Sampei.Nihira Posted April 13, 2019 Share Posted April 13, 2019 2 hours ago, DanR20 said: Instead of creating a new profile I just made a copy of the one from Thunderbird 52.9 then opened MailNews using that. The only problem I ran into was it wanted an older version of Lightning but everything else worked good. Thunderbird 52.9.1 was released on 10 July 2018. I believe it is necessary to switch to MailNews only for the security fixes applied in all this time. 1 Link to comment Share on other sites More sharing options...
Mathwiz Posted April 14, 2019 Share Posted April 14, 2019 It looks like the K-Meleon file for this week is the same as the file for last week. Link to comment Share on other sites More sharing options...
roytam1 Posted April 14, 2019 Author Share Posted April 14, 2019 7 hours ago, Mathwiz said: It looks like the K-Meleon file for this week is the same as the file for last week. forgot to update link, fixed Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted April 14, 2019 Share Posted April 14, 2019 Setting up multiple accounts (POP and IMAP) with Interlink is too difficult. It will not be my next email client. Link to comment Share on other sites More sharing options...
dmiranda Posted April 14, 2019 Share Posted April 14, 2019 On 4/13/2019 at 12:06 PM, Sampei.Nihira said: Instead of creating a new profile I just made a copy of the one from Thunderbird 52.9 then opened MailNews using that. The only problem I ran into was it wanted an older version of Lightning but everything else worked good. What version Lightning did you install? Link to comment Share on other sites More sharing options...
DanR20 Posted April 14, 2019 Share Posted April 14, 2019 1 hour ago, dmiranda said: What version Lightning did you install? It's not a problem anymore. The Lightning version on TB 52.9 is 5.4.9 and when I opened mailnews with the TB profile it wanted an older version of 3.00 something. But that was from a mailnews version a few weeks ago. I tried the latest one from last Friday and 5.4.9 was working and it didn't ask for an older version. There's also a new addon: google calender, which was disabled. Link to comment Share on other sites More sharing options...
dmiranda Posted April 15, 2019 Share Posted April 15, 2019 (edited) The new versions of serpent and PM28 broke the archive interface of addon zotero 4.0.29.14. The addon works, but it does not load the archives in the zotero database collection and subcollections (so it saves new items fine, but the collection and subcollections seem to be empty. It works well in the last version of PM27. And it did work on previous versions of PM28 and Serpent. Both allow to see and edit saved items in the zotero database collection and subcollections, even when entering with PM28 and Serpent (last version. On 4/14/2019 at 5:29 PM, dmiranda said: There's also a new addon: google calender, which was disabled. I am trying the addon provider_for_google_calendar-4.4.2-sm+tb from the interlink addon page. I almost got it working, but since I filter bogon and big (technological) brothers' packets, I am still unable to sync with my big (technological) brother's calendar. A few more tweaks on filtering, I hope. Edited April 16, 2019 by dmiranda Link to comment Share on other sites More sharing options...
dmiranda Posted April 16, 2019 Share Posted April 16, 2019 I am having an issue that I do not know if applies only to me. For some reason, Serpent [but not only Serpent] - especially plugin-container.exe - keeps phoning from different bogus 192.168.x.x:[multiple ports] to IP 192.16.58.8, an IP that may be associated to oscp digicert. Now, I do not allow oscp checking (right or wrong, I check validity of certificates through EFF), and through different means I filter http and tcp connections I am not comfortable with. Since at least some past "incidents", this bugger IP keeps appearing in my logs. Has anyone observed something similar to that? I understand this may not be related to Serpent (it also happens with mailnews), so this may not be the best thread -or forum- to put this forward. But I wanted to check here first. Thanks. Link to comment Share on other sites More sharing options...
roytam1 Posted April 16, 2019 Author Share Posted April 16, 2019 42 minutes ago, dmiranda said: I am having an issue that I do not know if applies only to me. For some reason, Serpent [but not only Serpent] - especially plugin-container.exe - keeps phoning from different bogus 192.168.x.x:[multiple ports] to IP 192.16.58.8, an IP that may be associated to oscp digicert. Now, I do not allow oscp checking (right or wrong, I check validity of certificates through EFF), and through different means I filter http and tcp connections I am not comfortable with. Since at least some past "incidents", this bugger IP keeps appearing in my logs. Has anyone observed something similar to that? I understand this may not be related to Serpent (it also happens with mailnews), so this may not be the best thread -or forum- to put this forward. But I wanted to check here first. Thanks. if this happens in plugin-container.exe, then that is plugins(flash/sliverlight/adobe primetime/etc.) doing this, but not NM/BK. Link to comment Share on other sites More sharing options...
Mathwiz Posted April 16, 2019 Share Posted April 16, 2019 ocsp.digicert.com resolves to 72.21.91.29. No idea what 192.16.58.8 is but the 192.16 block is owned by MCI. I know that doesn't help much I suppose you could block access to that IP with Windows Firewall, or your router, and see what breaks. Link to comment Share on other sites More sharing options...
dmiranda Posted April 17, 2019 Share Posted April 17, 2019 (edited) 18 hours ago, roytam1 said: if this happens in plugin-container.exe, then that is plugins(flash/sliverlight/adobe primetime/etc.) doing this, but not NM/BK. True that. I believe it is a classic flash related con/bug. 13 hours ago, Mathwiz said: ocsp.digicert.com resolves to 72.21.91.29. No idea what 192.16.58.8 is but the 192.16 block is owned by MCI. I know that doesn't help much I suppose you could block access to that IP with Windows Firewall, or your router, and see what breaks. I had it blocked - I noticed it by looking at logs of blocked TCP (6) and UDP entries in software I use to filter. Nothing breaks on my usual surfing by blocking this IP. As per the connection to digicert, the IP comes from verizon (https://www.abuseipdb.com/check/192.16.58.8), but I understand it is managed by digicert, on behalf of symantec (https://websitesecurity.status.digicert.com/incidents/zgkhb3frmy29) and others, including MCI (https://www.threatminer.org/host.php?q=192.16.58.8) - for multiple appearances (the most interesting beginning from link 15 onwards, give or take a few) see https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=192.16.58.8+digicert&btnG=Google+Search&gbv=2&oq=&gs_l= I just want to know if it is me all alone. Anyone has seen that IP in logs? Edited April 17, 2019 by dmiranda Link to comment Share on other sites More sharing options...
Mathwiz Posted April 17, 2019 Share Posted April 17, 2019 10 hours ago, dmiranda said: I believe it is a classic flash related con/bug.... Nothing breaks on my usual surfing by blocking this IP. From your description, it does sound like a tracking site. I haven't seen it myself but I normally surf with Flash disabled and only enable it when necessary (increasingly rare). Flash objects are almost like their own Web pages that can use Flash as another, less secure, Web browser on your system; one that leaks a lot of info. Ironic, to say the least, that it's the one NPAPI plug-in that modern FF still allows. I guess Adobe's big enough that Mozilla's rules about proper add-on behavior don't apply to them. Link to comment Share on other sites More sharing options...
Dave-H Posted April 17, 2019 Share Posted April 17, 2019 I guess Mozilla had to maintain support because a huge number of sites still use Flash unfortunately, including many where it's not at all obvious why! When I have the Flash plugin set to "ask to activate" on Firefox, loads of sites, including online banking sites, ask if they can run it. When I allow it, often nothing seems to actually change, so what the Flash plugin is actually doing must be well hidden! Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted April 17, 2019 Share Posted April 17, 2019 @roytam1 I don't think this add-on works. Some advice? TH. Link to comment Share on other sites More sharing options...
Mathwiz Posted April 17, 2019 Share Posted April 17, 2019 4 hours ago, Dave-H said: I guess Mozilla had to maintain support because a huge number of sites still use Flash unfortunately, including many where it's not at all obvious why! When I have the Flash plugin set to "ask to activate" on Firefox, loads of sites, including online banking sites, ask if they can run it. When I allow it, often nothing seems to actually change, so what the Flash plugin is actually doing must be well hidden! That's a nicer way of saying it, I suppose. Even Mozilla can't get rid of it because there are several sites that haven't been rewritten to use HTML5 equivalents yet; until that happens, those sites, and the folks who use them, still need Flash. It has several privacy exposures though; e.g., it has its own cookies, and unlike your browser, there are no "add-ons" for Flash (although I think there are standalone apps that can help manage Flash cookies); and it exposes all your installed fonts, which was innocent enough until fingerprinting (even across browsers on the same machine) became a thing. 1 Link to comment Share on other sites More sharing options...
Recommended Posts