siria

roytam1 said: > another update for having ChaCha20-Poly1305 encryption support, also fixed Font selection in NT 3.51: > http://rtfreesoft.blogspot.com/2020/01/other-browser-binaries-20190131.html > Various browsers updated having TLS 1.2, AES256-GCM-SHA384, > ChaCha20-Poly1305, AES[128|256]-GC-SHA256 support: Fantastic! So this mean that ALL those browsers got this update, on 20190131? Great! If yes, readers will need a clear hint that this new date also means those 2 builds, that they just have a wrong date in filenames: http://o.rths.ml/gpc/files1.rt/KM74-g22-20180718.win2000.7z http://o.rths.ml/gpc/files1.rt/palemoon-26.5.0-20180718.win2000.7z 2019?? No wait, it's 2020... Would really be great to have that post findable by a web SEARCH too. For stuff like... "Win2000, Win9x browsers with TLS 1.2"....? And the post could also give a hint to those people who really need such builds, but are no experts, that the main purpose is to allow access again to lots of blocked sites, which otherwise show in old browsers only the infamous killer errors "secure connection failed" or "ssl_error_no_cypher_overlap" or "security protocol which isn't enabled" or "unable to complete secure transaction" etc... again, for Google hits too. Of course, the min OS version for the various builds is also crucial for people really needing such browsers. OS-versions could also be added as search tags... Ah, sorry, and while at it, KMz154 is still missing the empty file "profile.ini" in the root folder! Just a simple text file which makes KM run in portable mode (=profiles inside). This is a huge prob, otherwise at first run it will mess already existing younger profiles (if existing). Traditionally all KM 7z builds used to be portable.

This doesn't really convince me that versioning were "not" complicated ;-) I do my best to be accurate, but misunderstandings can still happen. Just since you mention 4.5.1, just one important thing for clueless readers to know: Never ever install a version OLDER as 4.5.2! I remember that years ago, before the final and STABLE version 4.5.2 was released, I first had an older versions installed. Not sure if 4.5.1 or yet older. And this had a killer bug which completely messed my system, since it simply DELETED the crucial windows file kernel32.dll after UNinstall. Had major trouble retrieving that file from a backup, to make Windows work again. Thankfully this was fixed afterwards, since the original system files are not replaced on disk anymore, only in RAM (if I got it right). So such accidents can not happen anymore. This "good old stable" version 4.5.2 is really quite safe to install and UNinstall, without unwelcome side-effects. Especially if the default installation option "disabled" is chosen. Later beta versions (2016.16/17) had killer probs again, since somehow the "disabled" option doesn't seem to work anymore, killing a few old native win98 tools. Must still use it though, needed for fallback browser and also helps a few other younger apps to run. Some day will try to update to a newer version again, but need time and full backups and not sure how exactly, sigh.

jumper said: > There is no version 4.5.120 of KernelEx. Please stop using that number in your posts! > The latest versions are 4.5.1 and 4.5.2 (official), and 4.5.2016.x (unofficial). Goodmaneuver said: > Yes but if you install it and look under the verification sheet it says 4.5.120 KernelEx versioning IS very confusing in itself. Yes the installation package says 4.5.2 but when you open any file properties it does say 4.5.120. And that version 2016 comes in very different subversions, yet all only say "2016" in file properties, doesn't make things easier either. Perhaps it's best to mention BOTH declarations when meaning 4.5.2=4.5.120

(note for downloaders: https is better and works too, if current browser can handle the TLS) roytam1 said: > http://o.rths.ml/gpc/files1.rt/phoenix-0.5-cl933-tls12.7z > http://o.rths.ml/gpc/files1.rt/classilla-9.3.3-win32-tls12.7z > http://o.rths.ml/gpc/files1.rt/rzbrowser-tls12-20200127.7z > http://o.rths.ml/gpc/files1.rt/retrozilla-suite-tls12-20200131.7z > http://o.rths.ml/gpc/files1.rt/K-Meleon1.5.4en-US.tls12.7z > http://o.rths.ml/gpc/files1.rt/KM74-g22-20180718.win2000.7z > http://o.rths.ml/gpc/files1.rt/palemoon-26.5.0-20180718.win2000.7z Very handy link collection, thanks! :-) But KG74+PM26 have wrong date in filenames, very misleading :-( Can you please fix? Or if too much work, remove the date completely? (Prob too, but at neast not misleading)

Avast: yes of course it's disgusting, but don't they all sell our complete life profiles, long since?? Lying and selling people is the normal state today, being honest and human friendly has become an almost fiction like exception. Especially Google/FB/MS/etc. If I remember correctly, Google meanwhile is worth 1.000.000.000.000 dollars, that doesn't come from nothing. Or was it FB? No, guess Google... But not much difference anyway. Perhaps also Cloudflare, who knows?? Have read somewhere that half the global internet traffic is meanwhile traveling through their servers, and that they have full unencrypted access to everything, incl. passwords. What a goldmine... Which reminds me that Trump changed the US laws to allow all internet providers to sell their own customers data for money, to do what they want with them. And that he also changed the laws to allow them to filter access to websites for their customers. They get to see now what their providers want them to see. And of course, most definitely all Android Phones are just pure bugging devices, wiretaps, active 24h a day and 365 days per year. Whatever other functions the devices may have is merely the bait to lure the prey into using it. And it doesn't help to switch them off, considering their purpose they can happily switch themselves on again whenever they wish, and switch on the microphone to listen a bit, and take secretly photos and movies, to send home. All with the supposed "permission" of the owners of course (or they couldn't use them at all). The only reliable way to prevent secret remote access is to remove the battery. But of course, those little escapes must be prevented, people must by spied 100% of the time, therefore our bugging devices must not contain removable batteries anymore. And of course, it's also better to trash them frequently, after 1-2 years, to be replaced with newer devices with yet better spying technology. Not to forget more profit by selling lots more devices. There was that absolutely incredible report about a year ago, how a technical journalist used a man-in-the-middle device to catch all the data his Android phone was "phoning home", after a trip into the city with his phone in flightmode. Obviously, that doesn't help at all. As soon as he let it go online again, Google was sucking up all the accumulated full spy data it had just temporarily stored inside, during the flightmode. It had been clear since years that they spy on us every second, but the real amount was still breathtaking. Incredibly detailed, every step and movement, pre-analyzed by AI already, including when he "walked by foot" or "left the car" etc And almost all Android apps nowadays too, chock full with trackers, often up to 10 or more! Of course we all know about those torchlight apps, needing access to contacts and internet, but that's only the tip of the tip of the iceberg. As example just a little collection, of email apps: https://android.izzysoft.de/applists/category/named/network_emailapps It's not by coincidence that Google makes such a bitter war against all smartphone OWNERS who DARE to try and escape a bit the 100% spying and selling. Google has full control of Android and can do what it wants with it, and that includes forcing manufacturers to also do what Google wants. Like when a few years ago their hidden permission manager (AppOps) was discovered in the system, and companies like Huawai dared to make it visible to users, Google simply forced them to REMOVE it again. And when they finally did include a permission manager in stock Android, it was just a lie. They made sure at the same time that ALL apps then got full access to all networks, incl. mobile data and bluetooth etc., declaring this permission as completely "normal", not dangerous. And users could do nothing against it, that info was hidden from them. This makes perfect sense of course, the job of bugging devices is to spy as much as possible. And secretly, Google gave ALL apps even full access to all network logs, containing the full traffic data of all other apps too. Or also, at some point, continuing to make the permission system as useless and deceiving as possible, Google stopped showing users all permissions at installation time. From then on, they only got to see a few harmless permissions to confirm, but afterwards all apps could happily update themselves and pull lots more permissions, now without any notice anymore. Or, of course SDcards are evil, allowing users too easily to exchange lots of data with their home computers. How dare they trying to rob even a bit of their personal data from Google! That must not be allowed, they must be made to upload just about everything onto cloud servers first, if they want to exchange files with their own other devices. So, lets try to abolish SDcards, and lets declare them completely out of fashion. And many followed, but not all. Some manufacturers still allowed users to have an SD-slot. So Google had to find another solution. Why, quite simple: just make it impossible to write and read it, let's block it by firmware! If absolutely must be, allow to store photos and videos, but nothing else. Especially not cross-access, for example to open a text file with a free editor, or edit an image with a free editor etc. And most of all, bugging devices must of course make sure that their OWNER can't get any access to system files, for example daring to try and block some native trackers and trojans inside. So let's lock the phones OS down completely, out of factory. No chance for owners to get root access anymore, no chance to unlock bootloaders anymore, not even by experts knowing all tricks, and if they dare trying anyway, lets just destroy the whole phone. Yeah a few still allow unlocking, mostly by forcing people to create an account, and give them a working mail addy and your devices unique ID-numbers. But the trend is clear, step by step every year more stuff becomes blocked. And of course, Microsoft as well. Windows machines have long since become pure bugging devices too, with other functions being only the bait for the prey. Therefore the owners must be made completely rightless too. Quite easy, just make it impossible to block any updates, for example to Win10. Let's declare this a little essential "security update" to fool people. Or whatever, all the FORCED upates anywhere, of course in Desktop Chrome browser as well etc. The only people who are always BLOCKED now are the owners, blocked from getting full access to their own devices, while the spy companies with remote access can do whatever they want to them. And of course, nothing better as just control the whole money transfer, up to the last penny! Anonymous cash must be abolished by all means, since it helps escaping full 100% tracking, so it's all evil! Everyone must be made to pay only if recording his name, no exception. Of course, this process will take some time, and it's best introduced as sneakingly as possible. Step by step, a little new law here, another little law there, and with propaganda everywhere how great it is to pay everything everywhere only by card, so very simple, so very handy, so very safe. Have even read the European Union has given out advice papers to the governments how to best go about it, without the population becoming suspicious too early. Oh yeah, and of course: "smart" home devices everywhere and for everything, listening permanently. Even "smart" puppets, talking to little kids, recording all their little secrets at the other side of the world. Or in Germany incredible new laws that in the future all electricity meters must be "smart" too, reporting via internet every hour or so (?) which devices are switched on... quite a goldmine too for certain people. Of course, this is merely meant to "help the environment" and "save money", by analzying possible waste... And a bit back someone dared to go to court when his landlord insisted to place a fire warner in the middle of his living and sleeping rooms, at the ceiling, which is also forced by a new law - so far sounding harmless, but this very special device in this case included a microphone inside (can't remember if also a camera), and it will get remote controled from outside at any time! Plus RADAR included inside to make sure the poor renters cannot even dare to cover it, in at least 1m distance! Of course, the landlord claims the microphone were just fake, not functioning at all, and of course, that's also what the manufacturer claims. So, what did the judge say? Always expect the worse, and you'll always be right nowadays: He judged that this is perfectly okay! If the manufacturer claims the spying equipment wouldn't work, then it surely must be so. Period. Just very funny IMO that this supposedly fake stuff was so very important to the landlord, that he even fought at court to install it in his renters rooms. And the german version of NSA is permanently listening the whole traffic on "the worldwide biggest internet node", which seems against the law, which is supposedly oh so privacy friendly. Only under very strict conditions and in special circumstances the state is allowed to watch innocent people in masses, and not more as a 20% share. So the company who runs that giant node (DE-CIX) went to court in 2018, and guess what, the judge simply ignored it and declared it okay, and blocked also all possibilities for revision. https://www.notebookcheck.com/BND-darf-weiter-Internetknoten-anzapfen.306254.0.html While at occasions, where surveillance would actually help society, to catch criminals at known hot spots, it's strictly forbidden, phonily pretending "privacy" reasons. By the way even wildlife cameras deep in forests are forbidden too since awhile, a new law created around the time when wolfpacks were intruced again - of course also for "privacy reasons"! Only allowed now: position not higher as knee hight, not pointing towards any ways where possibly a human could walk by, NO automatic triggers to start filming, only one photo every 5 minutes etc. There's no end to all the spying and phoniness... Sorry, have read too many horror reports, it's just beyond bearable :-(

lama said: > I cannot make Serpent Basilisk.exe default browser because links and > pages.HTMx will bypass -profile context while executing .EXE roytam1 said: > then this is no longer portable Hmm. As long as the system doesn't complain, why not. In special circumstances it can make sense to have the default app on a removable drive. And the profile location (inside or out) is completely independant from an app's default state. At any rate I've always loved to keep the settings of all my programs inside them, if any possible. (no idea of the chains in modern systems though) @lama I certainly wish long since an easier portable mode too, but it's an immense work that creators of free software and tools offer us here, and their spare time is very precious too. Not only the (little) effort you may need to merge a portable firefox with Serpent inside. That would hopefully work as default browser? (not quite sure) But if you don't like this thick wrapper, or just for variety, I wonder if there's yet another workaround possible. No clue if useful, and it certainly takes some minutes too. But if it's always the same few computers you use (?), and the path to your default app stays also always the same, suggest to try if editing the "profiles.ini" helps. The one in the systems appdata folder, in every computer. If you like to try, first make a backup copy of it, then edit. That file contains a line "isRelative=1" in every profile. Set it to "=0" and write the full path to your Portable profile folder below it. That folder can be anywhere by the way. Thinking about it, it's probably better to create a second profile below it, and leave the original lines unchanged. And for testing time, would set "StartWithLastProfile=0" And of course, remove again the commandline-suffixes while testing...

Portable modes: I've always liked that K-Meleon can be switched to portable mode simply by adding or removing an empty file "profile.ini" in the root folder. This doesn't just mean that 1 specific profile must be called, instead the whole "profileS" package with possible multiple ones is placed either in- or outside. Is that what the "-Profile" or "--no-remote" commandlines do for other Mozilla browsers? But: I've also always wished this KM-method could be done with a more intuitive method, since only insiders are aware of this "hidden trick". For example in KM1.5.4-TLS1.2 this file is missing out-of-box, which is a killer trap to mess previous profiles once created with higher KM-versions. At least this is very misleading for average KM-users who always differentiated portable+installer versions just by seeing the ending "7z" or "exe" The most simple and intuitive method from user-view would just be: Place a browsername.exe and a browsername_portable.exealongside in the root folder, out of box. With the portable.exe being just a little file calling the "full" exe, after telling it to look up all profiles inside the same folder. That can't be so difficult to create?

TechnoRelic said: > However , NOW , with 'Mathwiz' tweak , the ADOBE PRIMETIME CDM 'Plugin' install *DOES* solve the problem. Just a little friendly hint, and the above only as short example: You intend to help, which is great, but you're probably the only one who considers 'stumbling-quotes' around each and every name and other normal words as helpful for reading. Additionally to all the other stumbling-*starlets* and uppercase emphasizes etc. too. If used moderately that's true, but stumbling over every second word feels for readers like wandering through a stony creek bed ;-) This would be much smoother already, even with still 1/3 marked words: > However, now, with Mathwiz tweak, the ADOBE PRIMETIME CDM Plugin install DOES solve the problem.

Happy new year to you too, and thanks for all the work :) Regarding those suspicious access blocks by Cloudflare or whatever, have just tested this link https://o.rths.ml/gpc/files1.rt/phoenix-0.5-cl933-tls12.7z with httpS and old gecko K-Meleon1.5.4 (like FF2, max TLS1.0), and faked UA to IE7, and it still opens fine.

Brandnew FUN-resurrection: 100year old PHOENIX browser, now with TLS1.2! (fixing websites denied due to "cipher" errors) https://msfn.org/board/topic/180462-my-browser-builds-part-2/?do=findComment&comment=1176643 (page 50)

Roytam's recent resurrection: K-Meleon 1.5.4 with TLS 1.2! (era Firefox2, for vanilla 98) First build 2019-12-25 (page 37): https://msfn.org/board/topic/180462-my-browser-builds-part-2/?do=findComment&comment=1175258 most of GRE components are replaced with Retrozilla-based build (but not all) Update 2020-01-08 (page 43): https://msfn.org/board/topic/180462-my-browser-builds-part-2/?do=findComment&comment=1175918 archive updated with sha256 and sha384 support. Download: http://o.rths.ml/gpc/files1.rt/K-Meleon1.5.4en-US.tls12.7z KM-Forum for this build: http://kmeleonbrowser.org/forum/read.php?22,151512 ------------ Note for K-Meleon 1.6: Anyone using this for real on Win98 (needs KernelEx), and would like to get back read access for wikipedia, twitter etc. too? You can PARTLY upgrade it by "Do-It-Yourself" ;-) Have played around with this, using blind trial&error method by just copying over some files from KMzilla154 (as I call it). At first it seemed too good to be true, all those crucial domains are finally accessible again, for KM1.6 too. But it's rather shaky, only a crutch. Meanwhile have come across some domains which are still blocked in this messy KM1.6, although they do open fine with roytam's expert build KMz154. After a bit more testing, am now suspecting this tweaked KM1.6 can only open the same domains as Opera12.02? For now that's still a huge step forward, for KM to catch up at least with Opera, but if anyone can figure out more that would be great. KM-Forum for 1.6: http://kmeleonbrowser.org/forum/read.php?2,151536

(placeholder for links to some older builds, Fx36 etc)

By far the worst prob for old Win98 browsers in today's web is outdated https-encryption (SSL/TLS). Websites insisting to connect with modern TLS1.2 are completely BLOCKED, showing only error pages, usually this infamous one: Error code: ssl_error_no_cypher_overlap That desaster started only 1-2 years ago with Google's command to encrypt the whole public web with modern standards too, and things went downhill fast. Meanwhile half the internet is broken for old Firefox/Mozilla browsers! Amazingly, old Opera12.02 (needs KernelEx) is still holding up much better, it was amazingly advanced for its time, but now losing the uphill battle too. Lucky the people who can run the last Presto version (Opera 12.15?) Luckily, especially for Mozilla fans, rescue came from projects like Retrozilla, with TLS1.2, for pure vanilla Windows98. https://msfn.org/board/topic/174987-x/ And since a few years also from roytam1. Focussing mainly on Mozilla browsers for XP, but occasionally also a special build for older systems. Such a pity that he doesn't create own topics here for his fascinating Win98-browser updates. But hidden away in the middle of giant melting pot topics in the XP-forum that stuff just gets lost. Only just-for-fun hobby users of retro stuff (like himself) may stumble across it over there. So what do, to give notice of those gems to more regular users of old systems too? Which are HERE? Perhaps we can at least collect some links here, for real 9X users, to find that stuff easier. And there's probably more interesting stuff floating around out there somewhere, from other people, that could be added too. For longer discussions of single projects it would be better if anyone can create new separate topics around here, to keep that stuff together, then in THIS topic just post the link and a bit description.

ClassicNick said: > As a Christmas day gift (Update on April 1st?), RoyTam1 released a K-Meleon 1.5.4 build with TLS 1.2 support Attention NOT portable Profiles! The build itself is great, with TLS1.2 to get rid of most "no cipher_overlap" errors, just a little warning: 7z builds of KM used to be portable out-of-box, yet this one is NOT. The switch-file "profile.ini" (can be empty) is missing in the root folder. That means if you already have an older KM-profile in your systems, from whichever (younger?) KM-version, this build will snatch it and possibly modify it. Strongly recommend to make a backup copy of your previous KM-profiles before starting this. Or better, modify it to always start with the ProfileManager.

Deja vu.... again.... again... Mods, please, split....

Thanks! But the best are the comments, highlighting some consequences, obviously based on plenty experience with Googles hostility already, and in general with getting locked out from websites. This will be a HUGE prob for all alternative browsers or users on old systems, which today already get Google's threats e.g. on youtube "SOON WE WILL NOT SUPPORT THIS BROWSER ANYMORE" (or similar). In the future much harder to escape them and receive the page uncrippled. Probably deserves an own topic? PS: completely shocked again about this translator-block :-( So even if someone in fenced countries has access to free websites outside, it won't help much if they can't translate it. Or only translate with other services, which may take part in the blocking. (I've been thinking about uploading the translation somewhere, but then again, probably not much interest as this is just one report, and that subject will be covered and discussed on some english sites/forums too, with similar comments)

A peach? Hmm, not so bad at all... Much more my taste as snakes 8-) A peach... and.... cherries... Shall we do fruits? His changelogs are full with "cherry-picking", very fitting :D

roytam1 said: > can't read russian Uhm, neither can I. Not a word. But no prob, G-translation for EN/RU is almost perfect, so now confused: you kidding....? Or access blocked? Or free decision or....?

Aaargh... https://www.opennet.ru/opennews/art.shtml?num=52182 next bomb in the war of the big monopolies to get rid of all alternative browsers, which are not their own latest-greatest versions, chock full with telemetry :-(( Especially a 100% success rate guarantied to kill all older browsers, which will not be able to respond to their new request method, much the same effect as all the broken-ciphers already :-((

@VL Sorry but I keep thinking it's your own decision to waste that time, after first experiences. I know it's not quite easy to suppress an urge to reply anyway. I do highly appreciate all the help you give, it really is extremely useful, also for later readers. What I just personally find rather sad in todays world is that real trolls, who only post to disrupt and attack and offend, and enjoy it, never get any trouble, quite the opposite, instead it's usually kind people who never do any harm who get hunted for no crimes at all.

Cannot tell about Win95 or vanilla98, but in my semi-tweaked 98se MediaPlayerClassic works okay. It's my favorite player for videos, incl. youtube. It does have one bug, I must not move the slider or it freezes. To jump forward, must remember to hit the space bar first or otherwise click PAUSE, then click (not pull) to another point on the slider, then click to start playing again.

dencorso said: > If you're a true supermegaueberultraparanoid person, get yourself > a full-body Velostat gimp-suit, 'cause just a cap is not enough. Why "get" - don't you see? We have that suit long since: Just a click on the JS/iframe/objects/media block buttons and POOF!! fullbody suit pops up all around us.

Current zero-day hype: SCARY as hell, as always. Everywhere. If you're using even a just slightly older browser version, just a few days old, you're already as good as ***DEAD***! Boah... But also as always (99%), this only can hit if JAVASCRIPT is allowed? And additionally, this even requires a special JS feature "JIT" to be allowed too? And the only purpose of this is to speed up scripts, in exchange for much higher dangers? At least if I get it right and this article is about that current hype? https://nakedsecurity.sophos.com/2020/01/09/browser-zero-day-update-your-firefox-right-now/ If that's all, have no worry... My *really* old browser version allows blocking JIT since years (and JS by default off anyway, or freezing for lack of RAM): pref("javascript.options.jit.chrome", false); pref("javascript.options.jit.content", false); pref("javascript.options.jit.__INFO", "INFO: for better JS speed, but highly dangerous, zero-day vulnerable"); But no idea if those prefs are still valid for current modern browsers. And also added today to my tweaked Default prefs file, acc to above article, just in case I'll some day install Tor: pref("javascript.options.ion", false); pref("javascript.options.ion__INFO", "INFO: JS-JIT in Tor, for better JS-speed but highly dangerous, zero-day vulnerable");

roytam1 said: > K-Meleon 74 with Goanna 2.2 archive refreshed with sha384 support: > http://o.rths.ml/gpc/files1.rt/KM74-g22-20180718.win2000.7z > pm26 archive also refreshed: http://o.rths.ml/gpc/files1.rt/palemoon-26.5.0-20180718.win2000.7z Great to get more ciphers for KMG74 too, thanks! But just noticed: the filedates are wrong, still the old ones from 2018. Yeah it's only some ciphers, but those are important and wrong filenames are completely misleading, please consider correcting it to avoid confusion and accidents...

roytam1 said: > just refreshed my KM74g archive with sha384 support. Thank you for updating! A few more of those pesky modern ciphers :-) @Readers with old browsers, who only see empty rectangles instead of MSFN crosslinks: The link goes to here https://msfn.org/board/topic/180462-my-browser-builds-part-2/?do=findComment&comment=1175953 (KG74, KMG74, KM-Goanna74, K-Meleon-Goanna 74, officially for Win2000, or as fallback browser for Win98se with KernelEx2016)