hi, last version i can use with windows xp is 3.4.1, too bad because xp is very very much more stable with audio. With this version though I cannot use almost any server but the default (can join but no audio).
There is a change to have last versions on Windows xp too?
In the most recent Jamulus server version, there is support added for old Jamulus client version. The is the reason it works for the Central Server but not for most of the other servers because they use an old version of the Jamulus server. As soon as these servers upgrade their Jamulus version, you will be able to connect with your Windows XP again.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
meanwhile, I was able to compile versions up to 3.4.3 (if is useful to anyone, I used qt-windows-opensource-5.1.1-msvc2010 and windows sdk 7.1, I think last product I was able to install on xp).
Other version doesn't compile wiith some problem on the "recorder" thing, but with those versions I'm able to join lot of servers.
just a note: I had to modify somewhere "if QT_VERSION >= QT_VERSION_CHECK(5, 0, 0)"
to "if QT_VERSION >= QT_VERSION_CHECK(5, 2, 0)"
Last edit: mugnaio 2020-04-14
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi mugnaio, could you please share your compiled version for win xp and let me know how to get it? ?? I will really apreciate that!!
Thanks in advance!
Regards from Argentina!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Just to be sure....what you send me in the link is the last version of jamulus 83.5.11) BUT mooded and compiled to be used in windowx XP?. Am i correct??
because when I run the exe in XP sp3, I get an error mesage talking about some missing dll, and asking me to uninstall and reinstall jamulus ( in fact, as you told me...it was not installed....!)
Thanks for any clarification about this...and excuse my english!
Hugo
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Mugnaio and violante, You really, really do not want to expose your XP OS PCs to the web. It is an open invitation to be massively had.
I am not a fan of how Microsoft does things, but using an obsolete nearly 20 year old OS on the web is foolhardy to the point of recklessness both to yourselves and to any of the rest of us you connect to.
Volker, I encourage you to lock out obsolete, no longer supported OS versions for the protection of the Jamulus user community. If people want to be stupid on their own, that's their right, put please do not let them impose that stupidity on the rest of us via Jamulus.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
" both to yourselves and to any of the rest of us you connect to"
This is very funny. You are saying that our OS is unsafe, and it could infect with Jamulus your super safe OS. That would mean that your OS is not safe at all.
Last edit: mugnaio 2020-10-05
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I think Cliff means that XP machines can easily be taken over by botnets and things without you realising. But what the probability of that actually happening AND in a way that subverts the use of Jamulus must be incredibly low since the numbers of Internet-connected XP machines must be tiny. I wouldn't think any attacker would bother.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Sigh, think of corruption of Jamulus as an unintended consequence of exposing an XP computer to the web. The exploitation of XP machines on the web is nearly 100% within hours of going on line. Once that happens all other processes on that computer are vulnerable. They are downstream from the exploitation. They are vulnerable in many ways, depending on the nature of the exploit.
I have little love for Microsoft (or Apple for that matter), but I do respect the amount of effort they put into patching the inevitable and ongoing hacks that exploit their supported OSs. When that support expires, as it did for XP around 6 years ago, those unpatched vulnerabilities continue to pile up and are exploited. It is hacking on the cheap as there are no prospects for patches to close vulnerabilities.
XP is still the 3rd most used OS in the world and has around a 7% market share of some 2 billion computers. That's a big enough pool of chumps to be worthwhile exploiting, and it is every day.
Volker, you had it right when Jamulus servers rejected unsupported versions of operating systems. I strongly encourage you to reinstate that blocking. Good computing hygiene protects us all. There is no reason to risk having foolish (charitably) users compromise the Jamulus environment. Windows 95, 98, Millennium, XP, Vista, 7 and 8 are all dead. Please don't let them be unintended zombie bombs in Jamulus.
As always, thank you for Jamulus, it's a wonderful musical connection in a distanced world.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
There are as many possibilities as there are flavors of malware/viruses/exploits. A simple one would be replication by injecting malware into any outbound IP data stream on the exploited computer. That could include Jamulus without the malware targeting it explicitly. All the IO is downstream from the exploit. The process is: Exploit XP client, export malware from client to server, infect server, server rebroadcasts malware to infect all logged on clients, repeat.
Every time I get noise in the Jamulus data stream I wonder if it's just another piece of packet junk or if it is an incoming exploit, and if so whether my defenses will catch it. My Jamulus machine is an older computer that is isolated from the rest of my net so if it gets bitten I haven't lost much or spread crap to other machines.
So far I've had no indications of malware riding in on Jamulus. But, as always, absence of evidence is not evidence of absence.
XP on the web is dangerous. That's too bad, because by the time it got done, like 7, XP was a pretty good OS. Microsoft has always needed new releases to keep the revenue streams coming in. Like death and taxes they'll keep coming.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
how malware from within packets of jamulus datastream could infect the server host?
(i'm totally serious: as jamulus are spreading security issues becomes real)
Last edit: Mats Wessling 2020-10-16
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
"Doesn't that mean any client/server system on the Internet would be passing malware around that was supplied by compromised XP hosts?"
Yep, pretty much. That's why I was strongly advocating NOT exposing a computer running an unsupported OS, like XP, to the web. Commit suicide if you want, but please do not include me, and all the other Jamulus users, in your line of fire.
"how malware from within packets of jamulus datastream could infect the server host?
(i'm totally serious: as jamulus are spreading security issues becomes real)"
I'm talking process here, this is not the place for a tutorial on how malware/viruses work. Ask the Google or preferably DuckDuckGo. You will get more information than you can read in a year and an education if you are really interested.
Remember that the bad guys out there make their livings by exploiting dorks, and some of the bad guys are brighter than either me or you.
The first step in protecting ourselves is not doing anything stupid, and secondly taking precautions that make our systems less vulnerable. As with home burglaries all we can really do is make our computers harder to get into than someone else down the block. The bad guys will usually take the easier pickings. The most outcome from the least effort being the guiding principle.
Easier pickings starts with OS versions, like XP or 7, where support has expired. The docs for the patch list of supported OSs often specify which versions of the OS the vulnerability impacts. That's a roadmap for exploits of unpatched, out of support OSs. With Windows it is simple. Run the current release of v 10 (or 8.1 until 1/23).
Easier pickings extends to things like turning off router firewall protections as has been advocated around here from time to time.
An old saying about mortality is "Something gets everybody eventually, be careful what gets you." It applies to technology too.
Last edit: cliff roland 2020-10-22
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
If you really are interested in making jamulus safe then its crucial that you help with how the virus would get into message and then how it would get out in server...
i meanwho else would?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
If you really are interested in making jamulus safe then its crucial that you help with how the virus would get into message and then how it would get out in server...
i meanwho else would?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
"Mats Wessling: If you really are interested in making jamulus safe then its crucial that you help with how the virus would get into message and then how it would get out in server...
i meanwho else would? "
I have helped make Jamulus safer. I have explained to you guys the obvious, that running an OS like XP, whose support has expired, on the web is stupid (naive almost beyond belief in 2020). It is a potential exposure of all of us to exploits that are best prevented by avoiding them. I have suggested to Volker (in my first post in this thread) to go back to not allowing it.
You could start by saying "thank you", not berating me for not taking on the task of fortifying Jamulus against all threats present and future. I am retired and an end user of Jamulus as a musician. I have never expressed any interest in becoming a developer. Those days are over for me.
What I have done, and will continue to do, is to recommend that folks get their heads up and cease and desist dangerous practices like running obsolete OSs or turning off firewall protections.
I have also argued against the naive concept that Jamulus is somehow safe from internet exploits because it is obscure. Exploits can take advantage of what Jamulous does, stream data over the web, without caring, or perhaps even knowing, what it is.
Beyond obvious specifics like those addressed above, there can be legitimate differences of witting opinion on how to best protect Jamulous and its users. Protection adds overhead, and overhead adds delay. All issues are trade offs.
My obligation to Jamulus is to wave a flag when I see an exposure (like XP or turning off firewall protections). The intent is to direct the attention of folks with management authority to a live issue. In the case of XP, other expired OSs or recommendations to turn off firewall protections, I add a simple but effective recommendation, "Just say no".
On the larger question of potential exploits I have raised the issue, and Volker has made it a topic for discussion. I personally run Jamulus on an older computer that is isolated from the rest of my system and that has up to date protections. If jamulus enables something bad to happen to it I can dump it without losing much. Like me it is retired from earning a living.
Remember old Ben Franklin "An ounce of prevention is worth a pound of cure". Be safe out there. The web is a wondrous but dangerous place.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The thing is that Jamulus is likely not the only program running on that XP computer. They are all compromised. Attaching an XP computer to the internet in this day and age is just bad practice.
I do run an XP machine myself for machine control, but it is not connected to a network and never will be. For that application it is the better solution.
If, however, the computer needs to be connected to the Internet then XP is the wrong solution. I am not a friend of MS's policies, but they do assure good security on Win10. For connected computers use Win10 and leave XP to the past.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
While I completely accept the idea that running XP on the Internet is a bad idea, I'm intrigued by the assertion that (if I understand correctly) an XP machine would, in connecting to a server of any kind (not just Jamulus), infect that server and thereby any other machines connecting to those servers. This implies that the entire Internet would become infected in short order. That can't be right, can it? I mean, Apache, bind, postfix all happly accept connections from XP machines as far as I know. Would Jamulus be any different?
Again, I'm not questioning the wisdom of the advice, just what it might mean for Jamulus.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Don C - You got it. XP is still a fine OS for machine control as long as you don't let it near the internet. That's getting extended value out of hardware/software that's long paid for. I like it:) I've still got several XP level systems I have not quite gotten around to carting to the dump. They all worked when I turned them off. I'll be happy to send them to you.
Gilgongo - An infected XP machine has the potential to infect anything it connects to. The issues are what virus/malware is present and what protections the server has. Those are both moving targets. How much are you willing to bet/hope that you just don't run into a particularly virulent strain and that every server is always well protected (ie, that no one has followed your advice to turn off router firewall protection)? Those questions are especially pertinent when we are talking apps like Jamulus where individual users are hosting servers. When will that XP bomb go off, blow up a poorly protected server and start a downstream chain of infection? This exposure, the next one, the one after that? Are you really so foolish as to bet the answer is 'never'?
Until recent revisions Jamulus did not accept XP connections. That was a wise provision. It deserves to be reinstated to protect all Jamulus users and to protect naive users from their own folly. Add Vista and 7 to the prohibited list. 8.1 is supported for about another 2 years.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
hi, last version i can use with windows xp is 3.4.1, too bad because xp is very very much more stable with audio. With this version though I cannot use almost any server but the default (can join but no audio).
There is a change to have last versions on Windows xp too?
In the most recent Jamulus server version, there is support added for old Jamulus client version. The is the reason it works for the Central Server but not for most of the other servers because they use an old version of the Jamulus server. As soon as these servers upgrade their Jamulus version, you will be able to connect with your Windows XP again.
oh, thank you, this is great!
meanwhile, I was able to compile versions up to 3.4.3 (if is useful to anyone, I used qt-windows-opensource-5.1.1-msvc2010 and windows sdk 7.1, I think last product I was able to install on xp).
Other version doesn't compile wiith some problem on the "recorder" thing, but with those versions I'm able to join lot of servers.
just a note: I had to modify somewhere "if QT_VERSION >= QT_VERSION_CHECK(5, 0, 0)"
to "if QT_VERSION >= QT_VERSION_CHECK(5, 2, 0)"
Last edit: mugnaio 2020-04-14
Finally, I was able to compile for xp, now I have 3.5.0git running on my xp, I'm very happy!
Hi mugnaio, could you please share your compiled version for win xp and let me know how to get it? ?? I will really apreciate that!!
Thanks in advance!
Regards from Argentina!
sure, here the last version (3.5.11)
https://wetransfer.com/downloads/318fb0fe0f13181e47924b67287283ab20200930184109/7068c3579705de895f7bed531ae5ca4520200930184138/5f9763
I dont know how to do an installer so its the main folder zipped, just unzip it and run
If you want to know how to compile it yourself, ask
Last edit: mugnaio 2020-09-30
Thank you very very much for your soon reply and the link!!
I will try it immediately!!!
Thanks again!
Regards!
Hugo
On Wed, Sep 30, 2020 at 3:43 PM mugnaio mugnaio@users.sourceforge.net
wrote:
Hi again, Mugnaio,
Just to be sure....what you send me in the link is the last version of jamulus 83.5.11) BUT mooded and compiled to be used in windowx XP?. Am i correct??
because when I run the exe in XP sp3, I get an error mesage talking about some missing dll, and asking me to uninstall and reinstall jamulus ( in fact, as you told me...it was not installed....!)
Thanks for any clarification about this...and excuse my english!
Hugo
Mugnaio,
forget about my last post!!
jamulus is already running perfectly in my XP pc!!
Was just my fault...
Thank you really a lot for it!
Regards!
HUgo
Mugnaio and violante, You really, really do not want to expose your XP OS PCs to the web. It is an open invitation to be massively had.
I am not a fan of how Microsoft does things, but using an obsolete nearly 20 year old OS on the web is foolhardy to the point of recklessness both to yourselves and to any of the rest of us you connect to.
Volker, I encourage you to lock out obsolete, no longer supported OS versions for the protection of the Jamulus user community. If people want to be stupid on their own, that's their right, put please do not let them impose that stupidity on the rest of us via Jamulus.
" both to yourselves and to any of the rest of us you connect to"
This is very funny. You are saying that our OS is unsafe, and it could infect with Jamulus your super safe OS. That would mean that your OS is not safe at all.
Last edit: mugnaio 2020-10-05
I think Cliff means that XP machines can easily be taken over by botnets and things without you realising. But what the probability of that actually happening AND in a way that subverts the use of Jamulus must be incredibly low since the numbers of Internet-connected XP machines must be tiny. I wouldn't think any attacker would bother.
Sigh, think of corruption of Jamulus as an unintended consequence of exposing an XP computer to the web. The exploitation of XP machines on the web is nearly 100% within hours of going on line. Once that happens all other processes on that computer are vulnerable. They are downstream from the exploitation. They are vulnerable in many ways, depending on the nature of the exploit.
I have little love for Microsoft (or Apple for that matter), but I do respect the amount of effort they put into patching the inevitable and ongoing hacks that exploit their supported OSs. When that support expires, as it did for XP around 6 years ago, those unpatched vulnerabilities continue to pile up and are exploited. It is hacking on the cheap as there are no prospects for patches to close vulnerabilities.
XP is still the 3rd most used OS in the world and has around a 7% market share of some 2 billion computers. That's a big enough pool of chumps to be worthwhile exploiting, and it is every day.
Volker, you had it right when Jamulus servers rejected unsupported versions of operating systems. I strongly encourage you to reinstate that blocking. Good computing hygiene protects us all. There is no reason to risk having foolish (charitably) users compromise the Jamulus environment. Windows 95, 98, Millennium, XP, Vista, 7 and 8 are all dead. Please don't let them be unintended zombie bombs in Jamulus.
As always, thank you for Jamulus, it's a wonderful musical connection in a distanced world.
I'm curious how that might happen without an XP exploit being used to target a vulnerability in Jamulus though. Can you elaborate?
Last edit: Gilgongo 2020-10-05
There are as many possibilities as there are flavors of malware/viruses/exploits. A simple one would be replication by injecting malware into any outbound IP data stream on the exploited computer. That could include Jamulus without the malware targeting it explicitly. All the IO is downstream from the exploit. The process is: Exploit XP client, export malware from client to server, infect server, server rebroadcasts malware to infect all logged on clients, repeat.
Every time I get noise in the Jamulus data stream I wonder if it's just another piece of packet junk or if it is an incoming exploit, and if so whether my defenses will catch it. My Jamulus machine is an older computer that is isolated from the rest of my net so if it gets bitten I haven't lost much or spread crap to other machines.
So far I've had no indications of malware riding in on Jamulus. But, as always, absence of evidence is not evidence of absence.
XP on the web is dangerous. That's too bad, because by the time it got done, like 7, XP was a pretty good OS. Microsoft has always needed new releases to keep the revenue streams coming in. Like death and taxes they'll keep coming.
how malware from within packets of jamulus datastream could infect the server host?
(i'm totally serious: as jamulus are spreading security issues becomes real)
Last edit: Mats Wessling 2020-10-16
Doesn't that mean any client/server system on the Internet would be passing malware around that was supplied by compromised XP hosts?
"Doesn't that mean any client/server system on the Internet would be passing malware around that was supplied by compromised XP hosts?"
Yep, pretty much. That's why I was strongly advocating NOT exposing a computer running an unsupported OS, like XP, to the web. Commit suicide if you want, but please do not include me, and all the other Jamulus users, in your line of fire.
"how malware from within packets of jamulus datastream could infect the server host?
(i'm totally serious: as jamulus are spreading security issues becomes real)"
I'm talking process here, this is not the place for a tutorial on how malware/viruses work. Ask the Google or preferably DuckDuckGo. You will get more information than you can read in a year and an education if you are really interested.
Remember that the bad guys out there make their livings by exploiting dorks, and some of the bad guys are brighter than either me or you.
The first step in protecting ourselves is not doing anything stupid, and secondly taking precautions that make our systems less vulnerable. As with home burglaries all we can really do is make our computers harder to get into than someone else down the block. The bad guys will usually take the easier pickings. The most outcome from the least effort being the guiding principle.
Easier pickings starts with OS versions, like XP or 7, where support has expired. The docs for the patch list of supported OSs often specify which versions of the OS the vulnerability impacts. That's a roadmap for exploits of unpatched, out of support OSs. With Windows it is simple. Run the current release of v 10 (or 8.1 until 1/23).
Easier pickings extends to things like turning off router firewall protections as has been advocated around here from time to time.
An old saying about mortality is "Something gets everybody eventually, be careful what gets you." It applies to technology too.
Last edit: cliff roland 2020-10-22
If you really are interested in making jamulus safe then its crucial that you help with how the virus would get into message and then how it would get out in server...
i meanwho else would?
If you really are interested in making jamulus safe then its crucial that you help with how the virus would get into message and then how it would get out in server...
i meanwho else would?
"Mats Wessling: If you really are interested in making jamulus safe then its crucial that you help with how the virus would get into message and then how it would get out in server...
i meanwho else would? "
I have helped make Jamulus safer. I have explained to you guys the obvious, that running an OS like XP, whose support has expired, on the web is stupid (naive almost beyond belief in 2020). It is a potential exposure of all of us to exploits that are best prevented by avoiding them. I have suggested to Volker (in my first post in this thread) to go back to not allowing it.
You could start by saying "thank you", not berating me for not taking on the task of fortifying Jamulus against all threats present and future. I am retired and an end user of Jamulus as a musician. I have never expressed any interest in becoming a developer. Those days are over for me.
What I have done, and will continue to do, is to recommend that folks get their heads up and cease and desist dangerous practices like running obsolete OSs or turning off firewall protections.
I have also argued against the naive concept that Jamulus is somehow safe from internet exploits because it is obscure. Exploits can take advantage of what Jamulous does, stream data over the web, without caring, or perhaps even knowing, what it is.
Beyond obvious specifics like those addressed above, there can be legitimate differences of witting opinion on how to best protect Jamulous and its users. Protection adds overhead, and overhead adds delay. All issues are trade offs.
My obligation to Jamulus is to wave a flag when I see an exposure (like XP or turning off firewall protections). The intent is to direct the attention of folks with management authority to a live issue. In the case of XP, other expired OSs or recommendations to turn off firewall protections, I add a simple but effective recommendation, "Just say no".
On the larger question of potential exploits I have raised the issue, and Volker has made it a topic for discussion. I personally run Jamulus on an older computer that is isolated from the rest of my system and that has up to date protections. If jamulus enables something bad to happen to it I can dump it without losing much. Like me it is retired from earning a living.
Remember old Ben Franklin "An ounce of prevention is worth a pound of cure". Be safe out there. The web is a wondrous but dangerous place.
The thing is that Jamulus is likely not the only program running on that XP computer. They are all compromised. Attaching an XP computer to the internet in this day and age is just bad practice.
I do run an XP machine myself for machine control, but it is not connected to a network and never will be. For that application it is the better solution.
If, however, the computer needs to be connected to the Internet then XP is the wrong solution. I am not a friend of MS's policies, but they do assure good security on Win10. For connected computers use Win10 and leave XP to the past.
While I completely accept the idea that running XP on the Internet is a bad idea, I'm intrigued by the assertion that (if I understand correctly) an XP machine would, in connecting to a server of any kind (not just Jamulus), infect that server and thereby any other machines connecting to those servers. This implies that the entire Internet would become infected in short order. That can't be right, can it? I mean, Apache, bind, postfix all happly accept connections from XP machines as far as I know. Would Jamulus be any different?
Again, I'm not questioning the wisdom of the advice, just what it might mean for Jamulus.
Don C - You got it. XP is still a fine OS for machine control as long as you don't let it near the internet. That's getting extended value out of hardware/software that's long paid for. I like it:) I've still got several XP level systems I have not quite gotten around to carting to the dump. They all worked when I turned them off. I'll be happy to send them to you.
Gilgongo - An infected XP machine has the potential to infect anything it connects to. The issues are what virus/malware is present and what protections the server has. Those are both moving targets. How much are you willing to bet/hope that you just don't run into a particularly virulent strain and that every server is always well protected (ie, that no one has followed your advice to turn off router firewall protection)? Those questions are especially pertinent when we are talking apps like Jamulus where individual users are hosting servers. When will that XP bomb go off, blow up a poorly protected server and start a downstream chain of infection? This exposure, the next one, the one after that? Are you really so foolish as to bet the answer is 'never'?
Until recent revisions Jamulus did not accept XP connections. That was a wise provision. It deserves to be reinstated to protect all Jamulus users and to protect naive users from their own folly. Add Vista and 7 to the prohibited list. 8.1 is supported for about another 2 years.