Jump to content

Yellow Horror

Member
  • Posts

    95
  • Joined

  • Last visited

  • Days Won

    1
  • Donations

    0.00 USD 
  • Country

    Russian Federation

Everything posted by Yellow Horror

  1. I think, this is untrue conclusion, because the same test page works correctly w/o any proxy with Java 8u152 in IE8/XP.
  2. So, the Java version 8u152 will possibly stay the last version supporting IE8?
  3. Yes. As i say before, the java works again in IE after i return previously backuped old (8u152) files to the installation folder.
  4. Yes. I have similar output in the IE addons window, but when i try the "check your Java version" web page i get the empty rectangle with small red cross instead of Java aplet. UPD: the page start to work again in IE (and recommend me to update) just after i return the previous content to the Java installation folder (which is "C:\Program Files\Java\jre1.8.0_152\" in my case).
  5. It don't work for my IE8. Which browser do you use? UPD: it works with Firefox ESR 52.6.0 but not with IE8, i double-check this.
  6. "SSE2 w/o RDTSCP" can't read "the secret string" on i3 with any threshold i try. "SSE2 w/o RDTSCP" on Core 2 give me some (very unstable) results (few letters of "secret sting" in their right positions, garbage in other positions) with default threshold. With any threshold i try to enter manually it give complete garbage. Both "SSE" versions don't read "the string" on i3. "SSE+RDTSCP" don't work on Core 2. For now it seems that Core 2 and older CPU's are invulnerable to this realization of exploit, but may be vulnerable to a better crafted one (due to partial success of "SSE2 w/o RDTSCP" version on Core 2). This is a bad news, i think.
  7. I try the exploit on a few hardware sets and figure out: The "SSE2" version works successfully on i3 CPU under XP and unpatched 7 (with threshold 32 or more). The "SSE" version starts but can't read "the secret string" anywhere, even in the vulnerable environment from previous point (i try some different thresholds from 40 to 1000). The "SSE2" version don't work on Pentium 4 (expected, because it don't support SSE2) and on Core 2 CPU that definitely supports SSE2. It exits with error before finishing the first "reading at..." message. MSE is angry about SSE2 version.
  8. Seems that it can't read "the secret string" on my Pentium 4: L:\>spectre.exe Using a cache hit threshold of 80. Build: RDTSCP_NOT_SUPPORTED MFENCE_NOT_SUPPORTED CLFLUSH_NOT_SUPPORTED Reading 40 bytes: Reading at malicious_x = 00001024... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001025... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001026... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001027... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001028... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001029... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102a... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102b... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102c... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102d... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102e... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102f... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001030... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001031... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001032... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001033... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001034... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001035... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001036... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001037... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001038... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001039... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103a... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103b... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103c... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103d... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103e... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103f... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001040... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001041... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001042... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001043... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001044... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001045... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001046... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001047... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001048... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001049... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000104a... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000104b... Success: 0xFF=’?’ score=0
  9. Some BIOS'es require the setup entering key to be pressed at certain time of POST. Try to hit F2 multiple times while the PC is starting. Also try to power-up the PC with F2 already pressed. P. S. In some cases USB keyboards can't be used to enter setup, because BIOS initialize USB ports after the right moment. If your keyboard is USB-connected, try PS/2 keyboard instead.
  10. Ok, i try the last time: You may do any tricks with licenses for your personal usage at your personal risk. I do not have any complains about it. But if you try the tricks for profit, like "why don't sell this used OEM license i don't need anymore?", you step on another side of law (or honour) from the one where i prefer to stay. Thank you all guys for an interesting discussion. I'm done here.
  11. My point is: the XP license Glenn9999 has is already linked to his old PC. I am agree that he may, on his own risk, reuse it on a new hardware set for his personal usage. But selling used OEM license w/o the PC it is linked to is illegal or, at least, dishonest in relation to the buyer. The only way to legally sell the license, that i can see, is: to reanimate the old PC w/o changing its motherboard, place the key sticker on its case, then sell the PC with licensed XP as a bundle.
  12. As far as i remember the story: The teacher was convicted for the "crime". He wasn't really imprisoned only because the court replaced the sentence with a conditional sentence. But the teacher received a criminal record, that is a serious penalty in Russia, especially for a pedagogue. The teacher was eventually able to challenge the sentence, but this was a long time later. And MS was involved in the process as a party that "suffered significant financial damage". The "piracy" in Russia isn't a criminal offense if there isn't such a party.
  13. In Russia, there was a case when a school teacher was sentenced to prison for using "counterfeit" Windows in a classroom. I am almost sure, it was XP (if not Windows 98).
  14. You are exactly right there But MS really can retaliate, so better to have all the proofs ready if you are a businessman or a public person,
  15. Due to a little old (2005) MS presentation about OEM licensing, while the System Builder pack is not opened it may be legally sold even without any hardware. After opening, neither part of it may be sold separately from a complete PC.
  16. System builder pack can't be legally resold after the first installation w/o the hardware (the key pieces of hardware are case and motherboard) it was installed on. Using it (this means "opening its packaging"), you become "the PC manufacturer" in the license term. So, you must attach the key sticker on the case of PC at which you install Windows. Keeping it separately is illegal.
  17. Saying about Retail Windows license, its legality is proved with two another things: The key certificate exactly matching the Windows installation key. The original installation media (even if in unusable state such as installation CD exploded in CD reader).
  18. No, you can't do this in a legal way. And if you try, the new owner don't acquire a legal Windows copy. Basically, OEM Windows license legality is proved by two things: The key sticker on the case of the PC on which the copy of Windows is installed. The purchase documentation proving that the PC manufacturer (a company, not individual) sells Windows license with that PC. The Windows version and level (such as "Home" or "Professional") must correspond with the key sticker. It is better if Windows installation key matches with the key on the sticker and if you have original installation/restore media but this isn't really required.
  19. The OEM Windows license may be transferred only with the PC on which the PC manufacturer installed it. The key pieces of the hardware are: the case (on which the PC manufacturer should attach the key sticker) and the motherboard (see Note 1). The end user should also keep the purchase documentation to prove that he buy Windows license with the PC. End user can't resell OEM license w/o the PC. If you resell it with the PC, you should provide to the new owner the original purchase documentation and the installation/restore media received from the PC manufacturer (if any). Note 1: any repair and/or replacement of the PC motherboard should be made by the PC manufacturer or authorized service to keep the OEM license.
  20. Based on my experience, only three of the listed updates really cause long search: KB4052978 Cumulative security update (2017-12) KB4011265 Security update for Word (2017-11) - it is replaced by KB4011607 for now KB4011605 Security update for Excel (2018-01) KB3213641, KB3213644, and KB4011201 are "harmless" and may be found normally. I never test the KB4018271 for pure XP SP3 (without POSReady hack), but i think it should be "harmless" too.
  21. NTFS is a bad choice for the media with low write cycles like USB flash sticks or SD cards, because journaling means extra writes. ExFat is better for them.
  22. I am sure that only a few of WES 2009 and POSReady 2009 installations have any version of MS Office installed. But IE is a standard system component that even can't be easily removed. I am wonder, why big quantity WES/POSReady system owners don't complain about a bug that regularly ate one CPU core for hours? It should be noticeable at least in power consumption if not in responsiveness of the system.
  23. Seems as if your system miss one or more of "troublesome updates". I suggest you to switch WU/MU to "off" via the Control Panel, reboot, then use MBSA to check for missed updates. KB4056615 and KB4056941 aren't "troublesome".
  24. KB4011607 replace 33 of previous updates. KB4011201 replace only 20 of previous updates. KB4011605 replace exactly 29 of previous updates. Its predecessor was KB4011205, that was released in November 2017 and replace 28 of previous updates. Did it cause a delay in updating at the time?
  25. I have a theory about this: any update that replace 29 or more previous updates cause a serious delay in WU/MU update routine. For now, any new IE8 cumulative update and some of office updates are subject to the bug. I call them "troublesome updates". I am unsure if a "troublesome update" search on WU/MU website via Internet Explorer may be really finished. One time i wait more than a day w/o positive result. The search via automatic update service (known as "yellow shield in system tray") is more effective, but also very long. For a single "troublesome update" it may take from 1.5 hour to more than a day, depending of PC parameters. In any case the search consume one CPU core for all that time. It depends of MS software and patches you have installed. Your system may require more "troublesome updates" than just KB4052978.
×
×
  • Create New...