D.Draker
Content Type
Profiles
Forums
Events
Posts posted by D.Draker
-
-
6 hours ago, Dave-H said:
My Catroot folder's {F750E6C3-38EE-11D1-85E5-00C04FC295EE} subfolder has only 6 files in it.
Could this be of help?
https://mywindowshub.com/what-are-catroot-and-catroot2-folders-how-to-reset-the-folder/
3 -
3 hours ago, Dave-H said:
*.cat files
Forgive me for such a simple explanation, I'm sure you know that already, *cat files are issued by drivers manufacturers, and Windows needs to run them by the MS Authority certs to make sure they are the legit WHQL ones. That's how it works.
EDIT (how to make your own *cat):
https://superuser.com/questions/515653/how-can-i-create-security-catalog-cat-file
4 -
On 4/3/2024 at 4:17 PM, Karla Sleutel said:
MsQuic is supported on "Operating system: Windows 11 and later"
https://en.wikipedia.org/wiki/MsQuic
I'm just guessing. Probably they also added the support in the latest Win 10 updates? Though, no precise info about it.
Anyways, it won't matter since Chrome itself supports QUIC for a t least several years.
3 -
3 hours ago, Dave-H said:
Thanks @D.Draker.
I'm a bit confused here though (not for the first time!)
Isn't that to do with the Root Certificates, which are up-to-date on my machine?
Installing that certificate is surely not going to reinstall the missing *.cat files?
You're welcome, Dave, those were needed for XP/Vista when the prompt about unsigned HD drivers (Intel) was driving people nuts.
Some even used that Authority to install Net framework 4.0 or updates. It's a basic, important set of MS certs. Probably yours were damaged, leading to that annoying prompt.
Anyways, it won't hurt your system. The link is official. Needs to run as admin.
3 -
On 4/2/2024 at 6:17 PM, NotHereToPlayGames said:
Perhaps it's your ISP?
ISP has nothing to do with it.
QUIC works through UDP, ISP won't block UDP for obvious reasons.
1 -
Probably this one will work.
"Hi my name is Ross, I don't specially know which version is required, however you can install this manually if needed, just download the certificate from Microsoft":
2 -
4 hours ago, Dave-H said:
My Catroot folder's {F750E6C3-38EE-11D1-85E5-00C04FC295EE} subfolder has only 6 files in it.
The equivalent one on my other XP installation on my netbook has 668 files in it, including NT5.cat and SP3.cat, which are completely missing on the main machine!Some time ago there was a topic with those backed up files, but got deleted/locked very soon. It restored all of the original Microsoft certificate authority to the state of 2011 (XP).
2 -
4 hours ago, Sampei.Nihira said:
Unfortunately, MSQUIC is also supported by recent operating systems.
Yes, this is very unfortunate. They would be more secure otherwise.
6 -
3 hours ago, NotHereToPlayGames said:
I cannot find a QUIC connection anywhere, at home or at work. I've done nothing to disable QUIC in the test profile.
The same here, no sites use it. I removed thee disable flag and tried several "modern" ones that I could think of.
1 -
6 hours ago, Sampei.Nihira said:
With this post my intervention is definitely concluded.
Good luck for your poll.
Thank you!
1 -
347.88 last stable driver for GT610 (also kepler, just like GT 710)
2 -
On 3/28/2024 at 9:15 AM, EliraFriesnan said:
I'm now worried sick after I read that! I had sensitive pics on that phone with tick-tock.
Was the location tag off?
2 -
3 hours ago, Sampei.Nihira said:
Are you aware that in Chromium-based browsers you have to select "disabled" to not use (client-side) the QUIC protocol?
It is not enough to leave the "default" setting.I don't rely on "user allowed" settings as they come back to default each time when a new profile is made, so I use it via cmd --disable-quic , without quotes of course.
5 -
3 hours ago, NotHereToPlayGames said:
I do agree, unsafe, not for me. Don't care if it's Google QUIC or non-Google QUIC - neither is for me.
Thank you for your honest opinion! I'm outta likes for today, unfortunately, that's why I write this in plain words.
Glad to be of help, that's the reason I made this topic.
3 hours ago, NotHereToPlayGames said:But no, I did not vote, nor plan to.
It would still be helpful if you voted.
5 -
3 hours ago, NotHereToPlayGames said:
The voting is 100% (at time of post) "I don't, and not going to. I think it's unsafe." so doesn't that tell us that you have both voted the same exact "it's unsafe"?
Don't agree? You're very welcome to vote for No.1 or whatever you like.
1 -
3 hours ago, NotHereToPlayGames said:
I'm not quite understanding the underlying hostility?
Please specify, where do you see "hostility" from my side? In that article, provided by the actually hostile member, which I merely quoted, the developer himself points out to severe flaws, and I only quoted one.
Besides, I made the topic about Google's QUIC implementation, which is clearly shown in the title, not Forefox. Strange you both still didn't read the title.
1 -
3 hours ago, Sampei.Nihira said:
The person who wrote the article is a Mozilla engineer.
Are you aware that in Firefox,the QUIC protocol is enabled by default?This topic is about Google's QUIC implementation, which is clearly shown in the title, yet it obviously doesn't prevent you from posting off-topic and insulting, all as usual with your posts.
5 -
8 hours ago, Sampei.Nihira said:
If you can't make it out what is written don't waste your time rebutting
And say thank you once in a while.
No matter your mood, you're demanded to be respectful on the forum.
https://msfn.org/board/guidelines/
And stop insulting once in a while.
7.b This community is built upon mutual respect. You are not allowed to flame other members. People who do not respect personal opinions and/or personal work will be warned in first instance.
If you ignore the warning and keep on flaming, you will be banned without notice.
You ignored that rule 75389623702702037 times.
8 hours ago, Sampei.Nihira said:I will not provide any elucidation because that would be wasting my valuable time.
Good, less dangerous advice.
Don't like my topics? Ignore.
4 -
7 hours ago, Sampei.Nihira said:
Read this instead of your generic article:
Are you sure you read that article yourself? Doesn't look like it.
"21.5.5. Request Forgery with Version Negotiation
"Clients that are able to present a spoofed source address on a packet
can cause a server to send a Version Negotiation packet
(Section 17.2.1) to that address.
The absence of size restrictions on the connection ID fields for
packets of an unknown version increases the amount of data that the
client controls from the resulting datagram. The first byte of this
packet is not under client control and the next four bytes are zero,
but the client is able to control up to 512 bytes starting from the
fifth byte.
No specific countermeasures are provided for this attack, though
generic protections (Section 21.5.6) could apply. In this case,
ingress filtering [BCP38] is also effective."
1 -
5 hours ago, Sampei.Nihira said:
A great many websites use QUIC.
Not MSFN.And MSFN is absolutely right!
1 -
"While touted as an alternative to TCP, QUIC poses several security concerns for network operators. Standard network security appliances cannot easily identify QUIC traffic, which makes this network protocol vulnerable to cyber criminal activity."
"Why do Network Security Teams Not Like Google QUIC?
Despite its perceived positives, QUIC could inadvertently have a negative impact on network security. That’s because security appliances like firewalls and network sensors typically are not able to access information they had previously relied on with legacy TCP sessions. This creates a ‘black hole’ that hackers can exploit.
Here’s the main problem: Standard network security devices can’t determine the QUIC application protocol, viewing it like layer 4 UDP traffic. While browsers and supported web servers can differentiate between QUIC traffic and other traffic, standard network security like firewalls can’t.
This means firewalls are less effective at detecting incoming threats, putting network security at risk. To complicate the challenge for cyber threat hunters, Google revises its protocol frequently, and threat detection tools must catch up with these ever-changing standards. There are other issues.
QUIC, similar to TLS 1.3, applies its encryption at the transport layer and not in the higher layers. Hence, it encrypts all transport information, which can virtually eliminate the attack surface that TCP offers. Plus, it’s increasingly difficult to measure and analyze QUIC traffic using reporting tools because, again, firewalls and standard network sensors don’t recognize it. This is a plus for consumer privacy but causes significant challenges for those responsible for protecting our communications networks."
source.
1 -
3 hours ago, Jaguarek62 said:
There are some dell programs and I tried to get them removed, but ultimately was not allowed to do so.
Disable at startup.
2 -
3 hours ago, Jaguarek62 said:
There are some dell programs and I tried to get them removed, but ultimately was not allowed to do so. It seems to be related to the cpu frequency though, cause the cpu is underclocking to 1.1-1.8 Ghz and the temperature is around 40-58 degrees so I don't quite get it.
Nothing surprising, newer laptops are thinner, nowhere to place a somewhat decent cooler. With that technology level, it should be 25 degrees at max!
My Kaby runs idle at 23 and load at 50 max. And those desktop CPUs are known to run hotter. All that with the supplied thin cooler!
3 -
BTW, the CPU is indeed not impressive! Only 29% faster than the cheap 2013 Haswell Pentium.
The Haswell era didn't have that bloated OS at that time, so no surprise at all.
https://cpu.userbenchmark.com/Compare/Intel-Pentium-G3470-vs-Intel-Core-i5-1335U/m28614vsm2065642
4
All System Files Reporting As Being Unsigned [SOLVED]
in Windows XP
Posted
In theory, those that are "oem" .CAT, should be.