NotHereToPlayGames
Content Type
Profiles
Forums
Events
Everything posted by NotHereToPlayGames
-
You can temporarilty change the UA this way - If you want a "permanent" solution, you will need to experiment with extensions. I personally do not bother with UA because the "modern" web does not use them and the UA is "dying" - Firefox removed site-specific UA override in version 71 (December 2019) and Chrome intends to phase it out completely.
-
When you first open 360Chrome, hit the F12 keyboard key then hit the F1 keyboard key. Then select the second option in the very first dropdown - that's how you revert it back to English. This is only a flaw in v13.5 (and newer v13's), none of the versions older than v13 build 2206 do this.
-
Are you using @Humming Owl release? It shouldn't be in Chinese if you are. I also have English releases in a different thread. I suggest trying both.
-
Same here! FF (I should say official Pale Moon, I've actually never liked/used official Firefox) stopped working for me close to a year and a half ago! And each and every one of Roytam's "updates" has made it WORSE (for me, mileage may vary). So I'm waiting very patiently for @feodor2 to release Mypal "2.0". I personally do not want my "browser" remembering passwords and I use this extension instead (I use the older version 9.6.6, unsure what has been added since as they are now at 10.0.10 [not interested, I'll keep the OLD]) - https://chrome.google.com/webstore/detail/autofill/nlmmgnhgdeffjkdckmikfpnddkbbfkkk
-
Some web sites PREVENT saved passwords. Are you not able to save any passwords whatsoever or only not able to on a few web sites? Because if only on a few, then I suspect those web sites are using tricks that PREVENT saved passwords.
-
A different browser. I've never had any luck with it but mainly because my requirements are ONE browser that I can use in XP x86, XP x64, 7 x86, 10 x86, and 10 x64.
-
Here's what JJoe has posted over at TUOPF when the raybuck site came up - So far, I must have the Proxomitron in bypass mode to get past the cloudflare captcha. Once my browsers 'see' the site 'direct', they move to http2, brotli compression, or maybe some other form of transmission that the Proxomitron can't filter for some of the files, which reduces filtering drastically. If I force things back to The Proxomitron, I'm back to the captcha. I haven't had the time or desire to figure this out yet. I kinda need to wait for JJoe on this one but I'll keep digging as part of my learning curve.
-
I'll see what I can find out. This may require JJoe &/or amy over at TUOPF. We now have three test-case URLs because we were already looking at two but have not found a solution yet - https://offerup.com/ https://raybuck.com/firebird-vs-trans-am-history-trivia/ https://support.cloudflare.com/
-
My Browser Builds (Part 3)
NotHereToPlayGames replied to roytam1's topic in Browsers working on Older NT-Family OSes
Me too! Mypal 27 was my default for years. When it stopped working on several finance sites, I had to give it up and migrated to Roytam's builds but that was very short lived, I had to give them up within months. 360Chrome has at least lasted a year-and-a-half and should get me through until Mypal "2.0" arrives. -
My Browser Builds (Part 3)
NotHereToPlayGames replied to roytam1's topic in Browsers working on Older NT-Family OSes
Awesome! Looking forward to it! -
Agreed! I've never seen the keylogging to be "nefarious" (and I've posted that sentiment several times). I kinda feel like those that "do" find it to be "nefarious" that they should just boycott MSFN, why complain about the keylogger but still be here? Let your feet do the talking. That's kinda my thoughts. My biggest reason for bringing Proxomitron back as far as filtering javascript is my credit card and checking account. Everything is done online and I prefer to "reconcile" account statements (which in-and-of-itself is probably "old-school"). I got tired of the nag-screens that would pop up, "You've been idle for too long" and then log me out automatically unless I click to stay logged in. With Proxomitron, I don't get those d#mn nag-screen pop-ups and I can spend 12 minutes to "reconcile" statements instead of the altotted 2 or 4 or whenever those d#mn nag-screens pop up. edit - I just timed one of the accounts, it wants to time-out at 8min 10sec. Probably 8min plus or minus depending on second-hand of the clock. At any rate, with Proxomitron I can take an hour to "reconcile" if I want
-
Yes, that is normal. Proxomitron fakes a referer by default if none is already present or if it is a third-party referer. You can turn this filter off if you don't wish to fake the referer -
-
I wouldn't say "normal" but I would say that it's "good". Don't confuse SSL 3.0 and TLS 1.3. SSL 3.0 should be disabled/deactivated/killed/blocked (it was called a "POODLE" [Padding Oracle On Downgraded Legacy Encryption] attack and it dates back to 2014) whenever possible and the error message you are showing indicates that an SSL 3.0 attempt was blocked (could also be TLS 1.1) - that's good! Sites that even use SSL 3.0 are extremely rare nowadays. If the site still "works", then it has other SSL encryption that it did "accept". Why it tried to "fallback" to SSL 3.0 when nobody uses SSL 3.0 anymore is a mystery.
-
I'm seeing if I can find a non-Proxomitron solution. When it comes to the MSFN keylogger, all we need to do is prevent a specific javascript timer. But we cannot block all timers because then the reply box doesn't "expand" when you click inside the small reply box and it expands into the actual reply box. Proxomitron is smart enough to know which timer to block and which timer not to block. Most of the Tampermonkey solutions block the javascript "event" alongside the javascript "timer". Disregard - Proxomitron is a solution that works for me and it's too time-consuming to reinvent the wheel when I already have a wheel that works for me. Maybe a Tampermonkey / Greasemonkey / Violentmonkey / Userscripts guru will come along and offer something, but that level of scripting is kind of above my head, I can "see" (most of) what existing code does, but I cannot write the code from the ground up.
-
Yeah, I feared that was going to be the case for most folks. That was true in 2004 when I started using it. Still true today even with the "modern web" basically making it more vital than ever before.
-
That is valid for this thread - I personally do not agree with "OT" anywhere, not here, not there, if the conversation leads us here, then it is not "OT". [Well, "within reason", and we all know when "within reason" has been overstepped.] I agree that Firefox and Chrome can tackle CNAME "trickery" differently. What could be "OT" is if the Firefox + UBO method to prevent the CNAME "trickery" can not be ran on "Older NT-Family OSes". I don't run Firefox and I don't run UBO - so I rely on others for that info. I can speak towards XP + 360Chrome + NoScript + uMatrix and that combo has blocked each and every CNAME trickery that has been presented thus far. I have Proxomitron as a fall-back in the event that NoScript + uMatrix isn't going to be enough - but so far those two alone has blocked every CNAME "trickery" we have seen thus far.
-
Blocked without even having to try to block it -- since UBO / uMatrix blocks frames by default (well, my uMatrix does, I guess I cannot remember if that was "default" or not) -
-
@XPerceniol - are you using UBO or uMatrix? If so, visit https://www.mathon.fr and look at the UBO or uMatrix dropdown - Note that in my config, uMatrix "thinks" there is a script being allowed at www.mathon.fr - but they (plural) are in reality being "replaced" by one dummy script by Proxomitron and no scripts are being allowed. But if I allow that script, this is what the dropdown looks like - The key is that 16ao.mathon.fr - it did not actually come from mathon.fr, it arrived through CNAME trickery as a "subdomain". I now block ALL subdomains with my Proxomitron config. This also blocks media.mathon.fr (which I don't care about because it's a French web site that I'll never visit). But I can whitelist the media subdomain while still blocking the 16ao subdomain. Plus, with this approach, I could care less if 16ao changes to 17ao or 19zo or 20az, I could list a thousand, they are blocked by default and I didn't have to wait for a UBO "list" author to find it, update it, and redistribute the "list".
-
Not really. I personally feel VERY strongly that nobody should allow javascript on a web site they have never visited before. Then only allow the javascript on a whitelist basis. We "simply" do one more step - disable ALL subdomains and now only allow subdomains on a whitelist basis. "Zero-Day" virus definitions take DAYS, if not WEEKS, to be discovered, for antivirus developers to create the detection, for that detection to get updated in a database, for the end-user to receive that updated database. DAYS, if not WEEKS, that the end-user was left "naked". Which is how you are at 20,589 rules when the other week it was about 15,000. I guarantee you that the Proxomitron approach will protect you FASTER than "waiting" for your UBO list to find the offense, to update their list, and for your UBO to download that updated list.
-
I've already found half a dozen ways that Proxomitron blocks that CNAME example web site. The Eulerian comment tag, the more generic Analytics comment tag, blocking all scripts by default [something that nobody on the planet should not already be doing by DEFAULT] (SO WHAT if it makes your browsing experience a little less "user-friendly"!), break the "cn+i" portion of the script, break the .location tested against a "list", block all sub-domains unless whitelisted.
-
True. Also note that the only example we have seen thus far is already blocked if you don't allow javascript on https://www.mathon.fr/
-
Nope, not enough. Not to the best of my knowledge. You also need a web browser that supports DNS over HTTPS (DoH) - 360Chrome does not! What do you see when you visit here -- https://1.1.1.1/help
-
I will also point out this - Brave uses an embedded DNS resolver. 360Chrome comes with an embedded DNS resolver but we intentionally disable it. We do not want 360Chrome performing DNS queries so why would Brave users "want" that if it weren't touted as for CNAME purposes? Can Brave users prove that the embedded DNS resolver isn't sending "data" to Brave servers? Hint: the answer is no. I will take the Proxomitron approach
-
Keep "zero-day" in mind. More often than not, people get hit with a "virus" because they encounter them BEFORE their protection software ever heard of it and therefore no reason for them to have included it an their "definition database". Ah ah! Eureka! I will be blocking ALL subdomains using Proxomitron (only "allow" via a whitelist approach)! Not just eulerian. Not just the "twenty six" that the current UBO "list" contains. This way, I am protected from "zero-day" subdomains before the UBO "list" author even realizes that subdomain needs added to his/her "list". Whoala! That solution will work for me
-
Which version of Brave? Will it run on XP? If I can get the exact version of Brave that has an API to reveal CNAME, maybe I can find a way to add that API to 360Chrome.