<![CDATA[The Un-Official Proxomitron Forum - General Security]]> https://www.prxbx.com/forums/ Sat, 18 Apr 2026 02:37:04 +0000 MyBB <![CDATA[Root certificate expiring - anything to be done?]]> https://www.prxbx.com/forums/showthread.php?tid=3145&pid=21083#pid21083 Sat, 01 Feb 2025 22:21:38 -0500 https://www.prxbx.com/forums/showthread.php?tid=3145&pid=21083#pid21083 <![CDATA[Root certificate expiring - anything to be done?]]> https://www.prxbx.com/forums/showthread.php?tid=3145&pid=21082#pid21082 Fri, 31 Jan 2025 22:29:56 -0500 https://www.prxbx.com/forums/showthread.php?tid=3145&pid=21082#pid21082 <![CDATA[Root certificate expiring - anything to be done?]]> https://www.prxbx.com/forums/showthread.php?tid=3145&pid=21081#pid21081 Fri, 31 Jan 2025 01:42:30 -0500 https://www.prxbx.com/forums/showthread.php?tid=3145&pid=21081#pid21081 Your version of Firefox will start to have provlems on January 14. A root certificate will expire, causing some preferences and other features to stop working. On March 14, 2025, add-ons and more features will also break."

On Jan 14 nothing really happened. Everything continued to work as usual. I should explain that I've been running Firefox 100 for a long time because every time I had tried to go past version 100, Firefox would not work at all with Proxomitron, either ProxHTTPSProxy or Reborn. Every single site would refuse to load with "Warning: potential security risk ahead." All versions below 100 would load most sites, but everything above would be unusable with SSL errors.

These recent FF warnings finally motivated me to do some research and experimentation. Some claimed that Firefox would use the Windows OS certs if its own failed and "security.enterprise_roots.enabled" was set to true. I hoped that maybe updating the Windows 7 root certificates would solve the problems, so I used the OS cert updater here: https://github.com/asheroto/Root-Certificate-Updater.

It didn't help with later editions of FF, so I kept looking and found a newer cert updater here: https://msfn.org/board/topic/183352-prox...uture-use/

After applying that, versions of FF after 100 were still not working and my current version 100 was clearly worse, with youtube almost becoming unusable due to video stoppage. I of course also updated certs.pem and cacert.pem from https://curl.haxx.se/docs/caextract.html but that has never seemed to solve anything.

I then noticed in the above thread at msfn for XP users that there were newer versions of ProxHTTPSProxy than I have. After trying version 1.5 it actually worked with Firefox 115esr! At first I was elated to finally get that breakthrough, but there are still problems with some sites just like I was having before. There are newer versions of ProxHTTPSProxy available there (20230813), but they fail on my Win 7 with "procedure entry point GetCPFileNameFromRegistry could not be located in the dynamic link library Kernel32.dll"

Obviously I don't know what I'm doing in many ways, but would really like to get things working with no SSL errors if at all possible since I'm very tired of (even with FF 100) having to turn off the proxy for certain sites and having to deal with broken css and other site functionality because of cert failures for other domains the site uses. Ideally I love a way to force/trick the browser to ignore all cert errors and load all sites automatically.]]> Your version of Firefox will start to have provlems on January 14. A root certificate will expire, causing some preferences and other features to stop working. On March 14, 2025, add-ons and more features will also break."

On Jan 14 nothing really happened. Everything continued to work as usual. I should explain that I've been running Firefox 100 for a long time because every time I had tried to go past version 100, Firefox would not work at all with Proxomitron, either ProxHTTPSProxy or Reborn. Every single site would refuse to load with "Warning: potential security risk ahead." All versions below 100 would load most sites, but everything above would be unusable with SSL errors.

These recent FF warnings finally motivated me to do some research and experimentation. Some claimed that Firefox would use the Windows OS certs if its own failed and "security.enterprise_roots.enabled" was set to true. I hoped that maybe updating the Windows 7 root certificates would solve the problems, so I used the OS cert updater here: https://github.com/asheroto/Root-Certificate-Updater.

It didn't help with later editions of FF, so I kept looking and found a newer cert updater here: https://msfn.org/board/topic/183352-prox...uture-use/

After applying that, versions of FF after 100 were still not working and my current version 100 was clearly worse, with youtube almost becoming unusable due to video stoppage. I of course also updated certs.pem and cacert.pem from https://curl.haxx.se/docs/caextract.html but that has never seemed to solve anything.

I then noticed in the above thread at msfn for XP users that there were newer versions of ProxHTTPSProxy than I have. After trying version 1.5 it actually worked with Firefox 115esr! At first I was elated to finally get that breakthrough, but there are still problems with some sites just like I was having before. There are newer versions of ProxHTTPSProxy available there (20230813), but they fail on my Win 7 with "procedure entry point GetCPFileNameFromRegistry could not be located in the dynamic link library Kernel32.dll"

Obviously I don't know what I'm doing in many ways, but would really like to get things working with no SSL errors if at all possible since I'm very tired of (even with FF 100) having to turn off the proxy for certain sites and having to deal with broken css and other site functionality because of cert failures for other domains the site uses. Ideally I love a way to force/trick the browser to ignore all cert errors and load all sites automatically.]]> <![CDATA[Root certificate expiring - anything to be done?]]> https://www.prxbx.com/forums/showthread.php?tid=3145&pid=21080#pid21080 Sun, 26 Jan 2025 03:56:54 -0500 https://www.prxbx.com/forums/showthread.php?tid=3145&pid=21080#pid21080 <![CDATA[Root certificate expiring - anything to be done?]]> https://www.prxbx.com/forums/showthread.php?tid=3145&pid=21079#pid21079 Mon, 13 Jan 2025 11:24:51 -0500 https://www.prxbx.com/forums/showthread.php?tid=3145&pid=21079#pid21079
On this PC I'm still running Win 7 flawlessly, but you can't go past FF version 115 with that OS anyway.]]>
On this PC I'm still running Win 7 flawlessly, but you can't go past FF version 115 with that OS anyway.]]> <![CDATA[End-to-end encryption is coming....]]> https://www.prxbx.com/forums/showthread.php?tid=2182&pid=17820#pid17820 Wed, 19 Nov 2014 15:17:54 -0500 https://www.prxbx.com/forums/showthread.php?tid=2182&pid=17820#pid17820

I too like to follow security/privacy topics, and this was another story that I found very intersting: http://www.theguardian.com/technology/20...ndroid-ios]]>

I too like to follow security/privacy topics, and this was another story that I found very intersting: http://www.theguardian.com/technology/20...ndroid-ios]]> <![CDATA[End-to-end encryption is coming....]]> https://www.prxbx.com/forums/showthread.php?tid=2182&pid=17817#pid17817 Tue, 18 Nov 2014 20:20:58 -0500 https://www.prxbx.com/forums/showthread.php?tid=2182&pid=17817#pid17817
https://www.techdirt.com/articles/201411...ffic.shtml

There's a link therein to a YouTube video, and if you want to just jump straight to the good stuff, this is it:

https://www.youtube.com/watch?v=Gas_sSB-5SU


I won't make any predictions, especially about how soon this might come about, but I'm pretty certain that the government's "War on Citizens" is about to ratchet up a notch....

Later,




Oddysey]]>
https://www.techdirt.com/articles/201411...ffic.shtml

There's a link therein to a YouTube video, and if you want to just jump straight to the good stuff, this is it:

https://www.youtube.com/watch?v=Gas_sSB-5SU


I won't make any predictions, especially about how soon this might come about, but I'm pretty certain that the government's "War on Citizens" is about to ratchet up a notch....

Later,




Oddysey]]> <![CDATA[Facebook and MySpace security: backdoor wide open, millions of accounts exploitable]]> https://www.prxbx.com/forums/showthread.php?tid=1521&pid=17437#pid17437 Tue, 04 Feb 2014 00:39:32 -0500 https://www.prxbx.com/forums/showthread.php?tid=1521&pid=17437#pid17437 As with No-Trax, I've not used this my own self, but I found it at Shell Extension City. They're claiming to build upon the work of HiJackThis by Merijn, which outta be worth something.]]> As with No-Trax, I've not used this my own self, but I found it at Shell Extension City. They're claiming to build upon the work of HiJackThis by Merijn, which outta be worth something.]]> <![CDATA[anti-adblock javascript, weak?]]> https://www.prxbx.com/forums/showthread.php?tid=2055&pid=16797#pid16797 Sun, 14 Oct 2012 13:19:22 -0400 https://www.prxbx.com/forums/showthread.php?tid=2055&pid=16797#pid16797 Multiple posts dealing with counter-acting Adblock hidden-technology.blogspot. Notice they are dated 2008.

Using javascript ("client side", user's PC) seems vulnerable to client-side counter-counter-defense. But in the end, the client can always block something...

This looks sneaky. It has a timer, so I guess it sniffs and records user's text selections. Spying on behavior.

Years ago, when many on the internet cheered AJAX, I already wondered how to block AJAX. I assume ECMAScript references list certain AJAX functions?

Also, quick Wikipedia: [ul=https://en.wikipedia.org/wiki/JSON#Use_in_Ajax]AJAX is part of JSON[/url]]]> Multiple posts dealing with counter-acting Adblock hidden-technology.blogspot. Notice they are dated 2008.

Using javascript ("client side", user's PC) seems vulnerable to client-side counter-counter-defense. But in the end, the client can always block something...

This looks sneaky. It has a timer, so I guess it sniffs and records user's text selections. Spying on behavior.

Years ago, when many on the internet cheered AJAX, I already wondered how to block AJAX. I assume ECMAScript references list certain AJAX functions?

Also, quick Wikipedia: [ul=https://en.wikipedia.org/wiki/JSON#Use_in_Ajax]AJAX is part of JSON[/url]]]> <![CDATA['HOSTS' file for use by paying remote sites....]]> https://www.prxbx.com/forums/showthread.php?tid=1798&pid=15593#pid15593 Sun, 10 Jul 2011 00:44:17 -0400 https://www.prxbx.com/forums/showthread.php?tid=1798&pid=15593#pid15593
proxy.org is back up for me now, too. Thanks just the same, it's always nice to get a confirmation from another source (and not just another computer on my home network).



JJoe;

Thanks. I hadn't dug into it that far, interesting stuff when you read between the lines. I admit to being curious about why a site collecting and distributing proxy addresses would be so concerned about someone viewing their materials from a proxified connection. I guess it's best to chalk it up to "it takes all kinds", eh? Wink

Take care one and all,



Oddysey]]>
proxy.org is back up for me now, too. Thanks just the same, it's always nice to get a confirmation from another source (and not just another computer on my home network).



JJoe;

Thanks. I hadn't dug into it that far, interesting stuff when you read between the lines. I admit to being curious about why a site collecting and distributing proxy addresses would be so concerned about someone viewing their materials from a proxified connection. I guess it's best to chalk it up to "it takes all kinds", eh? Wink

Take care one and all,



Oddysey]]> <![CDATA['HOSTS' file for use by paying remote sites....]]> https://www.prxbx.com/forums/showthread.php?tid=1798&pid=15583#pid15583 Fri, 08 Jul 2011 17:13:34 -0400 https://www.prxbx.com/forums/showthread.php?tid=1798&pid=15583#pid15583 http://upsideout.com/

Quote:UpsideOut, Inc. is a New York based website development firm specializing in innovative privacy and security solutions for individuals and businesses worldwide. UpsideOut websites provide a rich experience of information and technology through straightforward, functional design.

We are best known for Proxify.com (the premier web-based anonymous proxy service), Socksify.com (an anonymous HTTP proxy service), and Proxy.org (a comprehensive proxy directory and discussion forum for proxy users). Here are some of the websites in our portfolio:

Quote:Proxy.org is the most trusted resource for information about anonymous web surfing and proxies. Proxy.org provides a directory which lists tens of thousands of web-based proxies as well as a discussion forum for proxy webmasters and users. Proxy.org also maintains mailings lists that reach hundreds of thousands of users.

Quote:BlockScript is security software which protects websites and empowers webmasters to stop unwanted traffic. BlockScript detects and blocks requests from all types of proxy servers and anonymity networks (such as web-based proxies, open proxies, Tor, VPN servers, etc.), hosting networks, undesirable robots and spiders, and even entire countries.
]]> http://upsideout.com/

Quote:UpsideOut, Inc. is a New York based website development firm specializing in innovative privacy and security solutions for individuals and businesses worldwide. UpsideOut websites provide a rich experience of information and technology through straightforward, functional design.

We are best known for Proxify.com (the premier web-based anonymous proxy service), Socksify.com (an anonymous HTTP proxy service), and Proxy.org (a comprehensive proxy directory and discussion forum for proxy users). Here are some of the websites in our portfolio:

Quote:Proxy.org is the most trusted resource for information about anonymous web surfing and proxies. Proxy.org provides a directory which lists tens of thousands of web-based proxies as well as a discussion forum for proxy webmasters and users. Proxy.org also maintains mailings lists that reach hundreds of thousands of users.

Quote:BlockScript is security software which protects websites and empowers webmasters to stop unwanted traffic. BlockScript detects and blocks requests from all types of proxy servers and anonymity networks (such as web-based proxies, open proxies, Tor, VPN servers, etc.), hosting networks, undesirable robots and spiders, and even entire countries.
]]> <![CDATA['HOSTS' file for use by paying remote sites....]]> https://www.prxbx.com/forums/showthread.php?tid=1798&pid=15582#pid15582 Fri, 08 Jul 2011 16:21:57 -0400 https://www.prxbx.com/forums/showthread.php?tid=1798&pid=15582#pid15582 ]]> ]]> <![CDATA['HOSTS' file for use by paying remote sites....]]> https://www.prxbx.com/forums/showthread.php?tid=1798&pid=15580#pid15580 Fri, 08 Jul 2011 16:03:39 -0400 https://www.prxbx.com/forums/showthread.php?tid=1798&pid=15580#pid15580
Both of those sites were/are informative, I wasn't aware of either of them - thanks!

But....

The part about BlockScript is not made up. If you peruse BlockScript's site, you can find examples of various error messages they project to attempted connectors - the one found on proxy.org is shown there. Sort of confirms that BlockScript does have a hand in the mess....

Whether somebody got over-zealous and went too far, blocking all and sundry, or it's just a "natural Act of Gawd", it doesn't matter. I've used proxy.org off and on for years, and I've never seen this happen before. The site's been down for more than a month now, and you'd think that someone was awake at the switch, so to speak. Makes me wonder if it's all run robotically....Sad

Or to give them some courtesy, maybe they do know, and are desparately trying to get out from under BlockScript's evil-doings... one can't really know at this point.

Again, thanks for the tip.



Oddysey]]>
Both of those sites were/are informative, I wasn't aware of either of them - thanks!

But....

The part about BlockScript is not made up. If you peruse BlockScript's site, you can find examples of various error messages they project to attempted connectors - the one found on proxy.org is shown there. Sort of confirms that BlockScript does have a hand in the mess....

Whether somebody got over-zealous and went too far, blocking all and sundry, or it's just a "natural Act of Gawd", it doesn't matter. I've used proxy.org off and on for years, and I've never seen this happen before. The site's been down for more than a month now, and you'd think that someone was awake at the switch, so to speak. Makes me wonder if it's all run robotically....Sad

Or to give them some courtesy, maybe they do know, and are desparately trying to get out from under BlockScript's evil-doings... one can't really know at this point.

Again, thanks for the tip.



Oddysey]]> <![CDATA['HOSTS' file for use by paying remote sites....]]> https://www.prxbx.com/forums/showthread.php?tid=1798&pid=15577#pid15577 Wed, 06 Jul 2011 14:16:26 -0400 https://www.prxbx.com/forums/showthread.php?tid=1798&pid=15577#pid15577
Down for Everyone

CentralOps

I have noticed that this site was down before and came back up after a bit.

HTH. Smile!]]>
Down for Everyone

CentralOps

I have noticed that this site was down before and came back up after a bit.

HTH. Smile!]]> <![CDATA['HOSTS' file for use by paying remote sites....]]> https://www.prxbx.com/forums/showthread.php?tid=1798&pid=15569#pid15569 Tue, 05 Jul 2011 18:15:48 -0400 https://www.prxbx.com/forums/showthread.php?tid=1798&pid=15569#pid15569
What it is:
A certain site uses BlockScript to prevent unwanted visitors. The "error" message tells you that you're a dummy for even trying to visit them. Fortunately there is a link to the main BlockScript site, so I went there....

It looks suspiciously to me like a giant HOSTS file that they are allowing other sites to access remotely. A site can use a 'free' version, or various levels of paid 'features'. What gripes me most is that they brag about how they are blocking nearly 30 MILLION hosting providers, and other stuff. My guess is that my ISP/hosting provider is probably on that list. Why, I dunno, and it doesn't matter at this point.

What else do they block? For starters, TOR exit nodes, and known proxy sites. That last is the ultimate irony - why am I scribbling this diatribe? Because the site I wanna visit is http://proxy.org in order to get a list of, you guessed it, proxies.

I dunno whether to laugh or cry.......D'oh!

I do know that it's all done with PHP, meaning that it's server-side, so I have my doubts about Proxo giving me any help here. What I wanna know is, does anyone else have any experience with this? Chances are pretty good that some of you testing that URL will get through, and others won't. Also, Google (Big Brother in ProxRocks-speak) doesn't cache anything from them, so I'm outta luck on that score.

Ideas?






Oddysey]]>
What it is:
A certain site uses BlockScript to prevent unwanted visitors. The "error" message tells you that you're a dummy for even trying to visit them. Fortunately there is a link to the main BlockScript site, so I went there....

It looks suspiciously to me like a giant HOSTS file that they are allowing other sites to access remotely. A site can use a 'free' version, or various levels of paid 'features'. What gripes me most is that they brag about how they are blocking nearly 30 MILLION hosting providers, and other stuff. My guess is that my ISP/hosting provider is probably on that list. Why, I dunno, and it doesn't matter at this point.

What else do they block? For starters, TOR exit nodes, and known proxy sites. That last is the ultimate irony - why am I scribbling this diatribe? Because the site I wanna visit is http://proxy.org in order to get a list of, you guessed it, proxies.

I dunno whether to laugh or cry.......D'oh!

I do know that it's all done with PHP, meaning that it's server-side, so I have my doubts about Proxo giving me any help here. What I wanna know is, does anyone else have any experience with this? Chances are pretty good that some of you testing that URL will get through, and others won't. Also, Google (Big Brother in ProxRocks-speak) doesn't cache anything from them, so I'm outta luck on that score.

Ideas?






Oddysey]]> <![CDATA[Port 8080]]> https://www.prxbx.com/forums/showthread.php?tid=1683&pid=14950#pid14950 Fri, 22 Oct 2010 13:59:53 -0400 https://www.prxbx.com/forums/showthread.php?tid=1683&pid=14950#pid14950 (Oct. 21, 2010 10:55 PM)turtle Wrote:  Is their any reason not to use some other port besides 8080..maybe 80. For some reason 80 seems to load quicker.
I don't have a good reason to not use what works but I usually see a higher number. I think lower numbers are often randomly assigned. It may be that setting a lower number might cause problems. But I don't know.


Configuring the browser to use a local proxy on the local port 80 should not interfere with the remote port 80.]]> (Oct. 21, 2010 10:55 PM)turtle Wrote:  Is their any reason not to use some other port besides 8080..maybe 80. For some reason 80 seems to load quicker.
I don't have a good reason to not use what works but I usually see a higher number. I think lower numbers are often randomly assigned. It may be that setting a lower number might cause problems. But I don't know.


Configuring the browser to use a local proxy on the local port 80 should not interfere with the remote port 80.]]> <![CDATA[Port 8080]]> https://www.prxbx.com/forums/showthread.php?tid=1683&pid=14946#pid14946 Fri, 22 Oct 2010 02:01:16 -0400 https://www.prxbx.com/forums/showthread.php?tid=1683&pid=14946#pid14946 <![CDATA[Port 8080]]> https://www.prxbx.com/forums/showthread.php?tid=1683&pid=14943#pid14943 Thu, 21 Oct 2010 18:55:30 -0400 https://www.prxbx.com/forums/showthread.php?tid=1683&pid=14943#pid14943 <![CDATA[Firefox Add-on: HTTPS Everywhere]]> https://www.prxbx.com/forums/showthread.php?tid=1629&pid=14457#pid14457 Mon, 28 Jun 2010 02:28:19 -0400 https://www.prxbx.com/forums/showthread.php?tid=1629&pid=14457#pid14457 https://www.eff.org/https-everywhere

Quote:HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites.

Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site.

The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS.
]]> https://www.eff.org/https-everywhere

Quote:HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites.

Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site.

The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS.
]]> <![CDATA[Critical security issues Adobe Reader and Acrobat]]> https://www.prxbx.com/forums/showthread.php?tid=1566&pid=13918#pid13918 Thu, 14 Jan 2010 15:08:06 -0500 https://www.prxbx.com/forums/showthread.php?tid=1566&pid=13918#pid13918
My mentor used to say "if networking is not suck f up, we won't have a job anymore", i guess they just have to screw up their software to get keep their job eh?]]>
My mentor used to say "if networking is not suck f up, we won't have a job anymore", i guess they just have to screw up their software to get keep their job eh?]]>