Virgin One Account - Website Down

davidmcn

londonman42 wrote: »

Some of us have Linux. Or would you have me pop down to PC World and buy another computer just to access my account?

No need for a separate computer to install more than one OS.

I'm not disputing that it's a hassle, but it seems less trouble and cost than remortgaging.

londonman42

LOL !! I can see where you are coming from but wrong assumption. I used to have a mortgage with them but paid it off a long time ago.

Still kept the account open as I like to have the option of a separate account. Thing is over the years I have used it as the account for monthly incomes and outgoings, direct debts and standing orders and so it self-managed effectively.

It will be a headache to move.

Been playing around a bit and have discovered that if you have a Mac then Safari 7.1.2 still works. You can also download an older version of Chrome v31 that works fine on the website from a Mac. Camino also works fine.

Drilling down even further, the issue relates to a possible attack vector (POODLE) using SSL3. Reason why Safari still works is that Chrome and Firefox completely disabled access to SSL3 sites. Safari just disabled one small component of SSL3 support although the security gurus (it would seem) are open as to whether or not that is sufficient. Who knows...could be that Apple decides to go the whole hog and also disable SSL3 in the future in which case Safari also will not support the website.

As an aside, it shows just how switched on the One account is since their message ignores all other computers other than PCs. :rotfl:

Bottom line. Virgin have done Sweet FA on their IT systems for years and years and years. Now they are part of RBS and so will have their begging bowl out for money and resource to fix the problem. Given the lack of investment over the years it could well be that the cost of solving the problem is massive. EG It ain't going to happen.

Seeing as how they have stopped taking mortgage applications (staff training...ahem...) I think the writing is on the wall.

Lastly, Hell will freeze over before I buy a PC again!

kingstreet

RBS may have thought there was a future in the current account mortgage market pre-2007.

It purchased First Active and One Account but since then the market for unrestricted re-drawing of (over)payments has shrunk dramatically to the point where post-MMR there is really no appetite for a product which allows people to borrow money without up to date affordability checking.

As a consequence, there is little appetite for investment in maintaining the technology required to support it. I suspect RBS would be happy if FA and OA borrowers disappeared elsewhere.

londonman42

kingstreet wrote: »

RBS may have thought there was a future in the current account mortgage market pre-2007.

It purchased First Active and One Account but since then the market for unrestricted re-drawing of (over)payments has shrunk dramatically to the point where post-MMR there is really no appetite for a product which allows people to borrow money without up to date affordability checking.

As a consequence, there is little appetite for investment in maintaining the technology required to support it. I suspect RBS would be happy if FA and OA borrowers disappeared elsewhere.

Well they are trying very hard to convince customers to move. Surely though for an online service there should be an element of Fit For Purpose? Certainly their online security page makes no reference to only supporting specific browsers.

kingstreet

londonman42 wrote: »

Well they are trying very hard to convince customers to move.

Exactly. Making it difficult to manage your account seems a cheap/simple way to get you to vote with your feet...

londonman42

kingstreet wrote: »

Exactly. Making it difficult to manage your account seems a cheap/simple way to get you to vote with your feet...

Agreed. But then you'd think that their parent (RBS) would want to minimise any bad press.

:doh: What am I saying. RBS !!

teabelly

The latest FF update on a mac has turned off the ability to access SSL v3 sites even with the plugin designed to do it. Chrome still seems to work ok.

londonman42

re you sure, teabelly? I was on version 39 and that didn't work. V 31 is OK.

Anyway, soon going to be shot of them. Slow work as they don't subscribe to the central switching system.

teabelly

In version 34.05 of FF for mac I get the following:

An error occurred during a connection to service.oneaccount.com. SSL peer rejected a handshake message for unacceptable content. (Error code: ssl_error_illegal_parameter_alert)

This is with the SSL plugin doodad set to allow ssl v3

Previous versions of FF worked ok with the plugin set to allow it.

I have a slightly out of date chrome it seems so I expect it to knacker it if I ever restart it.

I'd ditch them as well but no one else offers a similar product so I'm stuck with their substandard service.

kelvindh

Hi,

I had the same problem, here's a work around I used:

1. Open firefox.
2. In address bar type "about:config" (click "I'll be careful, I promise")
3. Change the value for: "security.tls.version.fallback-limit" = 0 (from1)
4. Change the value for "security.tls.version.min" = 0 (from 1)

Restart firefox and OneAccount should work again.

WARNING: This will cause firefox to use SSL3 again and be vunerable to the POODLE attack