Jump to content

Mathwiz

Member
 View Profile  See their activity

  • Posts

    1,858

  • Joined

  • Last visited

  • Days Won

    51

  • Donations

    0.00 USD 

  • Country

    United States

 Content Type 

Everything posted by Mathwiz

  1. Mathwiz
    Thank you for that excellent step-by-step guide. One note: there are still a few web servers around that don't yet support TLS 1.2. So in the last step (11), one may opt to leave TLS 1.0 checked (particularly if they use Chrome 49 or Advanced Chrome web browsers, which also use XP's Internet settings). That way their connection will use TLS 1.2 if it's available but fall back to TLS 1.0 if not. (No real reason to enable TLS 1.1 though; I've never seen a site that supports TLS 1.1 but not 1.2.) I wouldn't say TLS 1.0 is insecure by itself, but it does support several insecure cipher suites, so you may want to disable all cipher suites except AES (and perhaps 3DES; it's security was weakened by the "Sweet 32" attack, but as with TLS 1.2, there are still a few web sites that don't yet support AES, so you may need to leave it enabled for those). I've attached a .reg file to disable the old RC2 and RC4 cipher and MD5 hash algorithms: Disable insecure algorithms.reg
  2. Mathwiz
    Personally, I'd like to see it, albeit as an "opt-in" option where I could select my own DNS servers rather than Mozilla or whoever selecting them for me. The idea is to try to get ESNI and DoH/DoT as common as HTTPS has become. But it's pretty clear from the two threads linked above that MC isn't interested. My only hope is that @roytam1 can merge the relevant commits directly from Mozilla's code.
  3. Mathwiz
    Correct. There's a specific POSReady update to support AES, which robotbirds.co.uk supports as well. That should solve your cipher mismatch issue. There are other, more recent POSReady updates to support TLS 1.2, now required by several web sites. Can't remember the KB numbers but should be searchable at the POSReady thread. Note: some POSReady updates require an SSE2 processor. Not sure about these specific ones, but I don't think they do.
  4. Mathwiz
    Of course, it could just be my aging ears too....
  5. Mathwiz
    Well, it won't become less secure ... the risk, as always, is that someone will discover and exploit a vulnerability that was always there. So I'd keep an eye on security fixes for the nearest supported OS (probably Server 2008). Any vulnerabilities discovered in that are probably in XP also. Usually M$ gives an assessment of what it would take for an attacker to successfully exploit a new vulnerability. A lot of times it turns out to require physical access to the PC; most of us needn't worry about those (unless we're using XP machines at work!) If an over-the-network vulnerability is discovered, we could probably just block the affected port with Windows Firewall, unless it's something we really need.
  6. Mathwiz
    Looks like it will be a while before browsers supporting encrypted SNI come to the XP platform: If it's not even in the release builds of FF yet, I doubt we'll see it ported to Basilisk/Pale Moon (and thence to @roytam1's Serpent/New Moon) anytime soon.
  7. Mathwiz
    I can't even hear the processor fan on my desktop PC. I can see it spinning if I take the cover off, but it's very quiet. (OTOH, it's just a dual-core AMD processor, so it doesn't take much to get it to 100%.... If you have an I7, it might take a bit more fan than mine ) I can hear the PS fan, but its speed is constant.... As for why browsing uses so much CPU, take a look at the source code to a Facebook or YouTube web page some day It's not just a static page anymore either - they keep pumping in more Javascript as you scroll....
  8. Mathwiz
    Sounds like you need a new fan You should be able to run at 100% CPU without hearing anything; a bearing may be fixing to go out. At some point the Pale Moon team will probably strip out the multiprocess code entirely, or else I'll stumble across an incompatible add-in that I just can't live without, and I'll be back to square one; but meanwhile, I'll enjoy it while I can.
  9. Mathwiz
    New version doesn't work for me: MKVMerge seems to be looking for "XPVCRT.dll," whatever that is. Should I rename MSVCRT.dll? Edit: That seemed to fix it. One of my pet peeves: a product drops support for users of an older product like Win XP, but only because they didn't think it looked "cool" enough.
  10. Mathwiz
    My memory needs aren't as demanding as yours, but for me the big advantage is, much smoother browsing in one tab when another tab is busy auto-refreshing. Apparently dealing with the keyboard/mouse and dealing with HTTP(S) are done in the two separate processes.
  11. Mathwiz
    AIUI it's supposed to be similar to @Dibya's Extended XP. Unfortunately I think it's illegal: https://reactos.org/forum/viewtopic.php?t=16868 I suppose it would be legal for you to use on your own system if you own licensed copies of all those OSes, but don't post any links here. It would get MSFN in big trouble.
  12. Mathwiz
    Yes it is. When I hear Quantum I think of a line of Duracell batteries. But Wikipedia lists: Businesses and products Quantum Corporation, a manufacturer of computer data storage products Quantum Sports Cars, a British-built low-volume car manufacturer Volkswagen Quantum Quantum, a line of Maksutov telescopes that were manufactured by Optical Techniques Incorporated (OTI) Quantum, line of small engines made by Briggs and Stratton Quantum-class cruise ship MS Quantum of the Seas Computing QUANTUM, a suite of attack software by the US National Security Agency (NSA) Quantum compression, a file compression format QGIS, an open source GIS program for map-drawing and related functions, formerly called Quantum GIS A time slice in computer pre-emptive multitasking Quantum computing, the study of hypothetical computers based on quantum-mechanical principles Quantum (statistical programming language), a programming language for statistical analysis developed by Quantime Quantum Corporation, a manufacturer of Hard Disk products from 1980 to 2001 Quantum project of Mozilla to improve its Firefox web browser engine I see they mentioned Firefox but not Duracell. At any rate, only one of the above uses, quantum computing, has anything to do with the scientific meaning of the word. Don't even get me started on Spectrum....
  13. Mathwiz
    I hope not too; and it's probably not the case. (Just about every time I thought I might have malware on my PC, it turned out I didn't.) But if nothing else works, don't rule the possibility out.
  14. Mathwiz
    Not long ago, someone (who I can't remember) was wanting some application (might have been @heinoganda's certificate updater, but I can't remember that for sure either) modded to run on XP SP1. Anyway, the question came up "why do you want to stay on SP1?" And I replied that AIUI SP2/3 don't support PAE. I was told that was wrong, but didn't really understand it until now. So SP2/3 do support PAE, but limit it to 4 GB (which mostly, but not entirely, defeats the purpose).
  15. Mathwiz
    @dencorso, I was thinking the same thing. Maybe @Dave-H's PC has some kind of malware that's "securing" it from security software
  16. Mathwiz
    Well, I just tried it in Basilisk 52. The about:config Boolean preference above doesn't exist by default in either the XP or official build; I had to add it . I didn't expect it to work, but it did! Task manager shows two Basilisk processes, just like the "old days." Guess all my add-ons are multiprocess-compatible. Even more surprising, it also worked on the latest official Basilisk/UXP build (2018.12.18) running on Win 7 Win 7 is where I could really use it; the XP version has always seemed responsive enough, even without multiprocess mode. So evidently the multiprocess code was never removed from either build; the default was just changed at some point.
  17. Mathwiz
    I'd assume that closes the door on Basilisk 52 (UXP) at least. The e10s code may still be lurking within Basilisk 55 (Moebius) somewhere, I suppose.
  18. Mathwiz
    In my limited research it looked like the nightly builds of some earlier releases had it, just not the release builds. But I couldn't figure out how many versions back that went. Anyhow, point being: it's not in PM to start with; @roytam1 didn't remove it. AIUI, e10s breaks compatibility with many legacy add-ons, to the point that e10s won't even start unless every enabled legacy add-on has an 'e10s-compatible' flag set. That may be a big reason why they won't add e10s to PM. Basilisk may have it though. I recall often seeing two basilisk.exe processes in Task Manager when I first switched to Basilisk and wondering what that was about. But I suspect a new add-on has disabled it since then (I no longer see two processes). WebExtension add-ons are inherently compatible, but Basilisk supports only some WebExtension calls (version 55 supporting more calls than 52), so a lot of add-ons for Basilisk probably disable e10s.
  19. Mathwiz
    As you probably know, these browsers are all forks from various Firefox releases. AIUI Firefox did not enable multiprocess mode (e10s) until version 53. All these browsers except one (Basilisk 55) were forked from FF versions prior to 53. Multiprocess mode was not "removed;" it was never there in the first place. (I could be wrong about this, but that's my best understanding of the situation.) I don't know if Basilisk 55 supports multiprocess mode. AIUI it was forked from a pre-release version of FF 53 and I don't know what the status of e10s was at the particular release it was forked from.
  20. Mathwiz
    IOW, MSE is fine for the likes of us, but the masses (including our friends & relatives) will need something more comprehensive.
  21. Mathwiz
    Yeah but 7.38 is the one that nags you to "update"
  22. Mathwiz
    Latest MSE version that runs well on XP is 4.4. I think 4.5 works too but nags you to upgrade. @heinoganda has a modded 4.8 that will work too. All still get updates (with the POSReady registry hack) but none are "supported" unless you're actually on POSReady.
  23. Mathwiz
    I think it's pretty much 'max' by default. Be prepared for sluggish browsing, though; at least that was my experience with MSE. I finally ended up excluding browsers from MSE in "Excluded processes" and using MalwareBytes' Anti-Exploit to monitor them instead. (MSE still monitors everything else; just not browser processes.) It was the only way to keep my Web browsing from becoming painfully slow.
  24. Mathwiz
    So I guess users who do have the POSReady entry, and who now receive MSE updates automatically, will also need to make this change (and start updating MSE manually) after POSReady EOS next April.
  25. Mathwiz
    That quote was from the browser.taokaizen.com (author of advanced Chrome for XP/Vista, etc.) forum admin. Guess they don't know about @roytam1's work
×
×
  • Create New...