Jump to content

cannot open website

zoekbaars

By zoekbaars
in Website

Followers 2

Recommended Posts

The A-Team

+The A-Team

Posted
Posted

Windows Vista is getting pretty old and is no longer supported, so I strongly recommend you look at upgrading it to a newer version. No more security updates are being released for Vista, so continuing to use it is risky.

 

Geocaching.com recently dropped support for TLS 1.0 and 1.1, which are encryption protocols used during communication with a website. They now require TLS 1.2, but Vista doesn't support TLS 1.2 by default, so that's probably why it isn't working. If you're willing to take the risk and continue using Vista, this site seems to give instructions for enabling TLS 1.2 for IE9 on Vista:

https://johnhaller.com/useful-stuff/enable-tls-1.1-and-1.2-on-windows-vista

  • Upvote 1
Link to comment
Corfman Clan

+Corfman Clan

Posted
Posted
On ‎2‎/‎20‎/‎2019 at 3:59 PM, The A-Team said:

Geocaching.com recently dropped support for TLS 1.0 and 1.1, which are encryption protocols used during communication with a website. They now require TLS 1.2, but Vista doesn't support TLS 1.2 by default, so that's probably why it isn't working. If you're willing to take the risk and continue using Vista, this site seems to give instructions for enabling TLS 1.2 for IE9 on Vista:

https://johnhaller.com/useful-stuff/enable-tls-1.1-and-1.2-on-windows-vista

I don't believe this is the case. Geocaching HQ now requires TLS1.1 support, so TLS1.0 is no longer adequate. There has been no mention of requiring TLS1.2 support to me, as a geocaching API partner. My app, LonelyCache, uses TLS1.1 and is working fine. You may be thinking of the authentication mechanism. Geocaching is moving to requiring oAuth2 authentication along with moving the API from SOAP to REST. oAuth2 isn't required yet, but will be in a couple months.

Link to comment
arisoft

+arisoft

Posted
Posted
On 2/21/2019 at 12:59 AM, The A-Team said:

Windows Vista is getting pretty old and is no longer supported, so I strongly recommend you look at upgrading it to a newer version. No more security updates are being released for Vista, so continuing to use it is risky.

 

I am using Windows XP without problems. Support for newer TLS versions depends on the browser, not the OS.

Link to comment
The A-Team

+The A-Team

Posted
Posted
2 hours ago, Corfman Clan said:

I don't believe this is the case. Geocaching HQ now requires TLS1.1 support, so TLS1.0 is no longer adequate. There has been no mention of requiring TLS1.2 support to me, as a geocaching API partner. My app, LonelyCache, uses TLS1.1 and is working fine. You may be thinking of the authentication mechanism. Geocaching is moving to requiring oAuth2 authentication along with moving the API from SOAP to REST. oAuth2 isn't required yet, but will be in a couple months.

Sorry, my mistake. I thought I remembered that they had removed both TLS 1.0 and 1.1 support, but I now see that it was just 1.0.

Link to comment
The A-Team

+The A-Team

Posted
Posted
1 hour ago, arisoft said:

I am using Windows XP without problems. Support for newer TLS versions depends on the browser, not the OS.

That's true, but the OP was specifically asking about Internet Explorer, which is effectively tied to the OS as far as TLS support.

 

Regardless, I stand by my comment about using unsupported OS versions. You could run a secure browser on an insecure OS, but you're just plugging one hole in a leaky dyke.

Link to comment
arisoft

+arisoft

Posted
Posted (edited)
8 hours ago, The A-Team said:

That's true, but the OP was specifically asking about Internet Explorer, which is effectively tied to the OS as far as TLS support.

 

I missed this detail. IE does not work in Windows XP any more and Microsoft advices to stop using IE. It is time to migrate to Internet Firefox or Internet Chrome. :)

 

8 hours ago, The A-Team said:

Regardless, I stand by my comment about using unsupported OS versions. You could run a secure browser on an insecure OS, but you're just plugging one hole in a leaky dyke.

 

All operating systems and browsers are insecure but using a totally outdated OS makes it more difficult to attack.

Edited by arisoft
Link to comment
jennergruhle

+jennergruhle

Posted
Posted

Using a totally outdated OS makes it extremely simple to attack, as the attackers know each and every security hole and can be sure that it will never be fixed.

 

Using versions of Microsoft windows older than Windows 7 for internet access is extremely discouraged. For isolated systems running specialized software like point of sale, controlling machines etc. is is ok, but not for systems connected to the internet.

If one does not want to pay money for a newer Windows version, why not run Linux on it? Tgis can be started even from a USB stick without having to install anything on the hard disk.

  • Upvote 2
Link to comment
arisoft

+arisoft

Posted
Posted
5 minutes ago, jennergruhle said:

Using a totally outdated OS makes it extremely simple to attack, as the attackers know each and every security hole and can be sure that it will never be fixed.

 

Before you can attack successfully you must get access to the security hole. Do you know any security holes in Windows XP you can attack at all?

Link to comment
jennergruhle

+jennergruhle

Posted
Posted

I personally do not know them because I am not an attacker (and when I was working as an IT system administrator, we had banned all XP installations already before 2014), but a simple search gains tons of holes. Even there are official lists of the vulnerabilites:

https://www.cvedetails.com/vulnerability-list.php?vendor_id=26&product_id=739

 

And yes, they can all be used for attacks, some very easily and some with much effort.

 

Security by obscurity ("how should somebody know which system I am using?") is always a wrong measure against attacks. And the attacker is not always some script kiddie or secret agent on the other side of the planet - there are attacks as well coming from the inside

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Followers 2
Go to topic listing
×
×
  • Create New...