hidao Posted September 19, 2023 Posted September 19, 2023 (edited) 21 hours ago, NotHereToPlayGames said: I do this via Proxomitron. But for the non-Proxo 360Chrome user, I can follow @Dixel's suggestion and upload a revision within the next day or two. I'd likely only upload a new rev for build 13.5.2036 as it is the only version I still use. Unknown which versions we still have MSFN Members using. It's updated to 13.5.0.2044... Edited September 19, 2023 by hidao
LowLander Posted September 19, 2023 Posted September 19, 2023 4 hours ago, hidao said: It's updated to 13.5.0.2044... Not yet it's old 25/05/2023
Mathwiz Posted September 20, 2023 Posted September 20, 2023 (edited) On 9/18/2023 at 8:58 AM, NotHereToPlayGames said: I can follow @Dixel's suggestion and upload a revision within the next day or two. Proxomitron is a good solution, although sites affiliated with Google (e.g., YouTube) will be very image-poor. Dixel's fix changes the HTTP header that's sent on image requests. It tells the Web server which image formats your browser will accept (and also which ones are preferred). Unfortunately many Web sites don't respect the header and send WebP images anyway. Certainly a malicious site wouldn't respect the header! So, Dixel's fix isn't a sure-fire WebP block by itself. And since the 360EE browser does accept WebP despite what the http header claims, you can still be victimized. But, both solutions can be used together! Proxomitron can block any WebP images, and changing the header should tell the server to send a different image format, so you don't lose your images altogether. Edited September 20, 2023 by Mathwiz
Mathwiz Posted September 20, 2023 Posted September 20, 2023 For example, not long ago we discovered.... On 6/26/2023 at 6:42 PM, Mathwiz said: Bing isn't smart enough not to send WebP to a browser that indicates it doesn't want WebP. Extremely bad practice, indeed. The only known way to stop Bing from sending its home page image in WebP format is to pretend (via the user agent) to be Internet Exploder! Then you'll get a JPEG, but otherwise, it'll be WebP irrespective of the image format header. 1
NotHereToPlayGames Posted September 20, 2023 Posted September 20, 2023 To be honest, I have opted to do NOTHING. I'm not in the least bit concerned with all of this recent "hype and propaganda" regarding .webp. To each their own, of course. But to ME, it's nothing more than any other virus or malware out there that has never hit my machines. Reminds me of back in the day when I was a "church goer" and everybody knew I could fix computers so everybody would have me fix them for them. You'd get the same people over and over again. To the point that you FINALLY have to tell them (due to the items discovered on their computers), "You wouldn't get these if you stopped visiting p0rn sites." Sure, there is always the THEORY that .webp could come in via a third-party "advertisement" that your otherwise SAFE web site wouldn't otherwise have, but these 'in the wild" reports DON'T WORK THAT WAY.
Dixel Posted September 20, 2023 Posted September 20, 2023 23 hours ago, hidao said: It's updated to 13.5.0.2044... Changelog, please. 3
hidao Posted September 20, 2023 Posted September 20, 2023 54 minutes ago, Dixel said: Changelog, please. https://bbs.360.cn/thread-15913525-1-1.html You can tried to translated..
NotHereToPlayGames Posted September 20, 2023 Posted September 20, 2023 It's still version 86 under the hood and the letters "webp" do not exist in the changelog. 2
hidao Posted September 20, 2023 Posted September 20, 2023 1 hour ago, NotHereToPlayGames said: It's still version 86 under the hood and the letters "webp" do not exist in the changelog. Yes,the updated time is 2023-5-25,I have a account in 360 BBS,but we must to verified phone number to post,I don't want to to this,so...
Mathwiz Posted September 23, 2023 Posted September 23, 2023 On 9/19/2023 at 10:36 PM, Mathwiz said: But, both solutions can be used together! Proxomitron can block any WebP images, and changing the header should tell the server to send a different image format, so you don't lose your images altogether. Since 86 won't be patched, I think this is the best solution. Dixel's fix tells Web sites you don't want WebP, and if a server gives you a WebP image anyway, Proxomitron dumps it. On 9/19/2023 at 10:55 PM, Mathwiz said: For example, not long ago we discovered.... The only known way to stop Bing from sending its home page image in WebP format is to pretend (via the user agent) to be Internet Exploder! Then you'll get a JPEG, but otherwise, it'll be WebP irrespective of the image format header. Of course a Microsoft-owned Web site is very unlikely to host a malicious WebP image. But that was just an example to show that a (possibly malicious) WebP image could be served even with Dixel's fix. On 9/20/2023 at 2:18 AM, NotHereToPlayGames said: I have opted to do NOTHING. I'm not in the least bit concerned with all of this recent "hype and propaganda" regarding .webp. To each their own, of course. But to ME, it's nothing more than any other virus or malware out there that has never hit my machines. I agree with your decision (if not your reasons). It should be up to each individual to evaluate the risk and act according to their own best judgment. If someone wants to take preventive measures, @Dixel has published his patch and Proxomitron is readily available. Personally, I only use 360EE for a few sites, so I haven't taken any precautions myself. If I used it for general browsing, I'd probably be more proactive. On patched software, I see no reason to distrust WebP. I know some don't like it but there's nothing inherently wrong with the format. It's just that, due to the complexity of decoding it, everyone has been copying Google's open-source decoder, which is actually quite efficient - it just happened to have an exploitable bug. As I said on Roytam's thread, I don't think in the least that this bug was due to ill intent - anyone writing code (me) can make a mistake like this. I wouldn't categorize these concerns as "propaganda" though - that sounds as if we're being a bit dishonest by raising them. 2
NotHereToPlayGames Posted September 23, 2023 Posted September 23, 2023 5 hours ago, Mathwiz said: and Proxomitron is readily available It's the only effective solution for this. Been using it for twenty years! Long Live Proxo.
NotHereToPlayGames Posted September 23, 2023 Posted September 23, 2023 (edited) 6 hours ago, Mathwiz said: Since 86 won't be patched It will not work for the XP crowd, and do not attempt on your actual OS but use a VM instead, but official "upstream" is at v114 as of a week or so ago. I've ported portions into English but find it to be SLOWER then Ungoogled Chromium v114. Getting it into a workable ENGLISH web browser would be an extreme undertaking. Since Ungoogled Chromium is faster and with tons of web browsers available once you are at an OS that is required for newer "upstream" anyway, I'm seeing ZERO need to undertake such a project. Though v114 does not solve Weppy Scare anyway, it's only an indication that upstream is still evolving. Edited September 23, 2023 by NotHereToPlayGames
Jody Thornton Posted September 23, 2023 Posted September 23, 2023 I'm just going to wait for the build 13.5.2036 update that NotHereToPlayGames might post. I only use it on the one notebook that runs Vista Home Basic. I have Serpent 52 for Reddit. I'll have to be careful on MyPal 68.
DrWho3000 Posted October 16, 2023 Posted October 16, 2023 can someone tell me where the passwords are stored in Artic Fox 360 extreme explorer ?
Dave-H Posted October 16, 2023 Posted October 16, 2023 They're stored (encrypted of course) in a file called 'Login Data' in your profile folder. 2
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now