SoylentNews is people
SoylentNews
Armagadd-on 2.0, Mozilla expired certificate disables add-ons
No, the culprit you are losing add-ons isn't your computer, or maybe your old FF, or dropping of Webextensions API. Twitter, Reddit, everyone is wondering what is going on. This Armagadd-on 2.0 has a simple explanation: Mozilla forgot to renew certificates, and so add-ons are failing like if they were not properly signed, because technically they are not. Even signing of new add-ons is down (see comment 9). Great weekend at Mozilla HQ!
Some workarounds, until they clean up the mess, include playing with the computer clock (NTP? forget it) or disabling signature checks (not possible in default releases).
All Firefox extensions disabled due to expiration of intermediate signing cert
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0
Steps to reproduce:
Wait until it's past midnight on 2019-05-04 UTC.
Actual results:
All addons got disabled due not having valid signature.
Expected results:
If the signature was due to expire, it should have been renewed weeks ago. Not all extensions were disabled. Fakespot and Google Scholar Button were left in their disabled state.
Some reports on reddit says that they had their clocks a day forward, but they may be just early canaries for the actual widespread issue.
Going backwards in time allows installation from AMO (Mozilla Add-ons) but do not remove the unsupported mark from the add-ons already installed.
https://bugzilla.mozilla.org/show_bug.cgi?id=1548973
Workaround: Go to about:config and set xpinstall.signatures.required to false
(Score: 5, Informative) by Anonymous Coward on Saturday May 04 2019, @02:22PM (11 children)
Apparently as part of the bugfix, mozilla just "revealed" (it wasn't secret but not well publicized or known) they have a way to mess with your preferences without your knowledge. Basically a backdoor update mechanism.
https://wiki.mozilla.org/Firefox/Normandy/PreferenceRollout [mozilla.org]
(Score: 3, Insightful) by Azuma Hazuki on Saturday May 04 2019, @03:13PM (5 children)
O~kay, and that right there is getting me off of Firefox. Just need to find a way to bend Midori or Falkon to my will.
I am "that girl" your mother warned you about...
(Score: 4, Informative) by Anonymous Coward on Saturday May 04 2019, @03:54PM (1 child)
Go Palemoon?
Also, that bending to will stuff, can we watch?
(Score: 3, Interesting) by Azuma Hazuki on Sunday May 05 2019, @04:45AM
Falkon seems to be the best choice for me right now. Midori is...well, Midori, it's got Mad GNOME Disease or something. Pale Moon crashed a few times and the non-bootstrapping adblocker takes ages to load. Surf's adblocker isn't up to task, though I really like it otherwise. NetSurf is not really usable. It also has a surprisingly competent if small set of extensions available. Seems I'll be using more and more Qt apps as time goes on...
I am "that girl" your mother warned you about...
(Score: 5, Interesting) by jmorris on Saturday May 04 2019, @06:49PM (1 child)
My normie existence has been split between Seamonkey and Firefox for some time now. Thinking it is time to push the migration schedule up to "ASAP." Dissident life has been on and off with Brave for some time, it keeps getting better and more suitable as a default browser. Chrome is of course a non-starter.
Bottom line. We should have seen the writing on the wall with Moz Corp a few years ago, a lifetime of familiarity and goodwill with Netscape and Mozilla's children have lead us to greatly underestimate the danger they have become. The only reason Google is more dangerous is the nearly Trillion dollar market cap they can wield, which has allowed them to push Moz out of the way. But we need to wake up, lose the attachment to what they once were and let them die; for if they ever did write a new chapter in the Book of Mozilla, if they had another rebirth it would be in an awful and terrible form. The lizard has gone bad, we have to put it down, out of love for what it once stood for. Let not future generations remember Mozilla only for its modern sad and evil form in its twilight, let it be remembered as a powerful symbol of the first great age of the Internet. Let him be remembered for standing proudly and roaring his mighty challenge at Mammon.
(Score: 2) by urza9814 on Monday May 06 2019, @02:21PM
The problem with Brave is that it cements Google's control over the web -- it's just one more Chrome clone.
(Score: 2) by darkfeline on Sunday May 05 2019, @05:59AM
If the ability to change preferences is what stops you from trusting a piece of software, I hate to break this to you, but the devs can basically make their software do whatever they want, irrespective of whether they have a formal way of changing preferences. It's a pretty arbitrary and meaningless fact to base your trust or distrust on.
A feature like this has legitimate applications, for example if a serious bug is discovered in a setting, but a minority of users may still need/want that setting, then it makes sense to reset that setting and let users who want it set it back manually after reading the warning about the bug.
Join the SDF Public Access UNIX System today!
(Score: 0) by Anonymous Coward on Saturday May 04 2019, @09:32PM
I literally just removed Firefox and Thunderbird from my PC after reading the page you linked. Fuck you, Mozilla cunts.
(Score: 2) by darkfeline on Sunday May 05 2019, @06:04AM (3 children)
Apparently A/B testing is considered a backdoor now.
Join the SDF Public Access UNIX System today!
(Score: 0) by Anonymous Coward on Monday May 06 2019, @02:48AM
When I choose a setting, I expect it to remain set, even through an update. It definitely shouldn't be silently changing in the background.
(Score: 2) by urza9814 on Monday May 06 2019, @02:25PM (1 child)
The problem isn't that they're doing A/B testing, the problem is that they're remotely modifying software on other peoples' computers in order to do it.
(Score: 2) by Reziac on Wednesday May 08 2019, @05:22AM
And how is this not the biggest security hole in the history of browsers??
Hey Igor, let's change everyone's Mozilla to allow drive-by installs of our malware...
And there is no Alkibiades to come back and save us from ourselves.