Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


  • Content count

  • Donations

  • Joined

  • Last visited

  • Days Won


Mathwiz last won the day on January 10

Mathwiz had the most liked content!

Community Reputation

24 Excellent

About Mathwiz

Profile Information

  • OS
  • Country
  1. That happens when you access msfn.org with https:. Msfn.org supports https:, but isn't quite smart enough to replace http: with https: in iframe links. So to protect you from the possibility of a hacker intercepting the unsecured iframe and replacing it with malicious content, you get that stupid padlock with the warning icon. You can click the padlock and disable protection, and the page will reload with the unsecured iframes. The padlock and the "https:" in the address bar will then be struck through to remind you that you aren't really secure. I wish Firefox would let us permanently disable protection on a per-website basis, instead of having to do this every time a page comes up with grey boxes like that. Edit: BTW, if you're using HTTPS: Everywhere, your connection to msfn.org probably is secure; it's just that Firefox doesn't know it!
  2. Personally, I think Wikipedia is over-reacting a bit. Certainly, 3DES isn't as secure as AES, but AFAIK cracking it still requires guessing about 108 random bits. (A 3DES key is 168 bits, but around 60 of those bits can be figured out without having to guess them.) AES requires guessing at least 128 bits, so cracking it is at least a million times harder, but even with today's more powerful hardware, 108 bits is plenty of security. Edit: Come to think of it, the problem with 3DES may not be the key size, but rather the fact that it only encrypts 64 bits at a time. With enough data, this could allow an attacker to exploit the "birthday paradox" to find accidental collisions (different 64-bit blocks that happen to encrypt to the same value), and work backwards to reduce the number of key bits that need to be guessed. With AES, 128 bits are encrypted at once, so the odds of such a collision leaking info about the key are extremely remote. So maybe Wikipedia is being prudent after all. In any case, there's probably not much point in using IE8 anyway, unless you're browsing sites that use IE-specific tech like ActiveX (I still run into a few of those on occasion). But if you're determined to do so, you can use ProxHTTPSProxy with IE8 to provide modern, more secure ciphers. With ProxHTTPSProxy, Wikipedia comes up fine in IE8 with no security warning. (He can correct me if I'm wrong, but I believe @Heinoganda has updated ProxHTTPSProxy with a newer OpenSSL version that closes even more security holes.) Edit 2: BTW, from their warning about security flaws, I can see that Wikipedia doesn't know about the POSReady hack for Windows XP
  3. share your windows XP performance tweaks

    Those are nice, but how about explaining what each one actually does? That way we could choose the ones we want, or re-tweak them to better fit our own systems.
  4. Under normal circumstances, the user-agent string is more or less fixed: it only changes when your browser gets updated. So it doesn't leak a lot of info to the Web pages you visit; basically just your browser and OS. So, to stay "under the radar" as much as possible, I'd say you want to choose a common user-agent string rather than a rare one. You want to look just like millions of other folks browsing the Web. Also, for maximum compatibility, you probably shouldn't misidentify your browser too much. Web sites use the user-agent string to figure out what Javascript code, e.g., to send to your browser. So given the above, I'd probably lie about my OS (e.g., say it's Windows 10 or at least 7 instead of XP). The only place that would likely matter is microsoft.com. But I'd mostly tell the truth about my browser, unless it's a rare one. I might tell Opera to pretend it's Chrome or Seamonkey to pretend it's Firefox, for instance; and probably report the latest version of those browsers, since most users would be running the latest version. The only pitfall would be if a Web site sent code intended for the latest version, that doesn't run correctly on the actual browser version I'm running. But even if I reported my correct browser version, I suspect most of those Web sites wouldn't send compatible code anyway - they'd probably just tell me to upgrade my browser!
  5. I guess the only problem with that string is that it'd stick out like a sore thumb to Web sites that "fingerprint" their visitors (the better to track them). But hopefully it'll be pretty compatible. Let us know if you run into any problems with specific Web sites using it. One of the things I liked about Opera (at least Opera 12; I haven't tried this with the newer Chromium-based versions) is that you could set your user agent string on a site-by-site basis to report as Opera, Firefox, or IE, so you could work around sites that insist on IE or Firefox because they never heard of Opera. Come to think, I wouldn't be surprised if there's a Firefox or Chrome add-in that does something similar (although I haven't looked).
  6. Hi! Yes, I saw your post about spoofing the user-agent string. A useful technique! But even if I bypass the stupid sites that blindly block browsers they consider too old, I still run into other problems if my browser really is too old.
  7. I think the Web is the primary driver of planned obsolescence in today's computers. Try surfing with an old Web browser; say, Opera 12. You'll run into all sorts of major sites (e.g., Facebook) that just don't quite work right, even if they worked fine a year or two ago. So if you surf the Web, you need to use a reasonably up-to-date browser. Doesn't have to be absolutely the latest, but it can't be too old. And so, you need an OS that will run reasonably up-to-date browsers. Right now, in the Windows line, XP is about as far back as one can easily surf the Web with. Maybe 2000, with some difficulty; but 98 or ME will be really tough slogs. There just isn't a new enough browser that will run on those OSes. P.S. I like the classic theme too.
  8. I did see that it was a QFE, so I guess it's not ready for general distribution yet. I'm still surprised they didn't sign it, though. I can't see why MS would own up to releasing an update that makes your network vulnerable! Hopefully they only mean it hasn't been fully tested yet, so they can't yet say with reasonable confidence that it won't make your network vulnerable. I agree - no need to rush to install this one. Presumably, once it's fully tested, it'll be rolled into the next cumulative IE8 update anyway.
  9. Apparently available only from the MS Update catalog; not (yet) via AU, WU, or MU. (But come hell or high water, we get those time zone updates!) Also the downloaded file appears to be unsigned? Very unusual for MS....
  10. Newest Adobe Flash and Shockwave, and Java, too!

    Hmm... don't know then. It looks like you're running a 64-bit OS, but if it's the 32-bit version of Opera 12.18 (build 1872), it should still work. The only other difference I see is that I let the Flash installer install the latest versions, so my Flash ended up at C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_131.dll (yours would end up at C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll) instead of in C:\Program Files (x86)\Opera\program\plugins. The advantage is, it can be shared by Opera and Firefox. Can't imagine why installing it in the Opera folder might cause a crash though.
  11. Newest Adobe Flash and Shockwave, and Java, too!

    Isn't beta? Try the released version,, and see if it works OK.
  12. Yes, apparently the viewers use some of the same .dll's as the full Office 2010 install - I guess the same way the 2007 compatibility pack uses some of the same .dll's as the full Office 2007. So if they update any of those .dll's used by the viewer, I get the Office 2010 update through Micro$oft update - and it does make the scan go to 99% CPU. I have to let it run overnight.
  13. No such luck for me - I have the PowerPoint Viewer installed, which is based on Office 2010. So I'm screwed for the duration
  14. Newest Adobe Flash and Shockwave, and Java, too!

    Wow, what is it with the updates this week? Regular Patch Tuesday updates, Firefox ESR 52.2, Office 2003, not one but two Flash updates, Shockwave for Director, Silverlight - I haven't had this many updates during a single week in years!
  15. Newest Adobe Flash and Shockwave, and Java, too!

    Yes, it downloads that relatively small file, which in turn is supposed to download the rest. That 2-stage download has always worked on XP before, but this month, it worked on my Win 7 system but not on my XP system. And I know I had plenty of space, because I had no problems downloading the offline (full) installers and running them. Don't know if anyone else had problems with the online Flash installers though. May have just been some kind of fluke on my system this month.