heinoganda

Have new build generated by ProxHTTPSProxy (Rev2b), with small changes sript so with more simultaneous connections the proxy does not come to timouts, various python modules updated and the config.ini supplemented by some entries. If anyone has interest please write a PM to me.

Well, I would be interested what AV is installed and secondly I need links from the images (if necessary by PM) of the affected e-mails so I can test!

@glnz There are certificates that can manage Windows XP, but older Internet browsers or e-mail clients no longer work with more modern encryption methods. Google Chrome also relied on the Windows XP certificate management, can use more modern encryption methods to access these certificates and work. There are exceptions like ECC certificates, which can not process the certificate management of Windows XP. Since some users have thought about and over an HTTPS proxy, which has its own CA certificate management, all secure connections and accepts again for older programs in an intelligible encryption passes. Otherwise, with your information I can concretely do not reconstruct this problem. Under Properties in the source text of the incorrectly displayed e-mail, I need the links from the external image files (previously, since nothing private is there, just open link in Firefox or Google Chrome), which you give me via PM. Use also for a fast text e-mail outlook express, but generally no access to external links with HTML e-mails (very high security risk!).

The last package (Rev2) was created with the following modules (command pip freeze for version of modules): appdirs==1.4.0 cffi==1.9.1 colorama==0.3.7 cryptography==1.7.2 future==0.16.0 idna==2.2 packaging==16.8 pefile==2016.3.28 pyasn1==0.1.9 pycparser==2.17 PyInstaller==3.2 pyOpenSSL==16.2.0 > last version info pyparsing==2.1.10 pypiwin32==219 PySocks==1.6.5 six==1.10.0 urllib3==1.20

Have "ProxHTTPSProxy", with Python version 3.4.4, made to an executable program (x86) Rev2, added on the Fly Proxyswitcher (wininet.dll initialization with Python script) and cacert.pem Updater. Tested under Windows XP and Windows 7 with positive result. Furthermore I have it not to a single file but in a directory generated where possibly various modules are interchangeable. If anyone has interest please write a PM to me.

Have ProxHTTPSProxy with Python version 3.5.0 (with XP Mod) also successfully tested. Now I hope that the module PYINSTALLER, based on VS2015, will be updated. For Windows XP I have a functioning on the Fly Proxy Switcher integrated (default only on secure redirection). In the ProxHTTPSProxy.py script, I added the entry import cryptography so that this module is included in the package generation with PYINSTALLER. At this point, thanks @Mathwiz for his information. @Sfor With my package, https://www.google.pl works perfectly.

In the Internet explorer the proxy settings made under secure "127.0.0.1:8079" or "localhost:8079", as well as the root certificate (CA) installed (with the Firefox browser under certificate administration)?

Have "ProxHTTPSProxy", with Python version 3.4.4, made to an executable program (x86). Tested under Windows XP and Windows 7 with positive result. Furthermore I have it not to a single file but in a directory generated where possibly various modules are interchangeable. If anyone has interest please write a PM to me.

I was this month also somewhat surprised, but actually up to 4 security bulletins which do not affect Windows XP.

Flash Player Version 24.0.0.194 has been released! The Internet Explorer ActiveX plugin is available here: http://fpdownload.adobe.com/get/flashplayer/pdc/24.0.0.194/install_flash_player_ax.exe The NPAPI for Firefox is available here: http://fpdownload.adobe.com/get/flashplayer/pdc/24.0.0.194/install_flash_player.exe Currently, the Flash Player for Opera or Chromium (install_flash_player ppapi.exe) version v24.0.0.194 can be used! Tested with Google Chrome v49.0.2623.112. Installation Info for Google Chrome:

@Mathwiz Have made various tests with "ProxHTTPSProxyMII", as far as it works wonderful with ECC encrypted websites. For "BYPASS URL" in the file "config.ini" I made the following entry "http://*", so that there is no error message in the browser for simple URL input. Furthermore, I have replaced the MSVCR100.dll file with the more recent version of Microsoft Visual C ++ 2010 Redist update from 09/08/2011 version 10.0.40219.325. It is important to know that Firefox and Java 8 have their own certificate management. Now with Windows and Firefox it is not a problem to install the included root certificate (CA.crt), but Java has its problem here, any malicious software would find its way to the computer, which was originally excluded in Java 8 (Older versions of Java must be configured accordingly!) by the restrection Only certified websites work with Java! Of course, regular websites that support Java 8 (Older versions of Java must be configured accordingly!) do not work with "ProxHTTPSProxyMII" anymore! Except this attributed root certificate would find its way into the certificate management of Java with impending consequences. The whole thing should be used with caution! Things like online banking, should absolutely be omitted! In the worst case, fake websites would also find their way in the Internet browser, so be careful! Here an additional software in the file "config.ini" should be automated under "BLACKLIST", regularly updated using the malware list of http://www.malwaredomainlist.com or adequate, in order to build at least a certain protection again.

The version 8u117 is not known to me, unless they use a beta version, which is still in the test phase, currently JDK 8u122 Build b04, official release 8u111 / 8u112.

The last official working version of MSE for Windows XP is 4.4.304.0, as well as unofficial version 4.8.204.0 (if interested please PM). Definitionsupdate by MSE under XP only with POSready 2009 entry in Registry possible.

@Mathwiz No, that is another problem, with the virus scanner from Avast or Kaspersky, the network traffic to the web browser is actively checked (something like an intermediary proxy) and here there is no question but the website is locked, which can not be opened except the active certificate check Is switched off in the virus scanner. According to the motto what MS does not have appropriate root certificates, then Firefox can not open even though he can.

@Mathwiz The root certificate updates are also supplied with ECC certificates, which are not included in the certificate management for Windows XP. At this point should be set up first, especially since more and more virus scanners (known to me at Avast and Kaspersky) initiate a cross-check of the certificates with the result that even with Firefox web pages with ECC encryption are blocked. Download the file updroots.sst from the root certificates, just open it and look for an ECC certificate (for example COMODO ECC Certification Authority), double click and invalid. Any attempt to install this failed.

Do not hold much ECC-based certificates (the NSA has helped in the development), but it is of no use if the access to web pages is dealt with. Here should first find a solution that also Windows XP with these can deal. Afterwards it can then be thought about further implantations like TLS 1.2 et cetera (With the IE8 I definitely no longer on the Internet).

The problem is not TLS 1.2, which is supported on Google Chrome, as well as ECC certificates. The actual problem is the Windows XP no ECC certificates can be administrated or not registered and these are recognized as invalid.

I just installed the two files (version number of scannel.dll increased by one point and corrected checksum) into an updater and starts Windows XP but still ECC certificates are not processed (tested with Google Chrome, IE8 crashes with encrypted website). @Mathwiz Next time try your own virtual machine. I almost forgot, you would not want to "test" this update? Nevertheless, now it is an enriching experience.

@WeAreTheBorg If your user profile of Google Chrome is present on drive "R:", the two files should be inserted in "R:\Chrome\Chrome.Profile\PepperFlash\24.0.0.186". The reference to the User profile I have given, by means of the start parameters of "chrome.exe --user-data-dir=R:\Chrome\Chrome.Profile" is clearly seen!

Perhaps a great donation was made, at least I would not be surprised. As for me, they should be happy with Palemoon, absolutely simply without a level!

@w2k4eva Information about IIS (Internet Information Services) https://en.wikipedia.org/wiki/Internet_Information_Services and https://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/iiiisin2.mspx?mfr=true.

@sdfox7 First Merry Christmas, small addition, the directory name "\Documents and Settings\$USER$\Local Settings\Application Data\Google\Chrome\UserData\PepperFlash\XX.X.X.XXX\" corresponds to the version of the newer Flashplayer. Not delete the older Flashplayer in profile, at the next start from Google Chrome the newer Flashplayer detected and the older version is automatically deleted. I have created a Google Chrome Installer (7z SFX Builder), where even more up-to-date, functional components (such as translators, Flashplayer ...) and does not need any more Google Update installed. Furthermore, no message (windows XP and Vista no longer supported) more, even if a local pdf or html with Google Chrome is opened! If there is interest in a test, send me a PM.

@Mathwiz I also take the updates on each Patchday's updates apart and fit these as far as they do not need a POSReady 2009 entry in the registry. Secondly, I lead separate update rollup save just when reinstalling considerable time. POSReady 2009 contains MSI 4.5 and because MS does not need a query in the patch. Do not want to know how many users think that the updates do not work. Off Topic: It is time that I go to bed to rest, since we have in Germany meanwhile 4 am clock.

@Mathwiz I hope so, the problem is fixed. MSI 4.5 (KB942288-v3) is not aviable on WU/MU! The problem I have already mentioned several times (here, here (KB3196726) and here). It will test it until the composter smokes.