Home Ec

Bank Website Cookies

Seeing as how we live in The Internet Age, I must fetch my statements from Big Bank’s website, rather than extract quaint sheets of paper from an envelope. Seeing as how the start of the Internet Age is over, I run a fairly well armored version of Firefox that ruthlessly suppresses ads (have you ever bought anything as a result of an Internet ad?), crushes cookies, rejects malware, and generally defends my interests.

Big Bank’s website doesn’t work without adjusting the armor and, equally unsurprisingly, those adjustments seem to depend on both their website’s current revisions and my browser / plugin / extension versions. It seems mildly odd that Big Bank would depend on the same techniques that identify advertisers and scammers and malware purveyors, but so it goes.

My most recent attempts to retrieve an account statement produced an indefinite “busy” loop instead of a PDF file, which usually means something got blocked. Big Bank outsources its statements and I’ve already whitelisted internet-estatements.com and allowed its popups, so it must be something else.

A bit of rummaging in the sump revealed cookies from several domains that didn’t get set whenever I tried to access my statement:

  • adsrvr.org
  • bigbankcardus.com
  • casalemedia.com
  • doubleclick.net
  • mookie1.com
  • serving-sys.com

Pop Quiz: which domains in that list would you trust without question?

Bonus: Explain why “mookie1.com” isn’t funny in this context.

Double Bonus: Why is a banking website dealing with doubleclick?

It seems the missing cookies came from bigbankcardus.com, as the statement PDF appeared after I whitelisted that domain and reloaded everything.

I could understand (if not enthusiastically approve of) getting advertising cookies from Big Bank’s main page, but there should be exactly none of that crap when I access my statements.

There is no point in complaining: it’s like that, and that’s the way it is.

At least they don’t require Internet Explorer

11 thoughts on “Bank Website Cookies

  1. Why are they dealing with doubleclick? Money. Even though you pay them and trust them with your money, they serve their stockholders, not you.

    1. Aye!

      I’d like to think of a benign explanation, but haven’t come up with anything even faintly plausible…

  2. I’ll stay in the 20th century, at the cost of the “interest” in my interest-checking account. Doesn’t take that long to handle the statement, either way. Quicken helps a lot, even offline.

    At least they don’t require Internet Explorer

    In XP, my least favorite bit was the requirement you use IE to get the MS program updates, and a large number of those were for IE–close to the only thing I used it for. Win 7 is better, with a dedicated update process, so IE gets dusted off every 2-3 months when Pale Moon can’t handle an odd page. Even that’s happening less often, lately.

    1. We’re waiting for the Credit Union to “go paperless” by charging for paper statements; at this point, they’d probably charge more than the interest they pay. [sigh]

      Nice thing about paper: it doesn’t mysteriously vanish or change its values.

    1. We have accounts at a local Credit Union (the one with the weird “download this DLL” browser incident), but, in this case, some investments drove us to deal with Big Bank.

      With that in mind, a pox on their collective backside!

  4. Please tell your Firefox settings… especially the one that dumps the ads.

    1. The key Firefox (or Pale Moon) extensions:

      I had to give up on Noscript, because the unscripted Web just doesn’t work.

      Check all the boxes in the Security tab, check “Block pop-up windows” in Content, and you’re pretty much set. When you’re in a trusted site, you can tell Adblock and Self-Destructing Cookies to calm down. On other sites, browsing has fewer distractions…

      1. A couple of comments here. I pretty much have to run Noscript and Adblock Plus to get reasonable response, because of my dialup. Pale Mood 25.0.1 now is forking away from Firefox, and you need a copy of Adblock Plus from PM folks. The original version sort of works, but you lose the panel. PM is working with the developer.

        If a page is stuck, I’ll open ABP’s panel, look at the blockable items, and hover over a css line. This usually (80-80%) causes the page to finish loading. It’s more an issue on dialup, though it could be Noscript/Adblock Plus interaction. I’m getting satellite internet fairly soon, so we’ll see.

        For Noscript, the default is to have all scripts forbidden. When I know a site, I’ll set permissions as necessary. For instance, on softsolder.com, I browse with all scripts off. If I comment, I’ll temporarily enable all. google-analytics seems to be necessary for a lot of commerce sites, but it slows me down to much, so it gets used temporarily. Some sites have the top domain enabled–depends on circumstances. Noscript has been pretty good about not screwing things up during updates, so once it’s working, it usually stays working.

        Banner ads don’t bother me, so I find Noscript essential, and Adblock Plus useful. YMMV.

          1. you haven’t read the latest update

            Errk! Thanks for that lump of useful news. Must get the ABP addon the next time I’m at the library. Must research it, but noscript might block the redirect. I won’t count on it.

            connections worth half a buck

            That hasn’t been stopping the recent attempted intrusions on my machine. I was going to send an abuse complaint until I searched “ecatel malware” and saw the futility.

            And I’ll have to get a fix for the bash bug on the linux machines when I get broadband. Sigh.

Comments are closed.