|
| If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|||||||
|
|
Thread Tools | Display Modes |
|
#31
February 28th 16, 07:04 PM
posted to microsoft.public.windowsxp.general
|
|||
|
|||
CDL internet protocol - what is it (used for) ?
R.Wieser wrote on 2016/02/28:
VanguardLH, There are some PDF viewers that deliberately do NOT support the above features hence they are safer. I would love to know which ones they are. Probably the best place to ask for a minimalist PDF viewer that is lacking the extra (but security risk) functions, like launch on load, file attachments, and Javascript, would be in the alt.comp.freeware newsgroup. I remember being in some discussions over there that mentioned some of them. I think (but you would have to check) that SumatraPDF (https://en.wikipedia.org/wiki/Sumatra_PDF) was one of the minimalist PDF viewers. SumatraPDF is portable so you don't even install it, just copy its file and run that. I don't what the PDF viewers can do that are now built into web browsers (Google Chrome, Firefox). I turn those off as soon as I remember or when I want to view a PDF and it shows inside the web browser. I then configure the web browser to use an external PDF viewer. I also disable web browser integration in the config of the PDF viewer so it does NOT display the .pdf inside the web browser (by using a plug-in). I don't want to use the inbuilt PDF viewer in the web browser and I don't want the PDF viewer to use a plug-in to display the PDF inside a web browser. If it however starts to throw lots of message boxes at me I will know that there is a problematic program, and will either tame the program itself, or black-list the programs name in the dummy DLL, bypassing the message box. While that would eliminate the untamed process access to its protocol handler, it doesn't stop the untamed process from loading. Do you know about SRPs (Software Restriction Policies) that you can define in the registry using the Group Policy Editor (gpedit.msc)? Back in Windows XP, you could only Allow or Block a program from loading. You had to do a registry edit to add Basic which runs the program under a limited user access (LUA) token to reduce its privileges to what they would be if I had logged under a normal/restricted user account. I used SRPs to force reduced privileges on web-centric apps (web browser, e-mail). Vista, and later, have all three privilege modes (Allow, Block, Basic) for SRPs. Alas, the Home editions of Windows don't have the group or local policy editors. Some have suggested stealing gpedit.msc from Windows XP except that the downloads others have offered for gpedit.msc is for the 32-bit version which doesn't know about the 64-bit section of the registry. All policies are registry entries and Microsoft has an Excel spreadsheet listing them all but it's a pain to go through all that manual manipulation. I ain't ever using a Home edition again (but then I may never be using another version of Windows if Windows 10 is it and Microsoft doesn't change their rude behaviors regarding licensing and, ahem, "telemetry"). Before I knew about SRPs, I used 3rd party firewalls that had HIPS (Host Intrustion Protection System) that let me block unwanted programs from loading. So that's another way to kill the unwanted programs. I used MagicJack (VOIP) awhile ago and it was nasty in auto-updating itself without permission and even without prompt. That screwed up my dialer setup (I used a different one than theirs). So I used a Path SRP to prevent their setup program from running. They retaliated after a couple years by having their server check the client's version and would "suddenly" stop working if you didn't have their latest version or a version within their check range. A nice feature of using a firewall with HIPS was I could allow the VOIP connections but block their update connections which included their client downloading ads to display within a frame of their client's UI; however, I got rid of MagicJack. 
|
| Ads |
|
#32
February 28th 16, 11:30 PM
posted to microsoft.public.windowsxp.general
|
|||
|
|||
|
CDL internet protocol - what is it (used for) ?
In message , R.Wieser
writes: VanguardLH, [] There are some PDF viewers that deliberately do NOT support the above features hence they are safer. I would love to know which ones they are. Some time ago I though to try FoxIt -- regarded by its own site as a "Secure PDF Reader", and the first damn thing it tried to do when I started it was to try to go on-line. That was enough for me to directly de-install it. :-( To be fair, that's probably just checking for updates, which seems reasonable - when you've installed something, possibly from an ancient installer, it's reasonable for it to check whether it _is_ ancient. (Having said that, Foxit got bloaty a while back, though nothing like as big as Acrobat; old versions [I have 5.4.3.0920, and earlier was faster] are good, and also fast.) [] -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf I hate people who quote Shakespeare at you but are proud that they can't add up. Stupid People. - Carol Vorderman (Radio Times, 1-7 March 2003)
|
|
#34
February 29th 16, 11:41 AM
posted to microsoft.public.windowsxp.general
|
|||
|
|||
|
CDL internet protocol - what is it (used for) ?
John,
To be fair, that's probably just checking for updates, which seems reasonable Nope. Not when its done without even 1) asking me first 2) allowing me to set/change any preferences in that regard. Currently I start to habitually disable the internet connection (yank the ethernet cable) before installing anything because of it. when you've installed something, possibly from an ancient installer, it's reasonable for it to check whether it _is_ ancient. Again, No. You do*not* go outside my local computer without my explicit say-so. Especially when what is done is not what I acquired the product for. Its like inviting a repairman (of any kind) in, who than just grabs your personal phone to check in with its boss. Thats not aceptable in the real world, and its not acceptable (at least to me) in the computer world. The only reason this abysmal behaviour has become wide-spread is because most people are not even aware of that it happens (when installing firewalls are silently(!) configured to let the program thru), and if they are have no clue what to do about it (and if they figure it out its too late anyway). Next to that, what about *my choice* to actually download and use "an ancient" version ? Somehow software companies seem to be blithefully unaware (willfully or otherwise) that, for instance, not everyone runs the latest version of the MS operating system ... Having said that, Foxit got bloaty a while back Just as FireFox got that advertisment crap included, which is a *very good* reason not wanting to upgrade. Regards, Rudy Wieser -- Origional message: J. P. Gilliver (John) schreef in berichtnieuws ... In message , R.Wieser writes: VanguardLH, [] There are some PDF viewers that deliberately do NOT support the above features hence they are safer. I would love to know which ones they are. Some time ago I though to try FoxIt -- regarded by its own site as a "Secure PDF Reader", and the first damn thing it tried to do when I started it was to try to go on-line. That was enough for me to directly de-install it. :-( To be fair, that's probably just checking for updates, which seems reasonable - when you've installed something, possibly from an ancient installer, it's reasonable for it to check whether it _is_ ancient. (Having said that, Foxit got bloaty a while back, though nothing like as big as Acrobat; old versions [I have 5.4.3.0920, and earlier was faster] are good, and also fast.) [] -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf I hate people who quote Shakespeare at you but are proud that they can't add up. Stupid People. - Carol Vorderman (Radio Times, 1-7 March 2003)
|
|
#35
February 29th 16, 01:20 PM
posted to microsoft.public.windowsxp.general
|
|||
|
|||
|
CDL internet protocol - what is it (used for) ?
R.Wieser wrote on 2016/02/29:
VanguardLH, SumatraPDF is portable so you don't even install it, just copy its file and run that. Now *thats* something I like. Yes, even if used stationary. "Un-install" a program ? Ha! Just delete the folder its in. Never understood MSes preoccupation with putting *everything* in the registry. I also disable web browser integration in the config of the PDF viewer so it does NOT display the .pdf inside the web browser (by using a plug-in). Same here. If-and-when I want to view a PDF its quite likely I want to view it again. So, (after much deliberation) I first download and store it. Although on later browsers viewing PDFs locally might be, security wise, worse than viewing it in the sandboxes those browsers provide ... I know a lot of folks like to bash Adobe Reader due to its past history but that program has had a sandbox for quite awhile now. I forget the option but you could make Adobe Reader more secure but you had to enable some option under the "Security (Enhanced)" section (that is not enabled by default probably to ensure widest usability). With enhanced security (http://www.adobe.com/devnet-docs/acr...urity_FAQ.pdf), high-privilege Javascript is disable; however, you can completely disable Javascript, too. I don't remember the default but make sure under Security (Enhanced) that the "Automatically trust sites from my Win OS security zone" (which means sites you whitelist in the Internet Options' Trusted Sites security zone would have their PDFs trusted - but bad PDFs or rude authors exist everywhere, including sites you trust). Most times when someone nags about Adobe Reader being insecure, they haven't even bothered to view the options available and investigate them. They haven't gone into Security (Enhanced) to make sure it is enabled, and also ensured Protected Mode is enabled (the sandbox you mentioned but here instead of by a web browser). See http://www.adobe.com/devnet-docs/acr...Sec/index.html. As yet, I don't that anyone has proven Adobe Reader with both enhanced and protected mode enabled and with disabling other features, like Javascript, is any more insecure than other PDF readers. Yes, you can find lists of open tickets against Adobe Reader. Have you EVER found a bug tracking database that is publicly accessible for the other PDF readers? You don't know how bad they are for vulnerabilities. That info remains hidden. So you could be using a highly vulnerable alternative PDF reader and your only blind hope is that it doesn't get targeted because it isn't the big target. The reason why some still nag about how big it is don't realize that it has code to parse ancient PDFs (old versions of PDF specs). Most users don't need to view PDFs that were created 2 decades ago but Adobe needs to remain compatible with their old stuff. They could offer an install- time option to let users discard support for specific old PDF versions but that would require users be educated on what was different between each PDF version. I suspect, besides momentum, that companies prefer to have Adobe Reader on their workstations because group policies can be pushed onto those workstations that control how Adobe Reader behaves, like disabling its update checking. It is an enterprise-centric product to control property that belongs to them, not the employees, whereas the other are designed for personal use on computers that are the property of the user. Not sure how a sandbox would help if launch action, Javascript, and attachments were disable (or not supported) in the PDF viewer. That would be like claiming some guy with no testicles was the father of a child. A program issuing a system call to a font API or ancilliary program isn't going to pull it into the sandbox. You would need to use a virtual machine to do that level of isolation; however, those who use VMs to detect malware don't realize that many of those will remain quiescent or behaved when they detect they are ran inside an VM. Worked okay inside the VM so they install it in their real host OS and then the malware becomes potent. Do you know about SRPs (Software Restriction Policies) that you can define in the registry using the Group Policy Editor (gpedit.msc)? Ehrm ... I've heard of it, but never had, on my single-user computer, the need to use it. I have absolutily no idea how I would need to use it to reign a mal-behaving program in. You would use a 3rd party firewall with HIPS to control unwanted networking behavior for a program. SRPs are used to prevent the program from even loading (Path rule set to Block) or to throttle its privileges (Path rule set to Basic). Back in Windows XP, you could only Allow or Block a program from loading. Ehhh ... I hope you are aware that you're posting in a newsgroup dedicated to XP ? So whats that "back in XP" about ? I'm still using it ! :-) Yes, I am responding in a WinXP group but that doesn't mean I use that OS anymore. I also respond in the WLM (Windows Live Mail) newsgroup but I only used that program for a few months awhile ago - because sometimes the questions don't really involve the program but are about e-mail itself. SRPs have been available since Windows XP and that's where I first learned about them. They are still available in later versions of Windows to which I moved to awhile ago. Since I no longer have any WinXP hosts at home or even at work, much of what I mention is from memory or I have to go look it up again. I did find an old Usenet post of mine that mentions the registry hack, at: https://groups.google.com/d/msg/micr...k/mttUNl3kpXMJ Before I knew about SRPs, I used 3rd party firewalls that had HIPS (Host Intrustion Protection System) that let me block unwanted programs from loading. I'm not sure I understand the above: Why block an unwanted program if you can (simply?) remove it ? Don't know what to remove until you catch it. In the example that I gave, I did NOT want to remove MagicJack because, at that time, I wanted to use their VOIP service. I just did not want it automatically and covertly updating until I was prepared (with an image backup) and had the time and was ready for any behavior change in the new version of their VOIP software. So why not just rename or delete their setup.exe program? Because it doesn't exist until they want to do an update. Not all programs come with separate .exe files to perform setup, updates, or other functions. Instead those "programs" are code tables inside the program that get rolled out into files and then executed. So there was no setup.exe file for me to rename or delete. However, because I knew where they created the setup.exe into which they rolled out that code from the main program, I could use an SRP Path rule to keep the generated setup.exe from loading. You can also define hash rules to catch a program when you don't know where it might be (in the future) but I never used that feature. Oh shucks: You're talking about a multi-user environment, where the users have different privileges (admin, power-user, user, guest), and low-privilege users must/should/need to be stopped from using programs (like regedit) the high-privilege users might have need of. Nope, I'm the only user of my home PC. I found logging in under a restricted account too often got in my way, like not being able to edit the registry, define SRPs (because all policies are registry entries), or perform other admin-level tasks. I wasn't logging out or even using FUS (Fast User Switching - which leaves programs running under the other account). Do you ALWAYS close the bedroom door when you enter or leave? Of course not because that would be too much nuisance. However, I did not want all web-centric processes to have admin privileges so I used SRPs to throttle them down using a LUA (limited user access) token. There have been 3rd party programs to do the same thing but some only work when a specific shortcut is used. For example, I can throttle privileges on the specified program when using SysInterna's psexec utility; however, that only applies limited privileges to the program that *it* loaded. I could have it throttle the web browser but that wouldn't help when the we browser was called as a child process, like when clicking a hyperlink in an e-mail. SRPs get applied to a program no matter who called it. I do many tasks on my home PC that require admin privileges so logging in under a restricted user account was not only a nuisance but not an option since it would interfere way too often with my workflow. Do some work, gotta stop to log under another account, do some tasks there, go back to the other account to do more tasks. This would be like making dinner involving heated cookware but having to use 2 different kitchens: one with oven mitts and another without. No thanks. In my case I think that that does not really apply (but correct me if I'm wrong about that), as I'm the sole user of my 'puter. I was the sole user, too, but SRPs (or HIPS in 3rd party security software) gave me more control over rude or unwanted behavior without necessitating removal of software that had other features that I did want. I got more choice than I was given by default. I used MagicJack (VOIP) awhile ago and it was nasty in auto-updating itself without permission and even without prompt. Yuck! That would be a program I would try to get rid of as fast as I could. Ofcourse, neccessity sometimes forces us to play the kind of doging game you described. But again, yuck! :-\ That's fine if you have the money for other telecommunication options. it was very cheap. Cheaper than the old POTS telco, far cheaper than my ISP's VOIP service, and even cheaper than a cell phone (although Tracfone is very cost effective). Plus the VOIP call quality was better than my cell phone so I would use it while at home instead of relying on my cell phone. Where can YOU find 5 years of phone service with better than cell phone quality that would only cost $100 for those 5 years (or $20 for a WHOLE year)? So, yeah, I managed to kill some unwanted features of their client program (ads and covert auto-update) without losing the cheap phone service. If you are using POTS, look at your monthly bill and multiply by 12 to see how much you are spending on that. After all fee and taxes, mine was $26/month (back then). That's $312/year. How much are you spending for your cell phone service? Tracfone is cheap (but with limited minutes) at $200 for 2 years at 1000 minutes. That would be $500 for 5 years whereas Magicjack was $40 the 1st year and $20 each year thereafter (by buying the $100 for 5 year plan). While I don't have to go cheap, I also don't see the need to throw money away. However, I eventually decided to pay a bit more for my ISP's VOIP service and still do have a cell phone. Back then I didn't need a cell phone but do now for business mostly; however, I keep calls to a minimum and don't need any "data" (Internet) so Tracfone is a cheap choice. My ISP's VOIP service is a shared cost. So I'm still going cheap (as much as I can). If you were so picky about not using and removing anything that had behaviors that you don't want, why are you still using Windows? All those tweaks you do for the OS and installing 3rd party program to supplant those include with the OS is you having fun playing with the OS to bend it more to how you want it. Same for me when I had MagicJack. Just because it had some bad behaviors did not preclude me from pulling in its reins to do it more my way.
|
|
#36
February 29th 16, 07:27 PM
posted to microsoft.public.windowsxp.general
|
|||
|
|||
|
CDL internet protocol - what is it (used for) ?
In message , R.Wieser
writes: John, To be fair, that's probably just checking for updates, which seems reasonable Nope. Not when its done without even 1) asking me first 2) allowing me to set/change any preferences in that regard. Currently I start to habitually Agreed. I suppose since my firewall catches them, I'd forgotten they don't ask. [] Its like inviting a repairman (of any kind) in, who than just grabs your personal phone to check in with its boss. Thats not aceptable in the real Good analogy. world, and its not acceptable (at least to me) in the computer world. The only reason this abysmal behaviour has become wide-spread is because most people are not even aware of that it happens (when installing firewalls are silently(!) configured to let the program thru), and if they are have no clue what to do about it (and if they figure it out its too late anyway). I use a particularly ancient firewall, which doesn't seem to be hackable by such softwa obviously nothing is fireproof, but I can't remember ever having a software call home after installation without triggering the firewall. (And before you say would I know - I also have a - also fairly old, but not as old - BitMeter, which I have the audio monitor on, so I know whenever _anything_ is using the link, including things I _do_ allow. The beeping would drive many people nuts, but I live alone, and I like it.) Next to that, what about *my choice* to actually download and use "an ancient" version ? Somehow software companies seem to be blithefully unaware (willfully or otherwise) that, for instance, not everyone runs the latest version of the MS operating system ... Indeed! XP here. (And I do have a '98SElite system that I go online with occasionally.) Having said that, Foxit got bloaty a while back Just as FireFox got that advertisment crap included, which is a *very good* reason not wanting to upgrade. Using Firefox 26.0 here ... (-: Regards, Rudy Wieser [] I think we're closer together than might first appear! -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf "... all your hard work in the hands of twelve people too stupid to get off jury duty." CSI, 200x
|
|
#37
March 1st 16, 10:06 AM
posted to microsoft.public.windowsxp.general
|
|||
|
|||
|
CDL internet protocol - what is it (used for) ?
John,
I use a particularly ancient firewall, which doesn't seem to be hackable by such softwa I should have been more specific: I was talking about XP's inbuild firewall here. I've several times seen it to be populated with exeptions for a program/game I was installing. Indeed! XP here. (And I do have a '98SElite system that I go online with occasionally.) XP here too, and also 98Se (which I'm currently writing this reply on). Using Firefox 26.0 here ... (-: FF 1.5 on 98se. Can update to 2.0 or maybe 3.0 (afaik no further), but that does not give me any extras. Still use it regulary. FF 16 on XP. Done that quite recently, because of the higher encryption that the web currently seems to be mandating (no idea why though: what kind of "secure connection" does an Avatar image need ? Or a humor site ? ) :-\ Question: Have you ever found a list of requirements and capabilities for the different versions of FF ? Before updating to FF 16 I tried to find the "best fitting" version (high encryption, no DRM support, no inbuild advertising-centric crapware), but was quite unsuccessfull in that regard. At the end I did choose FF 16 because it seemed to work well on a computer somewhere. I think we're closer together than might first appear! Which is quite refreshing. More often than not I'm running into people who think that only the last version of {fill in your poisson} is at all usefull. Oh well, their loss I guess. But still not funny to be talking with them. :-\ Regards, Rudy Wieser -- Origional message: J. P. Gilliver (John) schreef in berichtnieuws ... In message , R.Wieser writes: John, To be fair, that's probably just checking for updates, which seems reasonable Nope. Not when its done without even 1) asking me first 2) allowing me to set/change any preferences in that regard. Currently I start to habitually Agreed. I suppose since my firewall catches them, I'd forgotten they don't ask. [] Its like inviting a repairman (of any kind) in, who than just grabs your personal phone to check in with its boss. Thats not aceptable in the real Good analogy. world, and its not acceptable (at least to me) in the computer world. The only reason this abysmal behaviour has become wide-spread is because most people are not even aware of that it happens (when installing firewalls are silently(!) configured to let the program thru), and if they are have no clue what to do about it (and if they figure it out its too late anyway). I use a particularly ancient firewall, which doesn't seem to be hackable by such softwa obviously nothing is fireproof, but I can't remember ever having a software call home after installation without triggering the firewall. (And before you say would I know - I also have a - also fairly old, but not as old - BitMeter, which I have the audio monitor on, so I know whenever _anything_ is using the link, including things I _do_ allow. The beeping would drive many people nuts, but I live alone, and I like it.) Next to that, what about *my choice* to actually download and use "an ancient" version ? Somehow software companies seem to be blithefully unaware (willfully or otherwise) that, for instance, not everyone runs the latest version of the MS operating system ... Indeed! XP here. (And I do have a '98SElite system that I go online with occasionally.) Having said that, Foxit got bloaty a while back Just as FireFox got that advertisment crap included, which is a *very good* reason not wanting to upgrade. Using Firefox 26.0 here ... (-: Regards, Rudy Wieser [] I think we're closer together than might first appear! -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf "... all your hard work in the hands of twelve people too stupid to get off jury duty." CSI, 200x
|
|
#38
March 1st 16, 08:16 PM
posted to microsoft.public.windowsxp.general
|
|||
|
|||
|
CDL internet protocol - what is it (used for) ?
R.Wieser wrote on 2016/03/01:
John, I use a particularly ancient firewall, which doesn't seem to be hackable by such softwa I should have been more specific: I was talking about XP's inbuild firewall here. I've several times seen it to be populated with exeptions for a program/game I was installing. Rules in the Windows Firewall are registry entries. If you install a game, or any software, while logged under an admin-level account then it can write to the registry - which means it can change anything there, including the rules for the Windows Firewall. That is why some installers will demand that you be logged in as an admin because they need to add registry entries (sometimes good, sometimes not so good). 3rd party firewalls with HIPS don't allow that except via user prompt to Allow/Block the change. They have their own separate settings store and they protect themselves, even by admins that run installers that want to change firewall settings. So installers that change rules for Windows Firewall will be touching the wrong part of the registry versus the portion of the registry (that is hash protected and sometimes set for permissions only to the System account, not to a user's account or even to the Administrators security group) to detect changes and not allow direct access for a 3rd party firewall. With a 3rd party firewall, installers (and malware) cannot covertly change settings in that software. The firewall in Windows XP is really only for protection against unsolicited inbound connects. It will NOT protect you from programs with admin privileges that are running on your computer from changing its settings. The Windows XP firewall is for inbound control, not for outbound control or for self-protection. Not even the Windows Firewall in later versions of Windows affords self-protection (and can do outbound control but only with changes in its default settings and triggering on Windows events; see the Windows Firewall Notifier at http://wfn.codeplex.com/ on how this can be done but only with Windows Vista, and later). On Windows XP and if you want outbound control along with the firewall to protect itself, you need a 3rd party firewall. I wish I could remember which one it was but I recall a security program (probably an anti-virus) that would monitor certain registry keys and not allow changes except by user prompt. I remember a discussion where I asked about protecting the registry keys for the Windows Firewall and was pointing to the program's registry configuration as to what parts of the registry it would protect. And there I saw a parent key listed that including the Windows Firewall rules. I'll come back if I remember what that security software was that showed me what registry parts it protected, how I could add my own restrictions, and that it already included the Windows Firewall rules.
|
|
#39
March 1st 16, 08:34 PM
posted to microsoft.public.windowsxp.general
|
|||
|
|||
|
CDL internet protocol - what is it (used for) ?
VanguardLH wrote on 2016/03/01:
I wish I could remember which one it was but I recall a security program (probably an anti-virus) that would monitor certain registry keys and not allow changes except by user prompt. I remember a discussion where I asked about protecting the registry keys for the Windows Firewall and was pointing to the program's registry configuration as to what parts of the registry it would protect. ... Ah, I thought it was Comodo Firewall but wasn't sure. https://help.comodo.com/topic-72-1-4...stry-Keys.html Besides a conversation about protecting the Windows Firewall settings, including its rules, I recall asking about protecting the registry entries dealing with DNS settings (to thwart DNS changers) but don't remember the outcome of that discussion. I would have to install Comodo Firewall again (just their free firewall and omit their anti-virus) to see what registry entries were protected to see if they include the Windows Firewall (probably irrelevant since you would be using their firewall), DNS settings, Internet proxy (since some programs forget to reset after they exit and malware can change it so you cannot connect anywhere), and so on. Don't bother installing their CAV (Comodo AntiVirus) component. It is weak and never any good. They left it in beta status for over 3 years to keep it out of the anti-virus comparison benchmarks. They used their user community to build their virus signature database. They kept promising to add the HIPS component from their firewall into CAV to give it better detection. Instead they rolled it into their Firewall product to use its HIPS component, but CAV is still weak. You won't see it in any AV benchmarks. Use some other AV program for that type of protection. Comodo Firewall: good. Comodo AntiVirus: junk.
|
|
#40
March 2nd 16, 12:41 AM
posted to microsoft.public.windowsxp.general
|
|||
|
|||
|
CDL internet protocol - what is it (used for) ?
In message , R.Wieser
writes: John, I use a particularly ancient firewall, which doesn't seem to be hackable by such softwa I should have been more specific: I was talking about XP's inbuild firewall Ah. [] Indeed! XP here. (And I do have a '98SElite system that I go online with occasionally.) XP here too, and also 98Se (which I'm currently writing this reply on). Using Firefox 26.0 here ... (-: FF 1.5 on 98se. Can update to 2.0 or maybe 3.0 (afaik no further), but that 2 - actually, something like 2.0.0.5, I forget exactly - without Kernelex or whatever it's called; 3.x with. I never got Kernelex to work properly - though didn't try very hard. (It possibly fought with my lite.) does not give me any extras. Still use it regulary. FF 16 on XP. Done that quite recently, because of the higher encryption that the web currently seems to be mandating (no idea why though: what kind of "secure connection" does an Avatar image need ? Or a humor site ? ) :-\ Indeed )-:. Question: Have you ever found a list of requirements and capabilities for the different versions of FF ? No, but I've not looked for one; I wouldn't be surprised if someone somewhere has compiled one. Possibly on wikipedia: folks do seem to put such things there. Before updating to FF 16 I tried to find the "best fitting" version (high encryption, no DRM support, no inbuild advertising-centric crapware), but was quite unsuccessfull in that regard. At the end I did choose FF 16 because it seemed to work well on a computer somewhere. Ditto with 25/26 here. (Plus I didn't want to go Australis, which I think came in with 29. Yes, I could use Classic Restorer - but that seemed a bit of an odd thing to do!) I think we're closer together than might first appear! Which is quite refreshing. More often than not I'm running into people who think that only the last version of {fill in your poisson} is at all usefull. Oh well, their loss I guess. But still not funny to be talking with them. :-\ Indeed. This computer does nearly all I need it for (mainly genealogy), and plays videos well enough. I do have a nice W7 machine, but rarely use it - mainly for Skype and (giving) TeamViewer support. In fact this evening was the first time I've turned it on since early January (my blind friend wanted to Skype so I could read some groceries for her). Regards, Rudy Wieser [] John -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf Play dirty. If a fellow contestant asks the audience if they've got any requests for what he or she should play, reply, "Yeah... Monopoly."
|
|
#41
June 17th 16, 02:32 AM
posted to microsoft.public.windowsxp.general
|
|||
|
|||
|
CDL internet protocol - what is it (used for) ?
On Thursday, February 25, 2016 at 4:22:46 AM UTC-8, R.Wieser wrote:
Hello all, While looking at some web protocol names in te registery I found one named CDL ( CLSID {3dd53d40-7b8b-11D0-b013-00aa0059ce02}). Other than that a google shows its a miltitary "Common Data Link" protocol I've not been able to find anything about it. Does anyone know what its used for / why its on my computer ? Looking at that list again I can see a few others that I have never heard of. Like "its", "mk", "msdaip", "ms-its" and "wia" (all under HKEY_CLASSES_ROOT\PROTOCOLS\Handler) Can I just kill the ones I do not remember of having ever used (removing their CLSIDs from the registry, effectivily making them unaccessible), or do they actually have a purpose on a users computer ? Regards, Rudy Wieser Rudy, Head on over to www.nirsoft.net and, in the search box, enter URLProtocolView. Download a copy of this neat little utility. As with all Nirsoft utilities, it's a portable app that requires no installation. Simply unzip the file you downloaded (Download the Unicode version.) and run the program. It will bring up a list of every single URL protocol installed on your system, showing, among other things, which company's software is responsible for each protocol. Specifically, it will show you that the CDL: protocol comes from Internet Explorer, along with file:, ftp:, http:, etc. Honestly, I can't tell you exactly what that protocol is. I don't believe that it refers to the military Common Data Link, which is transmitted over the air on the Ku microwave band. While I don't know the purpose of all of these unknown protocols, they are not something you need to worry about. Regardless, you SHOULD NOT disable them!! Unless you know exactly what you're doing, you really can do an enormous amount of damage to your system! What's more likely, however, is that you'll do nothing whatsoever to your system, either positive or negative. As a system administrator for more than 30 years, I can tell you that, in that case, it's best to leave well enough alone. I hope this helps! -geo
|
|
#42
June 17th 16, 07:57 AM
posted to microsoft.public.windowsxp.general
|
|||
|
|||
|
CDL internet protocol - what is it (used for) ?
In article ,
says... On Thursday, February 25, 2016 at 4:22:46 AM UTC-8, R.Wieser wrote: Hello all, While looking at some web protocol names in te registery I found one named CDL ( CLSID {3dd53d40-7b8b-11D0-b013-00aa0059ce02}). Other than that a google shows its a miltitary "Common Data Link" protocol I've not been able to find anything about it. Does anyone know what its used for / why its on my computer ? Looking at that list again I can see a few others that I have never heard of. Like "its", "mk", "msdaip", "ms-its" and "wia" (all under HKEY_CLASSES_ROOT\PROTOCOLS\Handler) Can I just kill the ones I do not remember of having ever used (removing their CLSIDs from the registry, effectivily making them unaccessible), or do they actually have a purpose on a users computer ? Regards, Rudy Wieser Rudy, Head on over to www.nirsoft.net and, in the search box, enter URLProtocolView. Download a copy of this neat little utility. As with all Nirsoft utilities, it's a portable app that requires no installation. Simply unzip the file you downloaded (Download the Unicode version.) and run the program. It will bring up a list of every single URL protocol installed on your system, showing, among other things, which company's software is responsible for each protocol. Specifically, it will show you that the CDL: protocol comes from Internet Explorer, along with file:, ftp:, http:, etc. Honestly, I can't tell you exactly what that protocol is. I don't believe that it refers to the military Common Data Link, which is transmitted over the air on the Ku microwave band. While I don't know the purpose of all of these unknown protocols, they are not something you need to worry about. Regardless, you SHOULD NOT disable them!! Unless you know exactly what you're doing, you really can do an enormous amount of damage to your system! What's more likely, however, is that you'll do nothing whatsoever to your system, either positive or negative. As a system administrator for more than 30 years, I can tell you that, in that case, it's best to leave well enough alone. I hope this helps! -geo Hi I found in https://groups.google.com/forum/#! msg/microsoft.public.windowsxp.general/E_x0-kfAMAI/FHGDPO5aBQAJ A long description with ... Caterpillar ... With regards Reinhard
|
|
#43
June 17th 16, 10:25 AM
posted to microsoft.public.windowsxp.general
|
|||
|
|||
|
CDL internet protocol - what is it (used for) ?
Geo,
Head on over to www.nirsoft.net and, in the search box, enter URLProtocolView. Download a copy of this neat little utility. Thanks for that suggestion. I was hoping someone knew about an RFC or alike, but as nothing of the kind seems to be available and not even google seems to know anything about it maybe I will try it (even though I rather dislike having to run random software to get simple info ...) While I don't know the purpose of all of these unknown protocols, they are not something you need to worry about. You're right, I *should* not need to worry about them. Neither *should* I need to worry about certain non-executable file-formats, or if MS (security-)updates carry company-created malware, or ... Oh, wait .... :-( Regardless, you SHOULD NOT disable them!! Why not ? Because some kind of (unknown by me, and possibly unwanted) communication could than not take place ? My good man, thats exactly what I'm hoping for. :-) By the way: You probably have read that I redirected the involved registry entry to a dummy object which would just show a popup box ? A week ago it did (show that popup box), and you never guess why ... It happened when I opened up an old-style help-file/program (AutoIt3Help.exe), which seems to use a "webbrowser object" to display its contents. Regards, Rudy Wieser -- Origional message: schreef in berichtnieuws ... On Thursday, February 25, 2016 at 4:22:46 AM UTC-8, R.Wieser wrote: Hello all, While looking at some web protocol names in te registery I found one named CDL ( CLSID {3dd53d40-7b8b-11D0-b013-00aa0059ce02}). Other than that a google shows its a miltitary "Common Data Link" protocol I've not been able to find anything about it. Does anyone know what its used for / why its on my computer ? Looking at that list again I can see a few others that I have never heard of. Like "its", "mk", "msdaip", "ms-its" and "wia" (all under HKEY_CLASSES_ROOT\PROTOCOLS\Handler) Can I just kill the ones I do not remember of having ever used (removing their CLSIDs from the registry, effectivily making them unaccessible), or do they actually have a purpose on a users computer ? Regards, Rudy Wieser Rudy, Head on over to www.nirsoft.net and, in the search box, enter URLProtocolView. Download a copy of this neat little utility. As with all Nirsoft utilities, it's a portable app that requires no installation. Simply unzip the file you downloaded (Download the Unicode version.) and run the program. It will bring up a list of every single URL protocol installed on your system, showing, among other things, which company's software is responsible for each protocol. Specifically, it will show you that the CDL: protocol comes from Internet Explorer, along with file:, ftp:, http:, etc. Honestly, I can't tell you exactly what that protocol is. I don't believe that it refers to the military Common Data Link, which is transmitted over the air on the Ku microwave band. While I don't know the purpose of all of these unknown protocols, they are not something you need to worry about. Regardless, you SHOULD NOT disable them!! Unless you know exactly what you're doing, you really can do an enormous amount of damage to your system! What's more likely, however, is that you'll do nothing whatsoever to your system, either positive or negative. As a system administrator for more than 30 years, I can tell you that, in that case, it's best to leave well enough alone. I hope this helps! -geo
|
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
