Stories
Slash Boxes
Comments

SoylentNews is people

Technical Details on the Recent Firefox Add-On Outage Posted

posted by martyb on Friday May 10 2019, @09:50PM   Printer-friendly
from the what-browser-will-you-use-to-read-the-report? dept.

canopic jug writes:

Eric Rescorla has a blog post over at Mozilla about the technical details on the recent Firefox add-on outage. He covers the background of how they use certificates, how they tried to mitigate the damage from the outage, how they worked to solve the problem without breaking more things, deployment of the replacement certificate, and why it took so long to fix.

Recently, Firefox had an incident in which most add-ons stopped working. This was due to an error on our end: we let one of the certificates used to sign add-ons expire which had the effect of disabling the vast majority of add-ons. Now that we've fixed the problem for most users and most people's add-ons are restored, I wanted to walk through the details of what happened, why, and how we repaired it.

There were a lot of work arounds discussed here and elsewhere, some of them quite stupid so, lastly, remember to undo any temporary work-arounds that might have been deployed last weekend.

Earlier on SN: In Firefox All Extensions Disabled Due to Expiration of Intermediate Signing Cert

Original Submission

 
This discussion has been archived. No new comments can be posted.
Technical Details on the Recent Firefox Add-On Outage Posted | Log In/Create an Account | Top | 45 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Interesting) by Anonymous Coward on Friday May 10 2019, @10:48PM (9 children)

    by Anonymous Coward on Friday May 10 2019, @10:48PM (#842108)

    Any suggestion as to how to create an independent web browser? Like SN spouted out when SD went evil?

    Setting up SN was pretty damn good accompishment, but maintaining a modern browser is a gargantuan task, but there are many parties with weight we can recruit: EFF, FSF, perhaps others.

    Starting Score:    0  points
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Total Score:   1  

  • (Score: 1, Interesting) by Anonymous Coward on Friday May 10 2019, @11:04PM

    by Anonymous Coward on Friday May 10 2019, @11:04PM (#842119)

    The GNU folks do have a firefox fork: https://www.gnu.org/software/gnuzilla/ [gnu.org] -- I'd expect that addon signature verification is off in the fork or at least disable-able, because the modern Firefox way of requiring users to get extensions "approved" by an external third party is completely at odds with free software values.

  • (Score: 0) by Anonymous Coward on Friday May 10 2019, @11:38PM (4 children)

    by Anonymous Coward on Friday May 10 2019, @11:38PM (#842139)

    Get a very large chunk of money. That will allow us to start the project. Then get a very large income. That will allow us to continue...

    • (Score: -1, Troll) by Ethanol-fueled on Saturday May 11 2019, @12:44AM (3 children)

      by Ethanol-fueled (2792) on Saturday May 11 2019, @12:44AM (#842165) Homepage

      And if you want to avoid the problems that befell other mighty browsers, don't let women or minorities join your team. If anybody asks about your diversity statistics just buy some wigs (some colored pink and purple) and dresses for a photoshoot and say you're all trans.

      • (Score: 0) by Anonymous Coward on Saturday May 11 2019, @05:42AM

        by Anonymous Coward on Saturday May 11 2019, @05:42AM (#842229)

        If anybody asks about your diversity statistics just buy some wigs (some colored pink and purple) and dresses for a photoshoot and say you're all trans.

        Hello sir ma'am, I find your ideas intriguing wish to subscribe to your newsletter.

      • (Score: 0) by Anonymous Coward on Saturday May 11 2019, @05:58AM (1 child)

        by Anonymous Coward on Saturday May 11 2019, @05:58AM (#842232)

        Or you could simply hire based on individual's ability without falling into a trap of only 2 choices.

        • (Score: 2) by Acabatag on Saturday May 11 2019, @08:22PM

          by Acabatag (2885) on Saturday May 11 2019, @08:22PM (#842451)

          Sadly, there are people actively working to make this a difficult choice.

  • (Score: 2) by Azuma Hazuki on Friday May 10 2019, @11:53PM (2 children)

    by Azuma Hazuki (5086) on Friday May 10 2019, @11:53PM (#842144) Journal

    I don't know off the top of my head if there's a Windows port, but Falkon works really well on Linux. I find myself using a lot more Qt than GTK apps over the last few years actually...

    --
    I am "that girl" your mother warned you about...

    • (Score: 0) by Anonymous Coward on Saturday May 11 2019, @02:02AM (1 child)

      by Anonymous Coward on Saturday May 11 2019, @02:02AM (#842190)

      Just looked and there is a Windows port, but, for my Win7 SP1 (not updated), it requires this https://support.microsoft.com/en-us/help/2999226/update-for-universal-c-runtime-in-windows [microsoft.com] patch file from Microsoft.

      I've got an old stable system on this ThinkPad which I'm attached to, don't think I'm going to be installing any patches at this late date.

      Thanks for the recommendation, one of these days I'll be moving to Linux or something similar because I don't want to have anything to do with Windows after 7.

      • (Score: 2) by Azuma Hazuki on Saturday May 11 2019, @02:14AM

        by Azuma Hazuki (5086) on Saturday May 11 2019, @02:14AM (#842195) Journal

        I actually keep Win7 around in a VM for my MIDI sequencer, Anvil Studio. Linux does everything else I want, and I can make it look like pretty much anything with some work. Maybe that setup would work for you?

        --
        I am "that girl" your mother warned you about...