Mathwiz

I was about to suggest you try that! It seems to be a variant of Murphy's Law: Every "upgrade" will include one or more actual downgrades.

I get their point; but the obvious problem is, some of us are already using some WebExtension add-ons in Basilisk, so this breaks compatibility with our browser set-ups. IMO it would be better to leave WebExtensions in the code & just not do any further development on them (except for security fixes). Editorial: I wonder if the PM team is unclear on the problem with WebExtensions. As I see it, the problem isn't that they exist; the problem is that Mozilla decided to force everyone to rewrite their add-ons to use them, in order to install on newer FF versions; thus disabling any legacy add-ons that weren't actively being maintained. This is the main reason I switched to Basilisk in the first place - I didn't want to have to find replacements for all my legacy add-ons - but now the PM team is about to make the exact same mistake, in the opposite direction! Maybe there are also a couple of unstated reasons for the PM team to remove WebExtensions from Basilisk: To remove any incentive to move from PM to Basilisk in order to use newer WebExtension add-ons To further incentivize add-on developers to maintain legacy versions of their add-ons I may have to start using your XP builds even on Win 7, just to keep compatibility with my existing set of add-ons.

Thanks for the clarification. Good to know that "appears to be corrupt" might only mean "not supported." Since I, personally, don't use WebRTC, I just disabled it in about:config on my browser. But as I posted, someone who does use WebRTC needs a more convenient way to toggle it on/off.

Wikipedia uses a certificate with an Elliptic Curve public key algorithm. XP still doesn't support that. I doubt we'll get a patch by April either.

I'd been using that myself, but decided to stop in favor of the "Canvas Defender" add-on. The purpose of the canvas.poisondata pref is to randomize canvas data to avoid fingerprinting. However, there's a problem with this approach: most browsers don't have that feature. Even NM/Basilisk don't enable it by default. So all Facebook, Google, etc. have to do is to run the fingerprint twice, observe that the browser returns different results each time, and they'll know that the user belongs to the small subset who have browsers or add-ons that poison canvas data. Then other, less precise fingerprinting techniques can still uniquely identify users within that small subset. Canvas Defender, in contrast, changes canvas data periodically rather than every time a fingerprint is attempted. The rate of the periodic changes can be set anywhere from once per minute to once per week (or turned off completely so you can change it manually as desired). The idea is to look like one of the "unwashed masses" who don't poison their canvas data (thus allowing tracking for a while), while in reality poisoning canvas data often enough to render said tracking useless.

Yes, it's there and set to Always Activate. Edit: Turning off e10s didn't help. It runs in Safe Mode though, so it's probably conflicting with some add-on. Edit 2: Found it! It was Canvas Blocker.

Interesting. Runs fine in IE8, Advanced Chrome (NPAPI support restored), and NM 28, but not Seamonkey 2.49.5 or Basilisk/UXP (neither official on Win 7 nor Roytam's build on XP). On those I just get prompted to install Silverlight Anyway, it's clearly XP-compatible.

If @rockmaster113 is lucky, Slack is just blocking older browsers so that they have fewer configurations to test, and fewer variables to contend with when they take support calls. I'm hopeful that a spoof will let Slack work, if not with FF 47, then at least with FF 52 or one of @roytam1's Basilisk builds, which were forked from FF 52 & 53 with few changes. It may look different when rendered by Gecko or Goanna vs. Quantum or Chromium but hopefully it'll still be usable. Anyway, we'll find out in March.

I'm not sure, but if you only install kb4019276, you may need to make some registry changes to enable it. More info here: https://support.microsoft.com/en-us/help/4019276/update-to-add-support-for-tls-1-1-and-tls-1-2-in-windows I included those registry changes in my .reg file to disable insecure algorithms, posted right after the post I linked to.

I guess there's no way to know for sure until 3/15, but even if spoofing doesn't work for FF 47, there's probably an XP browser it will work with. Whether FF 47 will still work (with a spoof) probably depends on what Web technologies Slack relies on.

Scribd.com only supports TLS 1.2 with AES now. Make sure you have the updates listed here (you can ignore the references to Skype): KB4019276 adds TLS 1.1 & 1.2 support to XP; KB4230450 (or any subsequent cumulative IE8 update) adds them to IE8 (which may or may not be necessary for Internet Download Manager).

Yes, @Dave-H & I both decided to post about today's Silverlight update at around the same time. He picked this thread & I picked another

It is - if you spoofed 32-bit Win 7 or later in your browser's user agent string. (Actually, spoofing a 32-bit browser on 64-bit Windows would probably work too, but I didn't try that.) Vista and XP are offered older versions. 64-bit Win 7 is offered a 64-bit version, of course. BTW, on Firefox or its derivatives (NM/Serpent/MyPal/Seamonkey/etc.), make sure to use/spoof version 52, since later versions don't permit any plug-ins besides Flash. Edit: BTW, does anyone know of a good Silverlight test page (other than Amazon Prime)?

Believe it or not, 5.1.50907 may not be the final release. On Win 7, WU just today updated Silverlight to 5.1.50918! Edit: It looks like one of those updates to handle the new Japanese era (like the Office 2010 updates M$ keeps fouling up), so it may or may not be compatible with XP. I checked MU on my XP VM. The update wasn't there, but since POSReady '09 is still supported, it still might appear in a day or two. Edit 2: Downloaded the new Silverlight to my XP VM and installed it. Does anyone know of a good Silverlight test page?

I realize this is several months late, but Shockwave for Director 12.3.4.204 was released on June 6, 2018. I just found out! Edit: Here's the download link. http://fpdownload.macromedia.com/get/shockwave/default/english/win95nt/latest/sw_lic_full_installer.exe

That's fine, especially if you don't use it. Just turn it off and forget about it; there's no need to bother with add-ons. The add-on I found just toggles the same preference in about:config. It's strictly a convenience for those who use WebRTC but want it off during general browsing for greater privacy protection

Still available via the Classic Add-Ons Archive also.

Specifically, WebRTC leaks two bits of info that may compromise your privacy: Device ID hashes for your microphone & camera The IP address on your local network #1 can be used for browser fingerprinting, allowing the likes of Google and Facebook to secretly track your online activities; luckily it's mostly a problem for Chromium-family browsers, not for Firefox-family browsers like Basilisk. The latter browsers randomize the "salt" used in the hash whenever the browser is started, so unless you leave your browser session running for weeks at a time, the ability of anyone to use #1 as a secret tracking cookie is limited. #2 is more problematic though. It can reveal your "real" address behind a VPN, which could be used for censorship, or alert the authorities that you're accessing "banned" material. More commonly, it will reveal one of those non-routeable local IP addresses starting with 10. or 192.168 assigned by your (real or virtual) router. That's less worrisome, but if it doesn't change often, it too can be used in conjunction with your public IP for browser fingerprinting. If you don't need/use WebRTC, the website linked above contains instructions for disabling it and preventing those info leaks. But what if you do use it? One solution might be the WebRTC Control add-on. This adds a toolbar button that simply toggles WebRTC on or off, a la the popular Flash Disable add-on. So you can leave it off for normal browsing, but turn it on before going to a site that requires it. Edit: Should have checked first. Couldn't install WebRTC Control linked above. All three versions download OK but Basilisk reports that they all appear to be corrupt. Must be a bad hash somewhere Try the "classic" version of Disable WebRTC instead. I think a better solution would be an add-on with a white-list, which would enable WebRTC automatically, but only for sites like Discord and Skype. But I haven't yet found a Basilisk-compatible add-on that has such a white-list

Well, over the weekend CAA updated itself to version 1.2.3, overwriting the change you suggested. I reapplied the change and of course it works again, but obviously will have to do that every time CAA gets updated ... oh, well ....

I've heard of that problem before. KB4480077 updates .NET Framework 4 Client Profile; yet it may refuse to install unless .NET Framework 4 Extended is also installed. Looks like KB4470490 updates both Client Profile and Extended.

Well, that didn't take long. They're already up to 3.0.6.... Oooh ... High Dynamic Range ... wish I had an HDR monitor to try it on.

Yes, updating the .NET frameworks (especially .NET 4.0) always seems to take forever and a day.

Thanks! I have the legacy version, 1.1.2. I'll test 1.4.0 but I'm pretty sure it'll work since it works on @roytam1's version. Edit: It does work. I would have been surprised if it didn't. The WebExtensions API is inherently compatible with multiprocess mode; the next question was whether Basilisk 52 supported enough of the API, but since it works on the XP build that was all but certain to be true as well. Still, you never know about these things until you try them - especially when using an unsupported feature of the browser

Admittedly a kludge, but it does seem to work! I can now add Classic Add-Ons Archive back to my default profile, although Markdown Viewer must remain consigned to a separate Single-process mode profile. I'm still surprised multiprocess mode works in the first place. On my XP VM I could have just gone back to single-process mode and it would have been fine; but on Win 7 Basilisk kept freezing anytime another tab auto-updated in the "background" (until I discovered multiprocess mode works). So this kludge will still help me. Thank goodness for 7-zip too; it makes it easy to update files (like bootstrap.js) within .xpi files (like ca-archive@Off.JustOff.xpi).

Those values used to be there - I've seen them - but installing the latest IE8 update may have removed them. If they aren't there (they're gone from mine now too) don't worry about it. They were intended so that IE's registry keys could be configured the same for all OSes, but TLS 1.1 / 1.2 would still show up only on Win 7 and up, so they aren't needed now that TLS 1.1 / 1.2 work on XP.