Thanks for the recommendation Tricia.

I personally use Firefox 38.8.0esr with ublock origin and noscript (compatible versions can be found on legacycollector). It is much faster that newer versions such as the next ESR (45) or even version 52 compiled without SSE2.

On thing to note with noscript is that it has by default a whitelist which contains a number of google domains. As a consequence, news.google.com for example become unusable because of the extremely heavy JS usage. So I recommend emptying the whitelist in the noscript plugin options for an optimal experience.

I personally use Flashpeak Slimjet 10 with XP/Vista. It is based on older Chrome and is surprisingly compatible with a lot of the modern web still.

On XP I have a growing number of websites that won't open due to cipher mismatches. Vista's situation is better because Vista supports more ciphers than XP natively.

The browser is fast, but may not be as memory-efficient (Chrome was never great about memory efficiency). I haven't tested this aspect of it, since I all systems I currently use have at least 2GB RAM.

Before Slimjet I was using Firefox forks - Pale Moon / Basilisk (also by Pale Moon team), but grew steadily unhappy with two things - loss of compatibility with modern web on old versions and unexplained sluggishness on new versions (where the browser starts fast and gradually slows down to the point that even switching tabs feels slow). Never found a solution, and decided to try something else. Lo and behold, no such problems with Slimjet. I did lose a bit on addon compatibility, but the overall experience is better for me.

No offence, but anyone accessing the Web with XP or older should be flogged. No matter which browser, that's just irresponsible.

derSammler wrote:

No offence, but anyone accessing the Web with XP or older should be flogged. No matter which browser, that's just irresponsible.

No offense, but this is just stupid, stupid FUD.

dr_st wrote:

I personally use Flashpeak Slimjet 10 with XP/Vista. It is based on older Chrome and is surprisingly compatible with a lot of th […]
Show full quote

I personally use Flashpeak Slimjet 10 with XP/Vista. It is based on older Chrome and is surprisingly compatible with a lot of the modern web still.

On XP I have a growing number of websites that won't open due to cipher mismatches. Vista's situation is better because Vista supports more ciphers than XP natively.

The browser is fast, but may not be as memory-efficient (Chrome was never great about memory efficiency). I haven't tested this aspect of it, since I all systems I currently use have at least 2GB RAM.

Before Slimjet I was using Firefox forks - Pale Moon / Basilisk (also by Pale Moon team), but grew steadily unhappy with two things - loss of compatibility with modern web on old versions and unexplained sluggishness on new versions (where the browser starts fast and gradually slows down to the point that even switching tabs feels slow). Never found a solution, and decided to try something else. Lo and behold, no such problems with Slimjet. I did lose a bit on addon compatibility, but the overall experience is better for me.

I agree that the Firefox forks are somewhat underwhelming. In fact Pale Moon was compromised for some time and unknowingly distributed trojaned versions of its browser: https://www.securityweek.com/archive-server-p … -browser-hacked

Does Slimjet require SSE2? If not I might definitely try out, although it'd need to also support noscript / ublock origin as well for an optimal experience. Browsing the web without noscript is nigh impossible with Firefox on very old hardware.

derSammler wrote:

No offence, but anyone accessing the Web with XP or older should be flogged. No matter which browser, that's just irresponsible.

No offence, but I'll do what I want with my old hardware 😁

derSammler wrote:

No offence, but anyone accessing the Web with XP or older should be flogged. No matter which browser, that's just irresponsible.

No offense, but I'll flog you right back for your insolence. It's a great OS that deserves support.

-Posted with Firefox 52 ESR, XP SP3.

cde wrote:

Does Slimjet require SSE2?

AFAIK, yes. Maybe some really old versions don't, but I can't vouch for their web compatibility. 😐 uBlock Origin works (older version, I use it myself) and there are NoScript and similar addons (which I don't use myself).

No offence, but I use my Pentium III Tualatin running XP on the web every day, and so far I never caught a virus nor a malware. And yes, I scan it frequently and I find no threat, unless cookies are now considered malware. Just a quick swipe with Ccleaner and I get rid of them in a jiffy.

For everyone of you who use Mozilla based browsers on their retro machines, don't forget to try the UOC Patch, to optimize them further:

The UOC and QUOC Patch - An attempt at optimizing Mozilla based browsers for old machines

This very reply has been written on that machine, and I haven't seen a single kitten die so far because I use XP on the web.

cde wrote:

cut

If you have an SSE only CPU, I recommend you to check out Roytam1's browsers: Firefox 45 ESR SSE, New Moon 27 SSE and K-Meleon 76 Goanna. You can find them on the MSFN forum. Those browsers, coupled with the UOC Patch, run fantastically on my Tualatin and support the modern security protocols, such as TLS 1.3, something that the Chrome and the Internet Explorer based browsers don't. They also support WebP and HTML5, unlike the original Firefox 38 and 45 ESR. I personally use Firefox 45 ESR SSE as my main browser and New Moon 27 SSE as a backup.

That sounds awesome, I need to try that! So many great suggestions from people on this forum 😀 Thanks again looking4awayout

Me again, still with my pal. I love it, because it's slim and does'nt send *telemetry* (or whatever) data to mozilla (or whoever). By now i could'nt find a single site it would'nt display (can do html5 vids, too). The limit mark java-script overloaded sites, but that's my weak CPU.

Re: https / cert-errors: I've learned that every old / no longer maintained browser (not MyPal!) gets unusable at last. This is less caused by new cyphers (tsl1.3 remains tsl1.3(?!)) but an outdated cert-db. Compare old and new ones - the companies come and go. It there a public place to dl a to-date-list manually? I do'nt need it (by now), only asking that because the customers (who buy the S in httpS) should have an interest in spreading such dbs...

derSammler wrote:
No offence, but anyone accessing the Web with XP or older should be flogged.

Hello derSammler! FLOGGED - i had to look that up in the dictionary. Sounds archaic. Err, you know where you are, do you? Vogons is a board for antique computers and software. Everybody here loves viruses and gives his / her banking-data to everyone without asking. I, personally, fill in every form on sites in foreign languages with exotic pictures, before dling their brand-new downloader. Did i mention that i'm controlling a nuclear power plant with this computer?

Tricia McMillan wrote:

I, personally, fill in every form on sites in foreign languages with exotic pictures, before dling their brand-new downloader. Did i mention that i'm controlling a nuclear power plant with this computer?

Meh. Can't be worse than the pre-Chernobyl RBMK.

dr_st wrote:

Meh. Can't be worse than the pre-Chernobyl RBMK.

Chernobyl was my brother (lucky him, he controlled it by remote from some Tiki-Taku-Bar in Hawai that day). My other brother was in charge of the MIR, while my elder sister... but that's a different story.

dr_st wrote:

derSammler wrote:

No offence, but anyone accessing the Web with XP or older should be flogged. No matter which browser, that's just irresponsible.

No offense, but this is just stupid, stupid FUD.

For give me, I don't mean "to pour oil into the fire", but..
I've noticed a strong aversion in German computer forums against having XP "on-line" in these days. Perhaps it's just a national thing, not sure.
In parts it seems to be the case because many IT administrators and companies there can't or refuse to upgrade existing XP systems.
Personaly, Ive been torn between in this respect. For one, I understand the risk of using certain old systems in a modern web,
due to security/safety issues and out-dated standards. On the other hand, I think it's fungible to have XP connected to the net if
additional safety measures exist, like using Virtual Machines or a dedicated ("hardware") firewall that take action if something goes wrong
(like a home router or modem with firewall, port filters etc). Running an outdated, un-supervised copy of XP is risky, though, if it's connected to the web.
This reminds me of the days of Sasser, Sober and its kind: https://en.wikipedia.org/wiki/Sasser_(computer_worm)

Edit: I forgot.. @Tricia McMillan Thanks, too, for mentioning MyPal! 😀

Hello (also to my new friend, derSammler!),

Security-discussion number 8.735.382 starts ... (OMG!)

i'm just a little unnerved by security-blabla (and -freaks). Example: My computer (OS XPSP3, the one i'm typing this on) is full of trash, old games, apps and whatever good and / or useless software. There is not a single relevant information on it, that can be of any value for bad guys. I'm online via the Hotspot of my android-mobile. The last virus i might have caught was around 1998 (or was it 199?), and i'm not even sure it was one (i'm *optimizing* far too much). I monitor autoruns.exe, make reg-backups (EruNT, recommended for XP), know exactly about my traffic, the email-address i signed in this board existed for less than 5 minutes, i know the birthday of my mother by heart. Please, tell me, what can happen?

Ah, i changed this computer for 3 old GSM-mobiles, it's ebay value is around 50 Euros = USD, a new 80GB HD costs 8 (in words: eight) Euros on the fleamarked, and in 5 minutes i will launch the nukes i control with it in ... (guess where) ... so ... Have a nice Day!

Jo22 wrote:

For one, I understand the risk of using certain old systems in a modern web, due to security/safety issues and out-dated standar […]
Show full quote

For one, I understand the risk of using certain old systems in a modern web,
due to security/safety issues and out-dated standards. On the other hand, I think it's fungible to have XP connected to the net if
additional safety measures exist, like using Virtual Machines or a dedicated ("hardware") firewall that take action if something goes wrong
(like a home router or modem with firewall, port filters etc). Running an outdated, un-supervised copy of XP is risky, though, if it's connected to the web.

Exactly. Any home router which has a NAT and by default blocks all ports is good enough protection for most cases. And who has a network without NAT these days?

There is no reason to run an outdated XP. By SP3 time security was greatly improved already. With the POSReady hack one can get even more updates, though, truth be told, Microsoft has been very good in patching actually serious threats in their out-of-support operating systems, including non-POS versions of XP after 2014 and Vista after 2017. So far I am not aware of any serious in-the-wild threats (the kind that can compromise a computer without a user error letting them in first) that do not have an official patch for XP.

Jo22 wrote:

This reminds me of the days of Sasser, Sober and its kind: https://en.wikipedia.org/wiki/Sasser_(computer_worm)

Or the famous pre-SP1 Blaster.

Don't forget the latest XP update:
https://support.microsoft.com/en-gb/help/4500 … r-cve-2019-0708

Most home routers just block inbound not outbound. I use my SG-1100 to only allow specific outbound traffic and any outbound traffic can only go over the VPN except for traffic I specifically route over the WAN.

It's funny the comments you see online when you mention you are using an older OS but almost none of those people mention the applications and games that they are running on that OS. If you have applications installed that haven't been updated in more than a couple of weeks then you have no reason to talk except out of ignorance.

If everyone moves to running older operating systems in VMs or containers then the malware will jump to those locations as well and as been shown there are methods to jump outside of those environments. Whatever you use take precautions no matter if it's the latest and greatest OS or one from 20yrs ago.

cde wrote:

That sounds awesome, I need to try that! So many great suggestions from people on this forum 😀 Thanks again looking4awayout

You're welcome! The patch really improves the browsing speed of old machines with Firefox, K-Meleon and Pale Moon/New Moon. I mean, if I can use my Tualatin on the web thanks to it (and it used to be an 800MHz Coppermine), I apply it to my customers' old computers (and here in my town, there are still many old P4 Willamettes and Athlon XPs still in use), why can't it work on other systems? 😎

You can find Roytam1's browsers (which I heartedly recommend) here:

https://msfn.org/board/topic/177125-my-build- … -targetting-xp/

dr_st wrote:

derSammler wrote:

No offence, but anyone accessing the Web with XP or older should be flogged. No matter which browser, that's just irresponsible.

No offense, but this is just stupid, stupid FUD.

They are actually trying to do you a favour by pointing out the obvious, this isn't someone being a killjoy, it is common sense.
Microsoft don't release security updates for fun, they create patches as vulnerabilities are discovered and stopped providing this service to regular XP users 5 years ago.
I've seen infected XP systems which visited a mainstream website where malware was contained in the adverts, anti-virus and malwarebytes didn't detect anything. XP is an open goal for exploits and people nonchalantly using vulnerable systems make their internal networks and the internet at large more dangerous for everyone else.

looking4awayout wrote:

No offence, but I use my Pentium III Tualatin running XP on the web every day, and so far I never caught a virus nor a malware. And yes, I scan it frequently and I find no threat, unless cookies are now considered malware. Just a quick swipe with Ccleaner and I get rid of them in a jiffy.

How are you certain you've never been infected with malware/viruses/trojans?
Are you watching all outbound traffic and fully understand what is creating it?

Linux is free and far more secure. If you must use your classic hardware which can only run old MS operating systems on the web, multi-booting Linux for web browsing is a no brainer... or just keep your retro systems offline and safe from harm and use something more appropriate for the internet.

DosFreak wrote:

Most home routers just block inbound not outbound. I use my SG-1100 to only allow specific outbound traffic and any outbound traffic can only go over the VPN except for traffic I specifically route over the WAN.

Most outbound traffic is considered legitimated as initiated either by the user or by applications the user has allowed to install. Of course this fails if the user has been duped to allowed malware to install itself, or some particularly clever one managed to do it without consent. This can happen but pretty rare among people who know what they are doing.

Your approach is more secure, for sure, and I know people who use it. Not sure how it affects day-to-day usage of the web, but maybe I should try it myself one day.

BushLin wrote:

Microsoft don't release security updates for fun, they create patches as vulnerabilities are discovered and stopped providing this service to regular XP users 5 years ago.

Really? Check DosFreak's post 2 above yours.

BushLin wrote:

I've seen infected XP systems which visited a mainstream website where malware was contained in the adverts

You tell people not to use XP, but think it's OK to surf the web without an ad-blocker? I'm genuinely shocked.

BushLin wrote:

people nonchalantly using vulnerable systems make their internal networks and the internet at large more dangerous for everyone else

According to your theory, running a "supported" OS automatically makes you safe, no? So what's the problem? As for the safety of my own personal network, let it be my headache, not yours.

BushLin wrote:

How are you certain you've never been infected with malware/viruses/trojans?
Are you watching all outbound traffic and fully understand what is creating it?

Well, I hope he has better things to do with his time than constantly watch all outbound traffic on his computer. But I suppose that you've been doing exactly that (monitoring and fully understanding all inbound and outbound traffic to all your systems?) Otherwise how can you be sure you were not infected? Surely there are 0-day exploits out there that are unpatched even on the newest OS.