Most active commenters
  • lucb1e(4)

←back to thread

All extensions disabled due to expiration of intermediate signing cert

(bugzilla.mozilla.org)
1318 points xvector | 20 comments | 04 May 19 01:31 UTC | HN request time: 1.921s | source | bottom
1. lucb1e ◴[04 May 19 08:02 UTC] No.19825098[source]
If everyone's add-ons are disabled, I wonder why mine are not. My computer has been running over night (coincidentally, first time in years) and my add-ons are intact. Does it take a browser restart? Or might I have a setting that prevents this from happening? My system time is correct.

Edit: am on Firefox 66, Linux (Debian Buster/testing), using Firefox from Mozilla directly (not through repositories), and my internet/wifi should not have disconnected. System has been up since 2019-05-03T17:30:00Z, suspended before that.

replies(10): >>19825118 #>>19825121 #>>19825149 #>>19825157 #>>19825182 #>>19825186 #>>19825222 #>>19825225 #>>19825299 #>>19825337 #
2. dschuetz ◴[04 May 19 08:07 UTC] No.19825118[source]
Are you on nightly build?
replies(1): >>19825124 #
3. Svip ◴[04 May 19 08:08 UTC] No.19825121[source]
I think it only checks at start up, or something? Mine has been running for days, and all my add-ons are working. As such, I've decided not to restart Firefox until news arrive that it's working again.
replies(2): >>19825127 #>>19825128 #
4. lucb1e ◴[04 May 19 08:09 UTC] No.19825124[source]
No, same version as the bug report is about: 66.
5. blahyawnblah ◴[04 May 19 08:10 UTC] No.19825127[source]
Mines been running for days and everything was disabled.
replies(1): >>19825131 #
6. ◴[04 May 19 08:10 UTC] No.19825128[source]
7. lucb1e ◴[04 May 19 08:11 UTC] No.19825131{3}[source]
Oh, darn. Thought I found a way to avoid this. Thanks for reporting!

Just a thought, might it be that you suspend (sleep mode in Windows) your system? So not restart the browser, technically, but iirc applications still receive some event when this happens. At the very least, open connections would break. Any TLS connection would re-validate the certificate. In that case, going offline would also trigger it. Have you done any of those (suspend, be offline / switch networks)?

8. ◴[04 May 19 08:14 UTC] No.19825149[source]
9. deng ◴[04 May 19 08:17 UTC] No.19825157[source]
Same here. I've restarted Firefox several times and even manually checked for add-on updates and they are still working. Same on Android. However, I'm not able to install new Add-Ons (I get the "download failed" error). I'm in Germany, maybe that has something to do with it...?

EDIT: Android disabled Add-Ons when I switched from WiFi to mobile connection.

10. bondant ◴[04 May 19 08:22 UTC] No.19825182[source]
Same here, I opened firefox 20 minutes ago and discovered this thread, but all my addons seems to work fine. (FF 66, from debian repo, I'm in EU)
11. akvadrako ◴[04 May 19 08:24 UTC] No.19825186[source]
Are you on Mac? It's also still working for me.
replies(1): >>19825198 #
12. lucb1e ◴[04 May 19 08:28 UTC] No.19825198[source]
Linux (Debian Buster, but Firefox is not from the repositories). Edited in some more info.
13. thesimp ◴[04 May 19 08:35 UTC] No.19825222[source]
Same here. Both on Windows 10 and Kubuntu my Firefox 66.0.3 instances seem to have working add-ons (uBlock Origin) as of now. Both systems have been up for weeks.

Let's see what the day will bring...

replies(1): >>19826229 #
14. arendtio ◴[04 May 19 08:35 UTC] No.19825225[source]
Same here. Arch Linux, FF 66.0.3 (from Arch repos), had the PC in suspend during the night and all add-ons seem to be active.
replies(1): >>19826516 #
15. _zephyrus_ ◴[04 May 19 08:55 UTC] No.19825299[source]
Firefox 66.0.3 here, and this has been the case also for me, i.e. everything is still working. After looking around for a while in bewilderment, I think that what's going is that they have remotely used the "studies" feature of Firefox to temporarily work around the problem.

Indeed, I see in about:studies,

hotfix-reset-xpi-verification-timestamp-1548973•Complete This study sets app.update.lastUpdateTime.xpi-signature-verification to 1556945257

(unfortunately I can not see when it was run in about:studies)

i.e. this "study" has reset the timestamp of the last signature verification to this morning (when I have started Firefox). Since I read around that Firefox performs the check only every 24 hours, I guess that this is reason why we have not been experiencing the problem. We have now another day, after which we will have to reset the timestamp again (if it has not been solved upstream). The field is available/accessible also in about:config.

P.S. To be fairly honest, I was a bit surprised about the "studies" feature, I can not recall when it was introduced, but it is probably my fault for having overlooked it.

replies(1): >>19825378 #
16. Algent ◴[04 May 19 09:09 UTC] No.19825337[source]
Same thing here, I'm on 66.0.3 and I booted the PC 2h ago but I still have everything working properly.

Only reason I've heard of it is because my dad calling me in "panic", it seem to affect both his PC.

17. vatueil ◴[04 May 19 09:25 UTC] No.19825378[source]
Perhaps that's what Mozilla Add-ons was referring to when they tweeted:

https://twitter.com/mozamo/status/1124569680662777856

> We deployed a fix to users who hadn't had their add-ons disabled to make sure they saved that way. You're in that group. :)

replies(1): >>19825490 #
18. makomk ◴[04 May 19 09:59 UTC] No.19825490{3}[source]
Of course, that fix only got to people who didn't disable the "studies" feature after Mozilla abused it to deploy a Mr Robot ad to all their users. Also, enabling it seems to require also agreeing to send telemetry information to Mozilla, so all the privacy-concious people who use extensions to protect their privacy will likely have it disabled as well.
19. thesimp ◴[04 May 19 13:16 UTC] No.19826229[source]
And sharp 15:15 local time my add-ons got disabled and now I have a yellow sign saying "One or more installed add-ons cannot be verified and have been disabled".
20. arendtio ◴[04 May 19 14:05 UTC] No.19826516[source]
Well, now (2 minutes ago) all of a sudden all add-ons were turned off. I have no idea why. I wasn't even doing anything as I was just reading some comments on this thread.