System Administrator
|
...ugh, at least with respect to my laptop, having to jump all the way from 10.6.8 to a 10.9 or even 10.10, not sure if I'll just have to replace it outright. >.<
We've upgraded some very old mac minis to 10.9 and 10.10 and they are about as slow they've ever been but we did max the memory out on them to 8gb. It wasn't terrible and yosemite has caused few problems.
| 1 person marked this as a favorite. |
PCI DSS 3.1 requires that TLS 1.0 be removed. It's the reason we have to force this issue. =) It's always been a medium compliance issue so we've not been out of compliance until this was changed last month.
I know the feeling and trying to tell PCI auditors who are not technical that we can not remove TLS 1.0 from a closed appliance without the vendor complying is a headache.
Thank you for clearly communicating this situation.
That said, do many people use outdated browsers?
|
| 1 person marked this as a favorite. |
I do. I have a Vista machine so I literally can't upgrade to anything above IE9 and it won't support anything beyond TLS1.0. I prefer using IE rather than Chrome (which I also have) so while it doesn't mean my computer will become useless, it is just another reminder than I seriously need to upgrade from Vista.
|
System Administrator
|
A lot of people really like what they have so it can be hard to upgrade. =) I feel like windows 7 was pretty good upgrade and so far, I've not been in love with 8. We'll see how 10 does. Mavericks, on the hand was as I high as I could go for various reasons not related to hardware and just mostly having to spend a week or two fixing it so that I could use it. Even with the mavericks upgrade it killed an important program for me and I had to spend a day setting all of that back up.
Darn I really don't want to use another browser other then the basic IE on my XP (laptop)and 7 (desktop) computers.
I don't see why things have to be changed and forced into using Chrome and Firefox and such. Just leave stuff alone.
EDIT: For the record not mad at Paizo, just the circumstance.
@Bugleyman - Yes, but the number is decreasing. I think it was only a couple years ago that 25% of internet users were still on IE 6.
@KingmanHighborn - The issue is one of security and functionality that the user just doesn't see. Generally if it isn't something the user can see then the user simply doesn't care. Until their credit card info gets stolen. Then they care a great deal and wonder why nobody took steps to keep the situation from happening. Usually it happens because people/businesses as a whole don't upgrade their software, and things that weren't thought of as a problem even 2-3 years ago (let alone 10 years) suddenly are a very big problem.
This is basically the very reason Microsoft is moving to a subscription based service for both Office and Windows with forced updates. Good in theory for the average home user.
Chief Technical Officer
|
In the email, I saw that Opera 14 was the earliest Opera that supported the new Paizo security regime. That's a bit of a feat, since it doesn't exist! (They jumped from 12, using Presto, to 15, using Blink.) I think you mean 15, but the 17 at the top of this post might also be right.
We're just going by the table here.
|
Chief Technical Officer
|
Thank you for clearly communicating this situation.
That said, do many people use outdated browsers?
The best available answers to that question are probably here. The links on the lefthand sidebar will get you to pages that have version breakdowns; for example, you can see that their estimate for May 2015 shows only about 57% of IE users on the latest version (which is the only version that supports TLS 1.1 or greater by default). About 71% of Safari users are on the latest version, but almost 90% of Safari users are on versions that support TLS 1.1 or greater by default.
(Given that most browsers on current OSs are usually configured to update themselves by default, I suspect that most of the people who are behind are either in situations where they're prevented from updating their browsers, or they're running an older OS that no longer has updates available.)
|
Chief Technical Officer
|
| 3 people marked this as a favorite. |
Darn I really don't want to use another browser other then the basic IE on my XP (laptop)and 7 (desktop) computers.
I don't see why things have to be changed and forced into using Chrome and Firefox and such. Just leave stuff alone.
EDIT: For the record not mad at Paizo, just the circumstance.
I feel for you, but "leaving stuff alone" here is like not changing the locks on your doors after you realize that somebody you don't know has copies of your keys. Now imagine that inside your house is a big chest of cash that somebody else owns. The person who owns that cash (in this analogy, it's the credit card companies who are guaranteeing that you won't pay for fraudulent purchases on your card) wants to make sure you change those locks.
|
|
In the email, I saw that Opera 14 was the earliest Opera that supported the new Paizo security regime. That's a bit of a feat, since it doesn't exist! (They jumped from 12, using Presto, to 15, using Blink.) I think you mean 15, but the 17 at the top of this post might also be right.We're just going by the table here.
Ah! I see. The table throws mobile versions together with the desktop versions, and there was indeed an Opera 14 on Android, however briefly!
Do the available version(s) of Firefox work on Vista?
|
I got some messages using Chrome 43, but I was able to turn them off. I can't update Safari at work (ahem, yes, I'm at work) as we use Hackintoshes (ahem) to run older versions of Pro Tools. None of that is your concern. :) Chrome is fine.
You, um, do realize there are millions of Macintosh users out there (including the folks at Paizo) and the majority of musicians using ProTools.
Just saying, since that sounded a little like a pot shot at the Mac :)
| 2 people marked this as a favorite. |
Darn I really don't want to use another browser other then the basic IE on my XP (laptop)and 7 (desktop) computers.
Yes, yes you do. You don't realize you want to, but you want to. WinXP hasn't had a security fix in over a year. Every month, there are new exploits discovered that apply to your OS of choice. Just because you have pulled the trigger five times and not shot yourself in Russian Roulette doesn't mean it's a good idea to keep playing the game.
Malware is increasingly able to penetrate and own XP machines. Staying on that OS with the stock browser is fine for a machine that's not networked, but the moment you hit the web, you're not only endangering yourself, but you're risking annoying everyone else when your machine ends up part of a botnet and is sending spam and infections to everyone else.
I don't see why things have to be changed and forced into using Chrome and Firefox and such. Just leave stuff alone.
Since you phrase things that way, it's because the underlying technology used in the older browsers is insecure. When you connect to a secure e-commerce site, the two ends negotiate a common set of encryption routines, trying to use the best that both ends can understand. Older browsers only understand older encryption routines which have been hacked. That means when you use older browsers on secure sites, you're not secure. You just think you are because the browser says so.
E-commerce standards (to simplify, think "banks") are requiring sites that take payments to stop supporting broken, cracked encryption routines. Why? Because they're not interested in paying out losses because someone's account got hacked.
So Paizo isn't allowed to do banking while letting you use a broken browser.
This isn't change for change's sake. This is basically "you need to be issued a new credit card number because the bad guys know your old one." It doesn't matter that they haven't bought a sofa and a 60-inch 4K 3D TV yet.
EDIT: For the record not mad at Paizo, just the circumstance.
The circumstances are that as time goes by, more eyes spend more time studying the encryption routines we have, and find that there are critical flaws in older ones that nobody realized were there five or even ten years ago.
I'm sympathetic to your situation, but this isn't the time to ostrich; using Chrome or Firefox is trivial... we all spend the vast, vast majority of our time interacting with web content, not the browser itself, so it really doesn't matter what we use as long as things render right and we're safe.
And yeah, I've got a personal preference, and yea, I hate it when the Mozilla Foundation decides to remove some feature I like, and yeah, I go find plugins that make it behave the way I like, and yeah, change is bad. But I'd change browsers in a heart-beat if my bank balance was at stake.
Hope this helps.
Disclosure: yeah, I'm an IT guy.
This is basically the very reason Microsoft is moving to a subscription based service for both Office and Windows with forced updates. Good in theory for the average home user.
Funny guy. I mean, aside from the fact that people continue to pay for subscription services they've forgotten and don't/can't use, and aside from the fact that supporting fewer different platforms at once is cheaper for them, and aside from the fact that subscriptions are typically more expensive (as in profitable) over a given period of time than purchase, and aside from the fact that increased need for contact makes piracy more difficult making for more paying customers, yeah, users being forced to upgrade to protect themselves is basically the reason why software-as-a-service is a thing. Heh.
Soooo....mine supports TLS 1.2...am I good? (on the desktop at least I'm sure the dinosaur of my laptop ain't)
Darn I really don't want to use another browser other then the basic IE on my XP (laptop)and 7 (desktop) computers.Yes, yes you do. You don't realize you want to, but you want to. WinXP hasn't had a security fix in over a year. Every month, there are new exploits discovered that apply to your OS of choice. Just because you have pulled the trigger five times and not shot yourself in Russian Roulette doesn't mean it's a good idea to keep playing the game.
Malware is increasingly able to penetrate and own XP machines. Staying on that OS with the stock browser is fine for a machine that's not networked, but the moment you hit the web, you're not only endangering yourself, but you're risking annoying everyone else when your machine ends up part of a botnet and is sending spam and infections to everyone else.
I don't see why things have to be changed and forced into using Chrome and Firefox and such. Just leave stuff alone.Since you phrase things that way, it's because the underlying technology used in the older browsers is insecure. When you connect to a secure e-commerce site, the two ends negotiate a common set of encryption routines, trying to use the best that both ends can understand. Older browsers only understand older encryption routines which have been hacked. That means when you use older browsers on secure sites, you're not secure. You just think you are because the browser says so.
E-commerce standards (to simplify, think "banks") are requiring sites that take payments to stop supporting broken, cracked encryption routines. Why? Because they're not interested in paying out losses because someone's account got hacked.
So Paizo isn't allowed to do banking while letting you use a broken browser.
This isn't change for change's sake. This is basically "you need to be issued a new credit card number because the bad guys know your old one." It doesn't matter that they haven't bought a sofa and a 60-inch 4K 3D TV yet.
EDIT: For the record not mad at Paizo, just the circumstance.The circumstances are that as time goes by, more eyes spend more time studying the encryption routines we have, and find that there are critical flaws in older ones that nobody realized were there five or even ten years ago.
I'm sympathetic to your situation, but this isn't the time to ostrich; using Chrome or Firefox is trivial... we all spend the vast, vast majority of our time interacting with web content, not the browser itself, so it really doesn't matter what we use as long as things render right and we're safe.
And yeah, I've got a personal preference, and yea, I hate it when the Mozilla Foundation decides to remove some feature I like, and yeah, I go find plugins that make it behave the way I like, and yeah, change is bad. But I'd change browsers in a heart-beat if my bank balance was at stake.
Hope this helps.
Disclosure: yeah, I'm an IT guy.
That was an excellent post. I'd kind of resigned myself to not visiting paizo as much (though I was hoping my Ipad would update itself and keep me connected at least a bit).
However, you've persuaded me I should stop being a berk and just do what needs to be done. Cheers. :)
Though I am probably still going to pay someone to do it.
So for the clueless (or at least one clueless, anyhow). I have Internet Explorer 9 and dont generally upgrade anything until I get a new computer, something I dont really want to change if I can avoid it.
Does that mean I'm no longer going to be able to access my account at all? Or just not the "secure" parts of the website? Will I still be able to buy stuff?
As an Software tester who specializes in web-apps and security (and has a spouse who wrote a book on testing software security) I have one simple response to this.
Download and use Chrome as your default browser.
* It is faster than IE
* it has far better HTML5 compatibility (so just flat out works better with modern websites that use that instead of insecure tech like adobe flash)
* It has a far more robust 'sandbox' which is harder for attackers to break out of, so if you wander into the weeds you are less likely to get owned (unless someone tricks you into downloading and running a trojan, no browser can help you there.)
If you do have to use sites that (rare these days) only work with IE, get the latest IE your OS will support, this is an update worth doing as later versions are significantly improved over older especially in terms of HTML5 support.
I appreciate the help - it's just that software installing stresses me (even syncing my Ipad is something I put off as long as possible). I'd much rather pay someone to do it and know I'm not going to break anything.
Don't let is stress you, it really is very simple, chrome doesnt try to include a bunch of crapware you don't need. With a fast internet connection we are talking a minute or two tops.
|
System Administrator
|
If you do have to use sites that (rare these days) only work with IE, get the latest IE your OS will support, this is an update worth doing as later versions are significantly improved over older especially in terms of HTML5 support.
IE has come a long way from 6's do it my way or the highway attitude. I would say IE 11 is getting pretty close, compatibility wise, other browsers. Chrome just beats everything for developer tools though. Still, I personally have a soft heart for Firefox.
|
Download and use Chrome as your default browser.
* It is faster than IE
I'm not so sure that's universally true. Chrome can be a memory hog, especially if you visit sites with embedded videos (which, sadly, seems to be more and more common). On an older system (with, presumably, less physical memory) it can reduce the system to a crawl. Even a Windows 7 64-bit box with 4GB of memory doesn't seem to satisfy it.
| 1 person marked this as a favorite. |
I would suggest using a different term, please. Just a friendly thought. ^_^
Just to let you know, this isn't an uncommon usage. Amongst the gaming community, there is an ongoing tradition of comparing and contrasting platforms. The reality is that the PC gaming is in every possible way better than console gaming, but people who have bought XBoxes or Playstations or Nintendo whatevers feel inadequate and try to argue with PC owners, pretending their purchase was sensible. When their delusions are corrected, they often are left with the impression that the PC owners are arrogant as well as superior. The allusion to eugenics is very fitting for the scenario.
Self-deprecating humor aside, not everything that uses terminology that alludes to atrocities past is offensive. This one isn't; it's just reminding PC owners that they're often over-the-line at snobbery.
This off-topic post basically present purely to provide background and explanation, not to start or continue an argument or flame-war.
|
Even a Windows 7 64-bit box with 4GB of memory doesn't seem to satisfy it.Download and use Chrome as your default browser.
* It is faster than IE
There's your problem right there. 4 GB isn't enough for anything besides a tablet or phone these days. 8 GB is the least anyone should look at for full PCs.
|
|
There's your problem right there. 4 GB isn't enough for anything besides a tablet or phone these days. 8 GB is the least anyone should look at for full PCs.Even a Windows 7 64-bit box with 4GB of memory doesn't seem to satisfy it.Download and use Chrome as your default browser.
* It is faster than IE
Bear in mind that the PC discussion that started this sub-thread was about a PC running Windows XP. Even if it's the 64 bit version of the OS, it's quite possible that the machine has no more than 4GB of memory (and may not even be able to support more than 4GB). And, of course, the 32-bit version of WinXP only uses at most 3GB of memory.
Suggesting Chrome as the answer for a low-memory hardware configuration may not be good advice.
I'm not so sure that's universally true. Chrome can be a memory hog, especially if you visit sites with embedded videos (which, sadly, seems to be more and more common). On an older system (with, presumably, less physical memory) it can reduce the system to a crawl. Even a Windows 7 64-bit box with 4GB of memory doesn't seem to satisfy it.Download and use Chrome as your default browser.
* It is faster than IE
The problem is that there tends to be a stack of bottlenecks. You can throw a tonne of RAM at a web browser and your bottleneck becomes CPU time. You can throw a tonne of CPU processing power at a browser and your bottleneck becomes your link. You can upgrade your link, and you're back to RAM being the bottleneck.
As we upgrade our hardware, web developers keep making sites more complicated. The amount of javascript just keeps going through the roof as we get more "dynamic" content, for instance. Rendering that is CPU intensive. PCs five years old or more are going to lag, no matter what amount of RAM you slap in them. As with so many things in computing, the web just keeps getting slower, and slower, and slower.
I got some messages using Chrome 43, but I was able to turn them off. I can't update Safari at work (ahem, yes, I'm at work) as we use Hackintoshes (ahem) to run older versions of Pro Tools. None of that is your concern. :) Chrome is fine.You, um, do realize there are millions of Macintosh users out there (including the folks at Paizo) and the majority of musicians using ProTools.
Just saying, since that sounded a little like a pot shot at the Mac :)
It's not a shot at Mac: a 'Hackintosh' is non-Apple hardware running Mac OS. Not entirely legal and sounds like difficult to keep up to date.
|
|
It's not a shot at Mac: a 'Hackintosh' is non-Apple hardware running Mac OS. Not entirely legal and sounds like difficult to keep up to date.I got some messages using Chrome 43, but I was able to turn them off. I can't update Safari at work (ahem, yes, I'm at work) as we use Hackintoshes (ahem) to run older versions of Pro Tools. None of that is your concern. :) Chrome is fine.You, um, do realize there are millions of Macintosh users out there (including the folks at Paizo) and the majority of musicians using ProTools.
Just saying, since that sounded a little like a pot shot at the Mac :)
It's legal as long as you bought your copies of the OS. Now difficult to update, that one is definitely true, at least in my experience. It takes weeks, sometimes months before updates to the OS can be added to a Hackintosh at all, assuming it just doesn't take a total reinstall every time. You also have to be quite picky in terms of hardware and even which version BIOS you put on that hardware.
So yeah, difficult.
I´m lately getting a pop up with this:
Skript: resource://gre/modules/commonj…nsion/data/jquery-2.1.0.min.js:4
and the messageboard is very, very slow loading, regularly freezing the browser.
This related somehow?
|
System Administrator
|
| 1 person marked this as a favorite. |
I´m lately getting a pop up with this:
Skript: resource://gre/modules/commonj…nsion/data/jquery-2.1.0.min.js:4and the messageboard is very, very slow loading, regularly freezing the browser.
This related somehow?
That's most likely a problem with a skype extension or some other extension. It's not from our site.
Thanks for the hint!
OK, I have chrome 43 and can't see the messageboards other than this thread - what do I do to get it back?
I just had something similar happen to me about 10ish minutes ago in my Chromium-based Opera. I closed it (which autodeletes my cookies and Web cache), then restarted it, hoped over to Paizo.com, and logged back in again... and now the messageboards are back and working normally for me.
Okay. I've been trying to install Chrome and it seems to be working fine at home. However, at work I keep finding a whole bunch of words get underlined and I think that's tied to an extension called "Websteroids" which I keep removing but which keeps reinstalling itself somehow - the work computer doesnt seem to have any viruses or anything according to the software.
I appreciate this probably isnt really part of this thread, but wondered if any knowledgable person might be willing to send me a pm about how to get rid of Websteroids for good (or if I've maybe signed up for something inadvertently when I installed Chrome).
Also - in settings under People is there any reason I'd allow guest browsing or let anyone add people to chrome? It seems to me I shouldnt since I'm the only one who ever uses it, but the default seems to be to allow it...
Thanks for any help - I promise I wont make this my personal IT help thread.
Google Websteroids and you get the THESE RESULTS on what it is and how to remove it.
-- david
Will this affect Outlook and Email readers when getting a Paizo email with art from a secure Paizo image server?Our image servers don't use SSL, so our emails shouldn't present a problem for anybody. (The subscription management links at the bottom *do* use SSL, though.)
Many thanks for this answer, I do rely on those Paizo emails to let me know when to visit my download pages for updates.
Speaking of downloads, I don't know if this is a major issue for many of us or not, but my download page can take an age to load now due to the volume of purchases I have...
so, with a pretty please with a cherry on top...
at some point, please can our download page be like a short heading page with two links to get our list of downloads, the first link being "Paizo Downloads" and the second "Non Paizo Downloads" - so I only have to load half as much as I currently do and so speed up my page refresh when downloading or opening my list for the first time in a session?
Many thanks in advance.
I can't download because "Safari doesn't find the server". I'm sure I have IOS 8 on my tablet... Is this a temporary issue tied to the change?
|
|
I can't download because "Safari doesn't find the server". I'm sure I have IOS 8 on my tablet... Is this a temporary issue tied to the change?
Settings > General > Software Update - are you on iOS 8.3 or is there an update to apply? Also, you might install Chrome and try that, just as a test. If neither browser can get to it, then it's likely on Paizo's end.
|
System Administrator
|
I can't download because "Safari doesn't find the server". I'm sure I have IOS 8 on my tablet... Is this a temporary issue tied to the change?
I can't duplicate on mine from home. I'm using an iPad 2 with iOS 8.3. We removed a bunch of ciphers a few weeks ago, but there are a few ciphers that should work for everyone. We haven't changed anything today yet.
All's OK now. Thanks.
|
System Administrator
|
So we just turned off TLS 1.0 on the site. There is a script that's running and checking your browser for likely being unable to access secure parts of the site and warning you to check this thread if you are having problems. Please email webmaster@paizo.com for any problems you are having with your browser connecting to secure parts of the site. Please let us know the operating system and which browser you are using so that we can suggest likely ways to help you view the site.