I’ve seen this issue around the interwebs. You set to log in to your favorite website for ordering various bits or bobs, or perhaps fancy doing some online banking—BOOM—Firefox tells you that you’re insecure! Granted, I have some personal issues, but telling me I’m insecure is a bit rude.
Today, this issue appeared with the login page for My Virgin Media, Britain’s number one Internet Service Provider offering fantastic speeds over a solid fibre optic cable—no phone line necessary. For £28.50 a month, and a £49.50 installation fee, I’m getting approximately 6.9MBps download speed, rated 50Mbps; that’s six point nine megabytes per second. Sadly, like many ISPs, I’m not offered a very good upload speed, but roughly 390KBps is just enough for some acceptable streaming over Twitch, and for some decent online gaming. But what good is such a fantastic service if we want to log in and are then told our connection
Oddly, this problem only seems apparent for us Firefox users, a browser which, according to Wiki, has, as of July 2015, “between 12% and 19% of worldwide usage of users,” with Chrome, for some reason, being the top dog for the majority of the users across the globe. I’m not sure what changed to make Chrome so popular, because previously, it was all about Firefox!
I’ve just spoken with a Virgin Media techie, by the name of Ian, and he claimed that he’s “unaware” of such an issue with My Virgin Media or Firefox, but oddly, later goes on to say that he can “definitely remember” a few occasions in which Firefox has “flagged something as a false security concern,” and that he has already “had chats and calls in the past” with others claiming that “our website doesn’t use the best security protocols.” So which is it? I now wonder.
Ian continues: “I’m afraid I’m not qualified enough to confirm this but what I will say is that if this was a real security concern our Website wouldn’t be allowed to remain open. If the protocols need to be updated then I’m sure our IT department are looking into this.”
Ian then provides me a link to a thread on the Virgin Media forums, and a link to a workaround from September, this year. I suspect any workaround of this nature will merely trick Firefox into thinking it’s secure, but that still leaves a dirty thought in my mind: what if it’s actually not secure? Being paranoid about security can make browsing a challenge at times.
Thankfully, Ian understood my security concern, stating that you “can’t be too careful these days especially over the Internet.” Well said, Ian.
Taking a look at the suggested thread which discusses this issue, a commenter by the name of Sololobo reminds us that this is our ISP, on which we “depend” to “help ensure” our “online security.” Too bloody right. If we can’t even trust our ISPs then what hope in hell do we have of being at all secure online? At the bottom of the thread is a post by site admin, James_W, who tells us “this information has been passed on to our security team for analysis.” That was, however, over half a year ago.
Annoyingly, I’ve actually had this issue with PayPal in the past, and even my bank’s website, but I seemed to have resolved that by tweaking Kaspersky Internet Security. It appeared that Safe Money was somehow interfering with Firefox’s certificate checking system.
Imagine walking into your local bank only to have a member of staff tell you that you should “probably know” that “this bank isn’t secure.” Sure, that’ll make me really comfortable.
Being insecure sucks.