Leaderboard

I believe that this can be the basis for an (another) "EU-divide" of sorts.. The Italian "Cyber Authority" (ACN/CSIRT), as well as the French "Annsi" are (AFAIK) much less strict than BSI about Kasperski, basically they say they couldn't find anything "wrong" with it, still it is advisable to re-evaluate the risks and explore alternatives to security software made in or connected to Russia (very generically):: https://www.csirt.gov.it/crisi-ucraina-analisi-del-rischio-tecnologico-e-diversificazione https://www.csirt.gov.it/contenuti/analisi-delle-principali-vulnerabilita-sfruttate-in-campagne-cyber-pubblicamente-attribuite-ad-attori-di-matrice-russa-e-relative-mitigazioni-al01-220512-csirt-ita https://www.cert.ssi.gouv.fr/cti/CERTFR-2022-CTI-001/ Cannot say about other EU national cybersecurity agencies, I haven't seen any other countries "advice" about the matter, so if we go along: 1) if you live in Germany, follow BSI -> NO Kasperski 2) if you live in France, follow Annsi -> better avoid Kasperski, you never know 3) if you live in Italy, follow ACN/CSIRT -> re-evaluate risks of using software with connection to Russia (Kasperski is not explicitly mentioned) 4) if you live in any other EU country and your national authority hasn't released a specific advisory, do nothing or choose among the three above jaclaz

I had cleaned and decontaminated only the crap which was implemented by the website providing that installer. This crap wasn't a part of the original installer. I did not modify anything related to Kaspersky. Such modification you suggested are not allowed due to copyrights and especially not here in the MSFN forum. This would violate the forum rules. Read the forum rules!

Whatever reservations anyone may have about using Kaspersky, or any other security program, discussing them here is completely appropriate. The whole point of threads like this, and indeed this whole forum, is to enable people to make informed decisions about this sort of thing. There will be no shutting down of debate by anyone. Any attempt to do that will result in this thread being closed.

Hello @Saxon! If you are permanently connected with your notebook to the internet and need a real-time protection, you can try Panda Antivirus Free. Here is a link to my article: https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/?do=findComment&comment=1244402 Alternatively, if you are willing to buy a license, you can try Malwarebytes Antimalware. This older version is very light on resources: https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/?do=findComment&comment=1248964 And this is a more recent version: https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/?do=findComment&comment=1244368 Cheers, AstroSkipper

Keep personal comments out of this thread.

You can't do that, it's against EULA to modify and remove parts of the programme, I already explained it. Also, I'm pretty sure it's against other Russian laws. Find an English EULA where they explicitly allow you to do that, also you need their approval to publish their modded programme at public places such as MSFN.

My opinion and my attitude to this matter is based on what I already wrote and linked in this post:

It would then be a modded software, and this topic includes only the original versions, Fair would be to have a banner with a warning, smth like: Custom modified AV, self-proclaimed to be secure. And I'm pretty sure it's against their EULA, so you can be sued for modding the code. It's a friendly advice on how not to get into trouble with the law.

@NotHereToPlayGames Apart from that, I haven't read anything from you in this thread that could in any way help readers learn about security programmes. Most of your few posts here are generally rather offtopic and informationless. If you change that at some point, that would be nice and provide a real service to the reader. And by that I mean contributions that do not have Kaspersky as their content. Because the topic has been discussed extensively here and in the old anitvirus thread.

It is a service to the reader of my thread to point out software that many countries consider a significant security risk. And, since you reject and do not use any anti-malware programmes and firewalls, as you have posted very often here on MSFN, I cannot take seriously your praise for Kaspersky and all investigations whose results are biased and predictable. There is a nice saying in the German language: "Schuster, bleib bei deinen Leisten!". Translated only for you: "Cobbler, stick to your last!". But it will certainly be fun to read "your results".

Correct! The image of used DLL files is totally perfect for the verification of the existing, massive security concerns in terms of Kaspersky.

Pleasse count the .dll's for other anti-virus programs and report back your findings on them also. McAfee for one is also very big into this "DLL file invasion and abuse". Taking this thread to such "anti-Kaspersky" extremes serves your viewers a dis-service and not a "service". What @UCyborg posted is of USEFUL IMPORTANCE and is INFORMATIVE to the viewer. We need more of THAT instead of useless "massive security concern" innuendos without actual proof or verification.

Since 86 won't be patched, I think this is the best solution. Dixel's fix tells Web sites you don't want WebP, and if a server gives you a WebP image anyway, Proxomitron dumps it. Of course a Microsoft-owned Web site is very unlikely to host a malicious WebP image. But that was just an example to show that a (possibly malicious) WebP image could be served even with Dixel's fix. I agree with your decision (if not your reasons). It should be up to each individual to evaluate the risk and act according to their own best judgment. If someone wants to take preventive measures, @Dixel has published his patch and Proxomitron is readily available. Personally, I only use 360EE for a few sites, so I haven't taken any precautions myself. If I used it for general browsing, I'd probably be more proactive. On patched software, I see no reason to distrust WebP. I know some don't like it but there's nothing inherently wrong with the format. It's just that, due to the complexity of decoding it, everyone has been copying Google's open-source decoder, which is actually quite efficient - it just happened to have an exploitable bug. As I said on Roytam's thread, I don't think in the least that this bug was due to ill intent - anyone writing code (me) can make a mistake like this. I wouldn't categorize these concerns as "propaganda" though - that sounds as if we're being a bit dishonest by raising them.

If there were not massive security concerns about Kaspersky, which have been sufficiently discussed in this thread and can be read here, then just looking at this list of loaded DLL files by Kaspersky's programme file avp.exe would be enough not to install such a programme : This is more like a DLL file invasion and abuse. One can scroll until the fingers are sore. This gives an even better understanding of the warning issued by the BSI in Germany. Personally, I would never under any circumstances install such a programme, even as a test. So, my dear readers, be careful when looking for an antimalware programme! You don't have to knowingly contaminate and compromise your system.

Then it's a hardware failure.

Changelog, please.

You are right technically speaking, but the sneaky K-Lite embeds itself such deep into OS, for example it suggests to replace/disable the original Microsoft AVC codec, when you run the installer with "advanced" settings. After the installation, all apps will now use the K-lite codecs, not the system ones. Even the windows player! @Cocodile is right. Integrating the preview of webp into explorer is the best way to get infected.

" security fix for lossless decoder" lossless?

Hello everyone, the WURv4 catalog is now available, although there are certain limitations: the download history does not work correctly, or on an NT 5.x system such as 2000 or XP a cyclic redundancy error appears when downloading updates not added by Microsoft in inventories. But in 9x you can download updates without problem.

I too was surprised to see that there was some sort of update. The good thing is that I have Nightly made portable with its own profile, so updating and corrupting the profile did not damage my data. I had to add a policy to block updates, but it affects all versions of Firefox.

Noted. And in that thread, you wrote this -- "where I was even courteous enough to provide a very rare installer for Kaspersky Free Antivirus 2019, which I had previously cleaned and thus decontaminated" So are we allowing MODDED versions or not? Because Kaspersky CAN be MODDED to be "safe and secure" and NO LONGER a concern with identifier strings. That is the angle I am coming from. I have not tested yet, all I've done thus far is create 4 partitions and installed XP *three times* so I have TIME INVESTED. IF, and it's a big IF, but IF Kaspersky (after removing telemetry and Unique ID String) is lean and mean compared to AVG, Avast, McAfee, Norton, MalwareBytes, then WE MUST consider it as the "superior" alternative for OLD HARDWARE. Again, a big IF, but if an XP installed with Kaspersky "idles" at 5% CPU utilization and 15% RAM utilization where an XP installed with McAfee "idles" at 20% CPU utilization and 40% RAM utilization, then who in their right mind would use McAfee. Purely hypothetically percentages at this stage.

You have no authority to do this. This thread is about security programs for XP that work. Kaspersky is one of them. That is not a "praise". This quote is, as you always like to do, taken out of context. If someone posts about the same programme (and by that I mean Kaspersky Antivirus) over and over again, one doesn't really have anything new to say here. I personally write about many different security programmes here. Hence, my advice: First read, then write! As you know, I am the creator of this thread, and I will fill it only with content, which I can justify to myself, thus to the best of my knowledge and conscience. And I can of course suggest whatever I want to. But I can remember very well when you demanded in one of your countless Chrome threads that no one may say anything about the age of 360Chrome and that this browser is obsolete. For that, you are right, you did not have the authority to do this. Anyway! Regarding this topic, TBH, it is crystal clear one can't reach the unteachable or motivated for other, known reasons anyway. But maybe, those who still associate anything meaningful with the term security in this day and age. IMHO, Kaspersky is simply said history, no further investigation will be done by me. And as I already recommended, Kaspersky should be avoided based on all the facts listed here and in the old antivirus thread. And this is only a recommendation and nothing else. That's why I listed Kaspersky here: Cheers, AstroSkipper

This thread is about security programs for XP that are secure.

That is true. Because I do not use nor believe in anti-virus products. That said, it IS the anti-Kaspersky talks that have me INSTALLING IT on a laptop "to witness for myself". I am not "praising" Kaspersky. In fact, it's the opposite. My view (from past experience) is that ALL anti-virus programs do what we often point out in regards to Kaspersky. I am installing it! Among a couple others. By all means, please tell me exactly which ones to install. My goal is to install only THREE and one of those three MUST be Kaspersky.

True, but let's not hide those concerns under the rug for OTHER anti-virus programs. Let's NOT act like Kaspersky is the only offender. McAfee is equally "offensive" and I may end up posting the same sort of "DLL H3LL" screencap later this weekend. How many .dll's does AVG use? How many additional "processes" listed in Task Manager? Et cetera. I view it along the lines of “Why do you look at the speck of sawdust in your brother's eye and pay no attention to the plank in your own eye?" Pointing out the Kaspersky Plank while pretending sawdust doesn't exist in other products is "misleading".

New build of Serpent/UXP for XP! Test binary: Win32 https://o.rthost.win/basilisk/basilisk52-g4.8.win32-git-20230923-3219d2d-uxp-cd21720e06-xpmod.7z Win64 https://o.rthost.win/basilisk/basilisk52-g4.8.win64-git-20230923-3219d2d-uxp-cd21720e06-xpmod.7z source code that is comparable to my current working tree is available here: https://github.com/roytam1/UXP/commits/custom IA32 Win32 https://o.rthost.win/basilisk/basilisk52-g4.8.win32-git-20230923-3219d2d-uxp-cd21720e06-xpmod-ia32.7z source code that is comparable to my current working tree is available here: https://github.com/roytam1/UXP/commits/ia32 NM28XP build: Win32 https://o.rthost.win/palemoon/palemoon-28.10.7a1.win32-git-20230923-d849524bd-uxp-cd21720e06-xpmod.7z Win32 IA32 https://o.rthost.win/palemoon/palemoon-28.10.7a1.win32-git-20230923-d849524bd-uxp-cd21720e06-xpmod-ia32.7z Win32 SSE https://o.rthost.win/palemoon/palemoon-28.10.7a1.win32-git-20230923-d849524bd-uxp-cd21720e06-xpmod-sse.7z Win64 https://o.rthost.win/palemoon/palemoon-28.10.7a1.win64-git-20230923-d849524bd-uxp-cd21720e06-xpmod.7z Official UXP changes picked since my last build: - Issue #2026 Follow-up: Fill in missing BigInt64 cases in js::IsTypedArrayConstructor(). Hopefully fixes RSA errors on ProtonMail. (7392901a9b) - Issue #2282 - Performance observer safety checks. Both fixes from later revisions, without the Dispatch API changes. (470af6ba50) - Issue #2308 - Fix JSON BigInt regressions. https://bugzilla.mozilla.org/show_bug.cgi?id=1522433 (e9202b0b0f) - Issue #2308 & #1240 Follow-up - Introduce new increment and decrement operations. https://bugzilla.mozilla.org/show_bug.cgi?id=1508521 (5c8a6c5bb8) - Issue #2308 & #1240 Follow-up - Add BigInt support to JSOP_INC and JSOP_DEC. https://bugzilla.mozilla.org/show_bug.cgi?id=1526309 (e12e377e51) - Issue #2308 & #1240 Follow-up - Fill in missing JSOP_INC/DEC cases for Ion on Intel32/64. (2b637c564f) - Issue #2308 & #1240 Follow-up - Replace JSOP_POS in ++/-- with JSOP_TONUMERIC. https://bugzilla.mozilla.org/show_bug.cgi?id=1519135 (209d714434) - Issue #2308 & #1240 Follow-up - Fill in missing JSOP_INC/DEC cases for Doubles in Ion. (8f44226445) - Issue #2307 - Part 1: Extend masm with the pmovmskb SSE2 instruction. (ba51ff6a74) - Issue #2307 - Part 2: Move SIMD code generation to masm methods (20f39d9450) - Issue #2307 - Part 2b: Remove superfluous dev comment (b086ec848b) - Issue #2307 - Part 3: Remove SIMD.js support (50a4412750) - Issue #2307 - Part 3b: Fix build bustage. (45c19ce1c5) No official Pale-Moon changes picked since my last build. No official Basilisk changes picked since my last build. My changes picked since my last build: - Revert "dom/media: more eme fixes" (2c6336eddb) - Revert "configure: move MOZ_GMP define block after MOZ_EME" (7e50abda7d) - Revert "Issue #2301 - Make Gecko Media Plugins optional when not building EME or WebRTC" (119feb053c) - missing changes when reverting previous commit (6c3db876fc) - [libwebp] Fix next is invalid pointer when WebPSafeMalloc fails (e5aed07ec1) - [libwebp] Never send VP8_STATUS_SUSPENDED back in non-incremental. (293fa3120b) - wasm: follow-up rev 50a44127 (cd21720e06) Update Notice: - You may delete file named icudt*.dat inside program folder when updating from old releases. * Notice: From now on, UXP rev will point to `custom` branch of my UXP repo instead of MCP UXP repo, while "official UXP changes" shows only `tracking` branch changes.

Hello @we3fan! Thanks for your suggestion! I know this tool and some others to minimize programmes to the systray. One of them is Min2Tray. If someone of you uses my package ProxHTTPSProxy's PopMenu TLS 1.3 3V3, then the tool Min2Tray v1.7.9 will already be configured and installed when setting up the proxy. In that case, no further Minimize To Tray tool is necessary, though. Anyway! Thanks again for pointing to RBTray 4.3! Cheers, AstroSkipper

You do not need an extension/add-on to increase the history duration. The starting entries in my NM 27 file user.js are: user_pref("places.history.expiration.max_pages", 2147483647); user_pref("places.history.expiration.interval_seconds", 2147483647); First one tells FF to keep 2^31-1 URLs/addresses in file places.sqlite (strictly speaking - sets max. number in/for its table 'moz_places'). Second one tells FF to check for expire once in 2^31-1 seconds (slightly more than 68 years). "God cares about those who are careful themselves" - said a nun rolling a second condom on a candle. -------------------------------- Background (_absolutely_ not required to read). --- Till, AFAIR, 2010 there were direct settings in FF: browser.history_expire_days browser.history_expire_days_min browser.history_expire_sites browser.history_expire_visits I used them at least in FF 3.6.28. Add-on 'Configuration Mania' under menu items 'Browser' - 'Other' has 'Max number of unique URLs to retain in history' with 'Manual' setting. But... all preferences browser.history_expire_* were removed; instead places.history.expiration.* appears/introduces. Horror story, including the birth of extension 'Expire history by days', in/at https://superuser.com/questions/1114637/does-firefox-ship-with-a-new-default-for-history-expires-after --- That new preferences places.history.expiration.* are unsufficient to control the activity of FF towards the file places.sqlite. A significant part of rules is hardcoded in the source code. They are evil. F. e., one rule _deletes_without_any_doubt_ everything that is more than 255 characters long. Other rule get rid of all redirects, thus breaking the history chain. And downloads, of course - who needs them in history? [sarcasm] Horror story, including the investigation of the source code, in/at https://superuser.com/questions/1269516/what-exactly-does-the-number-listed-under-places-history-expiration-transient-c --- My own search for 'places.history.expiration.' in the source code of PM 27. 'places.history.expiration.max_pages' 'places.history.expiration.transient_current_max_pages' 'places.history.expiration.interval_seconds' with comments and details present in palemoon27-master\toolkit\components\places\nsPlacesExpiration.js 38331 bytes 24.04.2021 22:38:44 'places.history.expiration.max_pages' 'places.history.expiration.interval_seconds' present in palemoon27-master\toolkit\components\places\tests\expiration\head_expiration.js 3356 bytes 24.04.2021 22:38:44 'places.history.expiration.max_pages' present in palemoon27-master\services\sync\tests\unit\test_history_tracker.js 6041 bytes 24.04.2021 22:38:44 palemoon27-master\toolkit\components\downloads\test\unit\test_history_expiration.js 3873 bytes 24.04.2021 22:38:44 palemoon27-master\toolkit\components\jsdownloads\test\unit\test_DownloadList.js 18338 bytes 24.04.2021 22:38:44 palemoon27-master\toolkit\components\places\tests\expiration\test_pref_maxpages.js 3718 bytes 24.04.2021 22:38:44 palemoon27-master\toolkit\components\places\tests\unit\test_telemetry.js 5432 bytes 24.04.2021 22:38:44 'places.history.expiration.transient_current_max_pages' present in palemoon27-master\toolkit\components\places\PlacesDBUtils.jsm 43791 bytes 24.04.2021 22:38:44 'places.history.expiration.interval_seconds' present in palemoon27-master\toolkit\components\places\tests\expiration\test_pref_interval.js 3923 bytes 24.04.2021 22:38:44 --- 'places.history.expiration.transient_current_max_pages' is a mirror, no need to set it directly. 'places.history.expiration.max_pages' 'places.history.expiration.interval_seconds' are absent in default about:config page, require to create them manually, or set in file user.js, that I recommend for all personal settings in order to be touched only by the User, distinguished from non-User, commented. --- I do not know about the situation in NM 28. I can not start to seriously use/tune it without knowing how to obtain a list of all preferences. In NM 27 under menu items 'Tools' - 'Web Developer' - 'Error Console' input in 'Code:' field top.opener.Services.prefs.getBranch("").getChildList("") for the list or top.opener.Services.prefs.getBranch("").getChildList("").length for the total number of preferences, press 'Evaluate', get more than 3 thousands. In NM 28 nothing happens. Can anybody tell what works in NM 28? Better not only names list, but with their settings. It means that FF does purge on its own decision, not in sync with User reasons/commands - FF decides, when and how. You are not the first person to express that thought.

I think AstroSkipper did not mention Kaspersky in his thank-you post, because the security concerns that have already been discussed a thousand times make any further consideration or recommendation of Kaspersky security programmes, even under Windows XP, impossible. And it doesn't help when you sing the praises of Kaspersky here You are absolutely right! That's what I think. Thank you for clarification!

I personally open all TV related websites on my Android tablet. I don't expect that such websites can be successfully accessed by New Moon 28 or Serpent 52. One thing you can do is to open this link in the latest version of Pale Moon under a more modern OS such as Windows 7 or 10. If it also fails there, you can report in the Pale Moon forum. Maybe, one day a fix will come and can be ported then by @roytam1.

there are some careless mistakes when people rushing to fix some bugs but it should be fixed for real this time

No, I meant it's served highly compressed, not lossless. That's the whole idea behind the usage of webp, to save the bandwidth, and to hell with the quality.

Obviously don't use Windows gallery anymore, pick some old software without webp format, to browse pics on your PC/laptop. Then make that programme default, so you won't accidentally open webp with native windows tools. I use the famous German NERO 8 (yes very old, 2007 or so). It doesn't know what webp is, so If I click on webp, even without extension, it doesn't know what to do with it.

I do this via Proxomitron. But for the non-Proxo 360Chrome user, I can follow @Dixel's suggestion and upload a revision within the next day or two. I'd likely only upload a new rev for build 13.5.2036 as it is the only version I still use. Unknown which versions we still have MSFN Members using.

Hello guys! I noticed that you mentioned me. Unfortunately, I have not followed everything in detail. Therefore, I would be happy to know which view on which matter is involved here. I have said so many things, so a little tip for an old fart would be quite helpful.

Will we 360EE users have a fix for the libwebp vulnerability? I suspect not. The "big boys" are only fixing the latest versions of their browsers - and they all require Win 10 now. Edit: Despite lack of official support, this vulnerability is so bad that Edge and FF (and Chrome, I suspect) have published fixed versions of their last Win 7/8/8.1 versions. Thorium (for Win 7/8/8.1) will probably get a fix, but XP/Vista users are SOL. Edit: NHTPG noted that Supermium runs on Vista and is at the current version (117) so Vista users will probably get a fix too. Edit 2: Sure enough, version 118 is out now with the fix. There's no "unGoogled" version of either browser yet, though. An alternative might be to disable WebP images in the browser entirely. That's possible in FF but not in Chromium; WebP is Google's own creation (and not a bad format, despite this vulnerability in their decoder). And I bet a lot of Web sites would look terrible without WebP image support anyhow! A better solution would be to scan downloaded WebP images and block any that would overflow the buffer. That would slow things down, but wouldn't block legit WebP images. Maybe Proxomitron could be leveraged somehow?

Sorry, excuse me, I removed the off topic content from the above post.

On topic, I tried to replicate your pixelated situation, can't reproduce with win 8 and Titan XP.

Gaming. I have a very old, 7 years old card from 2016. Titan XP. I used this tutorial and successfully updated the drivers. Thnx to @D.Draker. https://msfn.org/board/topic/184056-breakthrough-p2-new-pascal-special-microsoft-nvidia-driver-port-for-vista-x64/ I can also multi boot to win 8.0.

Low power compact 3060.