Bringing Internet Explorer 4.0 to life on Windows ’95 — in 2019
I’ve recently started a silly blog as a side project. Melbourne Coffee Sucks is basically a jokey espresso-reviewing site, focussed on the coffee scene in Melbourne, Australia. The theme and styling is heavily retro-computing-inspired, not because that has anything to do with coffee, but simply because I thought that’d be amusing, and perhaps as a side-effect give my blog a bit of a recognisable personality.
I started adding a few animated GIFs and good old-fashioned marbled backgrounds and such, but I thought it’d be very cool if I could also include a few screenshots of ancient computer interfaces. I get quite nostalgic when seeing those, and suspected that probably quite a few readers would get a laugh out of seeing a Windows ’95 screenshot of a modern-day website. So, I thought I’d try and spin up a virtual machine with some older browsers installed. (As a somewhat-unrelated aside: if you haven’t seen it yet, I highly recommend watching this YouTube video about a guy who installs Windows ’98 on brand-new, period-correct hardware, in 2018!)
First, of course, I installed VirtualBox, which is free. Over on Archive.org, I found it was quite easy to find and download ISO images of Windows ’95, ’98, NT — and many more — to install on something like VirtualBox. Or, if you couldn’t be bothered manually installing off the original media, there are even a few pre-made VDI files (the file format for VirtualBox virtual hard disk images) available. I’m not sure if they’re full of spyware or not, but for my purposes I didn’t really care.
Anyway, after a bit of tinkering I eventually managed to bring up Windows ’95. It was necessary to disable “VT-x/AMD-V” in the VirtualBox machine settings, as well as apply an obscure patch before it would boot up,¹ but eventually I had a working setup with Internet Explorer version 4! Such nostalgia! It’s worth it for the animations and startup sound alone.
I also found that Windows NT4 workstation came with Internet Explorer 2, but that brought me to my first roadblock: modern-day websites are all pretty much unusable with such old browsers, because they all rely on a lot of JavaScript and CSS. The JavaScript is sometimes not a huge problem to miss, but these days the layout usually is heavily dependent on CSS, to such an extent that things often become unusable without it. Have a look at Google’s modern-day landing page in Internet Explorer 2. Because we use heaps of JavaScript and fancy HTML5 tags and things that weren’t even valid HTML back in 1996, this just isn’t really usable.
I guess it’s worth pausing for a moment to remember the days of early web development. How far we’ve come from the early 2000’s when front-end web developers (they weren’t even called that back then) had to tie themselves in knots to accommodate old versions of IE! Probably IE2 would’ve been out of scope, but I’m sure some of you folks out there will have had experience with versions 4 and up. It’s slightly tangential for this post, but it felt like there was a whole era when the phrase “IE6 compatibility” would be uttered, and rooms would fall silent, someone in the corner would sob, and everyone would go back to writing tortuous HTML to try and get IE6 to do what it was supposed to. And to think it had the highest market share at one point!²
Anyway, I’m getting off-topic.
I was quite surprised to see that today’s Google worked fine in IE4, because I expected them to force a redirect from HTTP to HTTPS. But I quickly ran into this fatal issue on other sites: these days, pretty much all websites are secured with HTTPS, and the underlying protocol, SSL, has evolved quite a bit since the late 90s. This meant that none of the HTTPS links I tried in IE4 worked. The problem is that all the cipher suites that old browsers are compatible with are now deprecated, because they’re insecure. This manifests as generic connection errors in IE4.
Bummer! How was I going to get those nostalgic screenshots I wanted?
After thinking about it for a while and almost abandoning my efforts, it occurred to me that perhaps I could install a proxy on my host machine (running macOS) which could terminate the HTTPS connection with the hosts (such as https://www.wikipedia.org or whatever) and pass back the results, unencrypted, to the virtual machine.
It took me quite a bit of tinkering to get it to work (basically because I wasn’t sure exactly what needed to be done, plus I’m unfamiliar with the tooling), but eventually I managed to make Charles Proxy (Charles is free to try) do what I wanted. You could probably also get something like Squid Web Proxy to do the same job. Given how counter-intuitive I found the process, I thought it worth sharing here. For posterity, if nothing else.
The first thing I wanted was to actually have my VirtualBox traffic go through Charles. I started up Charles, and went into my Windows ’95 settings. In Control Panel, there’s an “Internet” section, where you can configure a web proxy, like so:
I knew that I had to set the port to 8888 because the Charles documentation says so, and I knew to use the IP address 10.0.2.2 because that’s my virtual machine’s so-called gateway to the internet — it’s talking about my Mac. Yours might be different, find it with the winipcfg tool (Start → Run… → winipcfg) in the “Default Gateway” field.
After configuring all that stuff, we could start seeing things happening in Charles! Refreshing a Google search results page gave us the following breakdown of traffic:
However, now we have to tackle the issue where most sites, if you hit their http://www.example.com endpoint, will come right back with a response saying something like:
HTTP/1.0 301 Moved Permanently
Location: https://www.example.com/..which is telling you to go to the SSL version. Hm. That just causes the error we saw before in IE4, where it can’t make head or tail of the secure request.
What if we could request plain old http:// URLs via Charles, and have Charles turn them into https:// requests transparently? It turns out that’s possible, and easy — “Map Remote” is a built-in feature of Charles!
Here’s the rule I made to map all secure requests to insecure ones (access this window via the “Tools → Map Remote…” menu). I’ll spare you the trial-and-error process it took me to get to this — in retrospect — elegant rule.
That’s awesome, and it appears to work! Here’s the Wikipedia page on proxy servers:
Great! There’s one issue though: none of the links work. In Google search results page, all the links point to the https versions of sites, so browsing isn’t a very pleasing experience at all. Since we’re now proxying plain-text requests and responses, how about we simply re-write URLs before the Windows ’95 browser ever sees them? It turns out that Charles has another handy feature, aptly named Rewrite which will do exactly what we need. Here’s the rule I set up:
First, add a “Body” rules which rewrites the text “https” to “http” inside Responses only. You’ll see I also made a URL rule which rewrites requested URLs that end in “.css” to invalid URLs. This was a bit of a hack, but I figured since modern CSS was hardly supported anyway I might as well save the effort downloading it and making the websites’ layout even worse.
And there you go! Internet Explorer thinks it’s communicating over plain-text HTTP, but actually it’s connecting to Charles Proxy on my laptop, which is then making the HTTPS encrypted connection to the outside world! Something seems not-quite-right with Host: headers, so probably my Charles config could use some tweaking.
Heaps more vintage sites on http://www.404pagefound.com!
There you have it. A fun weekend project to make a few screenshots. I’ll add that this setup isn’t 100% reliable: oftentimes I’ll have to massage the Host: headers myself, or turn rewriting off for certain pages that are http-only (since my setup assumes HTTPS works everywhere, which turns out not to be true). But at the very least I hope this tickled your nostalgia itch, and perhaps even motivated you to dive in and try something similar if you’re bored one evening.
Note: this is a Man-in-the-Middle attack — don’t do this to anyone except yourself and for educational purposes, because it’s mean and/or illegal and/or you’re compromising security. This demonstration is only provided for your amusement and to gawk at a few ancient screenshots. Stay safe out there and don’t hack people!
Footnotes
¹ Supposedly because modern processors are too fast, one sometimes gets a dreaded While initializing device IOS: Windows Protection Error message on startup. I’ve linked directly to the ZIP archive containing the modern-CPU-patch, because I found it really hard to remember where/how I found it. However, it looks like it’s on a host that’s liable to go down, so here are some more sources:
- Archive.org link to forum thread with announcement and download link
(original: https://msfn.org/board/topic/141402-windows-95-21ghz-cpu-limit-broken/) - Archive.org link to the ZIP archive at original download location
(original: FIX95CPU_V3_FINAL.ZIP) - See also this helpful StackOverflow/SuperUser post about a similar problem, linking to the same resources.
² Apparently Internet Explorer 6 was at peak popularity around 2002, and only lost its majority around 2007. Even then, it remained in use in some businesses — what a long run for an awful browser! [my dubious source]
