Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


  • Content Count

  • Donations

  • Joined

  • Last visited

  • Days Won


mixit last won the day on March 21

mixit had the most liked content!

Community Reputation

76 Excellent

About mixit

Profile Information

  • OS
    XP Pro x86
  • Country

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I am indeed a genius, because I already had this solution two days ago, but thought there was something missing from it, because I could only get it to work when loading a video page URL directly, and not when clicking on a video on a user's list. You know, when it pops up with apparently the same URL, but it looks like the video is put into an overlay over the list page with an X in the corner. So I spent quite some time trying to debug this, and in the end it turned out that for some weird reason Instagram was using different URLs to fetch my test videos in these two cases. The direct-to-video URLs were getting theirs from fbcdn.net, but the "overlaid" versions were loading them from cdninstagram.com, which for some reason wasn't on my uMatrix whitelist for instagram.com and uMatrix was on. So, yeah, a real genius here. Turn off them content blockers when investigating browser issues, kids! Why, that sounds almost like the MSFN forum post editor has taken over your uBO installation! The very same version works fine for me. If it's just a matter of typing not working, you could put the line into a text file and "Import and append" it from there.
  2. Apparently they've changed something, at least on the @qvcuk page you gave as an example, the latest video https://twitter.com/qvcuk/status/1108737574363754497 doesn't work. It's probably not really a video problem, but they've changed something in the surrounding JS/CSS. At least their earlier GIF https://twitter.com/qvcuk/status/1108698147474341890 and video https://twitter.com/qvcuk/status/1108654509352378369 work fine for me.
  3. Turns out you don't have to patch anything in the browser, just change the page styling:
  4. You guys give up too easily, is this the infamous XP lair of fanatics or not!? Fortunately there is (for time being, anyway) a pretty simple fix for this "video problem". (I use quotes because it has nothing to do with video as such.) You don't need to switch or recompile browsers either - at least not right now over this particular issue. Apparently ESR 52.9 handles CSS flex layout a bit differently, so with the current Instagram code the video and its surroundding elements kindly get the height of 0 pixels... This can be fixed by modifying a surrounding <div> container to use block display instead of flex. If you use uBlock Origin, you can add the following rule to your My filters: instagram.com##div.ZyFrc[role=dialog]:style(display: block !important) (Just make sure Filterlists > Parse and enforce cosmetic filters is checked and that Settings > Default behavior > Disable cosmetic filtering is not checked or is overridden per-site for instagram.com.) The same can presumably be done with other styling/tweaking extensions, only the syntax may be a little different. I don't use anything else, so can't give you the specifics. If you don't use any such extensions and don't want to install them, you can just add the following CSS snippet to your userContent.css file (it's located in the chrome subdirectory under your Firefox profile folder. Edit: as @Dave-H pointed out, the file may not exist yet, in which case just create a new text file, put this stuff in it, and rename the file to userContent.css.) @-moz-document domain(instagram.com) { div.ZyFrc[role="dialog"] { display: block !important; } } (In this case you'll have to restart the browser for this to take effect, only refreshing the page won't make a difference.) BTW, aside from div.ZyFrc[role="dialog"] , simply using div.ZyFrc or div[role="dialog"] also works. I'm just using the more specific condition to hopefully avoid accidentally breaking something else on Instagram (I'm not a frequent visitor there, so I wouldn't know). The mangled class name ZyFrc is pretty likely to change when they rebuild they code, and using the role-based version without a class name may survive that. Or it may not - as we know web devs need to constantly tweak their stuff, even when it's not broken... So this may need to be revisited. Edit: Forgot to give kudos to @Mathwiz for narrowing down the problem and linking to this change list with hints to flex layout being the problem. Edit 2: I tested this style fix on ESR 52.9.0, but I'd be surprised if 52.9.1 would be any different in this regard. ----------------------- In other news, if you're spoofing a more current version of Firefox on all sites with ESR 52.9, apparently you'll have to drop your spoofed version below 57 on instagram starting today, because they seem to have switched over to Quantum-specific code for newer versions and basically nothing works anymore. (If you're using the default 52.9 user agent, you shouldn't need to make any changes because of this - at least it seems to work for me.) It could mean, though, that they'll be dropping support for anything pre-Quantum sooner rather than later, which may also affect the various Pale Moon derivatives, depending on how up-to-date their CSS and JS support is.
  5. Unless people are seeing issues, in this case the delay-load linkage to brcypt.dll.as such shouldn't be a problem, even in the original Office 2007 Compatibility Pack SP3 (KB2526297) MSO.DLL (12.0.6607.1000) has it. I thought the same thing you did at first, but going back and checking earlier versions seems reassuring.
  6. https://msfn.org/board/topic/171814-posready-2009-updates-ported-to-windows-xp-sp3-enu/?do=findComment&comment=1148337 Just look in the Brazilian folder instead of Portuguese. (Incidentally, this post was the very next one after the one you quoted )
  7. You shouldn't need to restart the stream, just hitting the left arrow key and then the right arrow key should do it - this jumps you 5 seconds back and then 5 seconds forward to where you were before (in case some other page element has focus, you may need to click on the video first). It's still an annoyance, but much less disruptive this way. I pretty much do it on autopilot at this point, after years of practice courtesy of Mozilla. This works at most other video sites as well. since most players bind these keys similarly.
  8. @Dave-H I'm still getting the 2017 version here. MS caches seem to be a crapshoot in terms of getting the latest certificate updates (for example I'm also still not getting the latest update @heinoganda notified us about). Not the first time this has happened, either. I wouldn't even be surprised if the version you downloaded manually just now was different than the one WU gets when it tries. I don't know about "exactly", but functionally, yes, for our purposes they should be the same. The automatic updater wouldn't know about your manual updates as the mechanism it uses is different (.sst vs .stl), and thus also its versioning. I don't think there's any checking being done against individual certificates being present or not.
  9. I guess I'm not sure why you think you still need this active if you're doing your updates separately anyway? You're already "working around" this functionality as is. I think it was you who pointed out earlier in the thread that the current authroot.stl dates from 2017/9/22. Viewing its signature shows that the Microsoft Certificate Trust List Publisher certificate it's signed by was valid from 2017/1/25 to 2018/4/13. I'd venture a guess that this is when your errors started (can't tell by this thread as MSFN forum issues seem to have wiped out some of the posts). Until Microsoft updates this list, I believe you're always going to have the problem with the Event 11 certificate validity errors against your system clock:
  10. @Dave-H Since you seem to be getting Event 11 errors for crypt32, maybe you have the automatic Update Root Certificates component still active in your XP installation? It would seem quite odd for you to be getting lots of errors about not being able to extract certificates from a WU cab unless something was trying to update them. Given that you're updating manually (or via @heinoganda 's tool) anyway, you should probably turn it off even if that won't resolve the errors issue. In Control Panel, run Add or Remove Programs. Click Add/Remove Windows Components in the left-hand column. Scroll all the way down to Update Root Certificates, clear the check box, click Next, and then complete the Windows Components Wizard. Pardon me if this is old news to you. I tried checking back in this thread to see if this component was mentioned in connection with your problem and didn't find anything.
  11. In theory, yes - although you could potentially end up missing fixes for permissions not related to the file system (the registry, services, whatever else - can't say I'm an expert). @Destro will tell you in no uncertain terms that you're not affected if you have an FSB processor (those ex-KGB guys know how to protect their stuff; j/k, it means "front-side bus") - and indeed, Intel hasn't confirmed these CPUs are affected; then again, some proof-of-concept tests floating around appear to work on C2D (assuming the tests are implemented correctly). So, confusion continues... That microcode list, though, doesn't mean C2D is getting any updates at this point - it's cumulative and includes historical updates as well.
  12. mixit

    Cryptojacking block for Windows XP

    Well, It's certainly possible that the big guns don't always cover everything, I just figure they'd generally get more input because of how many users they have. I think you'd get the same result if you added the Mining Blocker rules to ABP. It's slow enough as is even without using another blocker on top of it (had to move to uBO myself for better speed, even though I prefer ABP's interface).
  13. mixit

    Cryptojacking block for Windows XP

    @wyxchari You are correct, domains and especially script file names can always be changed. And since Mining Blocker simply blocks the following sites: '*://coinhive.com/lib*','*://coin-hive.com/lib*','*://cnhv.co/lib*','*://coinhive.com/captcha*','*://coin-hive.com/captcha*','*://cnhv.co/captcha*','*://*/miner.pr0gramm.com/*','*://miner.pr0gramm.com/*','*://*/coin-have.com/*','*://coin-have.com/*','*://*/hashforcash.us/*','*://hashforcash.us/*','*://*/hashforcash.com/*','*://hashforcash.com/*','*://*/coinerra.com/*','*://coinerra.com/*','*://*/pr0gramm.com/*','*://pr0gramm.com/*','*://minecrunch.co/web/*','*://mine-crunch.co/web/*','*://jsecoin.com/server*','*://*.jsecoin.com/server*','*://*.*','*://load.jsecoin.com/*','*://*.load.jsecoin.com/*','*://server.jsecoin.com/*','*://*.server.jsecoin.com/*','*://static.reasedoper.pw/*','*://mataharirama.xyz/*','*://listat.biz/*','*://crypto-loot.com/lib*','*://cryptoloot.com/lib*','*://gus.host/*','*://*/gus.host/*','*://xbasfbno.info/*','*://*/xbasfbno.info/*','*://azvjudwr.info/*','*://*/azvjudwr.info/*','*://jyhfuqoh.info/*','*://*/jyhfuqoh.info/*','*://jroqvbvw.info/*','*://*/jroqvbvw.info/*','*://projectpoi.com/*','*://*/projectpoi.com/*','*://kdowqlpt.info/*','*://*/kdowqlpt.info/*','*://ppoi.org/*','*://*/ppoi.org/*','*://inwemo.com/*','*://*/inwemo.com/*','*://lmodr.biz/*','*://mine-my-traffic.com/*','*://minemytraffic.com/*','*://coinblind.com/lib/*','*://coinnebula.com/lib/*','*://coinlab.biz/*','*://deepc.cc/*','*://*/coinlab.biz/*','*://gridcash.net/*','*://*/gridcash.net/*','*://socketminer.com/*','*://*/socketminer.com/*','*://ad-miner.com/*','*://*/ad-miner.com/*','*://cloudcoins.co/*','*://*/cloudcoins.co/*','*://webmine.cz/*','*://*/webmine.cz/*','*://hashunited.com/*','*://*/hashunited.com/*','*://mineralt.io/*','*://*/mineralt.io/*','*://authedmine.com/*','*://*/authedmine.com/*','*://easyhash.io/*','*://*/easyhash.io/*','*://webminepool.com/*','*://*/webminepool.com/*','*://monerise.com/*','*://*/monerise.com/*','*://coinpirate.cf/*','*://*/coinpirate.cf/*','*://crypto-webminer.com/*','*://*/crypto-webminer.com/*','*://webmine.pro/*','*://*/webmine.pro/*','*://*/monad.network/*','*://monerominer.rocks/scripts/*','*://cdn.cloudcoins.co/javascript/*','*://minero.pw/miner.min.js*' and any script URLs containing any of the following strings: 'CoinHive','Coin-Hive','jsecoin','mataharirama','minecrunch','coin-have','hashforcash','coinerra','reasedoper','minemytraffic','lmodr','cryptoloot','crypto-loot','listat','monero.worker','scrypt.worker','scrypt.asm','neoscrypt.asm','gus.host','xbasfbno','azvjudwr','jyhfuqoh','miner.pr0gramm','jroqvbvw','projectpoi','kdowqlpt','ppoi','minemytraffic','inwemo','minero','coinblind','coinnebula','coinlab','cloudcoins','deepc','monerominer','gridcash','monad','ad-miner','socketminer','cloudcoins','webmine','mineralt','authedmine','hashunited','webminepool','monerise','coinpirate','crypto-webminer','c-hive','cryptonight' and any scripts containing: 'miner','CoinHive','Coin-Hive','Coin-Have','hashforcash','coinerra','jsecoin','mataharirama','minecrunch','reasedoper','minemytraffic','cryptoloot','crypto-loot','inwemo','minero','CoinBlind','coinnebula','minemytraffic','cryptonight','coinlab','cloudcoins','monerominer','deepMiner','gridcash','monad','ad-miner','socketminer','cloudcoins','webmine','mineralt','authedmine','webminepool','monerise','coinpirate','crypto-webminer','c-hive','CRLT.Anonymous','hashunited' It would seem pretty easy to bypass it by renaming (also easy to get something useful blocked because of false positives). Since Mining Blocker has only 7,898 installs versus 13,424,117 for Adblock Plus and 5,111,703 for uBlock Origin, I'd rather rely on blocker extensions with massive user base, because their blocklists are likely to be up to date more quickly. Also, with Mining Blocker you currently have to update the extension itself just to get an updated blocklist. The only "feature" Mining Blocker has is that upon installation it attempts to stop any mining scripts already running - useful if for some reason you don't like to restart the browser. (I looked at Mining Blocker because I was curious what interesting tricks they might use to detect mining scripts, not to be contrary with you. Based on these results, I'm afraid most of the "specialized" anti-mining extensions would similarly turn out to be not terribly useful subsets of full-blown adblocker functionality.)
  14. mixit

    Cryptojacking block for Windows XP

    My observations : Your browser version doesn't really matter, all you need to get "You're protected" is somehow blocking coinhive.com and coin-hive.com. This can be done in any browser by running a regular adblocker like uBlock Origin, etc., I don't see much need for specialized addons. While raising awareness is commendable in itself, the cryptojackingtest.com site seems to be more about advertising Opera (specifically its built-in adblocker) than serious testing for cryptojacking protection. In my opinion, actually mining cryptocurrency on the site (instead of just checking if it could be done) is a pretty questionable move, even if they claim to donate the proceeds. Edit: If Opera were the ones behind this site, I don't see why they'd register this domain anonymously - this is starting to look like a clever ruse to use people to mine a bit under the guise of an awareness campaign. Apparently the site is referenced in Opera's official blog so it should be legit. It's still weird that they'd use a domain privacy service instead of registering the domain with their official contact information.
  15. mixit

    Who has the latest Firefox ESR Installed?

    @ThomasW Without knowing the exact details of what has been changed in the browser, it's hard to say with 100% certainty that these fixes won't slow anything down. However, it seems very unlikely based on the overview given by Mozilla. Don't let the common word "time" confuse you, reducing the precision of time sources should in no way affect site loading times; and it's hard to imagine any legitimate scripts used by social media sites needing microsecond precision for anything, so they should be unaffected as well. As @Bersaglio said, don't worry about it (least of all on XP, which hasn't received slowdown-causing OS-level mitigations). Besides, ESR means no feature changes, so even in the very unlikely case of there being slowdowns, you can always go back to the previous point release without the risk of messing up your profile.