Leaderboard

So, as I suspected, one of my extensions in my main profile is preventing CF's security check of my internet connection from completing successfully. After disabling almost half of my extensions, it worked. Here is a screenshot from the UCI login page: I assume a captcha will only appear in the cases the visitor comes from a foreign country or the connection is actually secure but something went wrong and a captcha is given as an alternative to be sure it's not a bot after all. Just an idea! Anyway, which extension was the culprit now becomes a task for Sherlock Holmes.

And, one other thing is also very clear. The failure of the security check in my case is definitely not caused by an underperforming computer. And the browsers New Moon 28 and Serpent 52 have the most recent TLS 1.3 protocol and their current cipher suites. So the connection must be secure. The question must therefore be: What is actually checked during this so-called security check performed by Cloudflare? PS: The website www.uci-kinowelt.de and above all its login page works in Mypal 68 too like a charm without any significant delay or any captcha.

A slow Internet and/or computer can be signs of malware on your PC, including "bot malware" (by which I think they mean something like the infamous Back Orifice, intended for hackers to use your computer, by remote control, to secretly do things like attack other computers) or at least, a noticeable decrease in speed can be signs of such. (You, the user, would of course be best positioned to notice such a decrease. All Cloudflare can tell is that your computer/Internet connection are slower than it considers typical.) But to be blunt, I think Cloudflare couldn't possibly care less whether your PC or mine has a malware infestation, unless said malware is being used to attack one of their paying clients, like @AstroSkipper's movie ticket site. The purpose of the "security check" is to protect their customer, not you. So I hope they presented that message merely as a courtesy while you waited for the final result of their "security check." Of course, your browser didn't fail the check outright; CF ended up passing the question on to "hCAPTCHA" for a final determination. (BTW, "hCAPTCHA" is new to me. Well, at least they didn't rely on Google!) But even if your browser had been fast enough not to have received that message, I think you still would've gotten the CAPTCHA, unless CF's algorithm amounts to, "If this goes really fast, it couldn't possibly be a bot, so no reason for a CAPTCHA. But if it goes slowly, well, then 'bot malware' might be involved - better send a CAPTCHA just to be sure!" In the unlikely case that this is CF's algorithm, I think it's a pretty stupid one, since the whole point of a bot is to do things faster than humans!

... Use the "divide-by-two" method... Say your dirty profile has 42 extensions installed in total 1. Disable the first 21 of them, then restart browser 2. Check for the existence of a bug (in this case, "CF-security-check" not completing) 3. If the bug is present, it's caused by one (or more) of the remaining enabled 21 extensions 4. If the bug is not present, then it's caused by one (or more) of the disabled 21 extensions By using this procedure for each "half" subset of extensions, adjusting accordingly for subsets with an odd number of extensions, you can hopefully arrive soon to the culprit one... The "(or more)" is for rarer circumstances, where a bug is caused by the interaction of two (or more) extensions, as opposed to one only... Worst case scenario: Some extension(s) will continue to interfere even when disabled; I hope yours is not such a case...

@VistaLover, @Mathwiz, @NotHereToPlayGames, @anton12! Thank you all for your investigations, advices, and tips! Yesterday I only had a little time. I just wanted to book cinema tickets quickly, and that was more of an odyssey on my old computer. Maybe, it was my own stupidity, I could have used my Android tablet directly. BTW, the movie "Top Gun - Maverick" was simply great! At home again, I opened the problematic website www.uci-kinowelt.de in Serpent 52 (2022-09-10), and it worked perfectly with a very fast and successful security check for my slow computer without any annoying captcha. That surprised me. Next, I opened it with a new profile in New Moon 28 (2022-09-10), and suddenly, what can I say, it worked there, too. Thanks @VistaLover and @anton12 for your confirmation! In both cases, palefill 1.20 was installed. I still have to investigate why the security check cannot be completed successfully in my main profile of NM 28. Unfortunately, the 360Chrome browsers were no help in this case. I can say one thing with all clarity: I abysmally hate these sites with a so-called security check. Cheers, AstroSkipper

... In the interest of correctness , what I did receive was NOT reCAPTCHA, but hCaptcha; the latter is NOT Google-owned (it's owned by Intuition Machines, Inc., whoever they may be ... ) . ... Remember, I'm not a native English speaker ... After re-reading CF's "tip" in the first screengrab of my previous post, ... I think what they're saying is: "Should you experience computer crashes, slow internet and slowness in your computer, these might be signs of a "bot malware" infestation" ...

Well, your post contained "Your Meme of the Day" as the title of the post, so I thought it was funny. although, @XPerceniol has a point.

Hello AstroSkipper, when logging into https://www.uci-kinowelt.de/meinuci/login the following happens: 1. Checking if the site connection is secure 2. Login 3. I Accept (now you have to click away that cookie button) 4. Mein UCI Login 5. I entered a fake e-mail adress & password 6. Bitte E-Mail und Passwort prüfen ! (please check e-mail & password) Basically the login process seems to be working. Browser: NM28sse (2022-09-10) with palefill@addons.martoks-place.de.xpi(palefill-1.20 ING)

Laughing at the premise that animals are dirty and leave footprints compare to people. I wonder myself it its badly raised people or something, bad egotists - without question and no regard to others. You should see the city after the new year eve, and after some other holidays and spring break from college takes months to clean up and that beach may never unless people change habits. I'm sad to have to say this, but I'm (more than a little) worried that good manners and respect for others and what I would consider 'common sense' concern for others is going away.

I am beginning to have doubts, if I and you are made of the same material... - because I don't understand at all, why you are laughing at this 4th picture. Me when I see it, I have the pity of these repulsive people who have left this garbage on the beautiful beach, they are ill-mannered - badly raised, dirty types, selfish egoists, stupid, etc. I have at this moment the shame of this part of human kind...then I am rather in anger against these behaviors, being horrified to see this beach condition (and what are the municipal property services doing?), not laughing... The level of civilization is measured by the state of cleanliness.

@roytam1, any clue on your side? maybe because of this: https://repo.palemoon.org/MoonchildProductions/UXP/issues/1986

... to which no follow-up has been posted... I won't pretend I fully understand all this , but are we sure the updated URI works 100% with "legacy" ? He should raise that issue at the Legacy issue tracker, but we now know that is not maintained any more... He has to add the new URL to "Custom". The list seemed OK here. However there is no date in the header... I checked by looking at some recent changes here and they were present in my new list. There might be rules in it using a newer syntax, that Legacy can't parse. [Edit] 1343 rules are not parsed a.t.m.

New build of post-deprecated Serpent/moebius for XP! * Notice: This repo will not be built on regular schedule, and changes are experimental as usual. ** Current moebius patch level should be on par with 52.9, but some security patches can not be applied/ported due to source milestone differences between versions. Test binary: Win32 http://o.rthost.win/basilisk/basilisk55-win32-git-20220910-66c08edf5-xpmod.7z Win64 http://o.rthost.win/basilisk/basilisk55-win64-git-20220910-66c08edf5-xpmod.7z repo: https://github.com/roytam1/basilisk55 Repo changes: - partly ported from UXP: Issue #80 - reinstated unified building for some large chunks of our code. (5dfded81) (25c7fc52c) - import from UXP: Issue #1720 - Follow-up: Explicitly include X11UndefineNone.h in HTMLOptGroupElement.cpp to fix unified building on X11 (142f08ce) (2e3d4dfe1) - ported from UXP: Issue #1995 - Fix build bustage in GCC 12 (b93c4ada) (06e848fc3) - import from UXP: No Issue - prevent build issue in MSVC due to libaom SIMD inlining. (42b9149f) (ae58dfb11) - partly ported from UXP: Issue #80 - Re-unify most of gfx (f801bd18) (66c08edf5)

New build of Serpent/UXP for XP! Test binary: Win32 https://o.rthost.win/basilisk/basilisk52-g4.8.win32-git-20220910-3219d2d-uxp-92cf68733-xpmod.7z Win64 https://o.rthost.win/basilisk/basilisk52-g4.8.win64-git-20220910-3219d2d-uxp-92cf68733-xpmod.7z source code that is comparable to my current working tree is available here: https://github.com/roytam1/UXP/commits/custom IA32 Win32 https://o.rthost.win/basilisk/basilisk52-g4.8.win32-git-20220910-3219d2d-uxp-92cf68733-xpmod-ia32.7z source code that is comparable to my current working tree is available here: https://github.com/roytam1/UXP/commits/ia32 NM28XP build: Win32 https://o.rthost.win/palemoon/palemoon-28.10.6a1.win32-git-20220910-d849524bd-uxp-92cf68733-xpmod.7z Win32 SSE https://o.rthost.win/palemoon/palemoon-28.10.6a1.win32-git-20220910-d849524bd-uxp-92cf68733-xpmod-sse.7z Win64 https://o.rthost.win/palemoon/palemoon-28.10.6a1.win64-git-20220910-d849524bd-uxp-92cf68733-xpmod.7z Official UXP changes picked since my last build: - Issue #1999 - Switch to the unorm2 API for String.normalize() (66424272f) - Issue #80 - reinstated unified building for some large chunks of our code. (5dfded811) - Issue #2000 - Stop using deprecated ext/hash_map. This has been long deprecated in favor of std::unsorted_map. Since all platforms are using modern compilers now it should not be a problem to switch over to std::unsorted_map in the single place hash_map is used. This allows us to build on platforms which have removed hash_map such as FreeBSD. (dda19de1b) - No issue - Fix OutputVariable visibility issue, when building with clang. (8cc2925a2) - Revert "Issue #1676 - Follow-up: Put js/src (including vm), jit, and wasm back into unified sources." (7bb8046c1) - Revert "Issue #1676 - Part 20: Split vtune sources out of js/src/moz.build" (23a10c68f) - Revert "Issue #1676 - Part 19: Split ctypes sources out of js/src/moz.build" (b03603e73) - Revert "Issue #1676 - Part 18: Move and separate top level sources from vm sources in js/src/moz.build" (0e7a3f214) - Revert "Issue #1676 - Part 17: Put remaining source files which have debug code ifdef'd behind MOZ_DEBUG" (d83377b8c) - Revert "Issue #1676 - Part 16: Split WASM sources out of js/src/moz.build" (7a45d4dcf) - Revert "Issue #1676 - Part 15: Split threading sources out of js/src/moz.build" (14da6dc66) - Revert "Issue #1676 - Part 14: Split proxy sources out of js/src/moz.build" (29fc6d519) - Revert "Issue #1676 - Part 13: Split perf sources out of js/src/moz.build" (b15c6109e) - Revert "Issue #1676 - Part 12: Split jit sources out of js/src/moz.build" (f4c5ef005) - Revert "Issue #1676 - Part 11: Split irregexp sources out of js/src/moz.build" (86b12c766) - Revert "Issue #1676 - Part 10: Split gc sources out of js/src/moz.build" (8da86488e) - Revert "Issue #1676 - Part 9: Move DIRS down in js/src/moz.build" (28392d5dc) - Revert "Issue #1676 - Part 8: Fix up include for selfhosted.out.h" (5f23cd301) - Revert "Issue #1676 - Part 7: Split frontend sources out of js/src/moz.build" (cd3c43e61) - Revert "Issue #1676 - Part 6: Split ds sources out of js/src/moz.build" (62b5ce90a) - Revert "Issue #1676 - Part 5: Split devtools sources out of js/src/moz.build" (1c6fb7fca) - Revert "Issue #1676 - Part 4: Split builtin sources out of js/src/moz.build" (c86c612bb) - Issue #80 - Re-unify building of /js/src (4bdd6dd93) - Issue #1720 - Follow-up: Explicitly include X11UndefineNone.h in HTMLOptGroupElement.cpp to fix unified building on X11 (142f08ce1) - Issue #80 - Re-unify most of DOM (60e4e3344) - Issue #80 - Re-unify most of the layout engine (b27475f6a) - Issue #1995 - Fix build bustage in GCC 12 (b93c4ada8) - No Issue - prevent build issue in MSVC due to libaom SIMD inlining. (42b9149fb) - Issue #80 - Re-unify most of gfx (f801bd184) No official Pale-Moon changes picked since my last build. No official Basilisk changes picked since my last build. Update Notice: - You may delete file named icudt58l.dat inside program folder when updating from old releases. * Notice: From now on, UXP rev will point to `custom` branch of my UXP repo instead of MCP UXP repo, while "official UXP changes" shows only `tracking` branch changes.

I just downloaded and updated the [basilisk or firefox] folder within my Serpent 52 install, to the version which you are using, and yes, I now see the elements which you mentioned and showed, which were missing to me before. I had set uMatrix to be completely disabled before doing the update, but that alone had not helped. BTW, this is on XP Home x86 with SP3 So thanks once again, and I will next try updating my New Moon 28 similarly. Another report will be upcoming. Cheers !

Thanks. Your insight has been valuable to me in the past, even before I joined MSFN, and I do think that those elements [or their predecessors] worked for me earlier this year, when I last visited that site, where I am considering opening an account. OK, so I will try newer builds of both browsers as you suggested, and will report back. Regarding script blockers, I do have uMatrix installed, but had already told it to allow everything to pass for that domain. Possibly I ought to turn it completely off in the Add-ons manager, just in case it is doing something which it is not admitting. And I too run uBlock Legacy Edition, but had also disabled it for that domain.

With regards to @roytam1 and @feodor2, I appreciate their builds very much. I'm sure just about everyone else here does too...they've played a big role in maintaining modern & reliable browsers for our daily use. The fact that they still support XP is an incredible bonus, and I definitely don't take that for granted as a longtime XP user. Funnily enough, there was a time when I was sticking with Feodor's builds because Roy's were updated 'too frequently', and after that there was a time when I switched over to Roy's builds because Feodor's weren't updated 'frequently enough'. Now I use browsers by both of them, and enjoy them considerably. The important thing to remember is that Roy's builds tend to be weekly or bi-weekly snapshots of where a particular code base is currently at from a maturity standpoint, while Feodor's builds (at least when he was still working with MCP code) follow the release schedule of the official browsers. It doesn't make one inherently superior or inferior to the other...it just means their approaches are different. I've never had any issues with either of them--in fact, if I'm not mistaken, there have been times when Feodor and Roy both mutually benefited from each other's work and helped one another. For all we know, Roy might end up helping Feodor with MyPal 68 & future MyPal versions, and Feodor might end up helping Roy too. Actually, I find it quite interesting to go back in the archives and try older versions of some of Roy's browsers...if you go check the gpc/files1.rt section at his website, he has an incredible treasure trove of 'alternative' browsers and other cool stuff. Early experimental builds of Serpent and New Moon, classic browsers updated with TLS 1.2 & even NSS patches to add TLS 1.2 support to older browsers open up a world of possibilities. Currently, I'm using MyPal 29.3, both the NHTPG and Humming Owl ungoogled builds of 360EEv11, and a recent Serpent 55 build. I also use other browsers (Roy's Firefox 3.6, RetroZilla and Phoenix with added TLS 1.2, Netscape 9 with updated NSS, Opera 12.18, QtWeb, etc.) for more lightweight browsing. Using a Classilla (Nokia N90) user agent keeps them quite viable even in 2022, even if their rendering capabilities are dated by today's standards...with other user agents, there are a lot of possibilities for experimentation. And of course, the vintage Geocities/Angelfire-era sites render with no problems...TheOldNet, 68k.news & FrogFind are truly amazing. I don't expect even Roy's newest build of Serpent 52/55 or New Moon 28 to be able to view every site...some, like DeepL, are starting to run into problems, but I wouldn't abandon them as lost causes just because not every site works 100% correctly. I care more about a code base being fundamentally solid, stable and reliable than anything else, and that is very true of Roy's browsers. Feodor was able to prove that he didn't need MCP code to make a good browser, and I think his 'resurrected' MyPal is quite fantastic. Roy's also done one hell of a job in maintaining mature code bases for his own browser builds. I believe we can appreciate Feodor without putting Roy down, and appreciate Roy without putting Feodor down...they've both gone above and beyond the call of duty to maintain reliable browser code bases, and by fortunate extension sustain the long-term usability of XP long after many mainstream companies started leaving XP users in the dust. Too many old computers end up in landfills...because of their work, a lot of computers that would have otherwise ended up at a dump are still in daily use (including the Pentium D-based machine that I use on a daily basis--the 'average' person would have thrown such a PC out by now, often because they'd see the 'Designed for MS Win XP' sticker on it & automatically assume it's old, slow, & useless). (I'll stop here before I end up in rant territory, if I haven't gotten there already.) My sincere gratitude to Roy, Feodor, and everyone else here at MSFN! Long live XP and all other great OSes!