A Windows 98 & ME forum. Win98banter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » Win98banter forum » Windows 98 » General
Site Map Home Authors List Search Today's Posts Mark Forums Read Web Partners

Sought: IE 5.0 "high encryption" (128 bit) patch



 
 
Thread Tools Display Modes
  #21  
Old September 1st 15, 12:46 PM posted to microsoft.public.win98.gen_discussion
R.Wieser
External Usenet User
 
Posts: 111
Default Sought: IE 5.0 "high encryption" (128 bit) patch - scratch that.

Lee,

New behavior to me, but I don't have your setup either


Its quite possible your browser is set to silently switch from HTTP to
HTTPS. I think I've set that to "ask me" a long time ago (as I want to stay
informed about what happens in/with my browser :-) )

Maybe you are just looking at the wrong version number?


In my case it doesn't matter, both the "Fileversion" and the
"Productversion" show the same version. And yes, the "Productname" is
indeed "Microsoft(R) Windows NT(R) Operating System"

Let's make it more confusing and use three version numbers?
With this brilliant idea, I'll get hired by MicroSoft for sure now
if they are reading this, right?


Hey, you're on a roll there! Couldn't you introduce a few more of them ?
Just to make the chaos complete :-p

Flash is going to die soon enough on it's own, the end is nigh
as they say.


Yep, its already shunned by FF to name one. Doesn't make any difference to
me though, I never installed it.

To be replaced by another monster even worse, no doubt.


You mean HTML5 ? In that case I agree. Where I could decide *not* to
accept Flash content (by simply not installing the ActiveX control) I'm not
at all sure that I can refuse such content in a HTML5 enabled browser. And
it seems to be designed to give a website a *lot* of access to the browser.

Regards,
Rudy Wieser


-- Origional message:
Lee schreef in berichtnieuws
...
Hi Rudy,
On Sunday, August 30, 2015 at 5:40:45 AM UTC-6, R.Wieser wrote:
Hello Lee,

MS does not want to play nice here, I instantly get redirected to a HTTPS
connection (why ? I do not have the foggiest. Its just *info* for gods
sake).


New behavior to me, but I don't have your setup either - I wouldn't know a
proxy if it ran up and bit me in the hindquarters. I get the same page for
either link used. I mistakenly assumed you could see one of them at least
and of course I'm even more baffled and clueless than you are.



I did search for that IE5setup.exe program on my harddrive and that
installation CD, but could not find it (in the latter case most likely its
someowhere in one of those .CAB files).


No, you won't ever find it because it's not there as this was a truly
integrated IE installation done with Windows. My advice above is for stand
alone installation packages of IE only and they didn't make 5.00.2614.3500
as a stand alone version, the beast simply does not exist in that form. The
only way you can have it is to install 98se. And this version only came
with 40 bit export level encryption.

Every file that is in those .CAB files is listed in the layout.inf series of
text files in your INF folder - just a reminder. This is the purpose of the
layout files too.


It jogged my mind though: If all those update packages check for the

correct
environment before even attempting to install I could just try to start a
bunch of them and see which one sticks. Or am I than trusting MS too much

?


You can trust this function to a great extent in fact. But you've already
run into one of the downsides... read further

========================
-- Responding to the second message:

What is important is their versions:

...
schannel.dll 4.84.1901.1877


In my case the currently installed schannel file has got a version number

of
5.00.1877.4 (export version). Which is a bit larger than th IE4DOM or any
of the IE5xxx versions. I'm rather unsure if replacing it with a version

of
a lower level would be a good idea ... :-\


Well, higher version doesn't really mean 'better', it's just a number after
all. We are supposed to use that number to make judgement decisions with,
that's it's actual purpose.

Here is the deal breaker though - (export version) literally means it's 40
bit encryption and you need 128 bit encryption so this schannel.dll file
will never work right for you - it simply has to go for that reason alone
even if it is a higher version file. Personally, I would try to delete it
manually or with brain in gear this time around, cut it to one of your
personal folders for safe keeping. If Windows does not allow you to do this
because it's in use, then you'll have to run IE501DOM.EXE /n:v in the Run
Box and then reboot to allow Wininit to overwrite the file while still in
DOS mode during the next boot up. Which is how these updates replace files
that currently are in use quite often - it's an automatic function built
into the update package. You'll probably have to add a path statement to
the Run Box text to tell Windows where to find the IE501DOM.EXE file too.

Not that it matters much, but inside the IE501DOM.EXE file, the schannel.dll
file is actually named sch128c.dll so as to remind the package makers that
this is the 128 bit version. Only during the file copy process does the
update rename it to be schannel.dll. This commonly isn't done but this
isn't a common update either.

I've just noticed something rather odd though, the original schannel.dll
file has a version box number of 4.84.1901.1877 but if you click thru the
'Other version information' section down lower, you get a file version there
of 5.00.1877.4 just as you report above. For these discussions, one should
always go by the version box number which is less in this case because the
file was made on an NT machine. This is why you will also see Microsoft(R)
Windows NT(R) Operating System in some of the texts in the 'Other version
information' section. This is secondary data that originates from the
parent machine where the file was created then and not so important.
Certainly not as important as the file version box number which is always
highlighted just after you click on the version tab. Only this number is the
official version number. Maybe you are just looking at the wrong version
number? Let's make it more confusing and use three version numbers? With
this brilliant idea, I'll get hired by MicroSoft for sure now if they are
reading this, right?


The problem of most of those is that they are mostly after-the-fact (of
having download them using flash) enhancements. In other words: they

won't
work if you do not (want to) have flash installed. :-\

Thanks for all the offered help. :-)

Regards,
Rudy Wieser


True enough, you can't use youtube enhancer plus without first installing
Flash. Flash is going to die soon enough on it's own, the end is nigh as
they say. To be replaced by another monster even worse, no doubt. I'm
making hay while the sun shines and I stock pile them where the future is
uncertain about that aspect.

Paul brings up some scary thoughts. Soon enough 128 bit won't be enough to
get your email with, we'll have to carry those extra bits around with us in
five gallon buckets just to get our pay checks cashed at the bank.



  #22  
Old September 1st 15, 12:58 PM posted to microsoft.public.win98.gen_discussion
R.Wieser
External Usenet User
 
Posts: 111
Default Sought: IE 5.0 "high encryption" (128 bit) patch - scratch that.

9.8 G.eye,

When browsing anything.microsoft.com I've found that
Firefox 2.0.0.20 (the default browser I use on my win-98
systems) renders very little of those pages.


Do you mean that most of those requests return errors (fake or not), or that
you do not see all of the content ?

In the latter case I often simply set the "page style" to "none", and get to
read (most) everything again. :-)

And thanks for those links. I'm not sure they apply though, as the error
message was/is a page coming from the MSDN server (meaning there definitily
was a connection present).

Regards,
Rudy Wieser


-- Origional message:
9.8 G.eye schreef in berichtnieuws
...
"R.Wieser" wrote:

https://support.microsoft.com/en-us/kb/831167
https://support.microsoft.com/en-us/kb/842607


I just tried to visit those pages, but they only gave me a "An error
occurred", "Please try your request again later" page.


When browsing anything.microsoft.com I've found that Firefox 2.0.0.20
(the default browser I use on my win-98 systems) renders very little of
those pages.

On the other hand, Opera 12.02 works very well.

Any chance you can post those switches you mentioned (I do seem to
need them, as trying to apply that IE4DOM.exe gives a "not compatible
to the current system" error)


The following is a copy of support.microsoft.com/en-us/kb/831167

====================================
You cannot log on to a Web site or complete an Internet transaction, or
you receive an HTTP 500 (Internal Server Error) Web page

Symptoms

You may not be able to log on to a Web site or complete an Internet
transaction after you install the 832894 (MS04-004) security update. For
example, when you submit your user name and password to an SSL-secured
Web site by using a form on a HTTPS Web page, you may receive an HTTP
500 (Internal Server Error) Web page.

Cause

This problem may occur after you apply the 832894 security update
(MS04-004) or the 821814 hotfix on a computer that runs Microsoft
Windows XP, Windows 2000, Windows NT 4.0, Windows Millennium Edition, or
Windows 98.

For additional information about these software updates, click the
following article number to view the article in the Microsoft Knowledge
Base:

832894 MS04-004: Cumulative security update for Internet Explorer
https://support.microsoft.com/en-us/kb/832894

821814 You receive a "page cannot be displayed" error message when you
post to a site that requires authentication
https://support.microsoft.com/en-us/kb/821814

The 832894 security update (MS04-004) and the 821814 hotfix change how
the Internet extensions for Windows (Wininet.dll) retries POST requests
when a Web server resets the connection. Programs that use Windows
Internet (Wininet) application programming interface (API) functions to
post data (such as a user name or a password) to a Web server retry the
POST request without including the POST data if the Web server closes
(or resets) the initial connection request.

Note A POST request does not include POST data if its content length is
set to 0 or is empty.

Sometimes, this behavior prevents another reset and permits
authentication to complete. However, you may receive an HTTP 500
(Internal server error) Web page if the Web server must have the POST
data included when Wininet retries the POST request.

Resolution

Update information

To download and to install this update, visit the Microsoft Windows
Update Web site, and then install critical update 831167:

http://update.microsoft.com

Administrators can download this update from the Microsoft Download
Center or from the Microsoft Windows Update Catalog to deploy to
multiple computers. If you want to install this update later on one or
more computers, search for this article ID number by using the Advanced
Search Options feature in the Windows Update Catalog.

For more information about how to download updates from the Windows
Update Catalog, click the following article number to view the article
in the Microsoft Knowledge Base:

323166 How to download updates that include drivers and hotfixes from
the Windows Update Catalog
https://support.microsoft.com/en-us/kb/323166

The following files are available for download from the Microsoft
Download Center:

Download the Q831167.exe (32-bit) package now.


http://www.microsoft.com/downloads/d...128-5053-48A7-
8526-BD38215C74B2&displaylang=en
Moved to he
http://www.microsoft.com/en-us/downl....aspx?id=18786

Direct Download:


http://download.microsoft.com/downlo...d-90f6-f812639
11eb7/Q831167.exe

Download the Q831167.exe (64-bit) package now.


http://www.microsoft.com/downloads/d...750-ED3F-4C28-
92FE-9ADFE75F4C26&displaylang=en

Release Date: February 12, 2004

For additional information about how to download Microsoft Support
files, click the following article number to view the article in the
Microsoft Knowledge Base:
119591 How to Obtain Microsoft Support Files from Online Services

https://support.microsoft.com/en-us/kb/119591

Prerequisites

To install this update, you must be running Internet Explorer 6 SP1
(version 6.00.2800.1106) on one of the following versions of Windows:

Microsoft Windows XP Service Pack 1
Microsoft Windows XP 64-Bit Edition, Service Pack 1
Microsoft Windows XP
Microsoft Windows 2000 Service Pack 2, Service Pack 3, Service Pack 4
Microsoft Windows NT Workstation, Server, and Terminal Server Edition
4.0 Service Pack 6a
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition

Note Because the 832894 (MS04-004) security update supports Windows 98,
Windows 98 Second Edition, Windows Millennium Edition, and Windows 2000
SP2, this update will be also be supported on those operating systems.

Restart requirement

You must restart your computer after you apply this update.

Update replacement information

This update replaces 821814 for Windows XP, Windows 2000, Windows NT
4.0, Windows Millennium Edition, Windows 98 Second Edition, and Windows
98.

Note This update does not replace 821814 for Windows Server 2003 because
the problem that is described in this article does not occur on Windows
Server 2003-based computers.
Deployment information

The packages for this update support the following Setup switches:

/q : Use Quiet mode or suppress messages when the files are being
extracted.
/q:u : Use User-Quiet mode. User-Quiet mode presents some dialog boxes
to the user.
/q:a Use Administrator-Quiet mode. Administrator-Quiet mode does not
present any dialog boxes to the user.

/t: path Specify the location of the temporary folder that is used by
Setup or the target folder for extracting files (when using /c).
/c Extract the files without installing them. If /t: path is not
specified, you are prompted for a target folder.
/c: path Specify the path and the name of the Setup .inf file or the
.exe file.
/r:n Never restart the computer after installation.
/r:i Prompt the user to restart the computer if a restart is required,
except when this switch is used with the /q:a switch.
/r:a Always restart the computer after installation.
/r:s Restart the computer after installation without prompting the user.
/n:v Do not check version. Use this switch with caution to install the
update on any version of Internet Explorer.

For example, to install the update without any user intervention and
without a restart, use the following command:

q831167.exe /q:a /r:n

File information

The English version of this update has the file attributes (or later)
that are listed in the following table. The dates and times for these
files are listed in coordinated universal time (UTC). When you view the
file information, it is converted to local time. To find the difference
between UTC and local time, use the Time Zone tab in the Date and Time
tool in Control Panel.

Date Time Version Size File name Platform
-------------------------------------------------------------------
06-Feb-2004 18:05 6.0.2800.1405 588,288 Wininet.dll
07-Feb-2004 01:41 6.0.2800.1405 1,796,608 Wininet.dll IA-64

Workaround

If you cannot apply the update that is discussed in the Resolution
section, you can use one of the following server-side actions to work
around the problem:

Increase the HTTP keep-alive timeout interval on the Web server or the
proxy server. There is no setting in Microsoft Internet Information
Services (IIS) to control the keep-alive timeout other than the Windows
registry KeepAliveTime value. But with some Web servers and some proxy
servers, you can specify a connection expiration time. If you can
specify a connection expiration time in the Web server or the proxy
server, increase the keep-alive timeout interval. See your Web server
documentation for the correct setting name and value. The default
keep-alive timeout value for Internet Explorer is one minute (60
seconds). Therefore, you must use an HTTP keep-alive timeout interval on
the Web server or the proxy server that is greater than one minute.

For additional information about the Windows KeepAliveInterval
parameter, the Windows KeepAliveTime parameter, and the Internet
Explorer KeepAliveTimeout parameter, click the following article numbers
to view the articles in the Microsoft Knowledge Base:

314053 TCP/IP and NBT configuration parameters for Windows XP
120642 TCP/IP and NBT configuration parameters for Windows 2000 or
Windows NT

813827 How to change the default keep-alive time-out value in Internet
Explorer
https://support.microsoft.com/en-us/kb/813827

Disable the HTTP "keep alive connections" on the server. For additional
information, click the following article number to view the article in
the Microsoft Knowledge Base:

238210 HTTP keep-alive header sent whenever ASP buffering is enabled
https://support.microsoft.com/en-us/kb/238210

Status

Microsoft has confirmed that this is a problem in Microsoft Internet
Explorer 6.

More information

Important This section, method, or task contains steps that tell you how
to modify the registry. However, serious problems might occur if you
modify the registry incorrectly. Therefore, make sure that you follow
these steps carefully. For added protection, back up the registry before
you modify it. Then, you can restore the registry if a problem occurs.
For more information about how to back up and restore the registry,
click the following article number to view the article in the Microsoft
Knowledge Base:

322756 How to back up and restore the registry in Windows

After you apply the 831167 software update that is described in this
article, programs that use Wininet functions to post data to a Web
server will resend complete POST requests when a connection with a Web
server is reset.

To enable header-only post behavior, create a DWORD value named
SampleApp.exe, where SampleApp is the name of the executable file that
runs the program. Set the DWORD value's value data to 1 in one of the
following registry keys:

For all users of the program, set the value in the following registry
key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet
Explorer\Main\FeatureControl\Retry_HeaderOnlyPOST_ OnConnectionReset
For the current user of the program only, set the value in the following
registry key:

HKEY_CURRENT_USER\Software\Microsoft\Internet
Explorer\Main\FeatureControl\Retry_HeaderOnlyPOST_ OnConnectionReset

For example, to enable header-only post behavior in Internet Explorer
and in Windows Explorer, create DWORD values for Iexplore.exe and for
Explorer.exe in one of these registry keys, and then set their value
data to 1.
=========================



  #23  
Old September 1st 15, 07:41 PM posted to microsoft.public.win98.gen_discussion
Lee
External Usenet User
 
Posts: 196
Default Sought: IE 5.0 "high encryption" (128 bit) patch - scratch that.

Rudy,
On Tuesday, September 1, 2015 at 5:45:32 AM UTC-6, R.Wieser wrote:
Its quite possible your browser is set to silently switch from HTTP to
HTTPS. I think I've set that to "ask me" a long time ago (as I want to stay
informed about what happens in/with my browser :-) )


No it's behaving exactly as IE of old did, it shows the site's address in the address bar and I can see the s is missing anytime I do that. My take on the jump to SSL sites is that it's because of the news that the NSA is snooping - Gee, really? And this is news? Deal is even though rumor say they can crack anything and view all, what that actually costs them is computer time. SSL isn't worth the time if everyone is doing it and they are. All thanks to the NSA and what's his name who told the world they be watching..

Maybe you are just looking at the wrong version number?


In my case it doesn't matter, both the "Fileversion" and the
"Productversion" show the same version. And yes, the "Productname" is
indeed "Microsoft(R) Windows NT(R) Operating System"


But you keep looking at the wrong thing !!! All of those are the wrong place to be at.

http://files2.neatreceipts.com/tools/images/121_01.gif
Hope you can see that. Do not concern yourself with anything below
Description:

Which is the second line of text in the entire box - the ONLY official number is in the first line of that box. Do not look at the second line or any others below there.

Everything called Fileversion, Productversion, etc should be treated as manure fit only for the garden. Stay out of the garden. Concern yourself with the top inch of that box ONLY - there is the only official version number.. Perhaps your Dutch version has had a mistake done in this regard? It would be very easy to do.


Flash is going to die soon enough on it's own, the end is nigh
as they say.


Yep, its already shunned by FF to name one. Doesn't make any difference to
me though, I never installed it.


Perhaps lower versions of FF? 34.0.5 FF, 16.0.0.296 flash working fine together on XP, I do have both set to never update or nag for updates or check for updates same as Java, have to keep an address book just to learn about these super secret settings that should be the DEFAULT settings but never are.

If it's not the lower versions of FF that refuse current flash versions I wonder if it's not so much the lack of SSE3 instruction set in lesser capable CPUs? They can detect that you can't run SSE3 instruction set and so you can't download or install flash that relies on those. This is exactly why I'm running Pent 4 which does these. I do keep seeing references to the lack of flash availability and I don't understand where it comes from. But I long ago gave up on 98se and flash working together, never got FF going in 98se either.

To be replaced by another monster even worse, no doubt.


You mean HTML5 ? In that case I agree. Where I could decide *not* to
accept Flash content (by simply not installing the ActiveX control) I'm not
at all sure that I can refuse such content in a HTML5 enabled browser. And
it seems to be designed to give a website a *lot* of access to the browser.

  #24  
Old September 4th 15, 01:25 PM posted to microsoft.public.win98.gen_discussion
R.Wieser
External Usenet User
 
Posts: 111
Default Sought: IE 5.0 "high encryption" (128 bit) patch - scratch that.

Lee,

My take on the jump to SSL sites is that it's because of the
news that the NSA is snooping


There is another reason: noone can intercept and alter the content. That
is good when you want to download software (or anything else with active
content), it also is is a defense against "free internet" (hotspot)
providers wanting to replace ads with their own.

In other words: don't assume Googles push to use HTTPS everywhere is for
*our* benefit. :-)

For the rest ? When browsing I'm not doing much, if anything that needs to
be kept a secret. I do not quite understand and agree with mere
(informational) websites *forcing me* to go SSL.

But you keep looking at the wrong thing !!!

[Snip link]
Hope you can see that.


Ah, so *thats* the problem. My properties do not show the/an "Assembly
version" entry.

If it's not the lower versions of FF that refuse current flash
versions I wonder if it's not so much the lack of SSE3 instruction
set in lesser capable CPUs?


That might also be causing problems, yes. But as I've not had it installed
for over a decade or so I seem to have skipped such verson problems. :-)

And that is what irks me about HTML5: Something I do not want (active
content I have littl-if-any control over streamed into my 'puter) being
forced by building it into the browser. :-\

Oh well. I take it thats "progress" in its finest. :-(

Regards,
Rudy Wieser


-- Origional message:
Lee schreef in berichtnieuws
...
Rudy,
On Tuesday, September 1, 2015 at 5:45:32 AM UTC-6, R.Wieser wrote:
Its quite possible your browser is set to silently switch from HTTP to
HTTPS. I think I've set that to "ask me" a long time ago (as I want to

stay
informed about what happens in/with my browser :-) )


No it's behaving exactly as IE of old did, it shows the site's address in
the address bar and I can see the s is missing anytime I do that. My take
on the jump to SSL sites is that it's because of the news that the NSA is
snooping - Gee, really? And this is news? Deal is even though rumor say
they can crack anything and view all, what that actually costs them is
computer time. SSL isn't worth the time if everyone is doing it and they
are. All thanks to the NSA and what's his name who told the world they be
watching.

Maybe you are just looking at the wrong version number?


In my case it doesn't matter, both the "Fileversion" and the
"Productversion" show the same version. And yes, the "Productname" is
indeed "Microsoft(R) Windows NT(R) Operating System"


But you keep looking at the wrong thing !!! All of those are the wrong
place to be at.

http://files2.neatreceipts.com/tools/images/121_01.gif
Hope you can see that. Do not concern yourself with anything below
Description:

Which is the second line of text in the entire box - the ONLY official
number is in the first line of that box. Do not look at the second line or
any others below there.

Everything called Fileversion, Productversion, etc should be treated as
manure fit only for the garden. Stay out of the garden. Concern yourself
with the top inch of that box ONLY - there is the only official version
number. Perhaps your Dutch version has had a mistake done in this regard?
It would be very easy to do.


Flash is going to die soon enough on it's own, the end is nigh
as they say.


Yep, its already shunned by FF to name one. Doesn't make any difference

to
me though, I never installed it.


Perhaps lower versions of FF? 34.0.5 FF, 16.0.0.296 flash working fine
together on XP, I do have both set to never update or nag for updates or
check for updates same as Java, have to keep an address book just to learn
about these super secret settings that should be the DEFAULT settings but
never are.

If it's not the lower versions of FF that refuse current flash versions I
wonder if it's not so much the lack of SSE3 instruction set in lesser
capable CPUs? They can detect that you can't run SSE3 instruction set and
so you can't download or install flash that relies on those. This is
exactly why I'm running Pent 4 which does these. I do keep seeing
references to the lack of flash availability and I don't understand where it
comes from. But I long ago gave up on 98se and flash working together,
never got FF going in 98se either.

To be replaced by another monster even worse, no doubt.


You mean HTML5 ? In that case I agree. Where I could decide *not* to
accept Flash content (by simply not installing the ActiveX control) I'm

not
at all sure that I can refuse such content in a HTML5 enabled browser.

And
it seems to be designed to give a website a *lot* of access to the

browser.

Yep, you read my mind...
about:config holds the off switch for HTML5 in FF. A pain to turn on and
off, but it could be done. Flash was easy, there was a killbit one could
toggle in the registry for it, one moment it was working fine and the next
it wasn't even installed nor could it auto download for self installation as
so very many sites back then were written to do for you, just killing your
bandwidth in the meantime. Turn it back on and it worked perfect again.
http://groups.google.com/group/alt.w...7146e1ec8dab04



 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
win9x patch "KernelEx" makes WINXP APPS work on win9x o.s. BUDDY General 0 September 26th 09 02:46 AM
MS Security patch doesn't "take" with successive scans turbguy General 14 September 30th 07 01:08 AM
"High" DTR and RTS serial port lines Francis M General 2 December 17th 06 10:30 PM
"Himem.sys fehlt", "Steuerung der A20-Leitung nicht möglich!!" - und dann nichts gewesen? Alex Wenzel General 7 March 8th 06 08:01 PM
"Patch" for shmgvw.dll exploit Heirloom General 32 January 5th 06 02:16 AM


All times are GMT +1. The time now is 07:23 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 Win98banter.
The comments are property of their posters.