If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#16
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
On Sat, 4 May 2019 10:05:04 +0200, in alt.comp.os.windows-10, R.Wieser
wrote: (This is a repost of the the response I gave to the same post in the alt.os.linux newsgroup) As someone on slashdot mentioned, why are those add-ons even checked each-and-every time you start your browser ? Are they expected to mutate somehow (and no, I do not mean updates) ? All the thats that certificate /should/ be needed for is to make sure that you get & install the add-on as the developer has created it. In its current implementation its simply a kill-switch for anything Mozilla wishes to declare "obsolete". :-( And by the way: the work around is to go into about:config, find "xpinstall.signatures.required" and set it to false (which is actually the first thing I do when installing FF :-) ) That does not work in Windows 64-bit, after the extensions have failed. -- Zag No one ever said on their deathbed, 'Gee, I wish I had spent more time alone with my computer.' ~Dan(i) Bunten |
Ads |
#17
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
Zaghadka,
That does not work in Windows 64-bit, after the extensions have failed. I've seen a number of responses, some saying it does, others saying it doesn't. No idea if its a 32 vs 64 bit thing or not. Might even have to do with version differences. Regards, Rudy Wieser |
#18
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
On Sat, 4 May 2019 17:21:49 +0200, in alt.comp.os.windows-10, R.Wieser
wrote: Mayayana, "Mayayana" wrote in message ... "R.Wieser" wrote | As someone on slashdot mentioned, why are those add-ons even | checked each-and-every time you start your browser ? Are they | expected to mutate somehow (and no, I do not mean updates) ? It's a bug. From the page you linked to "and suggests the sudden failure is due to a code signing certificate built into the browser that expired just after 5 PM". So no, not even they consider it to be a bug. But, try to come up with rational explanation how such a bug could hit /all/ plugins for /all/ users at /the same time/. Good luck. :-) The lesson here is yet one more example of why you shouldn't allow software companies onto your system to do unreliable and intrusive dripfeed updates. Agreed. If your extensions were disabled you simply don't have adequate security. Bull****. This is not some hacker that tries to gain entrance and create havock, or a virus that tries to "do it's thang", this is a program which does exactly what its designed for. There is /no/ security measure you can have implemented to ward it off. And no, restoring a backup would not have helped either - the certificate would still be expired. Maybe they'll wise up and fix this with a 3-day waiting period where the browser warns you that extension verification has failed. "Run at your own risk," but it'll run at least. Gives them time to fix it. A bad, built-in cert. At the least, they're going to have to start mandatory clock set tests for nightly and beta to ward this off in the future. And surprise, surprise, Persona (light) themes are also signed. There is no reason for that other than the desire to centrally control themes in case one is found to be offensive, or in support of civil unions, or violates copyright. SMH. More info at: https://support.mozilla.org/en-US/kb...nstall-firefox They'd better fix this in less than a day or so or people will be switching to Chrome in droves. -- Zag No one ever said on their deathbed, 'Gee, I wish I had spent more time alone with my computer.' ~Dan(i) Bunten |
#19
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
On Sat, 4 May 2019 20:13:15 +0200, in alt.comp.os.windows-10, R.Wieser
wrote: Zaghadka, That does not work in Windows 64-bit, after the extensions have failed. I've seen a number of responses, some saying it does, others saying it doesn't. No idea if its a 32 vs 64 bit thing or not. Might even have to do with version differences. It's 66.0.3, Win 10 1809, 64-bit, and I guess the answer is "software is complicated." Thanks for sharing, at least. It was worth a shot. -- Zag No one ever said on their deathbed, 'Gee, I wish I had spent more time alone with my computer.' ~Dan(i) Bunten |
#20
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
Mayayana wrote:
"R.Wieser" wrote Does the "xp" in its name mean it's only for Windows XP versions? (If not, what _does_ it mean?) Extension package install. | That is an answer to a question that has not been asked. I wonder if you're getting enough sleep, Rudy. You seem to argue with virtually everything these days. https://en.wikipedia.org/wiki/XPCOM Cross Platform Component Object Model (XPCOM) So the XP stands for "Cross Platform". https://en.wikipedia.org/wiki/XUL XML User (Interface) Language They're quite creative with their TLAs. Paul |
#21
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
On Sat, 04 May 2019 13:14:49 -0500, Zaghadka wrote:
https://support.mozilla.org/en-US/kb...nstall-firefox They'd better fix this in less than a day or so or people will be switching to Chrome in droves. Thanks for that link which says that "studies" is used for the "temporary" fix, apparently, but not on all platforms (apparently). Firefox: Options Privacy & Security Firefox Data Collection and Use [x]Allow Firefox to install and run studies I do not claim to understand either the problem or the permanent solution, so, given that, what I wonder, perhaps too innocently, is why don't they just compile a new Firefox binary that contains a new built-in certificate that is known to be good? Then we could all download that new binary, and be done with it. What's wrong with my assumption (bearing in mind I admit I don't fully understand the problem set yet). |
#22
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
On Sat, 4 May 2019 18:45:05 -0000 (UTC), in alt.comp.os.windows-10, Arlen
G. Holder wrote: On Sat, 04 May 2019 13:14:49 -0500, Zaghadka wrote: https://support.mozilla.org/en-US/kb...nstall-firefox They'd better fix this in less than a day or so or people will be switching to Chrome in droves. Thanks for that link which says that "studies" is used for the "temporary" fix, apparently, but not on all platforms (apparently). Firefox: Options Privacy & Security Firefox Data Collection and Use [x]Allow Firefox to install and run studies I do not claim to understand either the problem or the permanent solution, so, given that, what I wonder, perhaps too innocently, is why don't they just compile a new Firefox binary that contains a new built-in certificate that is known to be good? Then we could all download that new binary, and be done with it. What's wrong with my assumption (bearing in mind I admit I don't fully understand the problem set yet). IMO, Nothing. It's a good question. -- Zag No one ever said on their deathbed, 'Gee, I wish I had spent more time alone with my computer.' ~Dan(i) Bunten |
#23
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
"Paul" wrote
| So the XP stands for "Cross Platform". | | https://en.wikipedia.org/wiki/XUL | It looks like that's right. I'd seen the phrase "Extension package" and assumed that must be it. To complicate things, the XPInstall method is apparently phased out, but it's still XPI. |
#24
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
"Zaghadka" wrote
| It's 66.0.3, Win 10 1809, 64-bit, and I guess the answer is "software is | complicated." | I have 66 on Win7-64. It seems to be fine. NoScript and DownloadHelper are installed. Neither is malfunctioning. I also have xpinstall.whitelist.required set to false, but I don't have any reason to think that's an issue. And I always disable all calling home, so it's possible that's related. |
#25
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
On Sat, 4 May 2019 15:40:19 -0400, Mayayana wrote:
I have 66 on Win7-64. It seems to be fine. NoScript and DownloadHelper are installed. Neither is malfunctioning. I also have xpinstall.whitelist.required set to false, but I don't have any reason to think that's an issue. And I always disable all calling home, so it's possible that's related. It looks like _some_ fixes have been rolled out, for example, on my desktop I just snapped this screenshot showing Mozilla applied the fix to my Firefox browser (which didn't have any extensions by design anyway): https://i.postimg.cc/D0w9msK1/firefox01.jpgOuOOki That check above was explained here, in what appears to be the canonical Mozilla blog on the topic (thanks to Zaghadka): o Add-ons disabled or fail to install on Firefox https://support.mozilla.org/en-US/kb/add-ons-disabled-or-fail-to-install-firefox "It may take up to six hours for the study to be applied to Firefox. To check if the fix has been applied, you can enter about:studies in the address bar. If the fix is active, you˘ll see hotfix-reset-xpi-verification-timestampe-1548973" My main question is why can't they just re-compile Firefox with a built-in known good certificate? |
#26
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
"Zaghadka" wrote
| It's 66.0.3, Win 10 1809, 64-bit, and I guess the answer is "software is | complicated." | I spoke too soon. It was fine until I actually used an extension. Then the disabling kicked in. I've gone back to FF52.9 on Win7 and now it all works fine. |
#27
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
Paul,
Cross Platform Component Object Model (XPCOM) So the XP stands for "Cross Platform". I think you came to the right conclusion (cross platform), but taken from the wrong source. Just ask yourself how you can transform "xpcom" to "xpinstal". I already gave the link I found for it to Mayayana (https://developer.mozilla.org/en-US/docs/Mozilla/XPI), but somehow he even refused to acknowledge it (but did acknowledge yours) ... Worse, I just noticed that what you responded to from Mayayana is a frankenstein of creative quoting, murdering context in the process. :-( Regards, Rudy Wieser |
#28
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
On Sat, 4 May 2019 05:32:39 -0000 (UTC), Arlen G. Holder wrote:
Firefox disabled all add-ons because a certificate expired UPDATE: o Bug report 1549129: https://bugzilla.mozilla.org/show_bug.cgi?id=1549129 o 66.0.4 release notes: https://www.mozilla.org/firefox/66.0.4/releasenotes/ o Full offline installer: https://www.mozilla.org/en-US/firefox/all/ I haven't been watching this closely simply because I strategically load a dozen different browsers to set up each browser specifically for a web site (or similar set of web sites), such that I don't need addons (except some browsers, like the TBB need their addons to be working). However, they recently updated the canonical web page Zag kindly provided: https://support.mozilla.org/en-US/kb/add-ons-disabled-or-fail-to-install-firefox Which now reports: "*A fix has been released in Firefox version 66.0.4* An update will be rolled out automatically with the latest fixes or you can download a new version. Please see the 66.0.4 release notes for more information. We are also working on a fix for Firefox for Android." o 66.0.4 Download: https://www.mozilla.org/firefox/new/ No specific mention of iOS. |
#29
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
On Mon, 6 May 2019 01:04:38 -0000 (UTC), Arlen G. Holder wrote:
No specific mention of iOS. I don't see that there are any updates to the Tor Browser Bundle. Anyone know the scoop on the TBB updates? |
#30
|
|||
|
|||
Firefox disabled all add-ons because a certificate expired
R.Wieser wrote on 5/4/2019 :
(This is a repost of the the response I gave to the same post in the alt.os.linux newsgroup) As someone on slashdot mentioned, why are those add-ons even checked each-and-every time you start your browser ? Are they expected to mutate somehow (and no, I do not mean updates) ? All the thats that certificate /should/ be needed for is to make sure that you get & install the add-on as the developer has created it. In its current implementation its simply a kill-switch for anything Mozilla wishes to declare "obsolete". :-( And by the way: the work around is to go into about:config, find "xpinstall.signatures.required" and set it to false (which is actually the first thing I do when installing FF :-) ) Regards, Rudy Wieser v53 on Win7 I just finally got sick of waiting and did the xpinstall.signatures.required false. Closed the tab, closed FF (telling it ok to multiple tabs). Opened again and did the restore last session, and... Nothing. Didn't help a bit. Adblock still a no go and even my setpoint is disabled. Any other sure fixes on this deal, yet? Wonder if they'll ever do anything for the old versions? Interesting that just last weekend, my various newspapers all started to not work unless I disabled adblock (which I did not do) at the very same moment. It had to be contrived among the competitors... no way just dumb luck. If FF has been lying about the no update switch, how am I to believe that they're trashing of adblocks doesn't have too much coincidence to follow days behind. I am new to tinfoil, well, except the google colored stuff, so I don't know what to think here. Just finally got a new ssd in the mail yesterday, but there's no way I want to clone the mess that is FF right now. |
Thread Tools | |
Display Modes | |
|
|