Jump to content

Mathwiz

Member
 View Profile  See their activity

  • Posts

    1,830

  • Joined

  • Last visited

  • Days Won

    50

  • Donations

    0.00 USD 

  • Country

    United States

 Content Type 

Everything posted by Mathwiz

  1. Mathwiz
    With Basilisk it's enough to set general.useragent.compatmode.firefox to false. WhatIsMyBrowser.com then detects Netscape Navigator 5, which it doesn't claim is out-of-date
  2. Mathwiz
    They did; actually there are two: This one adds TLS 1.2 support to the base OS: ... and this one adds it to IE8: ... so if you install XP, upgrade to IE8 and Windows Installer 4.5, then enable, download, and install POSReady '09 updates, you may be able to activate online again. But since activating by phone is automated and known to work, that's the easiest way by far.
  3. Mathwiz
    What goes wrong when you install Windows Installer 4.5? I bet if we can get that fixed, you'll be able to install most of the POSReady updates too. I hadn't heard of it causing problems for anyone, but there are so many machine configurations out there....
  4. Mathwiz
    You need to leave Windows Installer 4.5 installed. It's needed for many POSReady updates and has been for some time, as documented at the main POSReady thread: Also, MS released a couple of "stinkers" that cause lots of problems:
  5. Mathwiz
    It was a joke! I guess it got lost in translation; sorry.
  6. Mathwiz
    Also, keep in mind Roytam's disclaimer about Basilisk 55 (Moebius): Basilisk 55 should nonetheless be reasonably secure. But for the (how does glnz put it) supercalifragilistic-XP-paranoid, Basilisk 52 & NM 28 are probably the safest of Roytam's offerings.
  7. Mathwiz
    That is true, and I mentioned that at the time. But decrypted data never appears anywhere on the network; only within buffers on the PC running HTTPSProxy. Data to/from localhost isn't sent out the Ethernet port; it never leaves the PC. A script injection attack wouldn't work either, because neither server listens on any external network address. So from outside the PC (say, a compromised router), it's impossible to tell HTTPSProxy is even running. So an attacker would need to get malware onto your PC to exploit this "vulnerability." But if an attacker has managed to do that, they could more easily read decrypted data directly from your screen or keyboard! So unless you think Heinoganda has secretly installed malware in his updates, you really don't have much reason to worry.
  8. Mathwiz
    That's right. A little history: I originally found ProxHTTPSProxy on a forum for the Proxomitron (a local proxy for filtering ads). There was a need to break https: internally on the user's PC so Proxomitron could do its ad-filtering thing on secure Web sites, and then to re-create https: security so it would all be transparent to the Web browser. I realized we could use it even if Proxomitron wasn't involved, in order to use newer https: protocols, ciphers, etc. with older browsers that have outdated security. Then Heinoganda took it over and has kept it up-to-date as OpenSSL (which it's based on) has evolved.
  9. Mathwiz
    I agree. There are folks who are at least somewhat technically inclined, but who set up systems for others who are not as technically inclined (like their parents, perhaps). An auto-updater would avoid weekly trips, or signing in via Remote Desktop. In theory it should be simple: check o.rthost.cf for the latest build of whatever browser you're using; if newer than current build, download the newer version and schedule a delete of the old directory and rename of the new one when the browser isn't in use (on the next reboot, perhaps). You could even keep an old version or two around in case the newest version has problems.
  10. Mathwiz
    Huh? It's a local proxy; the "server" is your own PC! I presume you own it, or at least control it....
  11. Mathwiz
    +1. I see no reason to abandon XP just because updates stop. I didn't abandon XP when they stopped the first time (and I didn't know about POSReady '09)!
  12. Mathwiz
    That could be it! I have my user agent overridden to NT6.1 specifically to avoid issues like these.
  13. Mathwiz
    The click works fine in Roytam's Basilisk (Serpent) XP build, so it's curious that it doesn't work in New Moon 28.
  14. Mathwiz
    I believe the problem is Elliptic Curve Cryptography (ECC), not SHA2. As you know, the latest Crypt32.dll/SChannel.dll updates support SHA2, AES, and even TLS 1.2. But they still rely on the traditional RSA public-key algorithm to turn SHA2 hashes into digital signatures, and many new certificates use the ECC algorithm instead.
  15. Mathwiz
    30.0.0.154 seems to have an issue on FF 52.9. Adobe's "check Flash version" page shows this: RoyTam's Basilisk 52 for XP does the same thing, but IE 8 looks correct: Edit: Whoops, what happened to the images?
  16. Mathwiz
    Rather than having to remember to switch back and forth, couldn't you just set up an IE11 UA specifically for YouTube and use a Waterfox UA as the default? Even without an add-on like User Agent Switcher, you can create a string pref "general.useragent.override" which can contain whatever user agent string you want; e.g., "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.9) Gecko/20100101 Firefox/52.9" will make it look like you're running Firefox 52.9 on Windows 7. Substitute the default UA string of your choice. Then, if pref "general.useragent.site_specific_overrides" is "true" (the default), you can create a string pref "general.useragent.override.www.youtube.com" with the string "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" to make YouTube think you're running IE11.
  17. Mathwiz
    When IE8 is installed, it appears in Add/Remove programs under "Windows" Internet Explorer 8. If you look for it in the I's, you won't find it. As for IE8 registry entries, try running regedit and looking under HKLM\Software\Microsoft\Internet Explorer. (Naturally, this time it's "Microsoft" Internet Explorer, not "Windows" Internet Explorer. M$ is nothing if not inconsistent.) There's a Version value under that registry key (as well as a W2KVersion and Build value). Not sure what you need to set them to in order to install IE6, but I think some folks here (might try a PM to apreese16) may still have IE6 installed. Edit: You might try setting Version (and W2KVersion) to 6.0.2600.0 to see if that lets IE6 install. Also set the "IE" value under HKLM\Software\Microsoft\Internet Explorer\Version Vector to 6.0. Back up all the registry settings first: right-click the "Internet Explorer" key, click "Export," and give it a file name. That way you can just double-click the .reg file you create to put everything back as it was.
  18. Mathwiz
    Latest version is now 12.3.4.204. Not sure when it was released.
  19. Mathwiz
    Well, this is MSE version 4.4, the last intended for XP; but the definition files have certainly been expanding even if MSE itself hasn't been updated. I suspect MSE scans pretty much any process that does certain things (like accessing the Internet), whether or not it specifically recognizes the process as a browser. Regarding IE8, it doesn't spike if I just open it, but that's because my home page is on my local machine. If I try to access, say, Microsoft Update, it spikes just like the other browsers. The definition files have probably just gotten so big that browsing on an older (or a virtual) machine just isn't feasible anymore, unless you exclude the browser process from MSE and use something like MBAE instead. If at first you don't succeed, try more silicon
  20. Mathwiz
    SeaMonkey 2.49.4 (https://www.seamonkey-project.org/releases/seamonkey2.49.4/) has been released. It's based on FF 52.9 so there's a good chance it'll be the last XP version. According to https://www.seamonkey-project.org Automatic upgrades from previous versions are, for most configurations, disabled for this release. If you need to upgrade from an earlier version, please download the full installer from the downloads section and install SeaMonkey 2.49.4 manually over the previous version.
  21. Mathwiz
    Well, I only had one tab open in Slimjet, and my Firefox/Basilisk browsers have the uBlock Origin ad blocker, so Slimjet may have looked like it was using less for those reasons. If I'd done any "serious" Web browsing with it, I probably would have seen its RAM go up (and presumably, its speed go down, as MsMpEng.exe had to work harder and harder). Edit: VMs will always be slower than physical machines, given the same hardware; it may be the case that if you just throw enough silicon at it, the problem with MSE is too small for folks to even notice. I'll give New Moon 28 a shot. I expect it'll also be very similar to Firefox 52.9 and the two Basilisk variants, but I'm always willing to be surprised! Enough folks use the beta versions to show up in "most common user agent" lists . Surprising how many are willing to be on the "bleeding edge."
  22. Mathwiz
    Basilisk 55 (Moebius) is also sluggish with MSE if basilisk.exe isn't excluded: (Oh, for crying out loud - apparently it's "Forbidden" to post a screen shot now.) Apparently MSE slows down all Firefox-based browsers. I'll try Slimjet 10 when I get a chance. Edit: MSE spikes with Slimjet too, but it didn't seem as sluggish to me. That could be just my imagination, or it could be because the Slimjet processes use less RAM than Firefox/Basilisk (hence quicker/easier for MSE to scan); I don't know.
  23. Mathwiz
    Although we were just trying to tame zippyshare.com so you could download one of heinoganda's files, I realized it would be of interest to other users of Roytam's XP browser builds. So this thread seemed the most logical place to respond.
  24. Mathwiz
    Better late than never, but here (I believe) is the answer: The default user agent string normally isn't stored in the prefs; instead, it's built on-the-fly. However, you can create a string pref "general.useragent.override" which can contain whatever user agent string you want; e.g., "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.9) Gecko/20100101 Firefox/52.9" will make it look like you're running Firefox 52.9 on Windows 7. Moreover, if pref "general.useragent.site_specific_overrides" is "true" (the default), you can create string prefs of the format "general.useragent.override.www.mysite.com" which can contain a special user agent string only for www.mysite.com.
  25. Mathwiz
    The above link works with Basilisk, so probably New Moon 28 as well. Just click on the .xpi file then tell your browser it's OK to download....
×
×
  • Create New...