insight it's clear that there are better ways, but from their point of view there isn't: They believe they need a piece of software to do this, and when they go down that route it's at least much better to use a java applet instead of some Windows-only bank-provided, closed application (as some banks used in the past, or still use).
__________________
N800/OS2007|N900/Maemo5
-- Metalayer-crawler delenda est.
-- Current state: Fed up with everything MeeGo.
 

The Following User Says Thank You to TA-t3 For This Useful Post:
tso's Avatar
Posts: 4,783 | Thanked: 1,248 times | Joined on Aug 2007 @ norway
#12
that authentication service have picked up some noise for security issues, yet sadly its being rammed down the throat of bank users left and right...

as for the wmv issue, hard to tell, tho i have had issues with said streams even on desktop linux, so i guess it could be some kind of drm issue (while nrk have some rights cleared content up on torrents, much of what they stream are either fully or in part from third parties, like bbc).

btw, the review is picking up a fair bit of negative comments in their own comments system to...
__________________
Be warned, posts are often line of thoughts at highway speeds...
 
Posts: 2 | Thanked: 0 times | Joined on Nov 2009
#13
Hello everybody. First let me appologize for being frank.
I read the review also, and I fond that it adressed my concerns ecxactly. The reviewers conclusion is that N900 fails as a phone and as a computer. I decided not to buy it mainly because of poor telephnecentrisity, no OTG USB, no navigation, and no "office" applications. The argument left is multitasking, which isn't an argument for shelling out much mone. I am a business user and need a telephone that works as a telephone AND a computer that can store my files, transfer customer files via USB-stick, transfer pictures from my camera, and whatnot. I for one do niot buy products on the promise of "might be in the future releases".

I find the N900 to be disappointingly poor in all those appartements judging from the many reviews I have read. So it is, like the reviewer said "an expensive toy". And yes I know about open source, and have even read Stallmans original GNU essay. That doesnt say anything about software can be poor. So I guess the open source need to adapt a little bit to Stallmans fundamental perspectives: To ENHANCE existing sw by open source. That said, I guess cooperating with a hypercommercial actor like NOKIA poses some significant challenges to the open community.

Last edited by Lucchese; 2009-11-17 at 17:28. Reason: Fault in source
 
Posts: 3,841 | Thanked: 1,074 times | Joined on Nov 2006
#14
The only physical limit you mention would be the missing USB stick support. There aren't many phones around with room for a full-size USB connector, but maybe that could have been solved with some kind of converter. But the microUSB connector is used for charging, as per the new, international common charger agreement.

I more and more believe the idea of using microUSB as the common charger type was a huge mistake, as this limits what can be done by same connector (ref. USB consortium).
__________________
N800/OS2007|N900/Maemo5
-- Metalayer-crawler delenda est.
-- Current state: Fed up with everything MeeGo.
 
Posts: 2 | Thanked: 0 times | Joined on Nov 2009
#15
Originally Posted by TA-t3 View Post
The only physical limit you mention would be the missing USB stick support. There aren't many phones around with room for a full-size USB connector, but maybe that could have been solved with some kind of converter. But the microUSB connector is used for charging, as per the new, international common charger agreement.

I more and more believe the idea of using microUSB as the common charger type was a huge mistake, as this limits what can be done by same connector (ref. USB consortium).
Yes. I do agree. There is nothing fundamentally wrong with the HW design besides lack of OTG USB, allthough I would appreciate a hard-button for calls

Last edited by Lucchese; 2009-11-17 at 18:04. Reason: Typo
 
volt's Avatar
Posts: 1,309 | Thanked: 1,187 times | Joined on Nov 2008
#16
Originally Posted by livefreeordie View Post
Then they whine about how they can't do online banking due to a lack of Java support. How about switching to a bank that isn't ******ed?
Okay, first I have to agree that the review was one sided negative. You can't test a phone like that and find nothing good about it unless you're biased. Here, I think the bias lies in the very purpose of the article: point out weaknesses. Even so, there should have been something in there to say "we're now only looking at - " because it did come out as all bad, didn't it?

When it comes to "switching to a bank that isn't ******ed", that pretty much isn't possible. First, pretty much all Norwegian banks are to some degree java dependent. * Quite a few of them use the same systems. Second, if you let the use of a java authentication applet affect you so much that you choose bank on that basis, you just move the ******ed part from the bank to the user.

* Or have at some time been. I don't regularly check banks other than the handful I use, and netbanks do change from time to time.

Banks aside: the telephone's lack of java applet support is a drawback. No doubt about it.

Last edited by volt; 2009-11-17 at 18:53.
 
Posts: 1 | Thanked: 0 times | Joined on Nov 2009
#17
Originally Posted by livefreeordie View Post
WTF. It's the only phone that has any chance of having decent Flash, and these jokers start complaining that Silverlight doesn't work??

Then they whine about how they can't do online banking due to a lack of Java support. How about switching to a bank that isn't ******ed?

I've tried to remain objective when reading negative reviews, but this really takes the cake.
Beeing the author of the article in Mobilen.no, I must say it is interresting to follow the discussions in different communities. But let it be said, I really like the N900, and the article was not written as a test telling what the device can or can not do. It was simply an article telling people not to have to high expectations to the device. It's not a full blown mini PC, nor is it a very userfriendly mobile phone.
But I am sure it will change to the better as the developers gets their tweeks to the market. During "The way we live next" event in Helsinki last week, a messaging sentric user interface was demoed. It looked great.

And by the way - this joker never complained about Silverlight not working. He simply stated that the service run by TV2 in Norway streams TV using WMV or Silverlight (optional).



Espen Irwing Swang
 
Posts: 262 | Thanked: 229 times | Joined on Aug 2009
#18
Originally Posted by volt View Post
Second, if you let the use of a java authentication applet affect you so much that you choose bank on that basis, you just move the ******ed part from the bank to the user.

* Or have at some time been. I don't regularly check banks other than the handful I use, and netbanks do change from time to time.

Banks aside: the telephone's lack of java applet support is a drawback. No doubt about it.
My wording was harsh, I admit, but 99% of my interaction with my bank is over the internet. If the site turns unfriendly, I would most certainly consider switching.

How does this app work anyway? I can't see how it could increase security. Proof of security theater (a.k.a. incompetence) would be another reason to consider switching. There was also a recent scandal in Finland when Sampo bank's java BS was reading all kinds of sensitive files on the users' systems.

It would be nice if Maemo supported java for other reasons than banking, but surely a VM can be installed under Easy Debian if you really need one?

Originally Posted by esswang View Post
And by the way - this joker never complained about Silverlight not working. He simply stated that the service run by TV2 in Norway streams TV using WMV or Silverlight (optional). Espen Irwing Swang
Ok, I read that a bit quickly... I thought it said WMV on Silverlight. But it's still a bit rich to put so much focus on proprietary technologies. Almost half your article is about problems with Exchange, WMV, lack of DRM and how the bundled Office viewer can't write files.

Frankly I got the impression you tested all the features you had on your previous phone without testing any of the features that the N900 adds, thus only finding negatives. Not very imaginative.

Edit: ok, that's not entirely fair. You mention the advanced browser and video codec support. But then you give up due to one bug and one streaming video site that doesn't work...

Last edited by livefreeordie; 2009-11-17 at 20:04.
 
volt's Avatar
Posts: 1,309 | Thanked: 1,187 times | Joined on Nov 2008
#19
Originally Posted by livefreeordie View Post
(...) but 99% of my interaction with my bank is over the internet. If the site turns unfriendly, I would most certainly consider switching.

How does this app work anyway? I can't see how it could increase security. Proof of security theater (a.k.a. incompetence) would be another reason to consider switching. There was also a recent scandal in Finland when Sampo bank's java BS was reading all kinds of sensitive files on the users' systems.

It would be nice if Maemo supported java for other reasons than banking, but surely a VM can be installed under Easy Debian if you really need one?
Although 99% of my interaction with my bank is over internet, that last 1% represents the biggest chunk of money that I will ever spend on anything. That last 1% is by far the most important. For me, anyway.

Another point for me is that I always use my web bank sitting in front of my PC, with a bunch of papers in front of me. 800x480 and thumb keyboard doesn't do it for me when I need to type in 20 digit KID numbers. I don't know how it is with you guys.

As to the BankID application (which is actually just one of several java applets I have seen in regard to Norwegian online banking), I suspect it does lift the security somewhat:

International recognition
In October 2006, BBS and the Norweigan BankID Scheme were awarded the international "eema Award for Excellence in Secure Electronic Business".


However, I think most users find it to be more of a pain than a gain.

Last edited by volt; 2009-11-17 at 20:06.
 
Posts: 262 | Thanked: 229 times | Joined on Aug 2009
#20
Originally Posted by volt View Post
Although 99% of my interaction with my bank is over internet, that last 1% represents the biggest chunk of money that I will ever spend on anything. That last 1% is by far the most important. For me, anyway.
Good point, but building bad systems should affect your faith in the bank. Personally, I'd at least start investigating alternatives if I was dissatisfied with customer service. If the "bad" bank's offers were significantly better, well, at least I tried...

Originally Posted by volt View Post
Another point for me is that I always use my web bank sitting in front of my PC, with a bunch of papers in front of me. 800x480 and thumb keyboard doesn't do it for me when I need to type in 20 digit KID numbers. I don't know how it is with you guys.
I log in with an 8-digit ID I've memorized and a 4-character one time password (list in wallet, ID not). Once logged in, transactions are authorized with a random reusable 4-character password. The site uses XHTML over HTTPS.

Originally Posted by volt View Post
As to the BankID application (which is actually just one of several java applets I have seen in regard to Norwegian online banking), I suspect it does lift the security somewhat:
I googled a bit, and it seems like the BankID scheme is feature creeped to the max. For simple banking, it doesn't provide security above my bank's, and it introduces new vulnerabilities due to its unnecessary complexity.

And here's the reason for the feature creep:
"The initiative, called BankID, aims to become a national ID infrastructure supporting services such as authentication and digital signatures for the entire Norwegian population."
http://www.nowires.org/Papers-PDF/MitM_SEC2008.pdf

I'd avoid this like the plague.

"We have found cryptographic weaknesses that may indicate security problems, protocol flaws facilitating man-in-the-middle attacks, and implementation errors facilitating strong insider attacks. We also note that the system suffers from severe privacy problems."
http://www.math.ntnu.no/~kristiag/pki/europki.pdf.

Last edited by livefreeordie; 2009-11-17 at 20:39.
 
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 11:23.