[Microsoft expiring SHA-1 updates; Will this kill XP?]

19 minutes ago, kuja killer said:

Oh so its only just related to stuff requiring internet access ? So im not going to get any like "program failed to start" popups or anything like that with IE or anything else ? That was the kind of thing that really was in my mind. the thought of something like programs not working or something. well IE is the only thing i can think of for anything internet related nothing else, i think.

No. This certificate does not affect web browsing or internet connections as it is for completely unrelated things than that.

[Microsoft expiring SHA-1 updates; Will this kill XP?]

1 hour ago, Mr.Scienceman2000 said:

Only issue I could see is possible driver errors (due signatures) on any newer drivers made after that date to xp but it will likely just trigger signature warning about not passing XP logo test (like some devs actually cared sign their drivers to XP after 2014). Second may be warning on starting application made after date that will happen anyway in 99% of sw but it wont kill XP.

No. The driver sigs are timestamped. Check out your drivers with "valid" signatures, that don't complain about being unsigned... You'll be surprised to see many or even most have expired certificates. For these, it only matters if the certificate was good at the time of signing.
Anyone besides M$ can still SHA-1 code sign executables if they want to.

[Microsoft expiring SHA-1 updates; Will this kill XP?]

And why is this certificate expiry the death of Windows XP? (hint - it's not - almost nothing will change)

[Microsoft expiring SHA-1 updates; Will this kill XP?]

I suppose. The only thing is you might still get bit by OCSP/certificate checking if both dates are in the future. But I'm sure when the future becomes the present you'll still be able to log into https routers with no change.

[Microsoft expiring SHA-1 updates; Will this kill XP?]

I am not a TLS expert, but it is my understanding that basically nothing is going to happen when this certificate expires. This cert is what microsoft signs stuff with (for example, new updates, drivers...). There aren't any new updates being made for any SHA-1 system anyway.
The reason you canot connect to HTTPS sites when you change the date is because you are changing the date, not any significance pertaining to what that date is.

 

Firefox-based browsers do not rely on windows for encryption anyway. Chrome (at least on XP) partially does. but even for chrome and IE, nothing is going to change.

[My Browser Builds (Part 3)]

3 hours ago, Dave-H said:

I just tried out roytam's build of Serpent, and was puzzled to find that there appears to be no uninstallation option for it.
It didn't appear in Add/Remove Programs.
Is that normal? I just deleted its folders, is that the only way of uninstalling it or have I missed something?
I used i430VX's installer to install it.

This is normal.
Browser removal instructions:
-Delete shortcuts(desktop and startmenu)
-Delete browser folder in program files directory
-If complete removal is desired, delete the folder in appdata (the name varies, but for new moon, for example, it would be Moonchild Productions)

 

At some point perhaps I could try to make an uninstaller. Don't expect such a thing very soon, as time is rather scarce these days, sadly.

[Unoffical Roytam1 Browser Installer - Project Thread]

Already known for a long time. Try reporting the false positive to whatever checking service firefox uses. I tried reporting the false positive to Microsoft SmartScreen a while ago, never got a response, never got the false positive removed. So if you do report it to whoever it is, Don't expect much to change.

[Unoffical Roytam1 Browser Installer - Project Thread]

It looks like whatever issue was happening disappeared rather quickly, without any intervention on my part. Cool!

[On decommissioning of update servers for 2000, XP, (and Vista?) as of July 2019]

16 hours ago, windows testing said:

Actually, Everyone are lied. Windows Update Agent 7.6.7600.256 works on Windows 2000.

Judging by the "wsus.reg" on the desktop... You're probably not using the normal windoze update servers.

This poster is banned now so they wont be responding, but i highly suspect people are not lying when they say the original MS servers dont cater to 2000 and XP anymore. Third-party WSUS servers are the only way to do it reliably since I think almost a year ago now.

[Which Antiviruses are Known for a Fact to be Working on XP SP3 as of 2019?]

On 4/13/2021 at 2:48 PM, Sampei.Nihira said:

WiseVector StopX fully supports Windows XP

I decided to look into this AV:
Long story short, I am pleased with it and have not seen such a lightweight AV in a long, long time.

As said before this post, it is of Chinese origin. This does raise the concern of telemetry, as many Chinese programs are known to be chock-full of it (Maxthon, 360Chrome, etc.) However, I definitely didn't want to just assume anything, so I did some research. To my delight, it seems surprisingly void of telemetry. Of course, this point in particular is thoroughly covered in the posting directly above mine, but for the sake of a full review, I've reiterated it.

Quote

One may note that WV polls a server in Hangzhou frequently, but only to look for updates. For those that are offended by this, just uncheck the Check For Updates box.
On uninstall, the app will connect out to a statistic server in Singapore. One should have no issue here.

This analysis comes, of course, from the thread at the Wilders Security Forums: https://www.wilderssecurity.com/threads/wisevector-stop-x.431502/
(by the way, that's a great thread for all sorts of delving into this program.)

The program has settings for fine-tuning the protection to your exact needs and desires. The English in the program is very good, with no remnants of Chinese text in sight. As to the user interface, it is modern-ish and very minimalist, which is disappointing but expected for basically any modern AV. It supports skinning, which is...odd. But options are always welcome, of course!

I cannot speak exactly to its detection performance, but on my HP Compaq 6200 Pro with XP x64 (8GB RAM, i3-2100) NO performance hit while doing everyday tasks with real-time protection enabled was observed. I do not usually use real-time protection on my machines, but for the sake of testing today I did. Similarly, nothing was noticed when performing a full system scan and continuing use of the system during the scan. While scanning, it was using approximately 90-150MB of RAM. Certainly a very competitive if not outright better figure than any other modern AV. CPU usage was observed to be around 25-30%. Unsure if it is capped there or if it was simply not able to pull files from the disk any faster.

All in all: A surprisingly good and surprisingly lightweight AV supporting real-time scanning.

[Unoffical Roytam1 Browser Installer - Project Thread]

I would like to note that, currently, the browser installer seems to be broken. I will try to put out a fix with in a couple of days, free time permitting. Thank you to @donnie6232 for alerting me to this issue

[On decommissioning of update servers for 2000, XP, (and Vista?) as of July 2019]

11 hours ago, kuja killer said:

what i mean is, is there another way to actually scan for updates i dont already have if regular windows update and "mini update tool" are no longer able to ? assuming there even is any "trusted and safe" website or program to do so.

You can try the WSUS server. Instructions to set your computer up to use it are in this video:

 

["Ancient" Pinned Threads in XP sub-forum]

I beleive the redirection is only temporary to alert users of the move, but I agree with your second point, RT1.

[How do we make Internet Explorer 8 into a modern-day, standards-compliant web browser?]

Though, to be fair, edge used to be IE-ish, but you could only use that particular abomination by running windows 10

[My Browser Builds (Part 2)]

9 hours ago, luweitest said:

Today I visited a page causing Serpent52 hang:

https://www.fiverr.com/categories/programming-tech/desktop-app-services/application-improvements

When Noscript enabled, it could load; after enabled javascript, or restarted in safe mode, the browser freezes, takes 50% CPU (dual core), increases memory occupation near 100%, and I have to kill it.

Try using the UOC patch. For whatever reason FF-based browsers completely flip out when they are used on my ThinkPad's video card (mobility radeon x1300), and a lot of freezing was happening. However, the UOC patch resolved the issue for sure.

[we should add a memorial section for old topics that have been abandoned and newer updated any more]

Why? its not like you somehow run out of room in a subforum. And moving anything old to an archive would:
A: prevent any responses if someone DID have something to add and...
B: disorganize the threads, as currently they exist in their appropriate subforums. For example if i want to find something about XP, i simply look around in the XP subforum. and...
C: break links to any archived threads as they've been moved.

[minecraft support for xp/vista ends in 2 days]

Thanks for that. I've always just played the latest version, but yeah 1.12.2 was the last that seemed to run well on a fair bit of hardware for me. (In fact, it may be the last at all for linux x86, iirc) When the normal launcher ceases functioning I will try out the Magic Launcher.

[minecraft support for xp/vista ends in 2 days]

They are going to block that from working, but not really by any sort of API functionality difference, as far as I know. They are changing the account login method to need a Micro$soft account. Which, the old login method doesnt do.

[Have WinXP/Vista any kind of telemetry?]

Vista certainly has it, as you can see it has a setting for the Customer Experience Improvement Program.
XP does not have that setting outright, but many microsoft add-on programs can add the option (such as Office, WMP, MSE)

That being said, a stock XP is in no way void of telemetry. Error Reporting is by default enabled. Also, if you use Windows Update, an amount of telemetry is sent when that is checking in with the server. That is what I know of, there may be some other things here and there.

As far as I know, add-on programs for XP will actually listen to the CEIP settings if you set it, unlike what happens in later OSes, such as 7.

You can find the setting for any CEIP compatible program inside that program's settings.
And, error reporting is disabled via system properties --> advanced --> error reporting

[Root Certificates and Revoked Certificates for Windows XP]

Slightly OT, but ARE there sights that actually require TLS1.3 yet? Other than the usual sites designed soley for testing that?

[Root Certificates and Revoked Certificates for Windows XP]

Then the certificate updater for windows XP will not solve your problem. Firefox does its own thing with certificates. Your problem must be somewhere else.

Possibilities:

-The server you're trying to reach actually does not exist
-Your internet connection is having issues.
-Your LAN is not configured properly
-You have no drivers for your NIC(s)
-Your system time/date is not correct.

Let us know if any of those happen to be it.

If it still doesn't work, please provide more details than "connection error screen" (like, what site(s) are you attempting to visit, exact error details, system configuration, etc)

[Root Certificates and Revoked Certificates for Windows XP]

5 hours ago, 1d5 said:

Sadly doesnt work still have the connection error screen

It most probably IS working, but it may not be doing what you'd want it to. If youre trying to make secure connections on windows XP using chrome or IE8, it is very hit-or-miss due to rather abysmal cipher support. Try using Firefox, or one of its zillion XP-Friendly derivities, and if your problem is what I described, you won't have the issue any longer.

Certificates don't add ciphers.

[My Browser Builds (Part 2)]

After careful watching for a couple of days, I have come to the conclusion that MailNews (and likely the upstream "official" version... though I haven't checked) is definitely not ever closing the connections to my mail servers, though I definitely think it should be based on my settings. It certainly has a lot MORE connections (to the same places) when synchronizing, but it just seems to never let go of that last connection for each account. Only switching to offline mode truly shuts down the connections. Not exactly convenient, as I lose the automated timed checking feature and i have to "go online" every time manually. Now, I know to have some "always open" connections for most people isn't an issue, but as I'm living with extremely limited internet data until Starlink becomes availible in my area, closing up every little bit of bandwidth spillage helps.

So, my question is why are these mail server connections staying open in MailNews when it is not performing the schedueled synchronization, and is there anything that can be done to prevent it, short of dropping into offline mode?

[My Browser Builds (Part 2)]

3 hours ago, ArcticFoxie said:

So I can't help but be curious as to what is HIDDEN inside resources.pak that the creator doesn't want us to see by using conventional unpack methods.

I do not have much of an understanding of .PAK files in general, but I do not beleive this to be an archive at all. Open it in your favorite text editor, and you will see a lot of the contents. It appears to be various HTML, CSS, and JS Code, from my very brief investigation.

 

----------------------------------------------------------------------------------------

I refuse to make another off-topic post in this thread, so I will put it here as an edit. @Dixel: I do not understand your obsession with labeling software and even people agents of the KGB, an agency which ceased to exist in 1991 with the fall of the USSR. Kaspersky, for example, is the only instance I know of with the creator having ties to the KGB. That being said, they offered to share their source code to prove it was not spyware for Russia. I do not see a reason they would do so if it was actually such a thing. I have not done any research to Yandex specifically, but I do not see any peculiar connections going on in my system from it. I think the idea of labelling all software and even all people from a specific region/country to be spyware/spies to be very prejudiced.

I cannot speak for everyone in every country, but when I was in the middle and high school we did cover a lot about the Soviet Union, including content about the KGB. Let alone my own researching on these topics over the years. So It's not like I "just don't understand".
"Did you see the reaction in the ex-kernel topic when I advised against Kaspersky ? Only a couple of people liked ..."
And one of those "likes" was you. The existence of your alt account, D.Draker, is painfully obvious and clearly a source of reputation farming.

[Windows 95 2.1GHz CPU Limit BROKEN!]

I VERY much doubt it. As far as modern AVs care, anything uncommon = BAD. I do believe my site generates the same Malwarebytes nanny-nags, in some portions at least, despite the malware count on my site being, as always, ZERO. Frankly, Unless you make a habit of visiting extremely questionable sites, you're very much likely better off without the internet nanny features.