Windows XP HTTPS Problem

Willum08

New Member
Hello
An elderly friend whose computer I generally look after, has a problem when accessing some websites and is very worried about it. She has Windows XP Pro installed - SP3 and fully patched (she cannot afford to upgrade) and when trying to access some websites, which display the 'HTTPS' symbol, the HTTPS is coloured Red and has a red line through the symbol, together with indications that the website is unsafe. This has only recently occurred and previous accesses to these websites were OK.
She uses Google Chrome as her web browser, but trying Internet Explorer (8) the problems still exist - but to a lesser degree.
One of the websites is the well known 'Moonpig' site!
I spent some time yesterday trying to fix the problem but have been unable to find the cause. I had my laptop with me at the time and when accessing the 'problem' websites on my laptop, using her WiFi, there were no problems. So I concluded that the problem must be on her PC - not the websites......

I did some research on the Internet and noted that there was mention of 'Man in the Middle' attacks but I don't think this scenario applies in this case since I was using her WiFi/Internet connection on my laptop, without problems.

I carried out the following actions :
1. She has AVG Free edition installed and a full scan revealed nothing.
2. Ran a full scan using Malwarebytes which found nothing significant - only a few PUPs which were removed,
3. Ran CCleaner including the Registry option - re-booted but the problem still existed.
4. Checked in her Programs File for any unusual entries - none evident
5. Cleared cookies and cached information in the Chrome browser
6. Checked the SSL certificates of two 'problem' websites and they were valid (as expected!)
7. As a test, I added the full URL of 'moonpig' into the Trusted Sites, under Internet Properties/Security/Trusted Sites/Sites. This did not help.
8. I tried different settings under 'Security level for this zone' for both 'Internet and 'Trusted Sites' but again, these changes did not fix the problem. (I didn't really expect they would - since my friend would not have known anything about these settings !)
9. I also tried uninstalling Google Chrome and installing a fresh version from the Google website - made no difference.
However, I noted that although the latest version of Chrome is 5.1 (The version on my Win 7 Laptop) the version which I was able to download for XP was 49.0.2623.112 m.
I also noted some comments about Google Chrome : "Google Chrome version 42 flags as insecure, sites with SSL (Secure Sockets Layer) certificates that use SHA-1 instead of SHA-2." I wonder if this could be contributing to the problem?
10. I then tried a System Restore to an earlier configuration but again - no luck !

I can generally fix problems on several of my friends' computers and have been doing so for a number of years, but this problem has really got me beat !!! I wonder if anyone could suggest a cure for this problem, before I tear out what little hair I have left !! LOL!
My friend and I would be most grateful !

Apologies for a long posting......
 
Last edited:
The red X will mean a couple things
  • The certificate used by the site is self-signed, meaning it was not issued by a certificate CA Certificate authority - Wikipedia, the free encyclopedia
  • or in Chromes case Chrome will give a site a red X if the cryptographic ciphers used to encrypt the traffic are known to be weak (provide a low degree of encryption)
If you click on the red X and select Details it will tell you which is true. If it's the first then either the site could be fake or spoofed or someone is attempting a MITM attack on you Man-in-the-middle attack - Wikipedia, the free encyclopedia which is not super common

If it's the latter then you can't do anything but check each site to make sure it is indeed complaining about a weak cipher.
 
Thank you for your observations, they are truly appreciated.

However, they don't explain why the websites in question are fully accessible when using my laptop on the same WiFi link as my friend's computer. Surely if the problem is caused by an 'invalid' certificate or weak cipher, then it would also show on my laptop?

I omitted to say that I even tried a direct connection (using a CAT5e) cable) just in case there was something strange happening within the Wireless link...... I didn't expect a different result but by the time I tried this, I was running out of ideas !!

I am convinced that the problem exists within her computer and that the so called 'insecure' websites are in fact, perfectly safe.
 
Potentially yes, but only if you had the same version of Windows and same versions of browsers. You did mention she has XP which has been EOL for quite sometime so while it is fully patched, there are many known unpatched vulnerabilities for XP and the versions of the browsers it can upgrade to. There is a very high degree that the system is probably compromised. A MITM attack can involve a locally installed malware with proxy capabilities that would generate this certificate warnings and in which case any sites she visits could allow the attack to siphon any and all data including https sites.
 
Thank you for your additional reply.... As I mentioned, she is an elderly lady and does not use the computer for anything 'really serious' - just some emails to relatives, sending the occasional birthday card via Moonpig and other non-commercial operations. The ideal situation would be to ditch her old PC and upgrade but trying to cope with Windows 10 - not to mention the expense - just makes that option a no-no.
Despite XP no longer being supported, I think I'll try reinstalling XP - she has the original CDs.....
 
Once the system goes online the risk is more about identity… ok the lady does not really care about people stealing her high score for Solitaire but what about the bank loan she took out last week from Singapore?

XP is fine on a virtual machine with modern network safeties or behind a half decent Edian firewall but you are asking for trouble surfing without it.

p.s, Linux has lots of old games and is free!
 
Once the system goes online the risk is more about identity… ok the lady does not really care about people stealing her high score for Solitaire but what about the bank loan she took out last week from Singapore?

XP is fine on a virtual machine with modern network safeties or behind a half decent Edian firewall but you are asking for trouble surfing without it.

p.s, Linux has lots of old games and is free!
--------------------------------------------------------------------------------------------------------------------------

Thanks for your suggestion... I reinstalled XP Pro and she is quite happy with her PC now - despite it running XP.

She is aware of the possible problems but since she only uses it for a few emails to relatives, occasionally to access Moonpig and BBC, I believe she is fairly safe... She now has AVG FULL virus protection installed and I keep a 'watching brief' on her PC every so often. Her router includes a firewall and Windows XP firewall is also enabled.

Apart from the odd purchase (via PayPal) for cards from Moonpig, she does not carry out any financial transactions on-line. Bank Loan from Singapore ??? You must be joking LOL! Neither does she play games on her PC - on or off-line.......

She is 85 years old and not Tech Savvy in the least, so changing the OS and asking her to learn a new system is not really an option.
I do know about Linux and have it installed on one of my laptops (Linux Mint Cinnamon)
 
Back
Top