Jump to content

NotHereToPlayGames

Member
 View Profile  See their activity

  • Posts

    5,137

  • Joined

  • Last visited

  • Days Won

    83

  • Donations

    0.00 USD 

  • Country

    United States

 Content Type 

Everything posted by NotHereToPlayGames

  1. NotHereToPlayGames
    Chrome/Chromium has used an internal cert store in addition to the OS cert store since v105 and it has been enabled by default since v108. To the best of my knowledge, I do think that Official Chrome, Official Ungoogled Chromium, Supermium, and Thorium all fetch these as opposed to them being "bundled". I'll concede to anyone much more in-the-know. My only intent was to demonstrate that the same EXACT browser in XP will not have the same level of security as it does in 10. ECC cert shortcomings in XP has been known for a VERY long time. It is nice to see the backport cited a few posts ago, so that SHORTCOMING is being addressed. XP cert store cannot "do" ECC. But as demonstrated, Mypal only performs this because it is not using the XP cert store. How Supermium is performing this is a NIGHTMARE to figure out, it is simply UNSTABLE and pegs my CPU at 100%, crashes too often, et cetera, for me to have the patience to even ATTEMPT to sort it out.
  2. NotHereToPlayGames
    Heck No! But if we are to truly be "fair and consistent", we should fine-tooth-comb Supermium and Thorium equally and not assume either to be safer than the other.
  3. NotHereToPlayGames
    IMPLIED. But sure, I should have clarified that "WinXP" was referring to WinXP's cert store. SEMANTICS.
  4. NotHereToPlayGames
    Technically, I'm not a fan of INTERNAL cert stores. TRUST ME, it is EXTREMELY easy to release a web browser who's address bar ALWAYS ALWAYS ALWAYS shows a "secure padlock" with made-up details to lead the user into a FALSE sense of "security". We do have MSFN Members that would not be fooled, but trust me, it is EXTREMELY easy to do. And several HUNDRED members here would never know - not until the small handful of a half a dozen or so showed up and pointed it out.
  5. NotHereToPlayGames
    We are mixing apples and oranges. Mypal uses an INTERNAL cert store to pass ECC on XP. Supermium uses an INTERNAL cert store (hidden from the user as far as I can tell) to pass ECC on XP. 360Chrome fails ECC on XP because its INTERNAL cert store does not contain the same INTERNAL certs as Mypal or Supermium. This has actually always been one of the ADVANTAGES of Mozilla-based browsers - a cert store fully INDEPENDENT of the OS it is ran on because the cert store is INTERNAL to the browser itself. Update the browser, you update the cert store. No need for threads like this because the cert store is updated when the browser is updated, keep the OS as old and ancient as you want, you're not using the OS cert store.
  6. NotHereToPlayGames
    No clue without debugging their code. While 360Chrome is transparent and open and will SHOW you its INTERNAL certificates, Supermium and Thorium both HIDE their INTERNAL certificates and only take you to a "support.google.com" page if you ATTEMPT to view them!
  7. NotHereToPlayGames
    Looks promising.
  8. NotHereToPlayGames
    The DHL cert is "secure" in XP because it is NOT using Elliptic Curve.
  9. NotHereToPlayGames
  10. NotHereToPlayGames
    It's not the "encryption" you are failing, it is the "algorithm" that you are failing. WinXP can not, under any circumstance, be made compatible with Elliptic Curve key algorithm certificates. Period. The E1 cert is your issue, each and every web site that has been cited in this thread that is not reported as "secure" in the web browser's address bar is using E1. You will NEVER get this E1 certificate to show up as "secure" in XP.
  11. NotHereToPlayGames
    We have to assume that you are using One-Core API, correct?
  12. NotHereToPlayGames
    Mozilla does not use XP's cert store. This thread updates XP's cert store and will not affect any browser's INTERNAL cert store, it will only effect the OS cert store. Two different stores entirely.
  13. NotHereToPlayGames
    Guys, sorry for the late arrival. There is a lot of true info in these recent posts, there is also a lot of misleading half-truths. I shall attempt to clear the air, but sometimes that is impossible here at MSFN when people doing the discussing already have preconceived notions (which may result in this being my ONLY reply to these recent posts). I speak solely towards my 360Chrome v13.5.1030 Redux as that is the only version I still use. My other versions "should" be the same in this regard. First, yes, it is "true" that iTrusChina Co.,Ltd. is LISTED in the Trusted Certificates Store - that is not the same thing as saying it is being "used" by 360Chrome. The USE of this certificate is "supposed to be" BROKEN in my builds. Now then, with that said, how do we PROVE that the USE of this cert is BROKEN? You must must must first locate a web site that USES that cert! https://valid-isrgrootx2.letsencrypt.org/ does NOT use that cert - it uses "E1". More importantly, it uses "ECDHE_ECDSA" as the key exchange mechanism - this is not compatible with WinXP and cannot be made compatible with WinXP. My 360Chrome is "secure" for this E1 cert using ECDHE_ECDSA because this is on WINDOWS 10 and not XP!
  14. NotHereToPlayGames
    I'll try that over the weeknd. Thanks.
  15. NotHereToPlayGames
    I only tried the 1.16.4.35, have not tried the 1.16.6b1 (not sure I've heard of it until just now).
  16. NotHereToPlayGames
    Hmm, interesting. In Chromium, I do not get a "next video preview" blob, it just goes from one video to the next without any "interstitial". A much more enjoyable YouTube'ing experience, I guess I will have to stick with Chromium over Mozilla for YouTube.
  17. NotHereToPlayGames
    Those are just one example. I also get a "WIX" ad if I try to rely on uBO only. The "WIX" ad is just a picture, not a video, with a "Skip Ad" button in the corner. uBO will show this PICTURE and sit there, and sit there, and sit there, for WAY too long. Eventually it will disappear on its own, without clicking the "Skip Ad", but just that it sits there, and sits there, and sits there means uBO didn't "block" it. Which AdBlock did you try? There are TONS of them it seems and I've only had success with TWO of them. One auto-updates each and every time you launch your browser - strong dislike for my needs. That was this one -- https://chromewebstore.google.com/detail/adblock-plus-free-ad-bloc/cfhdojbkjhnklbpkdaibdccddilifddb This is the one that I am using and it is doing everything I need it to do, but I technically run this side-by-side uBO. Here -- https://chromewebstore.google.com/detail/adblock-%E2%80%94-best-ad-blocker/gighmmpiobklfepjocnamgkkbiglidom I use one-and-only-one filter list in "AdBlock -- best ad blocker": I use only five lists in uBO. Most (if not all, I forget now) are actually "default" uBO lists, they are listed in the "Custom" section because of the way I build my profile.
  18. NotHereToPlayGames
  19. NotHereToPlayGames
    Newest PM28, newest uBO Legacy mod, updated default lists, added the two lists mentioned in our other OT discussion. This video show ads for me in UXP PM28 whereas my Chromium setup does not. https://www.youtube.com/watch?v=b-lUGSJ9kiE Maybe you don't call this an "ad", maybe technically it isn't, but it is an "annoyance" and my Chromium setup blocks this "pos" - Play the video all the way through, without fast-forwarding, these are most definitely ads and my Chromium setup blocks them (but requires two ad blockers working side-by-side) -
  20. NotHereToPlayGames
    I shall move this discussion to your uBO Legacy extension thread. I am seeing "ads" in UXP PM28.
  21. NotHereToPlayGames
    Whoala, we clearly can't call Thorium a clone of Supermium.
  22. NotHereToPlayGames
    I definitely do here! I've reverted to using "AdBlock — best ad blocker" running ONE list in conjuction with uBO running only FIVE lists. The "AdBlock — best ad blocker" apparently blocks YouTube ads differently because uBO will SHOW the ad for a split second, if not more, before skipping the ad. uBO will prevent the ad from PLAYING but it still SHOWS the ad. At least for Chromium-based.
  23. NotHereToPlayGames
    Okay, working now. (sorry for the derail, lol) Using uBO only (instead of that extra ad blocker) enables me to prevent my lists from AUTO-UPDATING. I prefer to MANUALLY update my lists (auto-updates will "flag" IT at work).
  24. NotHereToPlayGames
    Thanks. I definitely need to experiment. I build my profile here at home and use my fully portable profile also at work. I only use YouTube at work for "background noise". Work computer will let me run my portable browser, but it somehow blocks installing extensions directly, so I install them at home and zip-and-send the whole browser.
  25. NotHereToPlayGames
    I definitely prefer NOT to. I'll keep experimenting. I was really attempting to AVOID having a GIGANTIC number of lists (ie, I was trying to keep the number lists UNDER SIX).
×
×
  • Create New...