Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 

Thomas S.

  • Content Count

  • Donations

  • Joined

  • Last visited

  • Days Won


Thomas S. last won the day on February 25

Thomas S. had the most liked content!

Community Reputation

25 Excellent

About Thomas S.

Profile Information

  • OS
    XP Pro x86
  • Country

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Thomas S.

    Python 3.5 Runtime Redistributable backported to XP

    https://pypi.org/project/cryptography/ "Cryptography is a package which provides cryptographic recipes and primitives to Python developers." Eg. it is used in the project "HTTPSProxy" which provide actual TLS protocols to XP. Here the discussion about begins: @heinoganda and I have build versions of the proxy (eg. see my signature). With cryptography > 2.4.2 we get errors in Python 3.4.4 (the latest for XP), the proxy will not run. The original python script of the proxy will be found here: https://prxbx.com/forums/showthread.php?tid=2191&pid=19252#pid19252
  2. Thomas S.

    Python 3.5 Runtime Redistributable backported to XP

    Of course not Ok, I understand your plan. That's how I do it, too. OK, I fully understand all of You. Go ahead!
  3. Thomas S.

    Python 3.5 Runtime Redistributable backported to XP

    I am very interested in this discussion. But I wonder that you are constantly try to workaround a security-related application just because you want to make a particular version work? It's just too many security risks. I would never use files from foreign sources here. Prefer to get along with cryptography 2.4.2 for a while. Even cryptography, which is maintained by a large number of developers, is described here by the programmers themselves as not harmless, see: https://cryptography.io/en/latest/hazmat/bindings/openssl
  4. No no. I have a - hm - paranoid relationship with the internet I am not in any of this Asocial media like Facebook, don't share much personal data - but I can share many informations (eg here) and I don't use encryption of email very much, only sometimes. On online banking I am using only very strange encryption / software / security equipment like smartcard authentication + pin. So it still depends on the data I give away... And I am informed about the real security issues, trust not the blahblah about Win10 is a safe OS
  5. #1 May be. Let me explain it differently, a little futuristic (only a thought). A large amount of money (the data) is to be kept safely in a different location. 1. "encrypted transport" I hire a totally safe transport company to put the money in their armored vehicle and they drive it to the bank. As long as no one breaks in, that's quite safe, but if it is so, then the money is gone. At the bank, the money can be seen again as normal, to count, it is stored there as money in the safe. 2. the other possibility: "encrypt the money!" I convert the money into another "thing" (a little grey stone?), which is completely worthless to others. Only I know of a way to turn the worthless thing back into the valuable money. Now I can drive it with a normal car to the bank safe, nobody do know about what it is or the value it has... Don't think about stolen this thing, I have a copy of it at home, in my pocket, grandma has one ... And one of the the copies is enough to get it back full... But if I lost the knowledge about the way to turn the worthless thing back... Huh... #2 shure?
  6. #1 Yes (if you are anxious or want to store very personal data there) or you do it as a precaution. #2 No, if the data is encrypted the mega safe connection brings no higher safety for this data.
  7. And this is full encrypted data as it will be shown at the "other side". I have the key to encrypt this message, no one else... If I give the key away so you can encrypt this data it will be unsafe again. -----BEGIN PGP MESSAGE----- hQEMA8przaPfIOM9AQgAnIjm3hKawEVkIQuNWSs+b2s1ZJQRP5+QDKBDGWw3MAwF 9Qsnl1mPKZDImE3IbZqZ5fOZcBjtpz8zsfS8QigCt7lpKRLKXcVyb8R6KU71UeFS zjMyHfopAjm+1y+ntnzP+mGB0r1xjEOAghwCVU7VQUE9we0Sqpfsf1ejz4tKjCm8 MGEj4QmSMCXduNWEhrbu2ipAMvDkaoRarfXHWRf7vJw+pA9+wZQpx94wiSClEI2l VwAAeTDR7J9IxdRRF36LZ4d8+hyjwcpa2HZnVQtOoCGP+9xb0VitV/14ZFE7a5WS kd4dxSc/tS6pEt9BThvmlvRwS5T+t2bcJdS+G6SU29J/ARDFagCL0um/LoW1Hrv/ 8LUnKnCruwxv2WOxH+VdRM6hlUu0qZd25G+LHTxk9lXLRspkDawd6X8XMb1bX3bG XI8eeNb8EfWLRV9VmV+P/gJ/8A25JKXdtgXVz+Gyp1o1zbMK+AlV7SghN6dAYGBj U9HC17cTa9MLoiww8ymjog== =sa7X -----END PGP MESSAGE-----
  8. Not if YOU do not control the encryption - and be shure YOU have set it up right. It doesn't matter wich service you choose, they are all safe, more or less, or not For excample: if you use veracrypt with high encryption you can store data on NSA file servers - may be they will be read the data in about 2.000 years You have to understand that it is a difference to send data via a safe (encrypted) connection (so aMan In The Middle can't read this transfer) or you encrypt the data before you give it away. In all cases, if you whish that the data is readable on the other side: IT IS UNSAFE (because you give it away and do not know what is done with it). This is so here in internet, the normal living...
  9. That is a normal behavior, if the service (server) you will connect to has a certificate chain where you have deleted the root or intermediate certificate. So the connection is unsafe and will not established. This is the way it works...
  10. I don't want to exaggerate now, but if you are so insecure and already want to delete certificates, then you should strictly avoid the Internet. Alternatively, only separate, secure end-to-end encryption of all data transfers that you control all by yourself would remain. You are not fully secure on internet, it was so and it will be so in future.
  11. Thomas S.

    Python 3.5 Runtime Redistributable backported to XP

    Just in this moment I was looking at this post https://github.com/pyca/cryptography/issues/4011#issuecomment-389711206. I think it is a problem with missing OpenSSL libraries which are not in the cryptography package.
  12. Thomas S.

    Python 3.5 Runtime Redistributable backported to XP

    At this time I don't know exact what the problem is. I compile a updated version of HTTPSProxy under Python 3.4.4 to a little suite for XP (see my signature) and found that the package "cryptography v2.5" results in this error. So I step back to "cryptography v2.4.2" an it works OK.
  13. Thanks! At last I have solved all problems, don't know right what the problem with Office 2010 was. May be that one update was not installed OK. All is set as here discussed and works well. Works here OK.
  14. NO! Already done and work well. Makes no difference in this case.
  15. Sorry for delayed answer YES, if I use http (http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=de) NO if same link as httpS (https://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=de) In the last case I get a stop "Es besteht ein Problem mit dem Sicherheitszertifikat der Website" (certifikate error). If I disable the internet security option "Auf gesperrte Serverzertifikate prüfen" (Check on locked server certificates) it works immediatly without error, NO restart of IE8 needed, only reload the site. HTTP as good as HTTPS. Using the HTTPSProxy or not makes no difference. I have tried the httpS link in Firefox, and it give me the same warning, don't connect. Then I look at certificate locked in FF, copied the certificate and prooved it as "MS_Update.cer" into windows direct. IT IS VALID and points to www.update.microsoft.com I think that there is indeed a malconfiguration on server side. If the certificate is valid, why locked FF the link? The certificate is VALID... May be a intermediate certificate is missing in FF cert store, but this is only a suggestion. To much to research. At this point I am not going through the whole update, there is another problem with Office 2010 behind kb4461614 / kb4462174, without these update I can't run Office too!!!!! Must be a second problem... Certificate: MS_Update.cer