Mathwiz

While I certainly have some differences of opinion with Tobin, MC, and the rest of the PM team, I do want to express my sincere gratitude for their work! In particular, it's nice to have browsers that work with modern Web sites, but that don't employ the "walled garden" strategy of Chrome and Mozilla, requiring every add-on and the like to get a digital signature from the "powers that be." I understand that Chrome & Mozilla are trying to guard against malware, but the potential for abuse of "walled gardens" is clear, especially when Google or Mozilla has different interests than the add-on developer (as we've seen with the recent flap about Chrome threatening to break uBO).

Turns out, it wasn't so much Mozilla as @Sampei.Nihira. I tried my own copy of FF 52.9.1 and, sure enough, I was stuck at 1.17.4. Once again, @VistaLover to the rescue: All of the above applies to FF 52.9.1 also, so one must: Toggle dom.requestIdle.Callback.enabled in about:config to "true" Set a general.useragent.override string to at least rv:55.0; otherwise addons.mozilla.org won't even let you download the latest version Once downloaded; FF 52.9.1 (unlike FF 52.0.2/0.3/9.0) will disable it due to the "strict_min_version" string mentioned above; unfortunately, changing extensions.lastAppVersion in about:config from 52.9.1 to 55.0.0 doesn't help; so to get around this, one must manually edit manifest.json in <profile folder>\Extensions\uBlock0@raymondhill.net.xpi as above However, unlike Basilisk/Serpent, FF also requires add-ons to be signed; doing #3 invalidates the signature, and FF 52.9.1 still won't run it! (That's not quite as ridiculous as Chrome, but it's starting to get pretty close.) There must be a way around that, as seen from @Sampei.Nihira's post showing uBO 1.18.4 running on FF 52.9.1; but no one seems to be talking. I'm starting to feel like I'm chasing the proverbial undomesticated fowl.... (Side note: as I've posted elsewhere, on FF/Serpent I actually prefer to run the legacy version of uBO, since it lets me stop WebRTC's IP address leak; and I don't use FF for day-to-day browsing anyway. So this is purely an intellectual exercise. Still, how ... ?)

I guess our posts crossed in the Ethernet Sorry to have derailed the thread; of course uBO isn't even needed to block Service Workers in FF et al. Even if you use a version (FF 51) where they're enabled by default, you can just toggle support off in about:config and be done with it.

That's interesting @Sampei.Nihira; I was never able to get a version later than 1.17.4 to run on Serpent 52, which is forked from (IIRC) FF 52.6. I never bothered trying on later FF versions; I just figured they'd stop at 1.17.4 too.... (uBO 1.18.4 runs on Serpent 55, but that was forked from an alpha version of FF 53....) So it seems Mozilla did more than mere "security fixes" between 52.6 and 52.9.1.

Thanks @VistaLover; I figured it out on my own eventually and edited my above post accordingly. Just really annoying that Google makes things so much harder.... They keep reminding my why I avoid their browser!

Well, @Sampei.Nihira, given all the trouble I had, I can't say I blame you. But just to be clear, the last working version of uBO on Chrome (1.16.18/1.16.20) is more recent than the last working version on FF 52 (1.16.4.9). Edit: Actually 1.17.4, which is more recent than 1.16.18/20, runs on Serpent 52, so I should've realized it'd run on FF 52 also . 1.16.4.9 is the latest uBO version for PM/NM/Basilisk, though, since those browsers either never supported or no longer support WE's.... You can run the latest version of uBO on Serpent 55 (although the WebRTC option is greyed out).

The state of play, I believe, is: We have ProxHTTPSProxyMII 1.5 working with Cryptography 2.4.2, which runs even under Python 3.4. For now, this works well. But TLS continues to evolve, so to avoid eventual obsolescence we'd like to get ProxHTTPSProxyMII working with newer Cryptography versions. This required a newer version of Python, so we've got Python 3.7.1 working on XP; but more is required as well (at least a user-written version of bcrypt.dll to substitute for the Win 7 module, but apparently even more than that). The problem is, once you move beyond Python 3.4, developers assume you're running on a newer Windows version, so all packages developed for newer Python versions may also use newer Windows functions. It may not be practical to go much further.

Well thanks to @VistaLover's post, I downloaded the signed version of uBO 1.16.18 he uploaded - but Advanced Chrome still won't install it! Says "Apps, extensions, and user scripts cannot be installed from this Web site." Referring, of course, to the file on my own PC. Found the "developer mode" checkbox and tried that; didn't help. Even tried unpacking the .crx file to a directory and loading it with "Load unpacked extension" - but that just got an error that the "_metadata" subdirectory was invalid because its name starts with a reserved "_" character! This is ridiculous. It won't install from anyplace other than the Google Store - but the Google Store only has an incompatible version! Edit: Well, I finally figured it out (sort of); I was able to install uBO 1.16.18 by dragging the .crx file onto the chrome://extensions page. (This works in FF/Serpent/etc. too, but usually in those browsers, I just click on the .xpi file; that doesn't work in Chrome! )

KB2589339: I would've thought M$ could have taken care of the new Japanese era with a single update, rather than dribbling out half a dozen or so

Well, I guess that would explain it. Of course, with FF/Serpent/etc., it's easy both to find and to load older versions from GitHub. With Chrome I'm kind of starting from scratch trying to learn all over again how to do those things. Edit: I vaguely remembered reading your thread, so I went searching, and sure enough, there was one of @VistaLover's wonderfully clear posts explaining why uBO is such a ridiculous mess on Chrome (Advanced or stock):

It's just as well; I absolutely cannot get uBO to properly install in Advanced Chrome anyway. It looks like I get a partial download: it says it's added, but if I click on the button all the icons are text. If I go to the dashboard it's all blank I'm giving up. uBO works fine in Serpent without any of these issues.

Legacy version 1.16.4.9 of uBO is available. Appears to be a cosmetic fix with positioning the uBO button in the toolbar. I had mixed success with uBO Updater. It worked a treat in Serpent 55, offering 1.16.4.9 vs. 1.18.4 (or whatever the most recent stable version is). But in Serpent 52 it didn't offer me an update at all. Had to go into the releases at Github and download/install 1.16.4.9 manually. Edit: This is probably related to the upstream changes made to Basilisk, to check for updates at addons.basilisk-browser.org vs addons.mozilla.org, but uBO Updater is supposed to intercept those checks anyway

It's a Python script. It wasn't easy to get it running, but here's how I did it: Install Python 3.4 if you don't have it already If you have ProxHTTPSProxyMII installed, you'll need to bypass it for a couple of host names: [SSL Pass-Thru] files.pythonhosted.org #pypi.python.org pypi.org (Note that you do not need pypi.python.org to pass through, as ProxHTTPSProxy comes configured; but you do need those other two hosts to pass through.) Install the latest pip: C:\Python34>python -m pip install --upgrade pip Using pip, install chardet: C:\Python34>pip3 install chardet To download wes.py, go to the Github link above and click on the wes.py file. It will show you a listing of the Python script. Right-click the "Raw" button and select "Save Link As...", "Save Linked Content As..." or however your Web browser puts it. I saved mine to C:\Program Files\wesng but you can put it anywhere you like. Probably best to use an empty directory though Download the vulnerabilities database: C:\Program Files\wesng>wes.py --update Finally, follow the instructions in the Readme.md; e.g.: C:\Program Files\wesng>systeminfo >systeminfo.txt C:\Program Files\wesng>wes.py systeminfo.txt >vulns.txt For Windows XP you will get a very long list of potential vulnerabilities (545 in my case) in vulns.txt. Each one looks something like this: Date: 20081111 CVE: CVE-2008-4037 KB: KB957097 Affected product: Microsoft Windows XP Service Pack 3 Affected component: Severity: Important Impact: Remote Code Execution Exploit: https://www.exploit-db.com/exploits/7125 The KB: line indicates the update that closed that particular vulnerability. Note that one update often closes multiple vulnerabilities, so you won't have 545 updates on your system. The tool's biggest weakness is that it doesn't check to see whether the updates are installed or not! You have to do that yourself, with a tool like NirSoft's WinUpdatesList. Tedious! It'd be nice if a Python programmer could fork the tool (or just issue a pull request) adding that function to it, along with an option to list only unpatched vulnerabilities. Its other major weakness is that the database doesn't contain vulnerabilities for XP Embedded systems like POSReady 2009. So for XP it only goes through 2014. It doesn't even include WannaCry! It seems the author uses other Python scripts to download M$ security bulletins to create the database. Again someone needs to create a script to download the Embedded bulletins and add them to the appropriate database. Also right now it only parses English output from systeminfo. There's already a pull request to fix that, though.

I use Basilisk and used to use Firefox, which have these things turned off by default, and I don't think I've ever needed "service workers" for any Web page I've visited to work. So why do "service workers" even exist? They seem to do nothing except create a security exposure.

Turns out for the above AV1 test site, you must also set "media.mediasource.webm.enabled" to true, as I found out after a lengthy and frustrating day of troubleshooting "why does it work on this machine but not this other one?"

Out of an abundance of paranoia, I downloaded RT's last two versions of Serpent 52, NM 28, and NM 27, for all processor configurations (64-bit, 32-bit, no SSE2, no SSE). Also got last version of FF 45 build and NM 26.5 for Win2K, just in case any of those needs to "go away" like Borealis did. I know I'm probably being ridiculous, but I'd rather have it and not need it than the reverse.

If you have no need to access files from other PCs, NAS, etc. on your home network, I did think of a rather drastic possible solution: stop the LAN Manager "Workstation" service. That would prevent any implicit file: requests from going out, and presumably, then having to time out. I have no idea if that would work, and it may not be practical anyhow. But it may be worth a try.

Yes; just start a new topic and click "Poll:"

As usual, Microsoft's version numbering is ridiculous and confusing. If you open RDC, you can right-click the top left corner and click "About" to see version info. RDC 7.0 (the last for XP SP3) looks like this: Naturally it says Version 6.1.7600, not 7.0. The only thing that says 7.0 is "Protocol 7.0 supported." If you don't have the version above, you can get it by installing KB969084, which Microsoft has naturally removed, but you can still download it from the Wayback Machine at: https://web.archive.org/web/20130721164659/https://download.microsoft.com/download/A/D/B/ADB61C11-6705-437A-ACAD-CAA9C0200C4C/WindowsXP-KB969084-x86-enu.exe Once you install it, you'll need to install KB2813347, which is available via MU even though RDC 7.0 itself isn't available anymore. (Apparently KB2813345 is for RDC 6.1 and KB2813347 is for RDC 7.0.) M$ sure makes it complicated!

Glad you figured out a way to fix the FF issue! (Usually I'm the one who can't get things working when they're working for everyone else.) When I first tried to open the .jnlp test file I got the same error in jp2launcher. I'd had some other crashes in jp2launcher, so I copied jp2launcher.exe from the old 152 install, tried again, and it worked. I didn't replace javaws even though, you are right, opening a .jnlp file calls javaws. (I guess javaws calls jp2launcher.)

Of course, after installing WMP10, I wanted to re-install Windows Media Format 11 run-time on @heinoganda's recommendation: ... but the installation program, wmfdist11.exe, wasn't on my system! I found a link to wmfdist11.exe at https://softfamous.com/postdownload-file/windows-media-format-runtime/4431/884/. Note: this site is slow! But the file seems to be genuine; Microsoft's digital signature is present. Note: wmfdist11.exe seems to obviate the need for most of the above updates, including the hot-fix. I ran Microsoft Update before installing it, and all the above updates (except the hot-fix) were listed. But instead of installing the updates I installed wmfdist11.exe and ran MU again; afterwards only KB973540 & KB973540 were listed, and when I tried to install the hot-fix, it said it was already installed.

Thanks @sdfox7, I do have the Windows Media Format 11 Run-time installed. I was wondering if that might be the problem, but the error message did nothing to point me in that direction, and I didn't want to just randomly start uninstalling things that might be the problem, only to discover it didn't help. Edit: That worked.

Classic Add-Ons Archive is for FF 45 - 56 (also Pale Moon 27 - 28).

I went through and collected most (can't guarantee all) of the names suggested early on as permanent replacements for "New Moon." Many reference XP, or at least allude to it (Bliss Moon, Luna). A couple (NyXP, Pale Mimas) refer to moons of planets other than Earth (including dwarf planet Pluto), providing an easy copyright- and trademark-safe source of icons. I suggest we organize a poll. Or @roytam1 can just pick one and we can get to work on artwork. Mimas (image from Cassini spacecraft): Nix/Nyx (image from New Horizons spacecraft): Name Suggested by Black Moon @98SE MoonFade @burd Waning Moon @Damnation Bright Night @dencorso NyXP @dencorso XP Moonshine @dencorso Darkmoon @Dibya Bliss Moon @heinoganda Bold Moon @jaclaz XPM @jumper (Lunar) Xpale @mixit Luna @NT Five Pale Mimas @roytam1 (There has to be a better way to insert tables on this forum! But this will do for now) BTW, I've seen no suggestions so far for Serpent, so I'll start: Apophis!