NotHereToPlayGames
Content Type
Profiles
Forums
Events
Posts posted by NotHereToPlayGames
-
-
25 minutes ago, 66cats said:
Are you suggesting that win32 is doing this?
Heck No! But if we are to truly be "fair and consistent", we should fine-tooth-comb Supermium and Thorium equally and not assume either to be safer than the other.
0 -
43 minutes ago, AstroSkipper said:
This statement does not refer to any cert stores.
IMPLIED. But sure, I should have clarified that "WinXP" was referring to WinXP's cert store. SEMANTICS.
0 -
Technically, I'm not a fan of INTERNAL cert stores.
TRUST ME, it is EXTREMELY easy to release a web browser who's address bar ALWAYS ALWAYS ALWAYS shows a "secure padlock" with made-up details to lead the user into a FALSE sense of "security".
We do have MSFN Members that would not be fooled, but trust me, it is EXTREMELY easy to do.
And several HUNDRED members here would never know - not until the small handful of a half a dozen or so showed up and pointed it out.
0 -
We are mixing apples and oranges.
Mypal uses an INTERNAL cert store to pass ECC on XP.
Supermium uses an INTERNAL cert store (hidden from the user as far as I can tell) to pass ECC on XP.
360Chrome fails ECC on XP because its INTERNAL cert store does not contain the same INTERNAL certs as Mypal or Supermium.
This has actually always been one of the ADVANTAGES of Mozilla-based browsers - a cert store fully INDEPENDENT of the OS it is ran on because the cert store is INTERNAL to the browser itself.
Update the browser, you update the cert store. No need for threads like this because the cert store is updated when the browser is updated, keep the OS as old and ancient as you want, you're not using the OS cert store.
1 -
53 minutes ago, 66cats said:
How do Chrome-based browsers like Supermium figure into this? Or am i misunderstanding something?
Edit: here's deepl.com.
No clue without debugging their code.
While 360Chrome is transparent and open and will SHOW you its INTERNAL certificates, Supermium and Thorium both HIDE their INTERNAL certificates and only take you to a "support.google.com" page if you ATTEMPT to view them!
1 -
13 minutes ago, AstroSkipper said:
And what about that? A Windows port of the Elliptic Curve Cryptography library (ECC-LIB): https://github.com/argp/ecc-lib-win32
Looks promising.
1 -
The DHL cert is "secure" in XP because it is NOT using Elliptic Curve.
0 -
-
2 hours ago, Anbima said:
But it must be due to the certificate.
I have two sites with the same encryption and one works and the other does not.It's not the "encryption" you are failing, it is the "algorithm" that you are failing.
WinXP can not, under any circumstance, be made compatible with Elliptic Curve key algorithm certificates. Period.
The E1 cert is your issue, each and every web site that has been cited in this thread that is not reported as "secure" in the web browser's address bar is using E1.
You will NEVER get this E1 certificate to show up as "secure" in XP.
0 -
On 4/19/2024 at 7:49 AM, FranceBB said:
No problem on Chromium 108.0.5359.125 (Developer Build) (32-bit) on my Windows XP x86:
We have to assume that you are using One-Core API, correct?
2 -
1 hour ago, Anbima said:
If the problem is XP, why does it work with an older MyPal 28.3?
Mozilla does not use XP's cert store.
This thread updates XP's cert store and will not affect any browser's INTERNAL cert store, it will only effect the OS cert store.
Two different stores entirely.
2 -
Guys, sorry for the late arrival.
There is a lot of true info in these recent posts, there is also a lot of misleading half-truths.
I shall attempt to clear the air, but sometimes that is impossible here at MSFN when people doing the discussing already have preconceived notions (which may result in this being my ONLY reply to these recent posts).
I speak solely towards my 360Chrome v13.5.1030 Redux as that is the only version I still use. My other versions "should" be the same in this regard.
First, yes, it is "true" that iTrusChina Co.,Ltd. is LISTED in the Trusted Certificates Store - that is not the same thing as saying it is being "used" by 360Chrome.
The USE of this certificate is "supposed to be" BROKEN in my builds.
Now then, with that said, how do we PROVE that the USE of this cert is BROKEN?
You must must must first locate a web site that USES that cert!
https://valid-isrgrootx2.letsencrypt.org/ does NOT use that cert - it uses "E1".
More importantly, it uses "ECDHE_ECDSA" as the key exchange mechanism - this is not compatible with WinXP and cannot be made compatible with WinXP.
My 360Chrome is "secure" for this E1 cert using ECDHE_ECDSA because this is on WINDOWS 10 and not XP!
3 -
18 minutes ago, AstroSkipper said:
One way is to use the extension uTube from RealityRipple Software for UXP browsers.
I'll try that over the weeknd. Thanks.
1 -
1 hour ago, AstroSkipper said:
uBlock Origin 1.16.6b1 or uBlock Origin Legacy 1.16.4.35
I only tried the 1.16.4.35, have not tried the 1.16.6b1 (not sure I've heard of it until just now).
0 -
Hmm, interesting. In Chromium, I do not get a "next video preview" blob, it just goes from one video to the next without any "interstitial".
A much more enjoyable YouTube'ing experience, I guess I will have to stick with Chromium over Mozilla for YouTube.
0 -
Those are just one example. I also get a "WIX" ad if I try to rely on uBO only. The "WIX" ad is just a picture, not a video, with a "Skip Ad" button in the corner.
uBO will show this PICTURE and sit there, and sit there, and sit there, for WAY too long. Eventually it will disappear on its own, without clicking the "Skip Ad", but just that it sits there, and sits there, and sits there means uBO didn't "block" it.
Which AdBlock did you try? There are TONS of them it seems and I've only had success with TWO of them.
One auto-updates each and every time you launch your browser - strong dislike for my needs.
That was this one -- https://chromewebstore.google.com/detail/adblock-plus-free-ad-bloc/cfhdojbkjhnklbpkdaibdccddilifddbThis is the one that I am using and it is doing everything I need it to do, but I technically run this side-by-side uBO.
Here -- https://chromewebstore.google.com/detail/adblock-%E2%80%94-best-ad-blocker/gighmmpiobklfepjocnamgkkbiglidomI use one-and-only-one filter list in "AdBlock -- best ad blocker":
I use only five lists in uBO. Most (if not all, I forget now) are actually "default" uBO lists, they are listed in the "Custom" section because of the way I build my profile.
0 -
-
Newest PM28, newest uBO Legacy mod, updated default lists, added the two lists mentioned in our other OT discussion.
This video show ads for me in UXP PM28 whereas my Chromium setup does not.
https://www.youtube.com/watch?v=b-lUGSJ9kiE
Maybe you don't call this an "ad", maybe technically it isn't, but it is an "annoyance" and my Chromium setup blocks this "pos" -
Play the video all the way through, without fast-forwarding, these are most definitely ads and my Chromium setup blocks them (but requires two ad blockers working side-by-side) -
0 -
7 hours ago, AstroSkipper said:
Nevertheless, provide a link to the YouTube video where ads are still shown despite blocking by uBO!
I shall move this discussion to your uBO Legacy extension thread. I am seeing "ads" in UXP PM28.
0 -
Whoala, we clearly can't call Thorium a clone of Supermium.
2 -
13 minutes ago, AstroSkipper said:
I can't notice any serious impact
I definitely do here!
I've reverted to using "AdBlock — best ad blocker" running ONE list in conjuction with uBO running only FIVE lists.
The "AdBlock — best ad blocker" apparently blocks YouTube ads differently because uBO will SHOW the ad for a split second, if not more, before skipping the ad.
uBO will prevent the ad from PLAYING but it still SHOWS the ad.
At least for Chromium-based.
0 -
Okay, working now. (sorry for the derail, lol)
Using uBO only (instead of that extra ad blocker) enables me to prevent my lists from AUTO-UPDATING.
I prefer to MANUALLY update my lists (auto-updates will "flag" IT at work).
0 -
13 minutes ago, UCyborg said:
When it comes to uBO's default lists, most YouTube filtering is taken care of from uBlock filters – Ads
Thanks. I definitely need to experiment. I build my profile here at home and use my fully portable profile also at work. I only use YouTube at work for "background noise".
Work computer will let me run my portable browser, but it somehow blocks installing extensions directly, so I install them at home and zip-and-send the whole browser.
0 -
6 hours ago, AstroSkipper said:
I would never use two ad blockers at once.
I definitely prefer NOT to. I'll keep experimenting. I was really attempting to AVOID having a GIGANTIC number of lists (ie, I was trying to keep the number lists UNDER SIX).
0
Root Certificates and Revoked Certificates for Windows XP
in Windows XP
Posted
Chrome/Chromium has used an internal cert store in addition to the OS cert store since v105 and it has been enabled by default since v108.
To the best of my knowledge, I do think that Official Chrome, Official Ungoogled Chromium, Supermium, and Thorium all fetch these as opposed to them being "bundled".
I'll concede to anyone much more in-the-know.
My only intent was to demonstrate that the same EXACT browser in XP will not have the same level of security as it does in 10.
ECC cert shortcomings in XP has been known for a VERY long time.
It is nice to see the backport cited a few posts ago, so that SHORTCOMING is being addressed.
XP cert store cannot "do" ECC. But as demonstrated, Mypal only performs this because it is not using the XP cert store.
How Supermium is performing this is a NIGHTMARE to figure out, it is simply UNSTABLE and pegs my CPU at 100%, crashes too often, et cetera, for me to have the patience to even ATTEMPT to sort it out.