Leaderboard

Most likely not, QUIC is aimed and designed to bypass firewalls, it could be, and most likely will, used against good.

He's talking about body temperature!

This version has much more options than the old one. Its layout is more modern, and this Custom Buttons extensions offers features which the old one doesn't have. All is working in the moment as it should. This Custom Buttons extension seems to be a perfect choice especially for the more advanced users. Here is a preview. Cheers, AstroSkipper

"I block it...it's proxy avoidance." https://www.reddit.com/r/cybersecurity/comments/wiquz1/with_quic_what_is_going_to_happen_to_firewalls/

"I just block it, source browser detects that quic isnt working and reverts to ssl instead. Easy" "Just block it where you need full visibility. Probably in the future vendors and sec-experts will come up with something to work with QUIC." This article on Reddit.

At work we use an enterprise grade VPN, we aren't allowed to visit the internet without it. Even though our VPN IP is still shown as our real location (Belgium). It's simply a safety precaution. So! QUIC doesn't work with most VPN providers out there! They say there's only one paid provider which claim they do, but I never checked. https://www.reddit.com/r/VPN/comments/l3mxfe/any_quic_protocol_based_vpn_tunnel_software/

I am using a fork of "SQLite Manager 0.8.3.1" which will be supported in the future. Fork by Moonchild. https://addons.palemoon.org/addon/sqlite-admin/

<OT> I don't mind hot weather but I don't like it humid. <OT>

using official zlib shouldn't hurt. (using google's zlib can be faster anyway)

As far as I can remember, I got this version from the Custom Buttons Forum many years ago. This forum is no longer active and has unfortunately closed. The Custom Buttons extension was fixed on a regular base in those days due to breakages which occurred repeatedly after updating Firefox. In these days, you can get this extension either via the Classic Add-ons Archive or here: https://sourceforge.net/projects/custombuttons/files/. I personally have an huge archive of custom buttons themselves and the Custom Buttons extensions which were created in those days. However, the Custom Buttons 0.0.5.8.9.6-fixed8 version, you presumably will get only here. These fixed versions were never archived officially. I have just checked my archive of custom buttons and extensions. I found there a more recent version of the Custom Buttons extension targeting our Firefox respectively Pale Moon based browsers and installed it in a New Moon 28 testing profile. Only if the testing is positive, and all my custom buttons are working properly, I will present this version here.

Right! There is no need to change anything in the button code unless you want to create a mod of this custom button. The preferences, you want to control should be added, edited or deleted via the button "Edit List".

... Yes, https://fanart.tv is behind CF's "protection" , but the CF challenge is being successfully passed here using a minimal NM28 profile with just uBO-legacy as a content blocker: Having been in previous exchanges with you , something in your restricted NM28 profile or one of your privacy-oriented mitigations is intervening and prevents the CF-issued browser challenge from being successfully handled by NM28 ... I'm not absolving CF in any way BTW, they, along with Google , are the arch-enemies of "legacy" browser platforms, but if I'm able to access your site here, so should you ... If you have some spare time you'd like to devote on reading, here's a PM-Forum recent mega-thread chronicling latest CF shenanigans ... Best regards from overly hot (27 C) Greece ...

I don't rely on "user allowed" settings as they come back to default each time when a new profile is made, so I use it via cmd --disable-quic , without quotes of course.

Thank you for your honest opinion! I'm outta likes for today, unfortunately, that's why I write this in plain words. Glad to be of help, that's the reason I made this topic. It would still be helpful if you voted.

"While touted as an alternative to TCP, QUIC poses several security concerns for network operators. Standard network security appliances cannot easily identify QUIC traffic, which makes this network protocol vulnerable to cyber criminal activity." "Why do Network Security Teams Not Like Google QUIC? Despite its perceived positives, QUIC could inadvertently have a negative impact on network security. That’s because security appliances like firewalls and network sensors typically are not able to access information they had previously relied on with legacy TCP sessions. This creates a ‘black hole’ that hackers can exploit. Here’s the main problem: Standard network security devices can’t determine the QUIC application protocol, viewing it like layer 4 UDP traffic. While browsers and supported web servers can differentiate between QUIC traffic and other traffic, standard network security like firewalls can’t. This means firewalls are less effective at detecting incoming threats, putting network security at risk. To complicate the challenge for cyber threat hunters, Google revises its protocol frequently, and threat detection tools must catch up with these ever-changing standards. There are other issues. QUIC, similar to TLS 1.3, applies its encryption at the transport layer and not in the higher layers. Hence, it encrypts all transport information, which can virtually eliminate the attack surface that TCP offers. Plus, it’s increasingly difficult to measure and analyze QUIC traffic using reporting tools because, again, firewalls and standard network sensors don’t recognize it.  This is a plus for consumer privacy but causes significant challenges for those responsible for protecting our communications networks." source. https://netquestcorp.com/google-quic-and-network-security/

It's more the installer, which is a self-extracting archive that runs the installer once it's done that is flagged, not the VxKex files themselves. My AV (BitDefender) never complained about the files stored in Program Files after installation is done. It does not. It's written on the project README that VxKex does not modify any of your system files.

SQLite Manager - An extension to manage any SQLite database inside the browser The extension SQLite Manager can manage all sqlite files inside New Moon, Serpent, Pale Moon and other browsers, even those sqlite files which belong to the browser itself. With SQLite Manager, you can view all entries, add new ones, edit or delete old ones inside those sqlite files. Here is a quotation with all offerred features from its homepage: The last version is SQLite Manager 0.8.3.1 from 2015 which can be downloaded from the Classic Add-ons Archive or from here: https://github.com/lazierthanthou/sqlite-manager/releases Some screenshots: An alternative is SQLite Admin 1.1, a fork of SQLite Manager for UXP applications, recommended by @billmcct in this post: https://msfn.org/board/topic/183923-extensions-and-custom-buttons-for-uxp-browsers-corrections-modifications-adjustments-and-special-recommendations/?do=findComment&comment=1262553 You can get this extension here: https://addons.palemoon.org/addon/sqlite-admin/ Cheers, AstroSkipper

Try %UserProfile%\AppData\Local\StartAllBack Location depends on SAB installation type.

Thunderbird.net has still been a source for some legacy extensions. That's why I initially listed it in the first post of this thread to offer and collect here different sources.

From what I can tell there have been a few forums for the Custom Buttons extension. The Mozilla Russia Custom Buttons forum is still available but is in the Russian language (unsurprisingly) and not English. My impression is that those "fixed" extension versions might also be sourced from those forums. The Mozilla Russia Custom Buttons forum pages of interest are: http://forum.mozilla-russia.org/viewforum.php?id=34 http://forum.mozilla-russia.org/viewtopic.php?id=9591 http://forum.mozilla-russia.org/viewtopic.php?id=41987 It is also live on Mozilla AMO on the addons.thunderbird.net domain (which is not just for Thunderbird addons) via: https://addons.thunderbird.net/addon/custom-buttons/

l have not yet used custom buttons. However, I have long wanted to have at least a way to easily toggle functionality that I choose that need not be already implemented in an easy or convenient manner. I have also wanted to have indication when certain conditions were true for things that might not be obvious otherwise and would need frequent checking to determine, derive, or deduce. Unfortunately, I historically have not had sufficient time to find solutions to that or other things due to performing on higher priories at the various times that would occupy the needed time to do so. Custom buttons appear to be a reasonable solution to the things I wanted and described hereinabove. I have never tried the Pref Toggler custom button or any modded version of it.

Alien 2: On Earth (1980) Directors: Ciro IppolitoBiagio Proietti

Unless the outside temperature is not within the range of -20 Celsius, and +10 Celsius, I'm a happy guy. On the other hand, in the interest of not getting banned, I shouldn't say how I really feel about the temperature @NotHereToPlayGames is subjected to. @roytam1 It fails early on in the compilation, so you can try it yourself if you get any free time (it certainly wouldn't work with Visual C++ 2010, so I'll just do what I've been doing so far). Also, my HP Pavilion g6 2218nr now has broken hinges, and something else causing nothing except a bright black screen to be displayed instead of normal OS booting. I'm presently using an HP Compaq DC5850 that is not connected to the internet. That means even if I make NSS 3.41 work with Visual C++ 2012 or earlier, I can't test that it actually connects to encrypted websites.

I'm 37 degrees Celsius everywhere I go. Indoors. Outdoors. Traveling. Everywhere.

Off topic: 2 degrees Celsius where I live in Nova Scotia. Partially on topic: @roytam1 In the past, you have said getting TLS 1.3 support working in older versions of Visual C++ will be difficult due to C keywords/types being used that do not work in older Visual C++ versions (forgive me I still don't know much about C/C++). I'm presently half way to making a New Moon 27.9.6 2019-02-23 source code snapshot compile using Visual C++ 2012. Should I be worried about tough to solve errors when I reach the security directory? Also, I replaced the modules/zlib directory with the one from PM27-pm27_eol because I couldn't figure out how to remove use of the align keyword without causing runtime execution failure.

Well you can rename setup to NotStartAllBackSetup..exe. No idea why a crude hardblock like that.

(Offtopic) -34°C in Nikkaluokta (Sweden)... Here in the Netherlands it's 11°C.

What about the fan? Or it's a passive card? If it's passive, try to put a vent near it. Passive cards reaching 90C are common. Max allowed for Kepler is 95 (shut down temp).

Ok! Here is a link via archive.org to see all extensions by Codefisher: https://web.archive.org/web/20221027171012/https://addons.mozilla.org/en-US/firefox/user/11280414/

As far as I can remember, I got this version from the Custom Buttons Forum many years ago. This forum is no longer active and has unfortunately closed. The Custom Buttons extension was fixed on a regular base in those days due to breakages which occurred repeatedly after updating Firefox. In these days, you can get this extension either via the Classic Add-ons Archive or here: https://sourceforge.net/projects/custombuttons/files/. I personally have an huge archive of custom buttons themselves and the Custom Buttons extensions which were created in those days. However, the Custom Buttons 0.0.5.8.9.6-fixed8 version, you presumably will get only here. These fixed versions were never archived officially.

Yes, this is very unfortunate. They would be more secure otherwise.

The same here, no sites use it. I removed thee disable flag and tried several "modern" ones that I could think of.

Thank you!

Was the location tag off?

Pref Toggler - A custom button for toggling user-selected preferences in about:config The Pref Toggler custom button, created by the great developer srazzano long time ago, is one of my favourite ones. It gives the opportunity to switch very specific preferences, which have been selected and configured by the user first, much more quickly and clearly than using the about:config page. The controlled preferences by Pref Toggler can be Boolean, String or Integer ones. In addition, this custom button allows direct control over the current state of these user-selected preferences. A tool bar icon in the form of a glowing bulb gives the user an additional indication that some preferences are not in their default state. I only changed the icon images of this custom button inside its code in terms of size for better fit in the tool bar and the main interface window. Here are some screenshots to get an impression how the user interface of Pref Toggler looks like and works: This is the main interface: Clicking onto the button "Edit List", you can add, edit or delete preferences to be controlled: The bulb is glowing due to controlled preferences which are not in their default state: The bulb is not glowing because all controlled preferences are in their default state: : Toggling Boolean preferences is done by a left-click and editing String or Integer preferences by a middle-click or right-click: The user-selected preferences are stored in about.config by a preference of Pref toggler with the name extensions.custombuttons.PrefToggler.prefList. Pref Toggler is indeed a great custom button and definitely recommended by me. I uploaded the Pref Toggler custom button as an HTML file for an offline installation. Here is the download link of my modded custom button Pref Toggler, credits, of course, to its brilliant developer srazzano : https://www.mediafire.com/file/b069qa1jwallwqe/Pref_Toggler_02.04.2024.html/file Simply open this HTML file in a browser tab and click the embedded custom button link for Pref Toggler! For the installation of this button, as for all others too, the extension Custom Buttons is required and has to be installed first. You can get it from this post: https://msfn.org/board/topic/183923-extensions-and-custom-buttons-for-uxp-browsers-corrections-modifications-adjustments-and-special-recommendations/?do=findComment&comment=1226328 Greetings from Germany, AstroSkipper

I do agree, unsafe, not for me. Don't care if it's Google QUIC or non-Google QUIC - neither is for me. But no, I did not vote, nor plan to. Some topics seem to only exist for the sake of Provocateur Extraordinaire - this one has already unfolded as such so I'll leave it to "you two" to duke it out, "not for me".

Don't agree? You're very welcome to vote for No.1 or whatever you like.

Please specify, where do you see "hostility" from my side? In that article, provided by the actually hostile member, which I merely quoted, the developer himself points out to severe flaws, and I only quoted one. Besides, I made the topic about Google's QUIC implementation, which is clearly shown in the title, not Forefox. Strange you both still didn't read the title.

This topic is about Google's QUIC implementation, which is clearly shown in the title, yet it obviously doesn't prevent you from posting off-topic and insulting, all as usual with your posts.

No matter your mood, you're demanded to be respectful on the forum. https://msfn.org/board/guidelines/ And stop insulting once in a while. 7.b This community is built upon mutual respect. You are not allowed to flame other members. People who do not respect personal opinions and/or personal work will be warned in first instance. If you ignore the warning and keep on flaming, you will be banned without notice. You ignored that rule 75389623702702037 times. Good, less dangerous advice. Don't like my topics? Ignore.

Are you sure you read that article yourself? Doesn't look like it. "21.5.5. Request Forgery with Version Negotiation "Clients that are able to present a spoofed source address on a packet can cause a server to send a Version Negotiation packet (Section 17.2.1) to that address. The absence of size restrictions on the connection ID fields for packets of an unknown version increases the amount of data that the client controls from the resulting datagram. The first byte of this packet is not under client control and the next four bytes are zero, but the client is able to control up to 512 bytes starting from the fifth byte. No specific countermeasures are provided for this attack, though generic protections (Section 21.5.6) could apply. In this case, ingress filtering [BCP38] is also effective." https://datatracker.ietf.org/doc/rfc9000/

The reason I'm asking so much for your opinion is the impression I get that many users either don't have custom buttons on their radar or don't really know what to do with them or have just never tried them. Anyway! In my next post, I will present one of my favourite custom buttons made by a great developer of extensions and custom buttons which I install in all my profiles of New Moon and Serpent by default to keep an eye on certain, self-selected browser preferences and control them. Cheers, AstroSkipper

you can use your favorite ad blocker to block access of winraid.level1techs.com/assets/browser-detect-* to gain normal access of any disclosure-based forums, by blocking similar naming file located in different domain.

Unfortunately, StartAllBack versions prior to 3.6 are not compatible with Windows 11 versions that are later than Win11 21H2.

OK everyone, take a deep breath and calm down. All new members of MSFN, or any other forum for that matter, should be treated with respect, and not have their initial contributions considered to be ignorant or naive. People come to forums like this to learn. As the strap line says here, "Where People Go To Know". As to whether this forum is 'obscure', I would venture that all technical forums are 'obscure' by their very nature, compared with the mass market options of social media. That does not make them any less valuable for those who choose to use them.

That question comes up so often, it probably should be addressed in the FAQ at the beginning of this thread.

Hm, should've put an /s. It wasn't meant to be a serious remark. Although everything eventually comes to an end. But parts of Windows are seriously questionable and one wonders what goes through their minds. Not just Windows. My bank figured they should replace a working mobile app with a new one. I had to set the profile image (on the website) to be able to get past login code entry screen. Yes, you have a profile picture in there, that's new. And before anyone thinks of social networks, we have those pictures in Windows XP as well. The thing was crashing with out of memory exception, because it is using one of the memory hungrier methods to load picture in Android...I think...at least that's what I deciphered from logcat and a bit searching on the internet, I forgot the details and didn't save the log. The default picture was 900x900 in size. My screen is smaller than that and the way it was displayed in the app, it is much smaller. Dedicated image viewers have no problem loading and displaying much larger pictures on the same device. As mentioned, solved that by uploading a smaller 500x500 picture on the website, then realized the app is as terrible UI wise as reviews on Google Play suggest it to be. Very poor use of screen real estate. And the old app is blocked now.

PS: I'm glad to see you back on here, Sampei