Jump to content

UCyborg

Platinum Sponsor
 View Profile  See their activity

  • Posts

    3,098

  • Joined

  • Last visited

  • Days Won

    28

  • Donations

    100.00 USD 

  • Country

    Slovenia

 Content Type 

Everything posted by UCyborg

  1. UCyborg
    @mina7601 Yeah, those buttons up there don't render at all here on latest Pale Moon 32.3.1 and neither do the ones on the right sidebar. They're there on Firefox 110.
  2. UCyborg
    No. You may come to stormy Slovenia if you got bored of the heat. --- Was anyone on their Dropbox recently (those that have the account)? I didn't see the logout button/link/whatever was supposed to be there. Was sleepy and didn't check the rendering on Firefox. I logged out by navigating to https://www.dropbox.com/logout.
  3. UCyborg
    Don't these browsers simply respect your choice for HTTP rather than switch to HTTPS whenever possible? BTW, http://html5test.com/ doesn't respond to Upgrade-Insecure-Requests header. Also, when the main site is not the issue, eg. api.whichbrowser.net in this case, you can visit the security settings, the dialog with certificates, on the Servers tab, you can add an exception if you want the browser to ignore the expired certificate. Not in this case I think. BTW, these browsers block insecure (meaning HTTP) active content by default (scripts). There's an override in about:config->security.mixed_content.block_active_content. --- Regarding 2FA, yeah, not a fan of having online services tied to another device or anything else beyond a password, which I think is still safe if the user is mindful. But banks enforce it because EU wants to and it seems like switching banks more likely than not just means you need another app. Maybe there are still banks that offer to send a SMS rather than having to rely on an app which has to have encrypted stuff stored on the device and if that stuff is gone, you're locked out. Though it's the same with SMS if the phone goes kaput, but at least no worries about activating the damn app.
  4. UCyborg
    Regarding crypto.randomUUID(), for use in Chromium 86 and other recent enough browsers, having the code that covers ancient browsers (what is Internet Explorer?) is a bit redundant since those parts will never be executed in practice. I'd just use: if (!('randomUUID' in crypto)) // https://stackoverflow.com/a/2117523/2800218 // LICENSE: https://creativecommons.org/licenses/by-sa/4.0/legalcode crypto.randomUUID = function randomUUID() { return ( [1e7]+-1e3+-4e3+-8e3+-1e11).replace(/[018]/g, c => (c ^ crypto.getRandomValues(new Uint8Array(1))[0] & 15 >> c / 4).toString(16) ); }; Regarding phones, I think the issue is that people suck. Here, phone functions are mostly used for establishing contact when someone's not home. Those few I communicate with, if it's used, then it must be important enough.
  5. UCyborg
    My bank requires clients to have either Android 5.0+ or Windows NT 10.0+, because those are requirements of 2FA applications on either platform. Or you can do things offline.
  6. UCyborg
    What exactly has changed? I've made this thread back in 2022 to point out much larger spacing between user's profile data and the content of the forum post. This was reduced at some point, so I guess someone on the forum side did look at it. But at present day, after the relatively recent forum update (the one that apparently sent some people into panic mode for the forum not being available for few days), an inconsistency appeared in boldness of fonts between updated Firefox and updated Chromium browsers on the pages with thread lists. See the two images in few posts above (still relevant at the time of writing this post). Both pictures are from Edge, but the text would still appear like in the first picture in Firefox because there's not much (if any) difference between CSS font-weight values of 400 (before forum update) and 500 (after forum update) on that browser, the value of 500 being used since the update that makes the text noticeably bolder in Chromium.
  7. UCyborg
    Somehow I got to try PassIFox (it's in the Classic Add-ons Archive) just now in 2023. It's one of the few available extensions for integration with KeePass for filling user name/password forms. I've been using KeeFox for the long time, it's much more complex than PassIFox, but struggles with the basics eg. when you have multiple accounts for one site and want to choose specific login, at least the recent versions and it has heavy ties with the browser's UI specifics. Though KeeFox also has more sophisticated URL matching options for instance. I looked at KeeFox's history a bit and one commit dumping support for pre-Australis UI is so huge that it gives me a headache and not having a talent for coding doesn't help either. I figured I haven't been using the extras in KeeFox, like creating new entries and auto-submit. PassIFox should work with both pre-Australis and Australis UI, though I only tried it on Pale Moon. UI is minimal, no option dialogs, no toolbar buttons, just one or two extra right-click context menu entries when right-clicking user/passwords fields, rest of the options are in the accompanying KeePassHttp plugin for KeePass. I think I'll keep PassIFox and use it instead of KeeFox. The latter is half-broken on browsers without Australis UI and I prefer to avoid Australis, because then I need another extension to put things how they were and even then few things still aren't exactly how I'd like them. Maybe if I wanted to mess with CSS, but meh... I lived with Australis-based Firefox when I felt Pale Moon was too far behind with web compatibility, but things are better today. Although there's one thing I do miss about Australis, you have the icon indicating Flash Player being active in the URL bar. I see nothing in the Pale Moon UI indicating the Flash Player was activated.
  8. UCyborg
    I don't think that's normal. Though I've seen quite some oddities myself on that OS and can't say I miss it, though I appreciate some refinements like the streamlined file permissions dialog and native taskbar(s) for secondary monitors.
  9. UCyborg
    They work fine when installed there if the rules are followed and extension doesn't make assumptions about its location. For extensions that don't require unpacking, XPI file must be named after its ID, so if its ID is {aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee}, full file name must be {aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee}.xpi. Extensions that require to be unpacked should be unpacked in a folder named after its ID, so in this hypothetical example, the folder name would be "{aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee}" (without quotes). ID is written inside the extension's install.rdf, under the extension's description tag, eg.: <Description rdf:about="urn:mozilla:install-manifest"> <em:id>{aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee}</em:id> If it requires unpacking, there will be "unpack" tag inside the same description tag set to "true", eg.: <em:unpack>true</em:unpack> Nothing unusual actually, that prompt apparently shows only if the browser already has all available extensions noted in user's profile and a new extension is added globally (so the browser detects difference between noted extensions and ones actually installed). Starting with a fresh profile, there is no prompt, globally installed extensions just default to disabled initial state.
  10. UCyborg
    The errors related to downloads happened the first time around when testing in a VM, then I applied modifed DownloadUtils.jsm and it was fine. But then I deleted the entire profile and re-extracted Serpent from the downloaded archive, restoring the original state and it didn't happen again. Another oddity, when I deleted the profile, the browser didn't ask if I want to "install" the two extensions I put in the browser's folder in browser\extensions subfolder, which it did the first time around. Why not?? I saw them in disabled state in about:addons page. Is there another place something is stored that I'm not aware of besides the two profile folders (one in AppData\Roaming and another in AppData\Local)?
  11. UCyborg
    Sure, didn't want to imply not using manual nit-picky approach if desired, just wanted to point out they're genuinely useful resource and there are indeed people working on keeping them up-to-date, so it's still a heavy weight off regular user's shoulder. I tried huge hosts file with bad domain list on an old 2012 smartphone once. Made it unusable. Poor thing has 600 MHz single-core ARM(v6) CPU and 384 MB of RAM.
  12. UCyborg
    Assuming no radical update came since April 2023 that turned everything upside-down, you can use ExplorerPatcher. After install, right-click on the taskbar->Properties->File Explorer->Control Interface->Windows 7 Command Bar.
  13. UCyborg
    It seems to me that over the years, software also got more resilient in general. I remember early days of XP when we got internet access for the first time, the computer had to be formatted the first week, thing were popping up left and right. The contributing factors must have been Internet Explorer 6 + run everything as admin by default approach. Although I can't make a clear comparison in my mind because it was on computer that was used by the entire family and I was just a dumb kid back then. Today, I can just leave them with Windows Defender + uBlock Origin in their web browser and don't have to worry about their computers getting messed up by malicious software. I remember @Sampei.Nihira mentioning at some point using PsExec in XP to run a web browser with limited rights. I wonder if anyone here uses limited account in Windows, which I personally prefer over running things explicitly with limited rights while the default is admin rights. Sudo for Windows can be used for convenience of having a right-click context menu to run stuff as admin when needed, though it was last updated in 2013 and it could have holes. Sure some naughty things can still be done with limited rights, but still there's no reason for common software to have write access to various sensitive parts of the system. AFAIK, Chrome goes out of the way to lock access to various Windows APIs from its renderer process. When life gives you those lists, use them. I mean what's the point of having a computer if you have to do everything manually then? If the person A uses those lists and doesn't get infected and person B doesn't use those lists, but spends a lot of time time effectively re-inventing those lists...why become person A if that time could be spent on something more interesting?
  14. UCyborg
    I don't remember when I started using Process Hacker, the version 2.38 is still installed on XP partition, which I may boot to every once in a blue moon. But otherwise, I haven't used "stable" Process Hacker in years, much preferred "nightly" builds on my daily driver Win10 and eventually switched to System Informer (renamed from Process Hacker, Win10+ only program).
  15. UCyborg
    JustOff, the rebel! Thanks for the link. Managed to get it running after adding brotli and six packages to my Python 3, converting palemoon.res to uncompressed and back to Brotli-compressed results in the exact same file. Uncompressed shaves a tiny bit off startup time at best here, but then more space is wasted in the process memory address space at runtime. Brotli-compressed: C:\Program Files (x86)\Pale Moon\palemoon.exe - 5 executions 3.1078 3.0923 3.1070 3.0984 3.1073 Uncompressed: C:\Program Files (x86)\Pale Moon\palemoon.exe - 5 executions 3.0923 3.0768 3.0605 3.0610 3.0767 Used PassMark AppTimer for those. Results are in seconds. I suppose modifying extensions' .xpis with the script would also work? I guess nobody tried. Though to be thorough, one would also have to minify all JavaScript/HTML/XML/etc. inside these archives. BTW, Brotli is Made by Google™
  16. UCyborg
    So I'm not crazy, the issue was that the script always ran in deoptimizing mode if I ran it like: py optimizejars.py --optimize ./ ./ ./ But invoking the right Python interpreter directly makes it run as intended: "C:\Program Files\Python311\python.exe" optimizejars.py --optimize ./ ./ ./ Go figure...some kind of user/script error? Because I don't think they'd be distributing the launcher if it caused havoc left and right. py -0p returns: -V:3.11 * C:\Program Files\Python311\python.exe -V:3.11-32 C:\Program Files (x86)\Python311-32\python.exe -V:2.7 C:\Program Files\Python27\python.exe -V:2.7-32 C:\Program Files (x86)\Python27\python.exe So without special arguments, the 64-bit Python 3.11 runs anyway with the launcher. I don't get it, when I check Process Hacker, py.exe invokes python.exe the same way I do manually. and the code says < elif MODE == "--deoptimize" deoptimize() >, how can can this pass for "--optimize"?? I swear it's trolling me...
  17. UCyborg
    Maybe I got parameters mixed up at home, IDK, I just tried again on work computer with a slightly updated Python 3 script from here and can confirm optimizing it indeed changes header in the way that makes 7-Zip report an error. Also had problems when I tried both Py2 and Py3 script at first in a virtual machine at home and both Python interpreters reported IOError 13 - Permission denied...pretty sure my downloads folder had all permissions...or maybe I was too tired to see what was wrong. So it's a bit clearer now. I did a very simple mod on two other browsers I haven't used in a while (SeaMonkey and Waterfox Classic) that did not have the fix Matt A. Tobin came up with years ago here. User CSS would be uglier, so I guess unset for -moz-windows-compositor and re-set for -moz-windows-theme: aero-lite.
  18. UCyborg
    This whole thing is confusing and that Python script still doesn't make it exactly like "the factory" does. So one thing, compression, some Mozilla applications have files in the archive compressed, some of them not. All factory baked omni.ja (or palemoon.res) in case of official Pale Moon come with header error when clicking Info in 7-Zip. optimizejars.py you linked to does not introduce header error. palemoon.res even has some weird "129:v1" written for compression method of each file, so 7-Zip doesn't even unpack it. I use 7-Zip 21.03 ZS v1.5.0 R2 (x64) ATM, will update it at some point. Mozilla stopped compressing files in the archive at some point, see https://stackoverflow.com/questions/32038251/how-to-correctly-repack-omni-ja-in-firefox: zip -0DXqr omni.ja <file(s)/dir(s) to pack> They also sign it now, but we don't have to worry about that in certain forks, UXP apps included. Uncompressing implies more work at runtime, at least that's my thinking. So is it better to not compress or is there a catch? More questions than answers in the end.
  19. UCyborg
    No, I just remembered it exists. Didn't know about 5.40 version though, good to know.
  20. UCyborg
    Wasn't aware about that part, is there an explanation written in plain English somewhere about what the process does? Probably can't tell the difference with naked eye since hardware is so fast these days.
  21. UCyborg
    It probably is if you compile it on your own with an old compiler, but haven't tried to confirm.
  22. UCyborg
    I wouldn't recommend no antivirus to someone that isn't into computers, but it can be done. BTW, would Sandboxie belong in this thread? 5.22 is the last version that works on XP.
  23. UCyborg
    Didn't you say in the other thread you're going to update the post with 7-Zip? The current version is 23.01. 7-Zip has a close sibling 7-Zip ZS (Made in Germany), it supports wider range of compression algorithms. It can make archives that plain 7-Zip won't unpack. Last time I checked, which must have been over a year ago, it didn't run on XP. The file manager opens, but it can't open any archive. It seems to run fine on Vista though.
  24. UCyborg
    I never remember command line arguments to repack omni.ja the same way it's packed "from the factory".
  25. UCyborg
    Fast-forward to 2023 and they go out of their way to keep THEIR anti-virus running at all times if they can, they even deprecated the group policy to disable it which is now considered unsupported and isn't effective. Windows 11 is all about hooking you on Microsoft's services. Supposedly Windows Defender Antivirus (or whatever they call it these days) still disables itself if you install another, but I'm not interested in adopting Windows 11 at this point or running any anti-virus. Haven't used one in over a decade and somehow I survived. Maybe we need a thread about surviving on the modern internet without an antivirus? There are articles suggesting using an anti-virus even on Android smartphones. I use an old version that's supposedly full of holes, been using that thing to interact with my bank and I even logged into the bank couple times in 2020-2021 on an XP x64 installation that is mostly patched to whatever was current in 2011. Nothing bad happened, although it's annoying that you have to use either Android app or Win10 app for 2FA if you even want to login to it on the computer. But the app on the phone alone is somehow secure... I considered changing bank, but I found nothing else of value that would justify bothering with it.
×
×
  • Create New...