A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » General XP issues or comments
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

MSFN down?



 
 
Thread Tools Display Modes
  #16  
Old September 19th 20, 05:41 PM posted to microsoft.public.windowsxp.general
VanguardLH[_2_]
external usenet poster
 
Posts: 10,881
Default MSFN down?

Mayayana wrote:

In my experience, userAgent sniffing for no good reason has become an
increasing problem, so it's a good idea to spoof that.


It was a quick and very easy way to determine if the client supported
functionality the site needed, or would prefer to use, to present the
content how they wanted. Say you want to use VP9 on your site (see
https://en.wikipedia.org/wiki/VP9). That didn't get support in a
released version of Google Chrome until 25. Maybe something in VP9 was
needed that wasn't supported back in VP8 when support got added back in
Chrome 15. Even if it was, VP support wasn't added until Chrome 15. If
the visitor was using Chrome 14, the UA would quickly tell you that you
either had to adapt to the client (present the content somehow
differently), or tell them then needed a newer or minimally versioned
web client. It would take more code, testing, and debugging to add code
to test the feature set of the client than go by a table of client
versions knowing when a function got supported.

It's easier driving down the street to use the house numbers to find an
address then have to stop by each house, ring their doorbell, and ask
them their address.

I don't see the UA header was a bad idea. It was simply a lookup table.
However, it was when web clients were allowed to lie (spoof) the UA
header that the visitors ****ed up the table lookup, so something else
was needed, and that something else is more complicated. Sometimes you
can query the client as to which features they support, but that's more
code than looking at the UA header already sent to the server.
Sometimes you have to figure out how to write code to test if the web
client will support a feature.

Sure, if web browsers never changed then the UA header would've never
been needed, and we'd be back on Mosaic 0.5 of 27 years ago. That
didn't happen. Because web browsers added more features along with
support with new standards that the UA header became necessary.

Perhaps you forgot how Microsoft attempted to wrest users to using their
Internet Explorer and force web authors to either develop their site for
other clients, only for IE, use the UA header to let the server select
which version of a document to deliver to the client, or create a
****ing mess in the web document's scripting trying to query the web
client as to who it is which is making the web document try to adapt to
multiple different web clients (but not compliant to all of them).
Microsoft wasn't the only one doing it their way making it necessary to
determine which version of a web document to deliver to the web client
or using scripting to adapt a web document to the client. It wasn't
just about a difference in features between clients, but also
differences in how they behaved for the same HTML tag. Without the UA
header, the growing pains would've been far worse and the Web would've
floundered a lot longer while not yet ready for mass consumption. So,
instead of making it easy by enforcing clients to correctly identify
themselves via the UA header, we end up with web documents using
scripting to identify the client after delivery, like using
javascript:alert(navigator.userAgent) and then a code block to select
which part of the web document gets rendered. Of course, those that
disable Javascript in their web client thwart the document-centric
discovery method, and hope the site hasn't fully deprecated the abused
UA header as to completely ignore it.

Back then, web clients did not respond to inquiries regarding their
feature set, so the UA header afforded that identification. It is still
far easier to use the UA header (that all web clients send, anyway) to
use a lookup table to determine if the client will support some or all
functionality employed at web sites. Sites tend to grow into newly
standardized functionality. Users can be slow to update, especially if
still lingering on old versions of an OS. The UA header, something
required (well, strongly recommeneded) by RFC for the client to send to
the server, means the server can use a lookup table to detemine which
version of a web document to deliver to the client.

Too bad web clients were allowed to subvert client identification by
allowing those web clients to lie. If web clients were not allowed to
lie in the UA header, the UA header would've remained an easy way to
identify the client to know what the server should deliver. A good
thing based on a trust model will get abused making necessary other
measures to identify the web client.

If everyone down the block removing their house numbers and all used the
same house number, how would you find a particular person on that block?
With the home owners are allowed to lie about their address, something
else and more complicated is needed for identification. Yep, a trust
model that would've been sufficient if not for the abuse.

Yes, there have been problems when a new version of a web client gets
released whose UA string has not been known before. Same for new web
clients that get introduced that have their own UA header. Takes time
for sites to update UA tables to include changed strings for new
versions or new clients. Almost seems a UA string authority is needed
to which every web client author must register their UA string for every
old and new version of their product. Uh huh, like that would happen.
Web client authors would bitch their release gets slowed because they
have to wait for UA registration, and someone else is involved in the
release of their product. Imagine what would happen with the same
attitude toward domain registration or site certificates. Those would
become worthless. That's what happened with the UA header because there
no authority regulating and recording the UA headers, but just a bunch
of independents trying to provide tables of UA strings for what they
know about at the time.

For a little history, see:

What a ****ing mess from each wanting to do it their own while
impersonating others, and all because there was never an UA authority
regulating the definition of UA strings.
Ads
  #17  
Old September 19th 20, 06:44 PM posted to microsoft.public.windowsxp.general
J. P. Gilliver (John)[_7_]
external usenet poster
 
Posts: 603
Default MSFN down?

On Sat, 19 Sep 2020 at 10:35:58, VanguardLH wrote:
"J. P. Gilliver (John)" wrote:

[]
I wasn't suggesting that as the first step; I'd want to know more about
what the problem is. I was just saying that if you _do_ get to the stage
where disabling extensions is the next thing you're going to try (and I
agree on the whole with Mayayana that that tends to be a
shot-in-the-dark exercise, like reboot-your-machine or
reboot-your-router), I _wouldn't_ disable them all, then turn them back
on one at a time: I'd disable _half_ of them, and proceed with a binary
search. _If_ the problem _is_ an extension, a binary search (for which
one it is) needs fewer tries than doing them one at a time. (And I added
that you should note which ones you've disabled, as Firefox at least
changes the order they're listed in if some are disabled.)


The problem could be conflicting extensions. With a binary approach,
you may not end up testing the two conflicting extensions together until
late, and then you have to start a binary test with different sets
starting with most of them until you found the two that conflict.


I did wonder about mentioning the case of extensions that interfere with
each other; I decided not to complicate things at that point.

Binary sounds great if you have dozens of extensions. I only have 5:

[]
use with a bookmark's keyword), and uBlock Origin. How many do you
have?


If you only have 5, then a binary search won't save much time (or any if
some interact). How many do I have? Let me look: in my Firefox 27, 61
plus 6 disabled (I had no idea I had that many!); in my self-updating
Chrome, 13 (most of which are fairly trivial, like one to give me the
title bar information that Chrome decided to kill, a Javascript toggle,
and so on). However, I can't remember the last time I investigated a
problem by playing with disabling extensions (certainly not for some
years): if something doesn't work in Firefox 27, I just assume it
wouldn't work in it even with no extensions because it's so old, and try
in Chrome instead. (And I don't think I've ever tried messing with them
in Chrome; if something doesn't work there, I generally give up.)

One of the reasons I went with Firefox is it has options that are not
available in Google Chrome unless you add extensions to cover the
deficiencies. For example, in Firefox, you can configure new tabs get
immediate focus, not loaded in the background. With Google Chrome, you
need an extension (e.g., Tabs to Front) for that.


Sounds fair.

If testing is to check if one, *or more* (might not just be one),
extensions are causing a problem, seems obvious the first step in that
process is to disable them all instead of hunt them down halved at a
time. If nothing changes after disabling all the extensions, you don't
have to waste any further time on binary or linear testing of


Agreed, if I _was_ trying that as a diagnostic aid, I probably _would_
try all-off first, just to prove to myself that it _was_ an extension
that's the source of the problem. (Though as Mayayana says, "the problem
is one of your extensions" has elements of laziness on the part of the
"helper".) If turning all off _did_ clear the problem, I might re-enable
them in a binary manner, though - assuming I actually wanted enough to
find the cause; if it was just a matter of making one particular webpage
work, it would depend if I just wanted to use that page once, or
frequently.

extensions. If the problem disappeared after disabling all extensions,
then how you test further each extension depends on how many you have.
I can't see a binary search (that you'll have to track which sets you
tested) is going to be much faster testing one at a time unless you're a
whore for extensions (wink wink).


I seem to be (-:
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Enjoy life now - it has an expiration date
  #18  
Old September 19th 20, 06:52 PM posted to microsoft.public.windowsxp.general
pyotr filipivich
external usenet poster
 
Posts: 752
Default OT - the "too solid goof" or bing the 2% occurance was MSFN down?

"Mayayana" on Fri, 18 Sep 2020 20:39:40
-0400 typed in microsoft.public.windowsxp.general the following:

MS people are even worse in their groups. Profuse thank yous,
followed by a request to restate the question, followed by
more nonsense, then eventually an answer that the question
must be asked in a different group.... But have a super day
and thank you so much for your question!!

On a tangent, I went round and round with MS tech support because
I couldn't establish a new user account on my computer. Wound up
downloading the 3.3 gigs of ISO image. Checking the registry
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS
NT\CurrentVersion\ProfileList.
I only had five entries, and was
I was missing Default. I had
(Default) Reg_SZ (value not set)
but not
Default Reg_Expand_SZ %SystemDrive%\Users\Default
added that entry and It Works!

As I noted then "A too Solid Goof". When a complex appearing
problem can't possibly because of something so simple as a missing
registry entry.
Or an unplugged power cord / cable.

Arrgle bargle - I spent to much time trying to find my notes, I
forgot the rest of the point I was after. But it does seem that
anything out of the ordinary, out of the 90%, leave the script readers
or algorithms verklempft.




--
pyotr filipivich
Next month's Panel: Graft - Boon or blessing?
  #19  
Old September 19th 20, 09:53 PM posted to microsoft.public.windowsxp.general
Mayayana
external usenet poster
 
Posts: 6,438
Default MSFN down?

"VanguardLH" wrote

|
| It was a quick and very easy way to determine if the client supported
| functionality the site needed, or would prefer to use, to present the
| content how they wanted....

I think you need to get out more, V. You go on and on
with these arguments. And what are you arguing about?
That I shouldn't spoof UAs? Suit yourself. I find it very
practical. It's very unlikely that a page that works in FF 70
won't work in FF 52. I've seen it over and over again. A
site complains. I update my spoof. The site works fine.
But I don't just pick something willy nilly. I don't say FF
52 is IE or Chrome.




  #20  
Old September 20th 20, 07:14 AM posted to microsoft.public.windowsxp.general
VanguardLH[_2_]
external usenet poster
 
Posts: 10,881
Default MSFN down?

Mayayana wrote:

"VanguardLH" wrote

|
| It was a quick and very easy way to determine if the client supported
| functionality the site needed, or would prefer to use, to present the
| content how they wanted....

I think you need to get out more, V. You go on and on
with these arguments. And what are you arguing about?


Seemed you intended to insult me with my mention of [disabling]
extensions, yet you never did show what troubleshooting steps you would
take to start working on the problem (when it was present) for the OP.

As for spoofing the UA header, the only reason it got deprecated was due
to abuse by users. However, the history of the UA header had web client
authors abusing it first, so users saw that and wanted it, too, to lie
to a server what client was visiting them. Instead of using a
compatible client, they continue to use a deficient one and pretend it's
something else.
  #21  
Old September 20th 20, 10:34 AM posted to microsoft.public.windowsxp.general
J. P. Gilliver (John)[_7_]
external usenet poster
 
Posts: 603
Default MSFN down?

On Sun, 20 Sep 2020 at 01:14:59, VanguardLH wrote:
Mayayana wrote:

[]
I think you need to get out more, V. You go on and on
with these arguments. And what are you arguing about?


Seemed you intended to insult me with my mention of [disabling]


Come on you two. I consider the major sources of both information and
advice on this and some other newsgroups to be Paul, then Mayayana and
VanguardLH, then a few others. I enjoy (though may skim) a good Mayayana
rant (though VLH had one in this thread), but I don't want to see you
two fighting! Normally, I know your views on a range of subjects, and
you know each others', and usually you don't respond much when you
disagree on something, or only do so briefly.

extensions, yet you never did show what troubleshooting steps you would
take to start working on the problem (when it was present) for the OP.


(I'm also guilty on that one - I jumped in with _my_ hobby-horse without
actually having much positive to suggest. [I imagine the OP has
abandoned the thread by now, anyway.])

As for spoofing the UA header, the only reason it got deprecated was due
to abuse by users. However, the history of the UA header had web client
authors abusing it first, so users saw that and wanted it, too, to lie
to a server what client was visiting them. Instead of using a
compatible client, they continue to use a deficient one and pretend it's
something else.


IMO, the real villains are the browser developers and script writers who
kept introducing things on the one side, and using them on the other, at
such a high rate. While not against progress - as one of you said, we'd
still be on mosaic 0.5 without progress - I do feel to some extent that
the rate is too high, especially where it _breaks_ things, and mainly
that the coders are at fault for (a) using the latest toys as soon as
they appear without providing any graceful fallback, and/or coding to
demand the latest when what they want to achieve has no need of it.
[Sometimes, of course, these days, they don't know they're doing that,
as they don't code, they use tools that make the code; the villains then
are the tool creators who do (b).]

I find, for example, surveys are among the worst offenders; when I find
one that doesn't work in an older browser, and do it in a new one, I see
nothing that couldn't have been implemented perfectly satisfactorily on
the older one. (With the possible exception of eye-candy, such as
floating radio buttons that follow the mouse pointer, which are not
needed for the purpose of the survey.)
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

"He hasn't one redeeming vice." - Oscar Wilde
  #22  
Old September 20th 20, 11:51 AM posted to microsoft.public.windowsxp.general
Dee[_6_]
external usenet poster
 
Posts: 24
Default MSFN down?

"Mayayana" wrote in
:

"J. P. Gilliver (John)" wrote

|
| By the time I saw this thread, the description of the problem -
| assuming Lu Wei was even the OP - had been snipped to what is
| shown above, so I have no idea what the problem actually was.

Lu Wei couldn't open https://msfn.org/board/forum/34-windows-xp/

Surprisingly, my New Moon with just about everything disabled
shows a fully functional website that doesn't even seem to
need script to follow the discussions. Lu Wei later found
he could access it. In the meantime, I suggested he could
get New Moon if he keeps having trouble. In my experience,
userAgent sniffing for no good reason has become an increasing
problem, so it's a good idea to spoof that. But perhaps in
second place is the problem of people writing webpages to
depend on the very latest functionality. And many people
don't realize that they can get a recent version of Mozilla
browser for XP by using New Moon.

So it's a bad combination: Webmasters who often
don't even realize what they've done, produce webpages
that fail with no information when using a browser that's
not fairly new. Meanwhile, XP users use old browsers
because they don't know they can get a new one. More
often than not, the pages will work just fine once the site
is tricked into thinking you have the latest browser on
7, 8, or 10.

A follow-up note on that: New Moon seems to be made
in several versions that are updated concurrently. I don't
know why or what the differences are. But I found that one
of them (v. 27, if I remember correctly) broke my CSS toggle
button extension. Yet the current version I have, 28.10.2a1,
breaks nothing.... Life's little pleasures.


Thank you for your post with instructions on spoofing the UA. I
changed mine in Firefox 52, and it has helped with a few sites
already.

I downloaded the New Moon version you mentioned. I would like to use
it but NoScript extension does not work with it. What do you use to
disenable/enable scripts?

Thanks, Dee
  #23  
Old September 20th 20, 03:21 PM posted to microsoft.public.windowsxp.general
Mayayana
external usenet poster
 
Posts: 6,438
Default MSFN down?

"VanguardLH" wrote

| Seemed you intended to insult me with my mention of [disabling]
| extensions,

Not you personally. As I described, I think it's inconsiderate
to tell people to do all these stock things first when it's rarely
the problem. The trouble is that it's time consuming. What do
I do when a page doesn't work? Usually the first thing I try
is disabling CSS. Then I might look at the source code. (I
realize that not everyone can do that.) If I *must* access the
page I'll try enabling javascript in stages. I also noted that one
can have an up-to-date browser for XP, so that doesn't need
to be an issue. But the most common problem I see when a page
won't work with script is unnecessary UA sniffing.

I should note, though, that I don't normally enable script and
I don't do online banking, shopping, etc. So my needs are
limited. But the woman I live with repeatedly runs into UA
problems that result from sniffing, not actual incompatibility.
Unlike you, I have no religious beliefs about UA. If I'm using
FF52 or New Moon on XP there's no reason that calling it
FF79 on Win7 shouldn't work. If there's a rare case where it
still won't work then I haven't lost anything. I also do it for
better anonymity. I don't want to be the only XP/New Moon
visitor they've seen all month.

Lately, the biggest problem I see is sites trying to force script
for spying and ads. They do things like cover links with a
transparent DIV so you can't click them. Or they cover
the whole page with a white DIV that's only removed by script.
Devious stuff. So I use my trusty CSS toggle button on the
toolbar. But script has become so standardized now that I
sometimes find it's better to block it. For example, my friend
can't access some newspaper sites that work fine for me with
script disabled.

The other day I had a link to an imgur page that I couldn't see.
When I looked at the source code there was no image link. It
looked like the page required script to call back to some kind
of backend process to load the image. Yet they had also put in
a NOSCRIPT tag to make sure Google could still spy on me, even
if I saw a blank page! Do people even understand what they've
done? I doubt it. Most webmasters today don't know how to code.
They're lackeys who run WYSIWYG frontends in corporate offices.
Even the people writing the code are typically just pasting together
snippets of script that they don't understand. Their friends are
using lazyload images so they use lazyload images. Why? Because
with only 1 MB of script libraries they can reduce the image loading
on webpages by a whopping 200 KB, saving gobs of traffic.

Do I try disabling extensions? No. That's generally irrelevant.
But I guess if you use uBlock Origin then that's relevant. That
actually will alter the rendering. My extensions, except for
NoScript, are mostly just GUI stuff. So I would say *if you
have extensions that edit webpages* then you might try
disabling those.

As it happens, though, I actually sniff UAs on my own site.
But for good reason. I go by the now-outdated standard that
a webpage should work without special requirements in as
many browsers as possible.

Older IE versions don't render the same
way as other browsers and were very slow to acommodate
CSS. My webpages are designed to be completely free of script,
but the flyout menus won't work in older IE versions. So I
have one code version for menus and layout issues in IE
and another for all other browsers. Then MS came out with
IE11 and broke quirks mode/ compatibility view. And they
came out with Edge, which I couldn't even test without
buying Win10, and which broke IE compatibility. Then they
came out with Chrome Edge. So my pages are designed to
work on any browser from IE6 to IE10 and all other popular
browsers, with virtually any version.
If someone visits with original Edge or IE11 they get
instructions on the myriad ways they can see my pages
Either set compat mode for IE11 or if it's Edge, then use
**any** other browser.

So I'm using UA sniffing to help visitors see my pages
with minimal requirements on their part. That's very different
from the current epidemic of demanding the latest browser,
which is more like the teenage hotshots in the 90s who would
load their site with ActiveX and Flash, then on the home page
they'd put a note like,
"This site best viewed with Internet Explorer version 4.093.21443.8"

But at least the teenagers told you why you couldn't see
their webpages! Which is an interesting point. The attitude
today is a kind of non-existent standardization. You're responsible
for the rendering as the viewer. It's expected that you have the
decency to be a non-techie person who's getting constant
dripfeed updates on a cellphone and has no understanding of
security or privacy. So they can do as they like with you once you
load their URL. The commercial, spyware, ad-infested Internet
depends on that. And now they're cracking down. If you don't
comply they'll do their best to break the page so you can't see it.




  #24  
Old September 20th 20, 03:26 PM posted to microsoft.public.windowsxp.general
Mayayana
external usenet poster
 
Posts: 6,438
Default MSFN down?

"J. P. Gilliver (John)" wrote

|
| Come on you two.

You know what your problem is? You can't tolerate discord.

But I try to give you a wide berth for your peculiar neurotic
style because Brits can't be expected to understand honest
argument. The British way is always to be indirect. The more
ambiguous the insult, the classier it is. If an American sees
someone with a spot of mustard on their shirt they'll say,
"Hey! You know you've got mustard on your shirt?" A Brit
will say something like, "How's your dry cleaner enjoying
his vacation?"


  #25  
Old September 20th 20, 03:57 PM posted to microsoft.public.windowsxp.general
Mayayana
external usenet poster
 
Posts: 6,438
Default MSFN down?

"Dee" wrote

| Thank you for your post with instructions on spoofing the UA. I
| changed mine in Firefox 52, and it has helped with a few sites
| already.
|
| I downloaded the New Moon version you mentioned. I would like to use
| it but NoScript extension does not work with it. What do you use to
| disenable/enable scripts?
|

Are you getting the v. 28 variety? I'm using NoScript
5.1.9. It gets complicated. New Moon compatibility
varies in general. I don't know why. As I mentioned,
my CSS toggle button didn't work with v. 27 but does
with 28. Makes no sense to me.

One thing that's good to do:
Set xpinstall.signatures.required to false

Another detail is that newer FF extensions are the newer
locked-out variety. NoScript went from v. 5 in the old
design to v. 10 in the new design. So the newer NoScript
won't work. (I use the same 5.1.9 in FF52.)

In NM 28 I have NoScript 5.1.9, Disable Style Button,
DOM Inspector, Restore View Source, Secret Agent 1.35,
SettingsSanity .8. Some signed, some not. NoScript
has a mark indicating it directly targets New Moon. I
don't know why.

I always save all extensions and keep backup copies.
I don't know if there's a place to still get older ones.
Mozilla have been rather nasty about that, trying to
prevent support for older browser versions.

I did find this:
https://github.com/JustOff/ca-archive/releases

There seems to be a package to provide a webpage, script,
and an SQL database that apparently holds lots of old
extensions. I haven't figured out yet how it works. I
just found it.





  #26  
Old September 20th 20, 06:45 PM posted to microsoft.public.windowsxp.general
VanguardLH[_2_]
external usenet poster
 
Posts: 10,881
Default MSFN down?

"J. P. Gilliver (John)" wrote:

I don't want to see you
two fighting! Normally, I know your views on a range of subjects, and
you know each others', and usually you don't respond much when you
disagree on something, or only do so briefly.


Make us some mac 'n cheese. Works in the commercials.

IMO, the real villains are the browser developers and script writers who
kept introducing things on the one side, and using them on the other, at
such a high rate. While not against progress - as one of you said, we'd
still be on mosaic 0.5 without progress - I do feel to some extent that
the rate is too high, especially where it _breaks_ things,


I've tried using the Help - Feedback menu in Firefox. I've never seen
any effect from sending them feedback. Their bugzilla community has way
too much control over the direction that Firefox takes. I've seen users
wonder why something changed in Firefox, and traced it down to *ONE*
regular in bugzilla not only making the suggestion but also implementing
it (i.e., a developer who decided what was best for us that merely used
bugzilla to track his code changes). The Nightly folks also wrest too
much control. While bugzilla and Nightly channel attempt to be
proactive in fixing the program and adding or changing features, users
should have some effective reactive venue to undo changes or vote on
which they want. Right now, the Feedback link in Firefox is like
repeatedly hitting a crosswalk button that isn't connected.

As for Google, I don't think they listen to anyone other than perhaps
web designers that push for what they want. At one time, we users got
misled that web browsers were for us. Eventually they became clients
under the influence of the site admins. For Mozilla and Google, their
audience is not us users.

I find, for example, surveys are among the worst offenders; when I
find one that doesn't work in an older browser, and do it in a new
one, I see nothing that couldn't have been implemented perfectly
satisfactorily on the older one.


Yep, site admins & web designers pushing features they want, not what is
useful to the users.

There was some programming/scripting framework that got adopted over a
couple decades ago supposedly to standardize coding of web pages. I
think it started with "A". Then a newer version came out (A...2) that
was the rage, and the coders jump on it. A wasn't good enough, but,
gee, A...2 was super duper, so it got quickly adopted. When I looked at
it, I wondered what the **** was the difference. Microsoft attempted to
wrest the web browser marketshare due their pervasive presence (bundling
IE with Windows) by introducing Jscript instead of adopting Javascript.
Microsoft surely could not use someone else's scripting engine. They
had the same fiasco when they tried to use XPS as an alternative to PDF.
Have you ever gotten an XPS document, or created one? As with many of
Microsoft's attempts to invade or takeover but far too late, they caused
confusion and lost (as well as any users that adopted Microsoft's stab).
Windows Phone has a whopping marketshare of 0.03% compared to Android at
74%, and Windows has 0.08% marketshare on tablets compared to 59% for
iOS. Failed experiments by Microsoft, but Microsoft shall not be
deterred (no learn). OAUTH was a security protocol to protect logins.
Google destroyed that in OAUTH2 by changing from a security protocol to
a generally described framework for "security" by tracking (via token)
which host was making the login (to trigger security alerts when a
different host was logging into the same account). Google loves
tracking. OAUTH2 afforded no more protection to the *USER* than do
strong login credentials (I have no pity for boobs that use simpleton
passwords or reuse them at multiple sites). None of this **** was for
us users. It's more like some joker gets control and decides to make
their mark. It's a ****ing contest, and we users are the ones getting
urinated upon.
  #27  
Old September 20th 20, 06:58 PM posted to microsoft.public.windowsxp.general
VanguardLH[_2_]
external usenet poster
 
Posts: 10,881
Default MSFN down?

Mayayana wrote:

So my pages are designed to work on any browser from IE6 to IE10 and
all other popular browsers, with virtually any version.


I've seen some privacy fanatics that never want to reveal which web
browser they use. They use a UA header that doesn't identify either the
web client nor attempts to pretend to be someone else's. What do you do
then? Presumably you use a catch-all clause to provide some minimal
functionality.

Some are smart enough to disable Javascript, too, because a web page's
script can discover which web client into which it was loaded and send
that info back to the server.

The attitude today is a kind of non-existent standardization. You're
responsible for the rendering as the viewer. It's expected that you
have the decency to be a non-techie person who's getting constant
dripfeed updates on a cellphone and has no understanding of security
or privacy.


On hitting of security, it's a bit comical to me how nowadays so many
people are trying to secure their credit card data (virtual cards, VPNs,
alternate pay schemes, instant notifications of use, etc), yet they'll
readily hand over their credit card to a minimum wage table jockey at a
restaurant to pay their bill. Tis like dead bolting all the reinforced
steel exterior doors of your house, but leaving open the windows.
  #28  
Old September 20th 20, 07:54 PM posted to microsoft.public.windowsxp.general
Mayayana
external usenet poster
 
Posts: 6,438
Default MSFN down?

"VanguardLH" wrote

|
| So my pages are designed to work on any browser from IE6 to IE10 and
| all other popular browsers, with virtually any version.
|
| I've seen some privacy fanatics that never want to reveal which web
| browser they use. They use a UA header that doesn't identify either the
| web client nor attempts to pretend to be someone else's. What do you do
| then? Presumably you use a catch-all clause to provide some minimal
| functionality.
|
?php
$suser = getenv("HTTP_USER_AGENT");
if (stristr($suser, "MSIE"))
{
$smenu = "menuie2.inc";
}
elseif (stristr($suser, "Trident"))
{
$smenu = "menuiex.inc";
}
elseif (stristr($suser, "Edge"))
{
$smenu = "menuiex.inc";
}
else
{
$smenu = "menumoz2.inc";
}
?

It filters for IE or Edge. Chrome Edge udses a UA
with "Edg", so that gets treated as all other browsers.
As you can see, I'm not sorting browsers. I just have
3 options: IE pages, error page for Edge/IE11, and
normal pages with no script for all other browsers.
If it can handle CCS2 it can handle my menus. I usually
just test in FF and IE, but when I've tried testing in
other browsers they seem to be very consistent --
except IE.

| On hitting of security, it's a bit comical to me how nowadays so many
| people are trying to secure their credit card data (virtual cards, VPNs,
| alternate pay schemes, instant notifications of use, etc), yet they'll
| readily hand over their credit card to a minimum wage table jockey at a
| restaurant to pay their bill. Tis like dead bolting all the reinforced
| steel exterior doors of your house, but leaving open the windows.

I don't think so. There is a risk in stores. (Oprah
Winfrey once got her card stolen by another woman
watching from behind her in a store.) But that's
a different situation. It's personal. And there's a
better chance of tracing it back. And the restaurant
waiter/waitress probably doesn't want to risk their job.
With online it's faceless. Data gets taken from insecure
storage and sold on a regular basis. No one cares
because they figure the issuing bank will foot the bill.
Then of course there's also the risk of malware getting
onto your system and stealing typed data. If I have to
even allow script online I usually use one of my
sacrificial computers -- not one that I keep personal
files on.

An interesting example of a hybrid situation is Home
Depot. They got hacked by inserted hardware in their
automatic checkout card readers, if I remember correctly.
So it was risky to auto-checkout but the clerks' card
readers weren't hacked.

So there are risks. ATMs to some extent. Gas stations,
especially. But online is a whole different category. I
avoid credit cards for most things. I like to use cash
for gas, groceries, clothing, etc. I rarely go to
restaurants. Why buy worse food for 3 times the
price and have to sit 2' from the next table? (pre-
covid, of course) In general, I increasingly avoid credit
cards due to both privacy and security issues. I shop
at Whole Foods. I'm not interested in telling Bozo Bezos
what I eat.

If I'm going to order from an online company I like
to call. If they don't have a phone # then they don't
really have customer service, anyway.


  #29  
Old September 20th 20, 08:41 PM posted to microsoft.public.windowsxp.general
J. P. Gilliver (John)[_7_]
external usenet poster
 
Posts: 603
Default MSFN down?

On Sun, 20 Sep 2020 at 10:26:57, Mayayana
wrote:
"J. P. Gilliver (John)" wrote

|
| Come on you two.

You know what your problem is? You can't tolerate discord.

But I try to give you a wide berth for your peculiar neurotic
style because Brits can't be expected to understand honest
argument.


Oh, I tolerate discord - some of my social interactions thrive on it; I
like a good argument! But that's the key word: it has to be a _good_
argument. When it degenerates, the excess heat can be more
counterproductive than the argument is productive.

But I sense you two are back on speaking terms, judging by the later
posts in this thread; disagreeing with each other, but either giving
valid arguments, or just avoiding certain areas. (You're actually
agreeing on some things. But I won't tell anyone.)

The British way is always to be indirect. The more
ambiguous the insult, the classier it is. If an American sees
someone with a spot of mustard on their shirt they'll say,
"Hey! You know you've got mustard on your shirt?" A Brit
will say something like, "How's your dry cleaner enjoying
his vacation?"

(-: Except we'd say holiday.

I think the most amusing version of the above - which might have been
peculiar to my school - was "it's nice out, isn't it?" as a way of
saying "your flies are open" ... (-:
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

every time Trump says "Failing New York Times" the number of digital
subscribers rises. - NYT CEO quoted by Jon Sopel in RT 2018/6/23-29
  #30  
Old September 21st 20, 12:32 PM posted to microsoft.public.windowsxp.general
Dee[_6_]
external usenet poster
 
Posts: 24
Default MSFN down?

"Mayayana" wrote in
:

"Dee" wrote

| Thank you for your post with instructions on spoofing the UA. I
| changed mine in Firefox 52, and it has helped with a few sites
| already.
|
| I downloaded the New Moon version you mentioned. I would like to
| use it but NoScript extension does not work with it. What do you
| use to disenable/enable scripts?
|

Are you getting the v. 28 variety? I'm using NoScript
5.1.9. It gets complicated. New Moon compatibility
varies in general. I don't know why. As I mentioned,
my CSS toggle button didn't work with v. 27 but does
with 28. Makes no sense to me.


Yes, version 28.10.2a1 (32-bit). Maybe I don't know how to load
NoScript with it, then. I went to Tools / Add-ons, then Get Add-ons,
and NoScript is not listed. How do I install NoScript with it? I
will try searching the web.

One thing that's good to do:
Set xpinstall.signatures.required to false


Looks like that is the default in mine.


Another detail is that newer FF extensions are the newer
locked-out variety. NoScript went from v. 5 in the old
design to v. 10 in the new design. So the newer NoScript
won't work. (I use the same 5.1.9 in FF52.)

In NM 28 I have NoScript 5.1.9, Disable Style Button,
DOM Inspector, Restore View Source, Secret Agent 1.35,
SettingsSanity .8. Some signed, some not. NoScript
has a mark indicating it directly targets New Moon. I
don't know why.

I always save all extensions and keep backup copies.
I don't know if there's a place to still get older ones.
Mozilla have been rather nasty about that, trying to
prevent support for older browser versions.

I did find this:
https://github.com/JustOff/ca-archive/releases

There seems to be a package to provide a webpage, script,
and an SQL database that apparently holds lots of old
extensions. I haven't figured out yet how it works. I
just found it.


Thanks again,
Dee
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 08:00 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.