Mathwiz

With or without the POSReady '09 updates, XP 32 will support large HDDs but only if they present 4K sectors (not real or emulated 512-byte sectors): http://www.msfn.org/board/topic/158361-confirmed-3tb-hdd-usb-drive-on-winxp-32bit/?do=findComment&comment=1046836

Well, me neither; sadly, so many web sites seem to flummox Opera 12 now. Facebook doesn't really work very well with it anymore. Have to use Firefox. But I still prefer Opera 12's interface to the new browser "look" that has somehow become the standard from Firefox to Chrome to Opera 15-36. And 12 still works fine with a lot of sites, including many forum/board sites like this one. I'm glad to hear 12.18 stopped those random crashes. I haven't seen one in a while, but I used to get them a LOT on my Win 7 machine at home. (I always suspected they had something to do with Flash; they seemed to stop for me once I got to Flash 23.) But either way, I needed the 12.18 security updates because some https: sites just wouldn't connect to 12.17 any more. Anyhow, I seem to have drifted off-topic. I hope Microsoft leaves their site where it will work with TLS 1.0 and 1.1. I just tested it, and the WMC link above even works with a browser as old as Firefox 3.5! You really should use TLS 1.2 if your browser has it, but most of the time there's no reason to force it on folks using older browsers like IE 8.

I had totally missed the 12.18 update to Opera. Thanks! Now I can use Opera 12 with those annoying Web sites that only support Elliptic Curve Diffie-Hellman Ephemeral key exchange. (They used to just give me the Unable to Complete Secure Transaction message and I had to go to another browser.)

Looks like Microsoft enabled HTTP Strict Transport Security as well. That will cause some browsers to turn all http: requests into https: ones. Opera does this, for instance. Oddly, I just tried https://www.microsoft.com/en-us/download/windows-media-player-details.aspx with IE 8 and it worked! So I went back and tried with Opera again, and now it falls back to TLS 1.1 if I disable TLS 1.2. I swear it didn't do that yesterday! BTW, make sure you have the latest IE 8 security fixes. Use the POSReady 9 registry hack if necessary.

OK, I just tried this page with Opera. It works; but if I disable TLS 1.2, it fails with "Unable to complete secure transaction." That's probably why https: connections to microsoft.com fail with IE 8 too. IE 8 does not support TLS 1.2. You can go to https://www.ssllabs.com/ssltest/viewMyClient.html with any browser to see what security protocols, encryption ciphers, etc. your browser supports.

Sounds like the same WU screw-up that bedeviled Win 7/8/8.1 users for several recent months. BTW, the IE8 update (and probably earlier versions) fix a couple of issues most of the Internet says "cannot" be fixed on IE8 on XP: Closes FREAK vulnerability Adds AES support to IE8 (AES was added to schannel.dll many updates ago, but IE8 wouldn't use it) Still haven't figured out a way to enable TLS 1.1 or TLS 1.2, though. Of course IE8 is pretty ancient compared to other XP compatible browsers, but at least if you do use it at a secure website, the security will be less likely to be compromised. One more thing. If you use IE8 with secure websites, you should probably consider disabling the old RC2 and RC4 cipher and MD5 hash algorithms. I've attached a .reg file to do that. Disable insecure algorithms.reg

I wanted to add that kb3172605 is still somewhat buggy. First, as Microsoft has documented, it still breaks Intel Bluetooth devices. Second, on my work PC it breaks Mitel's VOIP software (MiCollab 6.0) just as kb3161608 did. So it may not be a solution to slow Windows Update scans for everyone. The link I provided to Woody's InfoWorld article contained its own link to this page. It's a little hard to follow but gives a workaround. (Unfortunately the workaround may change next Patch Tuesday.) It involves installing a couple of updates on dencorso's blacklist (I'd suggest kb3083710 and kb3102810 for Win 7, kb3083711 and kb3102812 for Win 8.1; despite being on the blacklist, these appear to be relatively safe from both a telemetry and a Win 10 perspective), as well as downloading and installing five security fixes manually (bypassing the search for updates). Once this is done the search for additional updates is purported to take under 15 minutes. I just hate "roll-up" updates. Why couldn't Microsoft have addressed each issue with a separate update? That way, even if there are problems with one, you could still install the others.

That hours-long update cycle is a bug. KB 3161608 was supposed to fix it but was itself buggy. So, it was recently replaced by KB 3172605 for Windows 7, and KB 3172614 for Windows 8.1. Here's an article on the topic: http://www.infoworld.com/article/3099109/microsoft-windows/microsoft-yanks-buggy-speed-up-patch-kb-3161608-replaces-it-with-kb-3172605-and-3172614.html You can try installing the appropriate KB 31726nn update for your system. Hopefully Microsoft finally got it right (at least as far as Windows Update is concerned). They do not seem to include any Win 10 nonsense, as far as I can tell. Unfortunately all these patches do seem to include telemetry so you'll probably also want a telemetry blocking solution (as discussed a few posts ago).

The end (of all this GWX nonsense) appears to be near: https://support.microsoft.com/en-us/kb/3173040

Back in my Win98 days (and I still use my Win98 PC once in a while), I needed a similar wild-card capability for ad blocking, and used a freeware program called DNSKong for this purpose. I just Googled it and apparently, it still exists - and it seems to run fine on Win 7 (someone will need to try it on Win 8 through 10): http://www.pyrenean.com/Filtering. If you set up DNSKong, add the above domains (w/o the * or "=0.0.0.0" parts) to DNSKong's named.txt file and, in combination with the numerous hosts entries added by Spybot Anti-Beacon, you should be set. Depending on your router, you may also be able to set up the above blocks there; but that process varies greatly from one router to another and isn't possible on all of them. BTW, I agree we should try to avoid telemetry updates in the first place if/when feasible. But for those of us not quite ready to ditch Windows updates altogether, updates with telemetry are likely to sneak through on occasion. (In particular, the latest "Windows update update" appears necessary for updates to finish in a reasonable amount of time, and is likely to include the WU telemetry introduced back in December.) So a combination of strategies - both blocking bad updates and blocking telemetry servers - seems more prudent than relying on either strategy alone.

My concern with 3161608/3161647 is telemetry: presumably all updates to the WU client include 3112343, listed on post 1 as "This update also improves the ability of Microsoft to monitor the quality of the upgrade experience." But if it's the only fix for days-long WU downloads, our only realistic choices may be either to live with it or live without updates. Or maybe not. Has anyone tried this from Safer-Networking.org?

Do you get the same error if you run the Dolphin emulator under KernelEx 4.5.2? Remember 4.5.2015.x is experimental; it is not even a beta release. So it may have some bugs that 4.5.2 does not have.

I think you must have HOSTS and localhost confused. WINSSL has nothing to do with HOSTS files, it simply shakes hands with a server that has SSL encryption and allows Win98 to connect.. Thats it, thats all. There is a batch file that create .pem certs. I guess they could be equivalent to each other.It isn't totally obvious what Nomen is doing, but my guess is he's using a trick I also use: putting the IP address of localhost (127.0.0.1) into my HOSTS file for web sites I don't want to connect to (e.g., banner advertising sites). This can speed up browsing because instead of wasting time downloading ads you didn't want to look at anyway, your browser just tries to download the ad from your own PC. A problem with this trick is that where the ad was supposed to appear, you get an ugly rectangular box with no image to fill it. To get around this, I use a "local only" web server on my PC that feeds small "dummy" images to fill those boxes. However, this only works with blocked http: sites, not https: ones. I thought about using WinSSLWrap for the blocked https: sites. My idea was to use it in reverse, letting it listen on port 443 using SSL, and connect to my local web server on port 80. But then I realized it wouldn't work: it would always serve the same certificate, no matter which site the browser was trying to access, and that would trigger the browser's "site name mismatch" warning.

Fair enough. As I said, there are ways around it if you're creative enough. So, yes, to be completely correct in every detail, to use the full 4GB you would need either a 64-bit OS or one of the 32-bit Windows Server OSes you mentioned. But I don't think server editions of Windows were ever remotely under consideration by either the OP or anyone else. Windows XP was indeed the first Windows with a 64-bit edition, AFAIK.

Reallly? I guess that until 64 bit systems came out the world servers must have been very short of memory. jaclaz Really. At least with Intel's 32-bit architecture. 2^32 is ~ 4 billion, so their 32-bit processors could only address 4 GB. But some of that address space is needed for non-RAM uses, so only about 3-3.5 GB (maybe a bit more) is accessible in the 32-bit address space. The remainder is only accessible with additional addresses; that generally means a 64-bit OS. There are ways around it, if you're creative enough. (Remember "expanded memory" back in the old 16-bit days?) Edit: and now I've read your final post, and apparently you agree! So why the snarky comment?

I'd start with the unofficial 98SE Service Pack 3.nn (whatever version he's up to) and KernelEx 4.5.2; both are in the Windows 9x Member Projects subforum. They'll let you use newer software and hardware than you could otherwise. If your laptop has more than 1 GB of RAM, you'll need to do some extra work to install Win98; see this thread for more info. Edit: Just in case, I should mention that some folks have run into incompatibilities between the 98SE Service Pack 3 and KernelEx. I haven't had any trouble yet, but I only installed the "main" Service Pack 3 updates. If you do run into problems, you can install KernelEx to default to "disabled" and only enable it for the software that needs it, such as Opera 10.x, 11.x, or 12.00-12.02. (Opera versions newer than 12.02 won't work on 98SE even with KernelEx.)

That feature would come in handy playing video recorded by cheap DVRs like the iView, Homeworx, eMatic, etc. On FAT32 HDDs those boxes break recordings at 4GB boundaries and number them sequentially like that.

You'd need a 64-bit OS to use all 4GB of RAM. Not sure about Windows 95, but 98 and ME will use 3+ GB with rloew's RAM Limitation patch. It's not free but it doesn't cost much. Haven't tried NT4 or Win2K but I assume both will use the same 3+ GB. No patch should be needed for them. Win 9x/ME also won't use both CPU cores. Again I'm not sure about NT4 or Win2K.

Batteries? D'oh! That should have been the first thing we suggested. All this discussion and nobody else (including me) thought to mention the obvious, but better late than never.

My M$ wireless mouse and PS/2 receiver have switches, with the positions labeled "1" and "2." I assume that sets the frequency to use. (Unfortunately I couldn't find the actual RF frequencies it uses documented anywhere! I'm guessing maybe 418 MHz and 433 MHz, since those two frequencies are commonly used for these kinds of devices, at least in the US....) I don't know if wireless keyboards in Germany have a similar switch, but if they do you might give it a try. (Make sure to switch both the keyboard and receiver! If they don't match, it won't work.) All these problems could just be RF interference from something else in or near your living room PC.

I haven't looked at keygen.bat yet, but from the sound of it, I'd guess it's used to generate private/public key pairs. (OpenSSL.org is revamping their site and their docs are temporarily screwed up, so I can't tell much more at the moment.) I'll take a closer look tonight and reply back, but if I'm right, you probably only need it to create your own certificates, for one of two purposes: Client certificates (to be used instead of a user ID & password to identify yourself to a server) If you're running your own server and want to secure it with SSL (using wrap.exe in reverse of how you and I are using it)Edit: I was right. It uses OpenSSL to generate a private/public key pair. Technically, it generates a 2048-bit RSA key, which is the de facto standard for SSL certificates today. The public key is included in a certificate that is set to expire after one year. OpenSSL will prompt you for identifying info for the certificate. The batch file then combines the certificate and private key into a .pem file, presumably for use with wrap.exe. (Since the .pem file contains your private key, you should not give it to anyone else.) End of Edit. So most folks probably don't need to worry about it. BTW, here's a definition I found here for the .pem file format: Also of note, from the same page:

I used the default for Telnet; just entered the host name. For my application (an IBM AS/400) I had to add a couple more forwards (insecure port 8470 to secure port 9470, and the same for 8476 / 9476). But that's specific to the AS/400 and its Telnet client software. A generic Telnet application wouldn't need those extra forwards. All the presets looked correct. The HTTP preset is probably unnecessary for most users. It might come in handy for securing a connection to an HTTP proxy, although in that case the port numbers might not be the default. But I'd think anyone using a secure HTTP proxy would know what port to use.

Sounds like U-Verse. Totally locked down to AT&T's equipment. WMC would be pretty useless for anything like that. Anyway, what I like about WMC is how it's such a good "all-in-one" video system, combining the functions of a DVR, DVD player-recorder, media player, and streamer into one application with an easy-to-use 10-foot interface. Sure, you can get good separate apps for each of those functions, but nothing that does it all, and does it from across the room, as well as WMC. But, it's been obvious for some time that M$ has given up on it. So it really wasn't a surprise when they announced no WMC in the Windows 10 they're trying to push on everyone. But despite all that, I'm still holding on to WMC, so no Win 10 for me.

Very useful. Thanks. BTW, I've used a similar product called "stunnel" on Windows XP. This app does the same thing, and is easier to set up (stunnel required manually editing a configuration file, but this one can be configured right from the GUI). It uses a current version of the well-regarded OpenSSL platform (specifically, 1.0.1p) so it'll support all the latest SSL and TLS protocols and features. It could use a little more explanation, but it's not hard. For those who are lost; first, start the program. It's installed in "C:\Program Files\SSL Protocol" and is named wrap.exe. You'll probably want a shortcut to wrap.exe in the Startup folder of your start menu so it starts every time you boot up. Once it's running you'll see a "WIN SSL" icon in your system tray. Next, say you want to set up secure email on a client such as Outlook Express. Set up an account on OE with "localhost" as the server names for POP, IMAP, and/or SMTP (whichever protocols you want to secure). Tell OE the connections to "localhost" are not secure. Then click the "WIN SSL" icon in the system tray, click "Services," put the real server names in the corresponding protocols (and if you use gmail, they're already filled in for you), click OK, then minimize (don't close) the window. Now OE will connect to wrap.exe, which listens on localhost, and wrap.exe will make the secure connections to the actual server(s), avoiding the problems of Win98's schannel.dll not supporting new certificates and protocols. Secure email is the most obvious app, but you can use it with other TCP/IP protocols too. I used it to secure a Telnet connection and it works fine. Its only weakness is HTTP (e.g., web browsing). With email, you usually have only one server per protocol to secure, but with HTTP, there are millions (billions?). Luckily, for straight browsing, there are good alternatives to IE6, so a program like this isn't needed. But if you're using Outlook or OE, Win98 is still using IE6 to open linked images and the like, so email will work but you may see a lot of blank image boxes in some of your emails.

OK, I get it. The receiver has a USB plug but that's plugged into a USB-to-PS/2 adapter, and the PS/2 end of the adapter is plugged into your PS/2 port. Seems like you've eliminated the keyboard itself as the problem (you tried another one) as well as the OS (same problem with 98 and XP). That leaves the keyboard receiver, the USB-to-PS/2 adapter, and the motherboard as possibilities (although to me, the motherboard seems unlikely to be the problem). Assuming you have two USB-to-PS/2 adapters, one for the keyboard and one for the mouse, try swapping them. If that's the problem, that will either fix it, or change the symptoms (the mouse may start acting up instead of the keyboard). If that happens, you'll know the problem is one of the USB-to-PS/2 adapters. If not, well, I don't know if you have another keyboard receiver to try....