Leaderboard

New build of Serpent/UXP for XP! Test binary: Win32 https://o.rthost.win/basilisk/basilisk52-g4.8.win32-git-20230923-3219d2d-uxp-cd21720e06-xpmod.7z Win64 https://o.rthost.win/basilisk/basilisk52-g4.8.win64-git-20230923-3219d2d-uxp-cd21720e06-xpmod.7z source code that is comparable to my current working tree is available here: https://github.com/roytam1/UXP/commits/custom IA32 Win32 https://o.rthost.win/basilisk/basilisk52-g4.8.win32-git-20230923-3219d2d-uxp-cd21720e06-xpmod-ia32.7z source code that is comparable to my current working tree is available here: https://github.com/roytam1/UXP/commits/ia32 NM28XP build: Win32 https://o.rthost.win/palemoon/palemoon-28.10.7a1.win32-git-20230923-d849524bd-uxp-cd21720e06-xpmod.7z Win32 IA32 https://o.rthost.win/palemoon/palemoon-28.10.7a1.win32-git-20230923-d849524bd-uxp-cd21720e06-xpmod-ia32.7z Win32 SSE https://o.rthost.win/palemoon/palemoon-28.10.7a1.win32-git-20230923-d849524bd-uxp-cd21720e06-xpmod-sse.7z Win64 https://o.rthost.win/palemoon/palemoon-28.10.7a1.win64-git-20230923-d849524bd-uxp-cd21720e06-xpmod.7z Official UXP changes picked since my last build: - Issue #2026 Follow-up: Fill in missing BigInt64 cases in js::IsTypedArrayConstructor(). Hopefully fixes RSA errors on ProtonMail. (7392901a9b) - Issue #2282 - Performance observer safety checks. Both fixes from later revisions, without the Dispatch API changes. (470af6ba50) - Issue #2308 - Fix JSON BigInt regressions. https://bugzilla.mozilla.org/show_bug.cgi?id=1522433 (e9202b0b0f) - Issue #2308 & #1240 Follow-up - Introduce new increment and decrement operations. https://bugzilla.mozilla.org/show_bug.cgi?id=1508521 (5c8a6c5bb8) - Issue #2308 & #1240 Follow-up - Add BigInt support to JSOP_INC and JSOP_DEC. https://bugzilla.mozilla.org/show_bug.cgi?id=1526309 (e12e377e51) - Issue #2308 & #1240 Follow-up - Fill in missing JSOP_INC/DEC cases for Ion on Intel32/64. (2b637c564f) - Issue #2308 & #1240 Follow-up - Replace JSOP_POS in ++/-- with JSOP_TONUMERIC. https://bugzilla.mozilla.org/show_bug.cgi?id=1519135 (209d714434) - Issue #2308 & #1240 Follow-up - Fill in missing JSOP_INC/DEC cases for Doubles in Ion. (8f44226445) - Issue #2307 - Part 1: Extend masm with the pmovmskb SSE2 instruction. (ba51ff6a74) - Issue #2307 - Part 2: Move SIMD code generation to masm methods (20f39d9450) - Issue #2307 - Part 2b: Remove superfluous dev comment (b086ec848b) - Issue #2307 - Part 3: Remove SIMD.js support (50a4412750) - Issue #2307 - Part 3b: Fix build bustage. (45c19ce1c5) No official Pale-Moon changes picked since my last build. No official Basilisk changes picked since my last build. My changes picked since my last build: - Revert "dom/media: more eme fixes" (2c6336eddb) - Revert "configure: move MOZ_GMP define block after MOZ_EME" (7e50abda7d) - Revert "Issue #2301 - Make Gecko Media Plugins optional when not building EME or WebRTC" (119feb053c) - missing changes when reverting previous commit (6c3db876fc) - [libwebp] Fix next is invalid pointer when WebPSafeMalloc fails (e5aed07ec1) - [libwebp] Never send VP8_STATUS_SUSPENDED back in non-incremental. (293fa3120b) - wasm: follow-up rev 50a44127 (cd21720e06) Update Notice: - You may delete file named icudt*.dat inside program folder when updating from old releases. * Notice: From now on, UXP rev will point to `custom` branch of my UXP repo instead of MCP UXP repo, while "official UXP changes" shows only `tracking` branch changes.

Off-topic posts removed, again.

I know I posted this before and it got deleted. Privacy was lost in antiviruses the day cloud scanning became a thing. Discussing which antiviruses are more private because this country or that country appeals more to you is pointless. All antiviruses are data collectors unless you can turn off cloud scanning. In most antiviruses these days it's not possible to do that. If we know all of them collect data all we can do is 2 things. Either don't use any antivirus or decide which country appeals more to your privacy tastes. In my case since I live in a US territory. If I have to give some of my data I rather give it to some country far way than to participate in my own countries data monitoring. Remember covid ? In some US states, cellphones where tracked to see if people where staying at home. I don't know what's more totalitarian than that in a place of "democracy". I don't use a smartphone but if I have to give some data I rather give it to Russia. In any rate, I still think that in an antivirus thread, all antiviruses from all countries should be listed. Pros and cons of each one so that people decide for themselves . And let the politics be discussed in a separate off-topic thread about politics.

Hello @Saxon! If you are permanently connected with your notebook to the internet and need a real-time protection, you can try Panda Antivirus Free. Here is a link to my article: https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/?do=findComment&comment=1244402 Alternatively, if you are willing to buy a license, you can try Malwarebytes Antimalware. This older version is very light on resources: https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/?do=findComment&comment=1248964 And this is a more recent version: https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/?do=findComment&comment=1244368 Cheers, AstroSkipper

The certificate files are downloaded directly from Microsoft, so they would have to add any additional ones. Individuals can always add extra certificates to their own stores manually of course, including that one.

Thank you.

Are you sure you wanna do this? 'Cause it would then automatically exclude @Vistapocalypse from all discussions of any OS and any software, except iOS and iOS apps he uses.

I had cleaned and decontaminated only the crap which was implemented by the website providing that installer. This crap wasn't a part of the original installer. I did not modify anything related to Kaspersky. Such modification you suggested are not allowed due to copyrights and especially not here in the MSFN forum. This would violate the forum rules. Read the forum rules!

@anton12 Try the settings I made via ematrix provided in the following screenshot: And try additionally this site-specific user agent override (SSUAO): Mozilla/5.0 (%OS_SLICE% rv:65.0) Gecko/20100101 Firefox/65.0 If you allow all scripts on this website via ematrix, as is the case without this extension, the video won't play, and the complete website will fail to load correctly. Conclusion: at the moment, this website needs specific settings in New Moon 28 to load and to play the video. One or more scripts don't work in New Moon 28 which therefore may not be loaded. The answer to your question seems to be for now: both, the crappy website and the browser, are responsible for the issue. And the Black Magic is elsewhere. Cheers, AstroSkipper

He installed Windows Vista Extended Kernel. This is unrelated with vanilla Vista.

In this a case, maybe try to make it shorter? If you patched the header with new method, can also test it here. https://swifttls.org/ My result below.

Surely among the 10 most reputable sources[1] related to computer security, their suggestions are clearly independent, McAfee clearly deserves a 4 star rating and Avira 4.5, while Eset has 2.6. jaclaz [1] according to independent testing

No, I tried, it doesn't.

Agreed! Thank you, thank you, thank you!

Thank you for your kind words! I always try to be as fair as possible when writing articles about security programmes. I always separate objective facts from my subjective experiences in my articles. I am curious to see how AVG Antivirus Free performs in your system. The main problem in writing the article about AVG was the unfortunate fact that there is hardly any information left about AVG Antivirus Free 18.8.4084.0, and the support is a joke. Since the company behind AVG is Avast, it refers to articles and information about Avast Free Antivirus 18.8.4084.0 in all support requests. Thus, there has been no real support or corresponding information for AVG Antivirus Free 18.8.4084.0 for years. Avast could actually have made this clear in general in support requests regarding AVG, but it did not.

Please don't bring politics here, and just so you know, EU is stronger than ever, and America is very well united in banning Kaspersky, in case you missed, you may familiarise yourself with the article I posted about that matter. That said, I hope we leave aside the "dead horse kaspersky" and move on! We are waiting when you gift us with the update to 360 Explorer on the 95th engine.

It's not relevant to the windows XP version, even if we are to somehow assume it might be true.

Care to expand on this subject? I'm only aware of The Order Of Dawn.

Any, and by any I mean any, AV has a built-in self protection, self preservation mechanism from malicious attempts of breaking it, but I don't have to tell you that, do I? So, maybe also try to compare the modified (even slightly, even one bit) versions of them both, to see how they will behave?

This thread is about security programs for XP that are secure. I can go one better by merging the two statements : This thread is about security programmes for XP that are secure and still work.

The BSI is strict regarding security warnings. So, your assessment is correct. In Germany, cyber security is taken very seriously as I already wrote in a previous post. AstroSkipper

I believe that this can be the basis for an (another) "EU-divide" of sorts.. The Italian "Cyber Authority" (ACN/CSIRT), as well as the French "Annsi" are (AFAIK) much less strict than BSI about Kasperski, basically they say they couldn't find anything "wrong" with it, still it is advisable to re-evaluate the risks and explore alternatives to security software made in or connected to Russia (very generically):: https://www.csirt.gov.it/crisi-ucraina-analisi-del-rischio-tecnologico-e-diversificazione https://www.csirt.gov.it/contenuti/analisi-delle-principali-vulnerabilita-sfruttate-in-campagne-cyber-pubblicamente-attribuite-ad-attori-di-matrice-russa-e-relative-mitigazioni-al01-220512-csirt-ita https://www.cert.ssi.gouv.fr/cti/CERTFR-2022-CTI-001/ Cannot say about other EU national cybersecurity agencies, I haven't seen any other countries "advice" about the matter, so if we go along: 1) if you live in Germany, follow BSI -> NO Kasperski 2) if you live in France, follow Annsi -> better avoid Kasperski, you never know 3) if you live in Italy, follow ACN/CSIRT -> re-evaluate risks of using software with connection to Russia (Kasperski is not explicitly mentioned) 4) if you live in any other EU country and your national authority hasn't released a specific advisory, do nothing or choose among the three above jaclaz

I made a post which exposed Kaspersky collaboration with FSB, with links provided, it gets immediately deleted! There was nothing political in it, just facts.

You can't do that, it's against EULA to modify and remove parts of the programme, I already explained it. Also, I'm pretty sure it's against other Russian laws. Find an English EULA where they explicitly allow you to do that, also you need their approval to publish their modded programme at public places such as MSFN.

You have no authority to do this. This thread is about security programs for XP that work. Kaspersky is one of them. That is not a "praise". This quote is, as you always like to do, taken out of context. If someone posts about the same programme (and by that I mean Kaspersky Antivirus) over and over again, one doesn't really have anything new to say here. I personally write about many different security programmes here. Hence, my advice: First read, then write! As you know, I am the creator of this thread, and I will fill it only with content, which I can justify to myself, thus to the best of my knowledge and conscience. And I can of course suggest whatever I want to. But I can remember very well when you demanded in one of your countless Chrome threads that no one may say anything about the age of 360Chrome and that this browser is obsolete. For that, you are right, you did not have the authority to do this. Anyway! Regarding this topic, TBH, it is crystal clear one can't reach the unteachable or motivated for other, known reasons anyway. But maybe, those who still associate anything meaningful with the term security in this day and age. IMHO, Kaspersky is simply said history, no further investigation will be done by me. And as I already recommended, Kaspersky should be avoided based on all the facts listed here and in the old antivirus thread. And this is only a recommendation and nothing else. That's why I listed Kaspersky here: Cheers, AstroSkipper

It would then be a modded software, and this topic includes only the original versions, Fair would be to have a banner with a warning, smth like: Custom modified AV, self-proclaimed to be secure. And I'm pretty sure it's against their EULA, so you can be sued for modding the code. It's a friendly advice on how not to get into trouble with the law.

Whatever reservations anyone may have about using Kaspersky, or any other security program, discussing them here is completely appropriate. The whole point of threads like this, and indeed this whole forum, is to enable people to make informed decisions about this sort of thing. There will be no shutting down of debate by anyone. Any attempt to do that will result in this thread being closed.

Then it's a hardware failure.

You do not need an extension/add-on to increase the history duration. The starting entries in my NM 27 file user.js are: user_pref("places.history.expiration.max_pages", 2147483647); user_pref("places.history.expiration.interval_seconds", 2147483647); First one tells FF to keep 2^31-1 URLs/addresses in file places.sqlite (strictly speaking - sets max. number in/for its table 'moz_places'). Second one tells FF to check for expire once in 2^31-1 seconds (slightly more than 68 years). "God cares about those who are careful themselves" - said a nun rolling a second condom on a candle. -------------------------------- Background (_absolutely_ not required to read). --- Till, AFAIR, 2010 there were direct settings in FF: browser.history_expire_days browser.history_expire_days_min browser.history_expire_sites browser.history_expire_visits I used them at least in FF 3.6.28. Add-on 'Configuration Mania' under menu items 'Browser' - 'Other' has 'Max number of unique URLs to retain in history' with 'Manual' setting. But... all preferences browser.history_expire_* were removed; instead places.history.expiration.* appears/introduces. Horror story, including the birth of extension 'Expire history by days', in/at https://superuser.com/questions/1114637/does-firefox-ship-with-a-new-default-for-history-expires-after --- That new preferences places.history.expiration.* are unsufficient to control the activity of FF towards the file places.sqlite. A significant part of rules is hardcoded in the source code. They are evil. F. e., one rule _deletes_without_any_doubt_ everything that is more than 255 characters long. Other rule get rid of all redirects, thus breaking the history chain. And downloads, of course - who needs them in history? [sarcasm] Horror story, including the investigation of the source code, in/at https://superuser.com/questions/1269516/what-exactly-does-the-number-listed-under-places-history-expiration-transient-c --- My own search for 'places.history.expiration.' in the source code of PM 27. 'places.history.expiration.max_pages' 'places.history.expiration.transient_current_max_pages' 'places.history.expiration.interval_seconds' with comments and details present in palemoon27-master\toolkit\components\places\nsPlacesExpiration.js 38331 bytes 24.04.2021 22:38:44 'places.history.expiration.max_pages' 'places.history.expiration.interval_seconds' present in palemoon27-master\toolkit\components\places\tests\expiration\head_expiration.js 3356 bytes 24.04.2021 22:38:44 'places.history.expiration.max_pages' present in palemoon27-master\services\sync\tests\unit\test_history_tracker.js 6041 bytes 24.04.2021 22:38:44 palemoon27-master\toolkit\components\downloads\test\unit\test_history_expiration.js 3873 bytes 24.04.2021 22:38:44 palemoon27-master\toolkit\components\jsdownloads\test\unit\test_DownloadList.js 18338 bytes 24.04.2021 22:38:44 palemoon27-master\toolkit\components\places\tests\expiration\test_pref_maxpages.js 3718 bytes 24.04.2021 22:38:44 palemoon27-master\toolkit\components\places\tests\unit\test_telemetry.js 5432 bytes 24.04.2021 22:38:44 'places.history.expiration.transient_current_max_pages' present in palemoon27-master\toolkit\components\places\PlacesDBUtils.jsm 43791 bytes 24.04.2021 22:38:44 'places.history.expiration.interval_seconds' present in palemoon27-master\toolkit\components\places\tests\expiration\test_pref_interval.js 3923 bytes 24.04.2021 22:38:44 --- 'places.history.expiration.transient_current_max_pages' is a mirror, no need to set it directly. 'places.history.expiration.max_pages' 'places.history.expiration.interval_seconds' are absent in default about:config page, require to create them manually, or set in file user.js, that I recommend for all personal settings in order to be touched only by the User, distinguished from non-User, commented. --- I do not know about the situation in NM 28. I can not start to seriously use/tune it without knowing how to obtain a list of all preferences. In NM 27 under menu items 'Tools' - 'Web Developer' - 'Error Console' input in 'Code:' field top.opener.Services.prefs.getBranch("").getChildList("") for the list or top.opener.Services.prefs.getBranch("").getChildList("").length for the total number of preferences, press 'Evaluate', get more than 3 thousands. In NM 28 nothing happens. Can anybody tell what works in NM 28? Better not only names list, but with their settings. It means that FF does purge on its own decision, not in sync with User reasons/commands - FF decides, when and how. You are not the first person to express that thought.

You're welcome!

I too have this question! It seems odd. First they write they stay on older OS to be less spied on, second they port the standard Chrome/chromium, really odd.

As previously reported, the virus definitions update for Avast Free Antivius 2015 version 10.4.2233.1299 will be discontinued at the end of this summer. This applies to all versions from 9 to 11. See here: https://blog.avast.com/virus-definition-updates-eol Therefore, I recommend for all those, who are interested in this version or want to use it later, to download the latest Avast VPS update for versions 9 to 11. Here is the download link: https://install.avcdn.net/ivps9x/vpsupd.exe At the moment, it is still being updated. Therefore, check regularly until the last version is delivered! Cheers, AstroSkipper

DON'T use search from www.qwant.com, since it serves only webp format, no way to change it.

And what if people just want to block it due to the crappy quality? "I hate webp with every fiber of my being......" "it's F...ing everywhere now. and they look like crap. id*** putting up low res webp's and just dynamicly upscaling them to fit. And it look sh*t. Blurry as hell, smudged... People have even begun using them in renpy games or rpgm, or any other game they are able to get it to work in." "It's just bad, even colours look a little off in them" https://www.reddit.com/r/chrome/comments/btblqh/how_do_i_disable_webp/

New "merchandise API" block https://msfn.org/board/topic/184249-chrome-110-based-opera-i-ported-it-to-vista/?do=findComment&comment=1249504

there are some careless mistakes when people rushing to fix some bugs but it should be fixed for real this time

Chrome doesn't require those to be installed to run on any versions of Windows 10.

I wrote: @anton12 "Try additionally" doesn't mean that my provided SSUAO is required. When I checked your problematic website, I tested first a SSUAO without the string Goanna which sometimes causes troubles when loading certain websites. And my provided SSUAO doesn't harm, then it doesn't really matter. Use the native one or any other! The main thing is that the website works with it.

Please INSTALL Kaspersky BEFORE we continue this TALKING IN CIRCLES CHARADE. The only telemetry is an injected script that Kaspersky's own SETTINGS allow you to TURN OFF. @AstroSkipper - is this the intent of this thread? to just "wear down" any and all that have a different opinion? Germany vs Italy? "we will win all arguments with those that disagree with us by making it totally EXHAUSTING for opposing views to present their case." I'm done. NOT WORTH MY TIME. I do like Panda. Not enough to actually start using it on anything but a spare laptop. Hope the thread becomes USEFUL to SOMEBODY. But no, NOT TO ME. Not if it's just going to be a "EU-Divide" and two boxers returning to their corner when the bell rings. Only to jump into the center and dance around in circles while they PUMMEL each other. Ding ding. The bell has rung.

Seeing you're strangely persistent with that whole idea, I'm starting to have doubts you know what you're going to face. Modding an AV would require advanced reverse engineering skills, since what you're offering is exactly what any AV would need to protect itself from (hacking)*. Now, I don't know about your personal skills, but I hope you'll manage! It would be interesting to see the result. *EDIT - And yes it also includes protecting its registry entries.

But if you want to help here, it would be very nice if you could take a stand on this post: I have not received an answer from you yet.

No! First of all, there are no such official security concerns about the security programmes I already listed as it is the case of Kaspersky. However, if such a report is published and I become aware of it, I will also warn against the programme concerned. But the research you are doing is not official and therefore not relevant. I am sorry! So you'd better invest your time wisely.

Pleasse count the .dll's for other anti-virus programs and report back your findings on them also. McAfee for one is also very big into this "DLL file invasion and abuse". Taking this thread to such "anti-Kaspersky" extremes serves your viewers a dis-service and not a "service". What @UCyborg posted is of USEFUL IMPORTANCE and is INFORMATIVE to the viewer. We need more of THAT instead of useless "massive security concern" innuendos without actual proof or verification.

It's still version 86 under the hood and the letters "webp" do not exist in the changelog.

Changelog, please.

I'll tell you, it's Icaros Property Handler and Icaros Thumbnail Provider, they included in K-Lite Codec Pack, for example.

I don't see how to apply it, it's only source code there. Did I miss something?

Yep, I used it, too. It is a pity that a project like WiseVector StopX was simply shut down. But I had the impression that the developers only wanted to get their hands on data in order to launch a commercial product on the market and earn money. The users were more like guinea pigs to feed their artificial intelligence (AI) they had implemented into WiseVector StopX.

Waaoh, I just find a BIOS with ACPI support for XP for Asus Apex X. https://community.hwbot.org/topic/174849-rog-maximus-x-apex/?page=2 So, it can be done and I am curious how they reached it. I saw a dxe file with name ACPI in it. So I can compare original Bios ROG-MAXIMUS-X-APEX-ASUS-1704.CAP and for XP modded Bios ROG-MAXIMUS-X-APEX-ASUS-1704_mod3.CAP Interesting, what they change and how to come to this ideas Dietmar