←back to thread

All extensions disabled due to expiration of intermediate signing cert

(bugzilla.mozilla.org)
1318 points xvector | 1 comments | 04 May 19 01:31 UTC | HN request time: 0s | source
Show context
rmbryan ◴[04 May 19 10:27 UTC] No.19825581[source]
Update: We have rolled out a partial fix for this issue. We generated a new intermediate certificate with the same name/key but an updated validity window and pushed it out to users via Normandy (this should be most users). Users who have Normandy on should see their add-ons start working over the next few hours. We are continuing to work on packaging up the new certificate for users who have Normandy disabled.
replies(20): >>19825596 #>>19825603 #>>19825612 #>>19825623 #>>19825631 #>>19825665 #>>19825705 #>>19825721 #>>19825744 #>>19825813 #>>19825905 #>>19825998 #>>19826421 #>>19826769 #>>19826772 #>>19826878 #>>19827050 #>>19829585 #>>19831941 #>>19840386 #
brador ◴[04 May 19 10:31 UTC] No.19825596[source]
What is Normandy?
replies(2): >>19825604 #>>19825613 #
megous ◴[04 May 19 10:33 UTC] No.19825604[source]
https://wiki.mozilla.org/Firefox/Normandy/PreferenceRollout
replies(1): >>19825619 #
chinathrow ◴[04 May 19 10:36 UTC] No.19825619{3}[source]
So is that a backdoor into my prefs? How can I check if Normandy is active on my installation?
replies(2): >>19825625 #>>19825696 #
verdandi ◴[04 May 19 10:38 UTC] No.19825625{4}[source]
Type about:config in the address bar and search for 'app.normandy.enabled' flag.
replies(3): >>19825647 #>>19825659 #>>19826386 #
inferiorhuman ◴[04 May 19 10:48 UTC] No.19825659{5}[source]
Well that's interesting. I see Normandy enabled, but if I go to the "Privacy and Security" section of the preferences page I see all the data collection and use stuff disabled. There's no obvious way to disable the Normandy back door.

Oh well, at least we don't have another season of Mr Robot spam to look forward to.

replies(3): >>19825777 #>>19825846 #>>19826202 #
1. ◴[04 May 19 11:18 UTC] No.19825777{6}[source]