Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


  • Content count

  • Donations

  • Joined

  • Last visited

Community Reputation

26 Excellent

About Mathwiz

Profile Information

  • OS
  • Country
  1. IE 8 in 2018?

    I added the DisabledByDefault DWORDs to my registry as above. However, IE8 still does not use TLS 1.1 or 1.2. I believe both protocols are installed and usable, but IE8 isn't using them. Here are the cipher suites reported by the site above (result of Paste looks terrible, but it's readable):
  2. KB4056564, the fix for the CredSSP Remote Code Execution Vulnerability, was part of Tuesday's POSReady patches. So we'll probably get the next two patches as well. As long as both the client and server are patched, I don't think you'll have any problems RDPing between XP and newer Windows versions.
  3. I've learned that large WD HDD enclosures with a "-04" suffix (e.g., WDBFJK0030HBK-04-NESN) seem to have 4K sectors, thus are fully compatible with Windows XP. However, enclosures with a "-0A" suffix seem to have 512-byte sectors, so only the first 2.2TB are available (Edit: unless/until reformatted as described above, that is). Note: this applies to the enclosure model number, not the drive model. It appears that GSmartControl displays the drive model.
  4. IE 8 in 2018?

    Are they? What does howsmyssl.com say? Neither Den nor I have been able to successfully enable TLS 1.1 or 1.2 on IE8, let alone IE6. As I mentioned earlier, merely accessing wikipedia.org doesn't prove you have TLS 1.1 or 1.2 working. It only proves you have the AES crypto algorithm working (provided by an update - can't remember which KB), which is good, but AES still works with TLS 1.0.
  5. One more option: the original version had a program called "launcher.exe" which launched it hidden (and created a system tray icon to toggle between hidden and visible). Heinoganda updated it with newer, better OpenSSL library, but I don't know if his version still includes "launcher.exe"
  6. Understood; that's why I changed "--remote-name" (which uses the server's name, certs.pem) to "-o cacert.pem". Heinoganda's file was somewhat larger than the one at curl.haxx.se/ca/cacert.pem (I don't understand the difference, but as long as it works).
  7. Well, that's true; Windows Live Mail still uses Windows for security, just like OE6, so it won't help at all there (unless you also move your email to a newer Windows version). I only brought it up because it's a comparatively painless upgrade path. It does add some nice new features (like pasting images directly into an email) though.
  8. So I could just change to C:\WINDOWS\curl.exe -o cacert.pem --time-cond cacert.pem --cacert cacert.pem https://mkcert.org/generate/ ... and be done with it? Cool! Edit: Had to add a / at the end of the URL. Doesn't work without it (cURL doesn't follow redirects)!
  9. IE 8 in 2018?

    This is a known issue with the POSReady '09 hack. You always have to manually install the latest cumulative IE8 update before checking for new updates. Because of this, it may be best to disable automatic updates, so you can always install the IE8 update before checking. Or you can just learn to check for updates before going to bed - should be done by the next morning....
  10. IE 8 in 2018?

    Thanks, Den. At least the HTTPS proxy still does the trick....
  11. IE 8 in 2018?

    OK, I must be missing something. I have IE8, the POSReady '09 registry hack, and all the updates including KB4019276. I removed the OSversion registry keys identified above. The TLS 1.1 and 1.2 boxes appear. I checked them. But in IE8, howsmyssl.com still reports I'm using TLS 1.0. If I uncheck TLS 1.0, I get "cannot display the Web page." I tried adding the "Enabled" DWORD value to HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS1.1\Client (and same for TLS1.2\Client); no change. Edit: BTW, Wikipedia does work, but it doesn't (yet) require TLS 1.1 or 1.2; it only requires the AES cipher, which was added by (I think) the same another POSReady '09 update.
  12. XP task bar vertical?

    Hard to tell w/o a pic, but I think Roffen is saying he has a "Recycle Bin" toolbar on his taskbar now. It may be small enough not to be a big problem, but if so, here's how to get rid of it. Right-click on an unused part of the taskbar. If "Lock the taskbar" is checked, click it to unlock the taskbar, then right-click again. Hover over "Toolbars;" it should expand showing all toolbars on your taskbar. If I'm right, there should be a "Recycle Bin" toolbar checked. Click it to uncheck it. Your "Recycle Bin" toolbar should be gone. Now right-click an unused part of the taskbar one last time, and click "Lock the taskbar" to prevent any further mishaps. Edit: It's also possible he got a Recycle Bin shortcut added to his Quick Launch toolbar somehow. To get rid of that: Right-click on an unused part of the taskbar. If "Lock the taskbar" is checked, click it to unlock the taskbar, then right-click again. Right-click the "Recycle Bin" icon to be removed, then click "Delete." Your "Recycle Bin" icon should be gone. Now right-click an unused part of the taskbar one last time, and click "Lock the taskbar" to prevent any further mishaps.
  13. I can't speak for glnz, but moving to a new POP3 email client often means abandoning all your old emails, since POP3 stores them all locally, and email clients often can't import old emails from a different client, especially one as old as OE6. One exception is Windows Live Mail. The 2009 version even runs on XP, and is so similar to OE6, I call it OE7. You'll need to locate an offline installer though (the file should be 138,086 KB). M$ has removed all the files needed for the online Windows Live installers to work. If your email service supports IMAP, another way is to set up an IMAP connection to your email service in OE6, then move all your old emails to IMAP folders, effectively uploading them all to the server again. Then you can set up an IMAP connection in your new email client and everything will be there. Or you can set up a POP3 connection in your new email client and re-download all your emails to your PC again.
  14. The way I dealt with this was to install cURL in my Windows directory, then run the following command: C:\WINDOWS\curl.exe --remote-name --time-cond cacert.pem --cacert cacert.pem https://curl.haxx.se/ca/cacert.pem ... in the "C:\Program Files\ProxHTTPSProxyMII" directory periodically. This keeps cacert.pem updated, much as Heinoganda's cert. updater keeps Windows's certificate store updated.
  15. That happens when you access msfn.org with https:. Msfn.org supports https:, but isn't quite smart enough to replace http: with https: in iframe links. So to protect you from the possibility of a hacker intercepting the unsecured iframe and replacing it with malicious content, you get that stupid padlock with the warning icon. You can click the padlock and disable protection, and the page will reload with the unsecured iframes. The padlock and the "https:" in the address bar will then be struck through to remind you that you aren't really secure. I wish Firefox would let us permanently disable protection on a per-website basis, instead of having to do this every time a page comes up with grey boxes like that. Edit: BTW, if you're using HTTPS: Everywhere, your connection to msfn.org probably is secure; it's just that Firefox doesn't know it!