apreese16 Posted February 3, 2018 Author Share Posted February 3, 2018 Thanks everyone! I dont have access to my computer right now but tomorrow i will make sure to look into your suggestions. Link to comment Share on other sites More sharing options...
apreese16 Posted February 5, 2018 Author Share Posted February 5, 2018 when I try to delete the registry entry, it gives an error saying "cannot delete PosReady: Error while deleting key" HELP! Link to comment Share on other sites More sharing options...
dencorso Posted February 5, 2018 Share Posted February 5, 2018 If you had read the thread here you'd know that already and also how to solve it. But you really don't need to remove the POSReady hack. What you need is to follow the help you've already been given. Link to comment Share on other sites More sharing options...
Destro Posted February 5, 2018 Share Posted February 5, 2018 Yeah you don't need to delete it, but if you wanted to delete it, you can only delete it, with offline registry modification. It's advanced, in that I think the average user cannot do this but I don't think it is hard to load a registry hive into another OS like by using winpe boot cd or somthing editing it and unloading it. you don't need to do this you just need to read the help people already gave you. Link to comment Share on other sites More sharing options...
apreese16 Posted February 5, 2018 Author Share Posted February 5, 2018 UPDATE: OK, so the updates finally loaded, (after 45 minutes that is, I let it keep loading while watching the super bowl) Updates are now installing, after restart Ill let you all know if I can get tls 1.1 and 1.2 to work. And yes I read through and took the advice given to me by everyone, I just was trying to delete it because I wasn't sure if it would cause other problems with my computer. I wouldn't ignore peoples advice, and that advice was super helpful. Thanks everyone! another update soon. Link to comment Share on other sites More sharing options...
apreese16 Posted February 5, 2018 Author Share Posted February 5, 2018 tls 1.1 and 1.2 working! Wikipedia works! The only things is that they don't show up in "advanced" Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted February 5, 2018 Share Posted February 5, 2018 Can you enter the procedure you followed to get this result? TH. Can you open the website below? https://www.inail.it/cs/internet/home.html Link to comment Share on other sites More sharing options...
roytam1 Posted February 5, 2018 Share Posted February 5, 2018 the biggest issue is that, TLS SNI is missing in XP. Link to comment Share on other sites More sharing options...
apreese16 Posted February 5, 2018 Author Share Posted February 5, 2018 11 hours ago, Sampei.Nihira said: Can you enter the procedure you followed to get this result? TH. Can you open the website below? https://www.inail.it/cs/internet/home.html Just read all the way through page 1. And no I cant open that page, it just keeps loading forever. Link to comment Share on other sites More sharing options...
VistaLover Posted February 6, 2018 Share Posted February 6, 2018 (edited) Some interesting articles people here should read: https://github.com/client9/sslassert/wiki/IE-Supported-Cipher-Suites https://blogs.msdn.microsoft.com/kaushal/2011/10/02/support-for-ssltls-protocols-on-windows/ https://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspx for XP: https://msdn.microsoft.com/en-us/library/windows/desktop/aa380512(v=vs.85).aspx https://msdn.microsoft.com/en-us/library/windows/desktop/aa380124(v=vs.85).aspx (though SSL2/3 should be disabled due to deprecation/vulnerabilities...) In addition to ECC & SNI missing in XP, that others have already mentioned in this thread, recent cipher suites used in TLS 1.1+ are also missing... On 5/2/2018 at 3:48 PM, Sampei.Nihira said: Can you open the website below? https://www.inail.it/cs/internet/home.html That site uses TLS 1.2, TLS_RSA_WITH_AES_256_CBC_SHA256 (suite unavailable in XP); it does open fine in Vista's IE9 with the addition of TLS 1.2 support; likewise, the following site https://mpv.srsfckn.biz/ won't open even in IE9 on Vista, because, in addition to TLS 1.2 and SNI (which IE9 on Vista does support), it requires any of the following missing suites: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9) TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c) TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024) TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) (source: Qualys SSL Labs - SSL Server Test) On 5/2/2018 at 2:47 PM, apreese16 said: tls 1.1 and 1.2 working! Wikipedia works! The only things is that they don't show up in "advanced" OTOH, @dencorso posted here that they do for him: On 1/2/2018 at 3:41 PM, dencorso said: I mean, at least the Advanced Settings tick boxes for TLS 1.1 and 1.2 do appear as advertised. I don't have XP to test, but have you deleted the "OSVersion" subkeys in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.2 ? What would be indeed awesome is for someone to devise a way to add to the system (schannel) missing cipher suites... Edited February 7, 2018 by VistaLover Further clarifications about mpv.srsfckn.biz host Link to comment Share on other sites More sharing options...
apreese16 Posted February 6, 2018 Author Share Posted February 6, 2018 9 hours ago, VistaLover said: Some interesting articles people here should read: https://github.com/client9/sslassert/wiki/IE-Supported-Cipher-Suites https://blogs.msdn.microsoft.com/kaushal/2011/10/02/support-for-ssltls-protocols-on-windows/ https://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspx for XP: https://msdn.microsoft.com/en-us/library/windows/desktop/aa380512(v=vs.85).aspx https://msdn.microsoft.com/en-us/library/windows/desktop/aa380124(v=vs.85).aspx (though SSL2/3 should be disabled due to deprecation/vulnerabilities...) In addition to ECC & SNI missing in XP, that others have already mentioned in this thread, recent cipher suites used in TLS 1.1+ are also missing... That site uses TLS 1.2, TLS_RSA_WITH_AES_256_CBC_SHA256 (suite unavailable in XP); it does open fine in Vista's IE9 with the addition of TLS 1.2 support; likewise, the following site https://mpv.srsfckn.biz/ won't open even in IE9 on Vista, because, in addition to TLS 1.2, it requires the following missing suite: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 OTOH, @dencorso posted here that they do for him: I don't have XP to test, but have you deleted the "OSVersion" subkeys in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.2 ? What would be indeed awesome is for someone to devise a way to add to the system (schannel) missing cipher suites... Nope, both sub keys are there And thanks for those articles! Link to comment Share on other sites More sharing options...
bphlpt Posted February 7, 2018 Share Posted February 7, 2018 @apreese16, 1 hour ago, apreese16 said: Nope, both sub keys are there Well, in @dencorso's post here, originally posted by @VistaLover here: Quote 3. After restart, launch the Registry Editor (regedit), preferably as Administrator. 4. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.1 5. Delete the "OSVersion"="3.6.1.0.0" subkey; BTW, I don't know which WinOS that string refers to (Win6.1=Win7) 6. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.2 7. Again, delete the "OSVersion"="3.6.1.0.0" subkey. Exit Registry Editor. That might, or might not, make them show up in "advanced", possibly after another restart. No offense, but from reading this entire thread, it seems that you need to read and follow instructions more carefully. Cheers and Regards 1 Link to comment Share on other sites More sharing options...
apreese16 Posted February 7, 2018 Author Share Posted February 7, 2018 That actually worked! I thought dencorso meant that was for vista only. Sorry! @dencorso I feel really stupid... Link to comment Share on other sites More sharing options...
ScarletWavez Posted February 8, 2018 Share Posted February 8, 2018 I always thought IE 8 was aesthetically better than other browsers so it seems a good idea to do this Link to comment Share on other sites More sharing options...
dencorso Posted February 8, 2018 Share Posted February 8, 2018 @apreese16: Don't! I reckon I've been terser than needed, of late. Sorry! Then again, all is well that ends well! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now