AstroSkipper

Unfortunately, not. I do not agree with your statement at all. Most paid services do not support Windows XP anymore. L2TP protocol was abandoned by a lot of commercial providers, only PPTP protocol works if at all. Their own clients support only Windows 7 and higher. You can only use OpenVPN 2.5.4 for Windows XP and try their pre-configured files. Servers without a payments are crap in nearly all cases. Sorry, but VPNBook is rather a joke! And, the paid services supporting Windows XP can be counted on one hand. I do have them all (lifetime license but frankly, it's not lifetime, it's rather customer fooling). Anyway, nearly all free VPN services are more or less crap. And by the way, the OP does not want to pay for a VPN service. Not to mention privacy, security and no log policy! Cheers, AstroSkipper

Hello @retrotrash69! Windows XP is my beloved, main OS. But truth be told, there are very few solutions meanwhile to establish VPN connections in Windows XP. And without any payments, all existing solutions are very limited and most of them crap, unfortunately. Which Mypal browser do you use? Mypal 29.3.0 or Mypal 68? There is a huge difference between these two. Cheers, AstroSkipper

Hello @anton12! In my installations of New Moon 28 and Serpent 52, both most recent of 2022-09-10, your test file can only be played by the plugin VLC Web Plugin 3.0.3.0 which was automatically installed by VLC Media Player. I opened your mp4 test file via the file menu. Without the VLC Web Plugin, it won't play in my installations. Here is a screenshot when playing it with this plugin: Maybe, I missed something to play it natively in these browsers. This would be a good question for our experts. Truth be told, I rarely play videos in my browsers due to an underperforming computer. In most cases, I use an external media player like VLC for a better performance. BTW, I checked my about:config entries, and, as far as I can see, all necessary settings to play such videos have been done. Cheers, AstroSkipper

Thanks for your suggestion! It looks like you are a mathematician, too. A nice and efficient algorithm! Truth be told, I already knew it, but thank you anyway, sometimes one does deviate from the perfect, theoretical construct. Unfortunately, I'm afraid that more than one extension is problematic. I am in the process of cleaning up my profile from several errors. Of course, I could simply create a new one, but if the same problems come up again, it will all have been for nothing. Besides, I have made and changed so many settings in this profile that it simply has to be saved. Frankly, I really want to know which extensions are causing problems. And, I've already found something.

So, as I suspected, one of my extensions in my main profile is preventing CF's security check of my internet connection from completing successfully. After disabling almost half of my extensions, it worked. Here is a screenshot from the UCI login page: I assume a captcha will only appear in the cases the visitor comes from a foreign country or the connection is actually secure but something went wrong and a captcha is given as an alternative to be sure it's not a bot after all. Just an idea! Anyway, which extension was the culprit now becomes a task for Sherlock Holmes.

And, one other thing is also very clear. The failure of the security check in my case is definitely not caused by an underperforming computer. And the browsers New Moon 28 and Serpent 52 have the most recent TLS 1.3 protocol and their current cipher suites. So the connection must be secure. The question must therefore be: What is actually checked during this so-called security check performed by Cloudflare? PS: The website www.uci-kinowelt.de and above all its login page works in Mypal 68 too like a charm without any significant delay or any captcha.

@VistaLover, @Mathwiz, @NotHereToPlayGames, @anton12! Thank you all for your investigations, advices, and tips! Yesterday I only had a little time. I just wanted to book cinema tickets quickly, and that was more of an odyssey on my old computer. Maybe, it was my own stupidity, I could have used my Android tablet directly. BTW, the movie "Top Gun - Maverick" was simply great! At home again, I opened the problematic website www.uci-kinowelt.de in Serpent 52 (2022-09-10), and it worked perfectly with a very fast and successful security check for my slow computer without any annoying captcha. That surprised me. Next, I opened it with a new profile in New Moon 28 (2022-09-10), and suddenly, what can I say, it worked there, too. Thanks @VistaLover and @anton12 for your confirmation! In both cases, palefill 1.20 was installed. I still have to investigate why the security check cannot be completed successfully in my main profile of NM 28. Unfortunately, the 360Chrome browsers were no help in this case. I can say one thing with all clarity: I abysmally hate these sites with a so-called security check. Cheers, AstroSkipper

Very good conclusion! I totally agree!

Hello again to all browser experts! Although I am informed about roytam1 browsers' developments and read this thread regularly, I am not really clear whether one has to live with the following problem or whether there might be a solution via polyfill or otherwise. I wanted to book cinema tickets online at the following site: www.uci-kinowelt.de. My main browser is New Moon 28 (2022-09-10). The website itself can be opened, but a login is not possible due to an endless Cloudflare security check that never comes to an end. I have read such problems here before. The spoofing of most recent user agents of Firefox or Chrome didn't help, either. Is there any hope that such modern security checks will also be successful in New Moon 28, Serpent 52, and so on one day? The only browser that successfully completes the security check is 360Crome v13, but what it opens doesn't look good, either. In the end, I successfully booked my tickets on my Android tablet in the most recent version of Opera. Greetings from Germany, AstroSkipper

Hello @Mathwiz! Thanks for the next alternative! You're right, the more, the better! Frankly, I never really used pinned tabs, but it sounds like a method that has a higher probability of accessing the about:about pages quickly in the event of a case. Speaking only for myself, I prefer the about:about button provided by the extension Toolbar Buttons, whose position I know exactly for accessing it without any delay.. But, I'll just try your solution to get to know the feature of a pinned tab, too.

@roytam1! Thanks for your assessment! Changes in the flex layout could really be a reason for the issue that the original values of the position properties don't work anymore in uBlock Origin's dashboard.css. Kindest regards, AstroSkipper

... There's a slightly updated "beta" version (not by JustOff), v1.16.4.31b2, tucked away inside PR#330 : https://github.com/gorhill/uBlock-for-firefox-legacy/pull/330#issue-1206437114 that I have been using for the last few months, without any noticeable problems so far... @roytam1, any clue on your side? Thanks for the retracing! Although there is definitely a theoretical and legitimate interest for this issue, my fix of the CSS code has actually solved the issue. Some days ago, any help would have been appreciated by me. But, there was nothing except an idea from @NotHereToPlayGames, which I also already had, but with a different approach that I didn't pursue. And that was also good. In any case, I was on the right track. Now, with my modification of the dashboard.css file, the dashboard can be opened as before, and all elements are finally fully visible again. As a mathematician, I am problem and solution oriented. I have solved the problem, and thus the matter is closed for me. And you know, I do things my own way! But anyway, thanks for your interest! Here is again the link to my fixed version of uBlock Origin Legacy 1.16.4.30: https://msfn.org/board/topic/183923-extensions-and-custom-buttons-for-uxp-browsers-corrections-modifications-adjustments-and-special-recommendations/?do=findComment&comment=1226247 Kindest regards, AstroSkipper

Update notification! My article "ProxHTTPSProxy or HTTPSProxy in Windows XP for future use" in the first post of this thread has been extended by a new section about TLS and their cipher suites. It will be updated and enhanced continously by everything about my program packages in the next weeks. A lot will be rewritten due to the existence of the brand new TLS 1.3 proxy. A further, new section will be added, too. So, stay tuned! If you are interested in, then have a look from time to time here. Cheers, AstroSkipper

VLC, Videolan and FFmpeg communities worked on and created a reference optimized decoder for AV1, it is dav1d. Mozilla has enabled the new decoder in Firefox 67 on Windows. Firefox. and therefore Mypal 68, too, now uses dav1d for decoding AV1 videos. This decoder can be enabled by setting the preference media.av1.use-dav1d to true. If you watch such videos in Mypal 68, it should presumably be set to the boolean value of true. Try it! It's always trial and error. And the other setting, I would leave at true.

Indeed! These buttons consume an infinitesimal amount of RAM. Therefore, my favourite solution! One click and no searching! The less clicks, the better! I already knew this saying, even though I'm not a native English speaker. But, thanks for your hint! Kindest regards, AstroSkipper

Agreed! The more choice there is, the better! Your solution of creating a bookmark, I did many years ago. One bookmark of tons of others. In the moment you want to access this bookmark you have to find it, one of many, many others. And you can't put all important in the first place. Therefore, you have to remember where it is. Not a very interesting solution for me! I prefer a button that is always in a specific place and can be reached with one click. But even more cool is that the Toolbar Buttons extension contains a total of 100 buttons with which you can retrofit many missing functions in the UXP browsers, e.g., Clear Data, Clear Cache, Restart, and so on. I therefore prefer the Toolbar Buttons extension and can only recommend it to everyone. Cheers, AstroSkipper

Mypal 68 on low performance systems with an amount less than 2 GB of RAM My Windows XP computer is equipped with an old Pentium 4 single core CPU and only 1.5 GB of RAM. And, it's just SD-RAM. If you want to use the browser Mypal 68 on such old, low performance systems with less than 2 GB of RAM, then I have some tips for you. Let Mypal 68 run in single process mode only! Here are the settings to do that: set browser.tabs.remote.autostart from true to false -> single process mode set dom.ipc.processCount to value 3 -> single process mode set dom.ipc.processCount.webLargeAllocation to value 3 -> single process mode (additionally) set dom.noopener.newprocess.enabled from true to false -> single process mode (additionally) Modify the following preference settings via about:config to reduce the RAM usage of Mypal 68 and improve its functionality: set dom.moduleScripts.enabled to true -> uBlock Origin 1.44.4 needs this setting to work in Mypal 68.12.5b set layout.css.resizeobserver.enabled from false to true -> DevianArt, GitHub Gifs set layers.acceleration.disabled from false to true -> reduce RAM usage set layers.max-active from -1 to 1 -> reduce RAM usage set dom.ipc.processPrelaunch.enabled from true to false -> reduce RAM usage set javascript.options.discardSystemSource from false to true -> reduce RAM usage set extensions.webextensions.remote from true to false -> Don't run a separate process for addons set extensions.webextensions.protocol.remote from true to false -> Don't run a separate process for addons set dom.ipc.plugins.flash.subprocess.crashreporter.enabled from true to false -> Don't run a separate process for Flash crash reporting set dom.vr.process.enabled from true to false -> Don't run a separate process for Virtual Reality components set layers.gpu-process.enabled from true to false -> Don't run a separate process for GPU rendering set media.gpu-process-decoder from true to false -> Don't run a separate process for video decoding set toolkit.cosmeticAnimations.enabled from true to false -> Disable Unnecessary Animations set browser.download.saveLinkAsFilenameTimeout from 4000 to 2000 -> Increasing or decreasing "Save Link As" Timeout Value set browser.sessionhistory.max_entries from 50 to 10 -> Reduce Firefox Session History Note: Setting dom.moduleScripts.enabled from true to false to get VirusTotal's new interface working again has become obsolete. VirusTotal doesn't work anymore in Mypal 68.12.5b. Setting dom.moduleScripts.enabled back to its default value of true is required to use the more recent versions of uBlock Origin in Mypal 68.12.5b. Use an ad blocker like uBlock Origin. Link: https://msfn.org/board/topic/183657-mypal-68-in-windows-xp-custom-buttons-and-extensions/?do=findComment&comment=1227008 Use additionally a script blocker like uMatrix. Link: https://msfn.org/board/topic/183657-mypal-68-in-windows-xp-custom-buttons-and-extensions/?do=findComment&comment=1225663 During a browser session, clean up occupied RAM, which is no longer used by Mypal 68, by using the custom button memoryMinimizationButton from time to time or if necessary. Link: https://msfn.org/board/topic/183657-mypal-68-in-windows-xp-custom-buttons-and-extensions/?do=findComment&comment=1220511 Stop unwanted animations in the browser by using the extension SuperStop. Link: https://msfn.org/board/topic/183657-mypal-68-in-windows-xp-custom-buttons-and-extensions/?do=findComment&comment=1221177 Clear the browser cache from time to time. If you want to do this easily, use the extension Forget Button - Clean your Browser which can clean in Mypal 68 much more than only the cache. Link: https://msfn.org/board/topic/183657-mypal-68-in-windows-xp-custom-buttons-and-extensions/?do=findComment&comment=1220337 Run the tool Firemin Portable 6.3.1.5105 in the background. You have to condigure it to let it reduce the RAM usage of mypal.exe. Download link: https://www.mediafire.com/file/34exiyav9zcoxkp/Firemin_5105.zip/file All these measures have helped me to run Mypal 68 more smoothly and in a more resource-efficient way on my system. Greetings from Germany, AstroSkipper

This thread is about different proxies to establish secure connections to servers or, more generally, to the internet. You often read about TLS and cipher suites here. Therefore, I have written a short article on these "termini technici" for those who do not know exactly what is meant by them. The TLS protocols and their cipher suites If you research the term TLS on the internet, you will get a lot of information, sometimes very simply presented, sometimes very technical, more for IT experts. With this small article, which can be seen more as a summary, I try to provide a little more transparency in this stuff. Transport Layer Security, abbreviated TLS, is a protocol for the authentication and encryption of Internet connections. For this purpose, TLS is inserted as its own layer between TCP and the protocols of the application layer. Here is a linked graphic to make it more clear: The individual tasks include authentication, certification, key exchange, integrity assurance and encryption. The main tasks are to guarantee the authenticity of the contacted remote stations, in most cases a server, by means of a certificate and to encrypt the connection between the remote stations. Here is a second linked graphic to demonstrate the actions and reactions in the communication between a client and a server: The used protocol defines the basic communication for the connection and is as crucial for a secure connection as the encryption protocol itself. Due to a series of vulnerabilities, the SSL2 and SSL3 protocols must be considered a security vulnerability and should be avoided at all costs. The successor to SSL3, TLS 1.0 should also be avoided, as the protocol offers a method to downgrade an established TLS 1.0 connection to SSL3. Thus, the connection is again vulnerable to the vulnerabilities that affect SSL3. Unfortunately, its successor TLS 1.1 is also no longer up to date and should be rather avoided nowadays. For a long time, the TLS 1.2 protocol was considered secure and therefore recommended. It offers a number of improvements that should ensure the security of connections again. In general, each new SSL or TLS version has brought additional features and options, making configuration a little more confusing, implementation more error-prone and handling more tedious. Overall, the use of TLS has become more insecure. With TLS 1.3, this should change, at best. Or, this was and is the actual goal, at least. For this reason, every single function of TLS has been tested for its security benefits and risks. In the process of development and in regard to the present knowledge, some parts were removed that no longer offer security and some of which are now also considered insecure. At the same time, security was improved with new procedures. Furthermore, measures for performance optimisation and preventive hardening measures for future attacks were taken into account. TLS 1.3 breaks backwards compatibility for the first time, which unfortunately causes some problems in practice. Connections with TLS 1.3 can be interrupted either because the connection is not accepted en route or due to a defective web server. Anyway, the protocols TLS 1.2 and, above all, TLS 1.3 are recommended as secure protocols nowadays. Here is a list of typical protocols and their cipher suites used by the TLS 1.3 proxy of my current program package ProxHTTPSProxy's PopMenu TLS 1.3 3V3 as an example. It's a screenshot taken from the website https://browserleaks.com/ssl: In the screenshot above, you can see many so called cipher suites belonging to specific TLS protocols. A cipher suite is a standardised collection of cryptographic procedures (algorithms) for encryption. In the Transport Layer Security (TLS) protocol, the cipher suite specifies which algorithms are to be used to establish a secure data connection. A cipher suite is generally displayed as a long string of seemingly random information, but each segment of that string contains essential information. Generally, this data string is made up of several key components: The used protocol, in most cases TLS. The key exchange algorithm dictates the manner by which symmetric keys will be exchanged such as RSA, DH, DHE, ECDH, ECDHE. The authentication algorithm dictates how server authentication and (if needed) client authentication will be carried out such as RSA, DSA, ECDSA. The bulk encryption algorithm dictates which symmetric key algorithm will be used to encrypt the actual data such as AES, 3DES, CAMELLIA. The Message Authentication Code (MAC) algorithm dictates the method the connection will use to carry out data integrity checks such as SHA, SHA256, MD5. In some cases, there is an Elliptic Curve Cryptography (ECC) which is an encryption technique that provides public-key encryption similar to RSA. While the security strength of RSA is based on very large prime numbers, ECC uses the mathematical theory of elliptic curves and achieves the same security level with much smaller keys. Here are three linked graphics to illustrate this with examples: This article will also be part of my main article in the first post of this thread as soon as possible so that everyone is well informed about the technical background and the purpose of TLS and their cipher suites which are important for our proxies. Greetings from Germany, AstroSkipper.

You're very welcome! I wish you all the good things one can wish a human being, and that we hear from you again very soon. Take good care of yourself and come back unharmed! Greetings from Germany, AstroSkipper

Hello @D.Draker! Absorbing Frisian energy! Absolutely great! I am so glad to hear about your progress in healing. Becoming invincible is very important and gives us hope that you will come home unscathed next time. Greetings from a Frisian! Your AstroSkipper

Hello @nicolaasjan! Glad to hear that it works for you! I had to read a bit in the CSS reference to understand how positioning exactly works. It was a good thing that I had dealt with CSS a bit more intensively a few weeks ago. Anyway, this is a solution I prefer instead of manually resizing the browser's window. Cheers, AstroSkipper

Hello @NotHereToPlayGames! We were right! It has been a CSS issue. Not really a problem of height/width but rather one of position/distance. Anyway, thanks for your reply and opinion! Cheers, AstroSkipper

Confirmed! Any change in the size of the window recovers the menu items. Same applies to any change in the font of the dashboard page. But this is certainly not a satisfactory solution, of course. The problem must have to do with a change in the browsers, either in the current or in an earlier release. Some weeks ago, everything was fine. Maybe, our browser experts have an idea. I do not have one at the moment. I've modified the xpi file, and now, the issue seems to have been solved. I do hope so, at least. Here is the link of uBlock Origin Legacy 1.16.4.30 modified by me: https://msfn.org/board/topic/183923-extensions-and-custom-buttons-for-uxp-browsers-corrections-modifications-adjustments-and-special-recommendations/?do=findComment&comment=1226247 Cheers, AstroSkipper

I already had a look into the file dashboard.css inside uBlock's xpi file but no success until now.

Confirmed! Any change in the size of the window recovers the menu items. Same applies to any change in the font of the dashboard page. But this is certainly not a satisfactory solution, of course. The problem must have to do with a change in the browsers, either in the current or in an earlier release. Some weeks ago, everything was fine. Maybe, our browser experts have an idea. I do not have one at the moment.