SRWare.net

Unfortunately, hitting advance just adds additional information why and says you cannot access site at this time. Since I first posted this, the OP said he may try to do some additional things for XP users, but it's a low priority. I do have a temporary work-a-round using Opera, but I don't like Opera and don't really visit the site that often, so, when I do, I'll use Opera. Regardless, there isn't anything you can do about it SRWare since it is indeed an XP issue (not sure how Opera got around this) and the hash stuff's part of Chrome's core as it would any browser's use of security features. Still, I like Iron and will continue to use it for as long as I can before I no longer will be able to play within my XP Sandbox due to compatibility requirements that will eventually be. Thanks again for the continued work on SRWare Iron Browser.

Looks like panopticlick (site that tests supercookies) are now using SHA256 too. I say, since only a few months back when I visited the site that all was well with Iron, why have they decided to do this now? Crazy. Oh well. The powers that be want me to upgrade my XP I suppose. lol

https://panopticlick.eff.org/

Still, may sound strange to some, but my XP VM, because of how I use it, is much more secure than any regular OS can be. I choose XP since it uses very little resources (doesn't tax my host). Ubuntu may be my next used VM host, but there's other features that I like with XP as well (I guess it's my crutch if you will). I sure do wish someone would have Open Sourced XP. Guess M$ kept that from happening.

lylejk wrote:Looks like panopticlick (site that tests supercookies) are now using SHA256 too. I say, since only a few months back when I visited the site that all was well with Iron, why have they decided to do this now? Crazy. Oh well. The powers that be want me to upgrade my XP I suppose. lol

https://panopticlick.eff.org/

Still, may sound strange to some, but my XP VM, because of how I use it, is much more secure than any regular OS can be. I choose XP since it uses very little resources (doesn't tax my host). Ubuntu may be my next used VM host, but there's other features that I like with XP as well (I guess it's my crutch if you will). I sure do wish someone would have Open Sourced XP. Guess M$ kept that from happening.

You can also try Sandboxie instead of a VM.

lylejk wrote:Looks like panopticlick (site that tests supercookies) are now using SHA256 too. I say, since only a few months back when I visited the site that all was well with Iron, why have they decided to do this now? Crazy. Oh well. The powers that be want me to upgrade my XP I suppose. lol

https://panopticlick.eff.org/

Still, may sound strange to some, but my XP VM, because of how I use it, is much more secure than any regular OS can be. I choose XP since it uses very little resources (doesn't tax my host). Ubuntu may be my next used VM host, but there's other features that I like with XP as well (I guess it's my crutch if you will). I sure do wish someone would have Open Sourced XP. Guess M$ kept that from happening.

Currently XP is one of the best operating system in efficency reliability and essentiality. Surely it is the best oeprating system in legacy hardware. I match it with LINUX systems like Lubuntu or Kbuntu this last is really fantastic. The benefit to match a linux systemis to take benefit of OPENGL on HTML5 modern codification by modern browser able to process fluidly videos in HD. so i CAN SEE fluidly videos at 1080p or 720 also by a Pentium $ and a good AGP vga.

alx_max wrote:I am back with a workaround as answer to the question How can the tab discarding be disabled? There is a parameter in the command line which can be used for that. Just use the --force-fieldtrials command line option like this:

Code: Select all

"C:\Program Files\SRWare Iron\chrome.exe" --force-fieldtrials=AutomaticTabDiscarding/Disabled

You must change the path to the one where your Iron browser is installed though. Source: https://code.google.com/p/chromium/issu ... 525216#c17

For me the tab discarding is disabled just by using the chrome://flags/#enable-tab-discarding flag. I can leave three or more tabs open for long time without any issues.

Indeed, when I finally am fed up with the compatibility issues, I will be using Ubuntu (already have a 64-bit Ubuntu VM) for my sandbox. Just wish there was a program like Sandboxie that runs in Linux so I won't have to recover to golden set point as well as be able to run multiple separate sessions (banking, email, etc.) like I do now. Had purchased Sandboxie back in 2008 and it's a life time license and have had no problem with it in my XP VM and even toyed with it in my Win7 VM before I finally hosed it since M$ returned a Genuine Microsoft Advantage message even though my license is legit (transferred from my old Win7 OS when it died on me; purchased the upgrade the summer before they officially released Win7 back in 2009 as I recall). Anyway, if any of you know of a Sandboxie equivalent that runs in Ubuntu, I would like to try it.

Hi,

I am using Iron for three years and never had problems but this time setup is hunging
http://www.bild.me/bild.php?file=8700962iron.PNG
the program is starting though and showing the new version correctly.

Regards

How to use WEBGL native support on Iron? thanks.

Azrael5 wrote: Currently XP is one of the best operating system in efficency reliability and essentiality. Surely it is the best oeprating system in legacy hardware. I match it with LINUX systems like Lubuntu or Kbuntu this last is really fantastic. The benefit to match a linux systemis to take benefit of OPENGL on HTML5 modern codification by modern browser able to process fluidly videos in HD. so i CAN SEE fluidly videos at 1080p or 720 also by a Pentium $ and a good AGP vga.

Windows XP is also nearly two years past its end of support, is no longer supported by most anti-virus manufacturers, and does not support the basic minimal technologies (TLS 1.1 and SHA-256) needed to protect sensitive information in transit. Windows XP only supports TLS 1.0, which, like all versions of SSL, is no longer considered "strong cryptography".

You asked earlier why support for SHA1 was dropped. The answer is that the use of the preceding hash technology, SHA1, was disallowed as part of the digital signature generation/PKI certificate creation process as of January 2015, based on the currently authoritative NIST document on this (NIST Special Publication 800-131A -- Transitions:Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths (January 2011)). As a result, browser manufacturers have started removing support for certificates that use SHA1 now -- all modern OS's and browsers have supported SHA256 in certificates for some time, but they waited a year after the disallowing of SHA1 to remove support for it, in order to allow time for certificates with only SHA1 to expire and be replaced.

The PCI Security Standards Council, which sets mandatory security standards for the Payment Card Industry, has a free webinar, “Migrating from SSL and Early TLS” http://info.pcisecuritystandards.org/we ... -early-tls which has a segment in which an expert from NIST explains what the risks are with SSL and Early TLS (TLS 1.0). You might find it interesting.

-Jim

Any views or opinions contained in this communication are solely those of the author, and do not necessarily represent those of Trustwave Holdings, Inc., or any other organizations or entities the author may be associated with.

Along those same lines, one of the Microsoft Security Advisories from today is on this exact topic.

https://technet.microsoft.com/en-us/lib ... 23479.aspx -- Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program. The FAQ in the Advisory has some more information on why SHA-1 is being deprecated as of January 1, 2016.

Also see "The SHAppening: freestart collisions for SHA-1" at https://sites.google.com/site/itstheshappening/ for more techie info.