Jump to content

My Browser Builds (Part 1)


Recommended Posts

2 hours ago, DanR20 said:

Instead of creating a new profile I just made a copy of the one from Thunderbird 52.9 then opened MailNews using that. The only problem I ran into was it wanted an older version of Lightning but everything else worked good.   

Thunderbird 52.9.1 was released on 10 July 2018.

I believe it is necessary to switch to MailNews only for the security fixes applied in all this time.

:hello:

Link to comment
Share on other sites


On 4/13/2019 at 12:06 PM, Sampei.Nihira said:

Instead of creating a new profile I just made a copy of the one from Thunderbird 52.9 then opened MailNews using that. The only problem I ran into was it wanted an older version of Lightning but everything else worked good.   

 

What version Lightning did you install?

Link to comment
Share on other sites

1 hour ago, dmiranda said:

What version Lightning did you install?

It's not a problem anymore. The Lightning version on TB 52.9 is 5.4.9 and when I opened mailnews with the TB profile it wanted an older version of 3.00 something. But that was from a mailnews version a few weeks ago. I tried the latest one from last Friday and  5.4.9  was working and it didn't ask for an older version.

There's also a new addon: google calender, which was disabled.

Link to comment
Share on other sites

The new versions of serpent and PM28 broke the archive interface of addon zotero 4.0.29.14.  The addon works, but it does not load the archives in the zotero database collection and subcollections (so it saves new items fine, but the collection and subcollections seem to be empty. 

It works well in the last version of PM27.  And it did work on previous versions of PM28 and Serpent. Both allow to see and edit saved items in the zotero database collection and subcollections, even when entering with PM28 and Serpent (last version.

 

 

On 4/14/2019 at 5:29 PM, dmiranda said:

There's also a new addon: google calender, which was disabled.

I am trying the addon provider_for_google_calendar-4.4.2-sm+tb from the interlink addon page. I almost got it working, but since I filter bogon and big (technological) brothers' packets, I am still unable to sync with my big (technological) brother's calendar. A few more tweaks on filtering, I hope.

 

 

 

 

 

Edited by dmiranda
Link to comment
Share on other sites

I am having an issue that I do not know if applies only to me. 

For some reason, Serpent [but not only Serpent] - especially plugin-container.exe - keeps phoning from different bogus 192.168.x.x:[multiple ports] to IP 192.16.58.8, an IP that may be associated to oscp digicert.  Now, I do not allow oscp checking  (right or wrong, I check validity of certificates through EFF), and through different means I filter http and tcp connections I am not comfortable with. Since at least some past "incidents", this bugger IP keeps appearing in my logs. Has anyone observed something similar to that?

I understand this may not be related to Serpent (it also happens with mailnews), so this may not be the best thread -or forum- to put this forward.  But I wanted to check here first. Thanks.

Link to comment
Share on other sites

42 minutes ago, dmiranda said:

I am having an issue that I do not know if applies only to me. 

For some reason, Serpent [but not only Serpent] - especially plugin-container.exe - keeps phoning from different bogus 192.168.x.x:[multiple ports] to IP 192.16.58.8, an IP that may be associated to oscp digicert.  Now, I do not allow oscp checking  (right or wrong, I check validity of certificates through EFF), and through different means I filter http and tcp connections I am not comfortable with. Since at least some past "incidents", this bugger IP keeps appearing in my logs. Has anyone observed something similar to that?

I understand this may not be related to Serpent (it also happens with mailnews), so this may not be the best thread -or forum- to put this forward.  But I wanted to check here first. Thanks.

if this happens in plugin-container.exe, then that is plugins(flash/sliverlight/adobe primetime/etc.) doing this, but not NM/BK.

Link to comment
Share on other sites

ocsp.digicert.com resolves to 72.21.91.29.

No idea what 192.16.58.8 is but the 192.16 block is owned by MCI. I know that doesn't help much

I suppose you could block access to that IP with Windows Firewall, or your router, and see what breaks.

Link to comment
Share on other sites

18 hours ago, roytam1 said:

if this happens in plugin-container.exe, then that is plugins(flash/sliverlight/adobe primetime/etc.) doing this, but not NM/BK.

True that. I believe it is a classic flash related con/bug.

 

13 hours ago, Mathwiz said:

ocsp.digicert.com resolves to 72.21.91.29.

No idea what 192.16.58.8 is but the 192.16 block is owned by MCI. I know that doesn't help much

I suppose you could block access to that IP with Windows Firewall, or your router, and see what breaks.

I had it blocked - I noticed it by looking at logs of blocked TCP (6) and UDP entries in software I use to filter. Nothing breaks on my usual surfing by blocking this IP.

As per the connection to digicert, the IP comes from verizon (https://www.abuseipdb.com/check/192.16.58.8), but I understand it is managed by digicert, on behalf of symantec (https://websitesecurity.status.digicert.com/incidents/zgkhb3frmy29) and others, including MCI (https://www.threatminer.org/host.php?q=192.16.58.8) - for multiple appearances (the most interesting beginning from link 15 onwards, give or take a few) see https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=192.16.58.8+digicert&btnG=Google+Search&gbv=2&oq=&gs_l=

I just want to know if it is me all alone. Anyone has seen that IP in logs?

Edited by dmiranda
Link to comment
Share on other sites

10 hours ago, dmiranda said:

I believe it is a classic flash related con/bug.... Nothing breaks on my usual surfing by blocking this IP.

From your description, it does sound like a tracking site.

I haven't seen it myself but I normally surf with Flash disabled and only enable it when necessary (increasingly rare). Flash objects are almost like their own Web pages that can use Flash as another, less secure, Web browser on your system; one that leaks a lot of info. Ironic, to say the least, that it's the one NPAPI plug-in that modern FF still allows. I guess Adobe's big enough that Mozilla's rules about proper add-on behavior don't apply to them.

Link to comment
Share on other sites

I guess Mozilla had to maintain support because a huge number of sites still use Flash unfortunately, including many where it's not at all obvious why!
When I have the Flash plugin set to "ask to activate" on Firefox, loads of sites, including online banking sites, ask if they can run it.
When I allow it, often nothing seems to actually change, so what the Flash plugin is actually doing must be well hidden!
:)

Link to comment
Share on other sites

4 hours ago, Dave-H said:

I guess Mozilla had to maintain support because a huge number of sites still use Flash unfortunately, including many where it's not at all obvious why!
When I have the Flash plugin set to "ask to activate" on Firefox, loads of sites, including online banking sites, ask if they can run it.
When I allow it, often nothing seems to actually change, so what the Flash plugin is actually doing must be well hidden!
:)

That's a nicer way of saying it, I suppose. Even Mozilla can't get rid of it because there are several sites that haven't been rewritten to use HTML5 equivalents yet; until that happens, those sites, and the folks who use them, still need Flash.

It has several privacy exposures though; e.g., it has its own cookies, and unlike your browser, there are no "add-ons" for Flash (although I think there are standalone apps that can help manage Flash cookies); and it exposes all your installed fonts, which was innocent enough until fingerprinting (even across browsers on the same machine) became a thing.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...