Web lists-archives.com

Re: Add-ons "unverified..."

Sailfish wrote:
My bloviated meandering follows what jetjock graced us with on 5/5/2019 9:13 AM:

Speaking of Bah!

 Yesterday I did a TeamViewer to my sister's computer to fix a Eudora problem. I had no sooner finished when out the blue, FF ESR 52.9 decided to check out it's add-ons, even though it is set to never update! It then flashed a message that it could not find certificates ( or something like that) and had disabled some add-ons. When I looked, it had disabled every add-on except Tab Mix Plus. Remembering what someone had posted yesterday about setting "xpinstall...." settings in about:config to false (which I had done on my machine earlier), I did the same on hers. When I restarted FF, all her add-ons were back and active.

Changing xpinstall.signatures.required in about:config from true to false worked well for my Fx52.9 re-enabled my disabled Ghostery, as well.

I'll gladly forsake a little overblown "security" for actully being able to use my computer!!

Since the 52.x line is legacied, I doubt any security or any other updates will be coming along anyway, except for an errant cert "fix" or so :-) So, as long as I don't install any other add-ons, I expect I'm as good as I'm going to get with that release version.

The certificate problem was caused by a certificate expiring, not by any update to Firefox itself - although obviously a previous update to FF imposed that requirement in the first place. They are releasing updates to fix this mess: One on Saturday (fixed it for some people), one on Sunday (fixed it for some more, including ESR and Android). More is still to come. The product manager for add-ons said "In particular, please do not delete and/or reinstall any add-ons as an attempt to fix the issue".

btw, the requirement was introduced around 4 years ago.

A final point: Windows XP is no longer supported by Firefox and my guess is that add-ons there are currently pretty much irretrievably broken. The FF people should really make an exception for this bug but I'm not sure they will be that user-friendly.
Seamonkey does *not* suffer from this problem.

spammus ergo sum, viruses courtesy of https://www.nsa.gov/malware/
general mailing list