Copy link to clipboard
Copied
Hi,
OS: Vista x86 HP.
The offline installers on the Installation Help Page are reporting Invalid Digital Signatures. Been like this for the last 2 releases (26.0.0.131, 26.0.0.126).
In this instance, it's an expansion of the use of SHA-256 within the signing pipeline that Vista doesn't appear to support.
The bottom line is that we're at an inflection point in the evolution of commercial cryptography support where we have to move our technology choices forward in order to be considered trustworthy by modern operating systems.
This means that we will ultimately need to choose between legacy operating systems at or near the end of their support life, or we have to completely b
...Copy link to clipboard
Copied
This is due to the files being signed with a sha256 digital certificate that Windows XP no longer supports.
Copy link to clipboard
Copied
Thank you for the reply, m_vargas.
System is Vista x86 SP2 HP.
There wasn't any problem with the cert on FP 25.0.0.171 which is also signed with a sha256 digital certificate,
Copy link to clipboard
Copied
In this instance, it's an expansion of the use of SHA-256 within the signing pipeline that Vista doesn't appear to support.
The bottom line is that we're at an inflection point in the evolution of commercial cryptography support where we have to move our technology choices forward in order to be considered trustworthy by modern operating systems.
This means that we will ultimately need to choose between legacy operating systems at or near the end of their support life, or we have to completely bifurcate support in order to sequester the insecure legacy environments, which become increasingly vulnerable to proven cryptographic attacks, as research moves beyond proving theory to building efficient, practical attacks. Evolution in cryptography is nothing new, and this kind of change has played out many times over the years. History provides an effective guide for how it will ultimately play out, and practical attacks against SHA-1 are within reach at this point.
We have not reached a decision at this point as to whether to undertake the expense and risk of bifurcating our distribution infrastructure to support a less secure, legacy pipeline, for the sole sake of continuing to support WinXP (Vista adoption is miniscule in comparison, and a no-brainer taken on it's own).
Regardless, barriers to continuing to run trailing-edge operating systems on the modern web will be met with ever-increasing amounts of friction and risk, as you miss out on the benefits of 10-15 years of security research, which are frankly necessary in the context of the modern Internet.
If you're cost sensitive and/or cannot afford to upgrade to a modern operating system, modern Linux distributions like Mint Linux offer a free solution that includes modern operating system level security mitigations and cryptography support. If you prefer Windows or Macintosh, a decent entry-level Win10 laptop can be had in the $400 range, a decent entry-level Chromebook will run you about $250, and if you'd prefer an inexpensive alternative to retail Apple prices, Walmart sells refurbished Apple products through their website at a wide range of ages and prices.
Copy link to clipboard
Copied
Did you try installing this patch from Microsoft?
Copy link to clipboard
Copied
Apologies @All for my late reply. My own research led me to the article below, which explained the situation quite well.
I went ahead and installed FP v.26.0.0.131 without any problems.
Thank you all for your help.
@ jeromiec83223024, thanks for such a lengthy, informative reply .
@sdfox7, yes, I have that update installed, thanks .
regards.