Not what you want to see on your internet banking site...



  • online banking failure


  • What's really scary of course the is "C:\1" implieing that they use winblows for what manya would consider an application where security is  critical...



  • Path beginning is really bad...

    "c:\1 Development\..." 

    For me that looks like: you're using bank's "development"! version, they don't have real environment and dirs like "2 Stable", "3 Yesterday's" "The Good One" are just not visible to visitors ;)

    Exception .... at "Nationwide.Olb.NavigationBuilder..." made me LOL :) I wonder if they have some Worldwide exceptions also :)



  • Well, Nationwide IS the name of the company, so...

     



  • Nationwide is the name of the bank. www.nationwide.co.uk

    Quite scary though as that's who I bank with.
     



  • @jackie said:

    Nationwide is the name of the bank. www.nationwide.co.uk

    Quite scary though as that's who I bank with.
     

    Took too long to register... 

     



  • At least it's just an error in the navigation. I'd be a lot more worried if it was an error in the funds transfer or something. Unless of course the error happened after adding the balance to the other account but before removing it from the first one. 

    And in terms of the OS, the ".asp" should have given it away. It's rather uncommon to see ASP running on anything other than Windows.



  • @rbowes said:

    At least it's just an error in the navigation. I'd be a lot more worried if it was an error in the funds transfer or something. Unless of course the error happened after adding the balance to the other account but before removing it from the first one. 

    And in terms of the OS, the ".asp" should have given it away. It's rather uncommon to see ASP running on anything other than Windows.

    No, it's worse than that: It's a .NET error occuring in some C# code that is running [i]inside[/i] a Classic ASP page (unless they've been [i]really[/i] strange and put ASP.NET code in a .asp file and forced it through the .NET engine just so they don't have to change the links from the old system)



  • "c:\1 Development\..." 

    It just means that the debugging symbols from the build made on a development machine are deployes as well. No biggy.

    OTOH being that careless (on a online banking site, where trust is key!) about what a user gets to see when a programmer goofs up, kinda makes me think of a StupidProgrammerException closely followed by a StupidSystemEngineerException.



  • @Bob said:

    What's really scary of course the is "C:\1" implieing that they use winblows for what manya would consider an application where security is critical...

     

    har har har.

    Then I suppose it would really scare you to learn of the several trillion dollars that daily pass through several stock exchanges which run 100% on Windows, minus the ECN headends which are Irix boxes that receive master quotes from NASDAQ :) 



  • @MrBester said:

    @rbowes said:

    At least it's just an error in the navigation. I'd be a lot more worried if it was an error in the funds transfer or something. Unless of course the error happened after adding the balance to the other account but before removing it from the first one. 

    And in terms of the OS, the ".asp" should have given it away. It's rather uncommon to see ASP running on anything other than Windows.

    No, it's worse than that: It's a .NET error occuring in some C# code that is running [i]inside[/i] a Classic ASP page (unless they've been [i]really[/i] strange and put ASP.NET code in a .asp file and forced it through the .NET engine just so they don't have to change the links from the old system)

     AHHHHHHHHH!!!!!!

     My tags say it all...
     

     



  • @MrBester said:

    No, it's worse than that: It's a .NET error occuring in some C# code that is running [i]inside[/i] a Classic ASP page (unless they've been [i]really[/i] strange and put ASP.NET code in a .asp file and forced it through the .NET engine just so they don't have to change the links from the old system)

    Possible, but more likely it's the result passed from a function in a .NET webservice, or otherwise retrieving data from an external source to the asp page itself. Probably the back end has been rewritten in .NET with the front end remaining in asp. This error message has just passed up the chain in the place of an expected "<table>...</table>" string or something similar.

    If there was a SQL (foreign language) error message, nobody would assume that they had SQL server running inside the asp page, and the same should apply for a .NET (foreign language) error too.



  • @Bob said:

    What's really scary of course the is "C:\1" implieing that they use winblows for what manya would consider an application where security is critical...

    Get over it, troll.  Windows Server 2003 IS secure.



  • @Kyanar said:

    @Bob said:
    What's really scary of course the is "C:\1" implieing that they use winblows for what manya would consider an application where security is critical...

    Get over it, troll.  Windows Server 2003 IS secure.

    For a few days after each Black Tuesday, anyway. 



  • @asuffield said:

    @Kyanar said:

    @Bob said:
    What's really scary of course the is "C:\1" implieing that they use winblows for what manya would consider an application where security is critical...

    Get over it, troll.  Windows Server 2003 IS secure.

    For a few days after each Black Tuesday, anyway. 

    You're thinking of Internet Explorer, and possibly Office. When was the last IIS6 exploit, or the last low-level TCP driver exploit? An attack against a badly coded .net (or anything else) app is more likely than a system exploit on a locked down 2003 web server. 



  • @foxyshadis said:

    You're thinking of Internet Explorer, and possibly Office. When was the last IIS6 exploit, or the last low-level TCP driver exploit? An attack against a badly coded .net (or anything else) app is more likely than a system exploit on a locked down 2003 web server. 

    Hey, what's that? He is posessed! Let's feed the Great Penguin with him! </bad joke>



  • I love Linux elitists

    They read this page in a putty prompt don't they???



  • The real WTF is this thread turning a random (if potentially undeserved) Windows bash into an OMG-Linux-Elitists and Microsoft-apologetics course.



  • @fennec said:

    The real WTF is this thread turning a random (if potentially undeserved) Windows bash into an OMG-Linux-Elitists and Microsoft-apologetics course.

    There's only two posts of that nature; maybe you're just too sensitive? Where are the other dozen posts making up the great haterism? 



  • But looking at the error message,

    It does seem like they wanted to combine dotNet with Classic ASP. 

     

    ... 



  • Maybe they remapped the ASP extension on the webserver to the aspnet_isapi.dll module?  That could explain it - keep links intact after an upgrade and all that.



  • @Kyanar said:

    Maybe they remapped the ASP extension on the webserver to the aspnet_isapi.dll module?  That could explain it - keep links intact after an upgrade and all that.

    Why didn't they design the application right in the first place, so that the URLs are human-readable or at least logical based on the context of the application, not arbitrarily tied to whatever programming system they used and how they have the filesystem organized? (another thing PHP has lousy support for despite it supposedly being so great for web development)



  • @ailivac said:

    @Kyanar said:

    Maybe they remapped the ASP extension on the webserver to the aspnet_isapi.dll module?  That could explain it - keep links intact after an upgrade and all that.

    Why didn't they design the application right in the first place, so that the URLs are human-readable or at least logical based on the context of the application, not arbitrarily tied to whatever programming system they used and how they have the filesystem organized? (another thing PHP has lousy support for despite it supposedly being so great for web development)

     And how, pray tell, would you expect this to be done?  The server needs SOME way to decide which script processor is responsible for running the script.  Guess how this is achieved?  OMG, the file extension!
     



  • @Kyanar said:

    @ailivac said:

    @Kyanar said:

    Maybe they remapped the ASP extension on the webserver to the aspnet_isapi.dll module?  That could explain it - keep links intact after an upgrade and all that.

    Why didn't they design the application right in the first place, so that the URLs are human-readable or at least logical based on the context of the application, not arbitrarily tied to whatever programming system they used and how they have the filesystem organized? (another thing PHP has lousy support for despite it supposedly being so great for web development)

     And how, pray tell, would you expect this to be done?  The server needs SOME way to decide which script processor is responsible for running the script.  Guess how this is achieved?  OMG, the file extension!

    Truly spoken as someone who's never used Apache, or the various mod_rewrite implementations for IIS. By mapping pure external names to technology-specific internal ones, you get the independance to change technologies, or just move files around on a whim or rehost files on external servers, without breaking links. Makes migrations much smoother. Downside: The more you use it, the worse performance gets (or rather the more hardware you have to throw at the problem), and quite a few web designers will prefer to ignore it in favor of something more portable and totally under their control. (A less-insane version of the mentality that gets people to reject database-driven sites.)



  • @Ice^^Heat said:

    I love Linux elitists

    They read this page in a putty prompt don't they???



    Now THAT would be a WTF... a Linux user running putty. :roll:



  • @JordanL said:

    Now THAT would be a WTF... a Linux user running putty. :roll:
    Why? I sometimes run PuTTY on Linux, and pterm is my favourite terminal emulator.


Log in to reply