Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > alt.comp.software.firefox > #12681 > unrolled thread

Suddenly all extensions are deemed "corrupted"

Back to article view | Back to alt.comp.software.firefox

Contents

  Suddenly all extensions are deemed "corrupted" The Real Bev <bashley101@gmail.com> - 2025-03-14 20:06 -0700
    Re: Suddenly all extensions are deemed "corrupted" Reiner Schug <schugo@schugo.de> - 2025-03-15 04:17 +0100
    Re: Suddenly all extensions are deemed "corrupted" Frank Miller <miller@posteo.ee> - 2025-03-15 04:42 +0100
      Re: Suddenly all extensions are deemed "corrupted" The Real Bev <bashley101@gmail.com> - 2025-03-14 21:56 -0700
        Re: Suddenly all extensions are deemed "corrupted" Reiner Schug <schugo@schugo.de> - 2025-03-15 06:01 +0100
          Re: Suddenly all extensions are deemed "corrupted" The Real Bev <bashley101@gmail.com> - 2025-03-14 22:05 -0700
        Re: Suddenly all extensions are deemed "corrupted" The Real Bev <bashley101@gmail.com> - 2025-03-14 22:03 -0700
        Re: Suddenly all extensions are deemed "corrupted" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-15 14:21 +0100
          Re: Suddenly all extensions are deemed "corrupted" "R.Wieser" <address@is.invalid> - 2025-03-15 14:44 +0100
          Re: Suddenly all extensions are deemed "corrupted" Andy Burns <usenet@andyburns.uk> - 2025-03-15 14:39 +0000
            Re: Suddenly all extensions are deemed "corrupted" Richmond <dnomhcir@gmx.com> - 2025-03-15 15:02 +0000
              Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-16 06:04 -0500
              Re: Suddenly all extensions are deemed "corrupted" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-16 15:09 +0100
          Re: Suddenly all extensions are deemed "corrupted" Stan Brown <the_stan_brown@fastmail.fm> - 2025-03-15 11:23 -0700
          Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-16 05:57 -0500
      Re: Suddenly all extensions are deemed "corrupted" Dave Royal <dave@dave123royal.com> - 2025-03-15 06:57 +0000
        Re: Suddenly all extensions are deemed "corrupted" Andy Burns <usenet@andyburns.uk> - 2025-03-15 13:06 +0000
    Re: Suddenly all extensions are deemed "corrupted" "R.Wieser" <address@is.invalid> - 2025-03-15 07:55 +0100
      Re: Suddenly all extensions are deemed "corrupted" jetjock <jetjock@unkown.com> - 2025-03-15 13:36 -0500
        Re: Suddenly all extensions are deemed "corrupted" Frank Miller <miller@posteo.ee> - 2025-03-15 19:45 +0100
          Re: Suddenly all extensions are deemed "corrupted" None <none@none.none> - 2025-03-15 14:43 -0500
            Re: Suddenly all extensions are deemed "corrupted" Frank Miller <miller@posteo.ee> - 2025-03-15 21:15 +0100
          Re: Suddenly all extensions are deemed "corrupted" jetjock <jetjock@unkown.com> - 2025-03-15 16:07 -0500
            Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-16 21:24 -0500
              Re: Suddenly all extensions are deemed "corrupted" jetjock <jetjock@unkown.com> - 2025-03-17 13:12 -0500
                Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-18 01:42 -0500
                  Re: Suddenly all extensions are deemed "corrupted" jetjock <jetjock@unkown.com> - 2025-03-18 11:41 -0500
                    Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-18 23:28 -0500
                    Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-18 23:41 -0500
                    Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-18 23:59 -0500
                      Re: Suddenly all extensions are deemed "corrupted" jetjock <jetjock@unkown.com> - 2025-03-19 13:46 -0500
                        Re: Suddenly all extensions are deemed "corrupted" Reiner Schug <schugo@schugo.de> - 2025-03-19 21:08 +0100
                        Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-19 20:43 -0500
                          Re: Suddenly all extensions are deemed "corrupted" jetjock <jetjock@unkown.com> - 2025-03-20 09:31 -0500
                            Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-20 13:25 -0500
                          Re: Suddenly all extensions are deemed "corrupted" jetjock <jetjock@unkown.com> - 2025-03-20 21:39 -0500
                            Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-21 02:11 -0500
                              Re: Suddenly all extensions are deemed "corrupted" jetjock <jetjock@unkown.com> - 2025-03-21 11:53 -0500
                                Re: Suddenly all extensions are deemed "corrupted" jetjock <jetjock@unkown.com> - 2025-03-21 13:46 -0500
                                  Re: Suddenly all extensions are deemed "corrupted" Reiner Schug <schugo@schugo.de> - 2025-03-22 14:50 +0100
                                  Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-22 13:40 -0500
                                    Re: Suddenly all extensions are deemed "corrupted" Reiner Schug <schugo@schugo.de> - 2025-03-22 20:59 +0100
                                      Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-22 15:13 -0500
                                    Re: Suddenly all extensions are deemed "corrupted" jetjock <jetjock@unkown.com> - 2025-03-23 10:27 -0500
                                Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-22 04:40 -0500
          Re: Suddenly all extensions are deemed "corrupted" "David E. Ross" <nobody@nowhere.invalid> - 2025-03-15 18:03 -0700
            Re: Suddenly all extensions are deemed "corrupted" Frank Miller <miller@posteo.ee> - 2025-03-16 03:19 +0100
              Re: Suddenly all extensions are deemed "corrupted" The Real Bev <bashley101@gmail.com> - 2025-03-15 23:45 -0700
                Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-16 20:31 -0500
        Re: Suddenly all extensions are deemed "corrupted" "R.Wieser" <address@is.invalid> - 2025-03-15 21:20 +0100
      Re: Suddenly all extensions are deemed "corrupted" The Real Bev <bashley101@gmail.com> - 2025-03-15 12:25 -0700
        Re: Suddenly all extensions are deemed "corrupted" "R.Wieser" <address@is.invalid> - 2025-03-15 21:24 +0100
          Re: Suddenly all extensions are deemed "corrupted" The Real Bev <bashley101@gmail.com> - 2025-03-15 23:40 -0700
        Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-16 06:09 -0500
          Re: Suddenly all extensions are deemed "corrupted" jetjock <jetjock@unkown.com> - 2025-03-16 09:57 -0500
            Re: Suddenly all extensions are deemed "corrupted" Andy Burns <usenet@andyburns.uk> - 2025-03-16 15:11 +0000
              Re: Suddenly all extensions are deemed "corrupted" jetjock <jetjock@unkown.com> - 2025-03-17 13:06 -0500
          Re: Suddenly all extensions are deemed "corrupted" "David E. Ross" <nobody@nowhere.invalid> - 2025-03-16 09:13 -0700
            Re: Suddenly all extensions are deemed "corrupted" gym <no_one@example.net> - 2025-03-16 20:25 -0500

Page 1 of 3  [1] 2 3  Next page →

#12681 — Suddenly all extensions are deemed "corrupted"

FF82/linux.  Worked OK this morning.  When I came back just now every 
single extension -- the only thing that made FF worth using -- was dead. 
  Restarted, same thing.  I know it's old, but I liked the way it worked.

Is this what happens to every version at some point?  This is the first 
time in 30 years...

-- 
Cheers, Bev
   "If anyone disagrees with anything I  say, I am quite prepared
    not only to  retract it,  but also to deny under  oath that I
    ever said it."                                   -- T. Lehrer

[toc] | [next] | [standalone]

#12682

On 15.03.2025 04:06, The Real Bev wrote:
> FF82/linux.  Worked OK this morning.  When I came back just now every 
> single extension -- the only thing that made FF worth using -- was dead. 
>   Restarted, same thing.  I know it's old, but I liked the way it worked.
> 
> Is this what happens to every version at some point?  This is the first 
> time in 30 years...

"Mozilla has issued an urgent warning to Firefox users worldwide, emphasizing
the critical need to update their browsers before March 14, 2025, when a vital
root certificate will expire. This expiration threatens to disable extensions,
break DRM-protected content playback, and expose users to significant security
risks."

ciao..

[toc] | [prev] | [next] | [standalone]

#12683

The Real Bev wrote:
> FF82/linux.  Worked OK this morning.  When I came back just now every 
> single extension -- the only thing that made FF worth using -- was dead. 
>   Restarted, same thing.  I know it's old, but I liked the way it worked.
> 
> Is this what happens to every version at some point?  This is the first 
> time in 30 years...

Mozilla just fucked off their certificates.
https://www.bleepingcomputer.com/news/software/mozilla-warns-users-to-update-firefox-before-certificate-expires/
https://support.mozilla.org/en-US/kb/root-certificate-expiration

[toc] | [prev] | [next] | [standalone]

#12684

On 3/14/25 8:42 PM, Frank Miller wrote:
> The Real Bev wrote:
>> FF82/linux.  Worked OK this morning.  When I came back just now every 
>> single extension -- the only thing that made FF worth using -- was dead. 
>>   Restarted, same thing.  I know it's old, but I liked the way it worked.
>> 
>> Is this what happens to every version at some point?  This is the first 
>> time in 30 years...
> 
> Mozilla just fucked off their certificates.
> https://www.bleepingcomputer.com/news/software/mozilla-warns-users-to-update-firefox-before-certificate-expires/
> https://support.mozilla.org/en-US/kb/root-certificate-expiration

I assumed this was just another of their 'security' lies.  My mistake.

What is the newest version that will work?  I'm running the latest beta 
(I might install the latest release now that I have to do SOMETHING) 
version too, but I'm getting gun-shy now.


-- 
Cheers, Bev
             "Don't force it, use a bigger hammer!"
	         		      --M. Irving

[toc] | [prev] | [next] | [standalone]

#12685

On 15.03.2025 05:56, The Real Bev wrote:
>...
>> https://support.mozilla.org/en-US/kb/root-certificate-expiration
> 
> I assumed this was just another of their 'security' lies.  My mistake.
> 
> What is the newest version that will work?  ...

can you read?

FF 128 or
115.13+ for ESR

ciao..

[toc] | [prev] | [next] | [standalone]

#12687

On 3/14/25 10:01 PM, Reiner Schug wrote:
> On 15.03.2025 05:56, The Real Bev wrote:
>>...
>>> https://support.mozilla.org/en-US/kb/root-certificate-expiration
>> 
>> I assumed this was just another of their 'security' lies.  My mistake.
>> 
>> What is the newest version that will work?  ...
> 
> can you read?
> 
> FF 128 or
> 115.13+ for ESR
> 
> ciao..

Grazie..

Yes, just after I posted :-(


-- 
Cheers, Bev
             "Don't force it, use a bigger hammer!"
	         		      --M. Irving

[toc] | [prev] | [next] | [standalone]

#12686

On 3/14/25 9:56 PM, The Real Bev wrote:
> On 3/14/25 8:42 PM, Frank Miller wrote:
>> The Real Bev wrote:
>>> FF82/linux.  Worked OK this morning.  When I came back just now every 
>>> single extension -- the only thing that made FF worth using -- was dead. 
>>>   Restarted, same thing.  I know it's old, but I liked the way it worked.
>>> 
>>> Is this what happens to every version at some point?  This is the first 
>>> time in 30 years...
>> 
>> Mozilla just fucked off their certificates.
>> https://www.bleepingcomputer.com/news/software/mozilla-warns-users-to-update-firefox-before-certificate-expires/
>> https://support.mozilla.org/en-US/kb/root-certificate-expiration
> 
> I assumed this was just another of their 'security' lies.  My mistake.
> 
> What is the newest version that will work?  

128 or 115.13ESR

> I'm running the latest beta
> (I might install the latest release now that I have to do SOMETHING)
> version too, but I'm getting gun-shy now.


-- 
Cheers, Bev
             "Don't force it, use a bigger hammer!"
	         		      --M. Irving

[toc] | [prev] | [next] | [standalone]

#12692

On 2025-03-15 05:56, The Real Bev wrote:
> On 3/14/25 8:42 PM, Frank Miller wrote:
>> The Real Bev wrote:
>>> FF82/linux.  Worked OK this morning.  When I came back just now every 
>>> single extension -- the only thing that made FF worth using -- was 
>>> dead.   Restarted, same thing.  I know it's old, but I liked the way 
>>> it worked.
>>>
>>> Is this what happens to every version at some point?  This is the 
>>> first time in 30 years...
>>
>> Mozilla just fucked off their certificates.
>> https://www.bleepingcomputer.com/news/software/mozilla-warns-users-to- 
>> update-firefox-before-certificate-expires/
>> https://support.mozilla.org/en-US/kb/root-certificate-expiration
> 
> I assumed this was just another of their 'security' lies.  My mistake.
> 
> What is the newest version that will work?  I'm running the latest beta 
> (I might install the latest release now that I have to do SOMETHING) 
> version too, but I'm getting gun-shy now.

I think you may keep your old version, if you manage somehow to update 
the root certificate.

Notice that Mozilla did not do anything. Simply when you create or buy a 
certificate, it is created with an expiration date. And that date will 
eventually arrive.

-- 
Cheers, Carlos.

[toc] | [prev] | [next] | [standalone]

#12694

Carlos,

> I think you may keep your old version, if you manage somehow to update the
> root certificate.

I have an /ancient/ version (v52), have not updated anything and it still 
seems to
work ... (knock on wood, maybe its just caching)

Ah yes, under "view certificates" the earliest to expire is of 2030.

... maybe *not* wanting to update everytime Mozilla farts isn't such a bad
thing ? :-p

Regards,
Rudy Wieser

[toc] | [prev] | [next] | [standalone]

#12695

Carlos E.R. wrote:

> Notice that Mozilla did not do anything. Simply when you create or buy a 
> certificate, it is created with an expiration date. And that date will 
> eventually arrive.

But most products using certificates have a mechanism to allow updating 
certificates, indeed Firefox can update the certificates used to trust 
websites, but it seems the certificates to trust add-ons are separate 
from that mechanism.

[toc] | [prev] | [next] | [standalone]

#12696

Andy Burns <usenet@andyburns.uk> writes:

> Carlos E.R. wrote:
>
>> Notice that Mozilla did not do anything. Simply when you create or
>> buy a certificate, it is created with an expiration date. And that
>> date will eventually arrive.
>
> But most products using certificates have a mechanism to allow
> updating certificates, indeed Firefox can update the certificates used
> to trust websites, but it seems the certificates to trust add-ons are
> separate from that mechanism.

Did they ever disclose the name of the certificate? or maybe it is kept
secret for some reason. I couldn't find out.

[toc] | [prev] | [next] | [standalone]

#12727

On 3/15/2025 10:02 AM, Richmond wrote:
> Did they ever disclose the name of the certificate? or maybe it is kept
> secret for some reason. I couldn't find out.

As far as I am aware, Mozilla has neither named the expired certificate 
nor indicated where you can get a new one. Since the certificate is hard 
coded into the program and not installed or visible via the certificate 
store, you wouldn't be able to import a new one in that manner.

[toc] | [prev] | [next] | [standalone]

#12732

On 2025-03-15 16:02, Richmond wrote:
> Andy Burns <usenet@andyburns.uk> writes:
> 
>> Carlos E.R. wrote:
>>
>>> Notice that Mozilla did not do anything. Simply when you create or
>>> buy a certificate, it is created with an expiration date. And that
>>> date will eventually arrive.
>>
>> But most products using certificates have a mechanism to allow
>> updating certificates, indeed Firefox can update the certificates used
>> to trust websites, but it seems the certificates to trust add-ons are
>> separate from that mechanism.
> 
> Did they ever disclose the name of the certificate? or maybe it is kept
> secret for some reason. I couldn't find out.

I read about it somewhere, but did not pay attention.

<https://support.mozilla.org/en-US/kb/root-certificate-expiration>

«On March 14, 2025, a root certificate used to verify signed content and 
add-ons for various Mozilla projects, including Firefox, will expire. 
Without updating to Firefox version 128 or higher (or ESR 115.13+ for 
ESR users, including Windows 7/8/8.1 and macOS 10.12–10.14 users), this 
expiration may cause significant issues with add-ons, content signing 
and DRM-protected media playback.

If you don’t update, Firefox features that rely on remote updates will 
stop working, and your installed add-ons will be disabled. DRM-protected 
content, such as streaming services, may also stop playing due to failed 
updates. Additionally, systems dependent on content verification could 
stop functioning properly.»



<https://superuser.com/questions/1886138/add-mozillas-root-certificate-to-older-firefox-instead-of-expired-on-march-14-2>


It appears this certificate is baked into the code. You have to find the 
new certificate in the sources of an updated firefox, then replace the 
certificate in the sources of the old version, and recompile.

So that's why Mozilla says you have to update FF and does not offer to 
update the certificate instead.



-- 
Cheers, Carlos.

[toc] | [prev] | [next] | [standalone]

#12699

On Sat, 15 Mar 2025 14:21:50 +0100, Carlos E.R. wrote:
> On 2025-03-15 05:56, The Real Bev wrote:
> > [quoted text muted]
> > 
> > What is the newest version that will work?  I'm running the latest beta 
> > (I might install the latest release now that I have to do SOMETHING) 
> > version too, but I'm getting gun-shy now.
> 
> I think you may keep your old version, if you manage somehow to update 
> the root certificate.
> 
> Notice that Mozilla did not do anything. Simply when you create or buy a 
> certificate, it is created with an expiration date. And that date will 
> eventually arrive.

But there's no reason for an expired certificate to be treated like a 
problem. If software is signed on date X with a certificate that is 
valid on date X, when the certificate expires that doesn't go back in 
time and undo the validity of the signature. Unfortunately logic is 
not the strong suit of some programmers, and they treat software with 
an expired certificate the same way as software with no certificate.

We had this problem at my former employer. We had to make a new 
release, just so that we could distribute a version with an unexpired 
certificate. 

-- 
Stan Brown, Tehachapi, California, USA         https://BrownMath.com/
Shikata ga nai...

[toc] | [prev] | [next] | [standalone]

#12726

On 3/15/2025 8:21 AM, Carlos E.R. wrote:
> I think you may keep your old version, if you manage somehow to update 
> the root certificate.
> 

The problem with that is the extension that has expired is hard-coded in 
the program. It was not installed or visible via the extension store and 
can't be replaced by importing a new one in that manner. Also, as far as 
I'm aware, Mozilla has never named the expired certificate nor indicated 
where you can get a new one.

[toc] | [prev] | [next] | [standalone]

#12689

Frank Miller <miller@posteo.ee> Wrote in message:

> The Real Bev wrote:
>> FF82/linux.  Worked OK this morning.  When I came back just now every 
>> single extension -- the only thing that made FF worth using -- was dead. 
>>   Restarted, same thing.  I know it's old, but I liked the way it worked.
>> 
>> Is this what happens to every version at some point?  This is the first 
>> time in 30 years...
> 
> Mozilla just fucked off their certificates.
> https://www.bleepingcomputer.com/news/software/mozilla-warns-users-to-update-firefox-before-certificate-expires/
> https://support.mozilla.org/en-US/kb/root-certificate-expiration
> 

Meanwhile, Google has a similar problem
<https://www.theregister.com/2025/03/13/google_chromecast_fix/>
-- 
Remove numerics from my email address.

[toc] | [prev] | [next] | [standalone]

#12691

Dave Royal wrote:

> Google has a similar problem
> <https://www.theregister.com/2025/03/13/google_chromecast_fix/>

Yes mine fixed itself yesterday, after being offline since last sunday, 
of course by the time they said "don't factory reset" I'd already done 
that, but it's easy enough to put clock back, re-detect it and then 
revert clock to normal.

[toc] | [prev] | [next] | [standalone]

#12688

Bev,

> FF82/linux.  Worked OK this morning.  When I came back just now every 
> single extension -- the only thing that made FF worth using -- was dead.

You've been amply informed to the why of it. :-)

My (ancient version of) FF has a(n about:config) setting to ignore signing 
of extensions.  Maybe your version of FF still has the same ?

The major problem is, can you still access the intarwebz.

Regards,
Rudy Wieser

[toc] | [prev] | [next] | [standalone]

#12700

On Sat, 15 Mar 2025 07:55:36 +0100, "R.Wieser" <address@is.invalid>
wrote:

>Bev,
>
>> FF82/linux.  Worked OK this morning.  When I came back just now every 
>> single extension -- the only thing that made FF worth using -- was dead.
>
>You've been amply informed to the why of it. :-)
>
>My (ancient version of) FF has a(n about:config) setting to ignore signing 
>of extensions.  Maybe your version of FF still has the same ?
>
>The major problem is, can you still access the intarwebz.
>
>Regards,
>Rudy Wieser
>
Rudy,

  Would it be possible to be more specific about the about:config
setting referenced above? Thankfully, my 108.0.1 64 bit on Win 7, is
still working but I'd like to be prepared should it stop. 

 I looked, but didn't see any setting that I could be confident was
the right one. Don't like messing with things if I don't know what I'm
messing with!  :-)

     >>>>>>>>>>jetjock<<<<<<<<<<

[toc] | [prev] | [next] | [standalone]

#12701

jetjock wrote:
> On Sat, 15 Mar 2025 07:55:36 +0100, "R.Wieser" <address@is.invalid>
> wrote:

>>My (ancient version of) FF has a(n about:config) setting to ignore signing 
>>of extensions.  Maybe your version of FF still has the same ?

>   Would it be possible to be more specific about the about:config
> setting referenced above? Thankfully, my 108.0.1 64 bit on Win 7, is
> still working but I'd like to be prepared should it stop. 
> 
>  I looked, but didn't see any setting that I could be confident was
> the right one. Don't like messing with things if I don't know what I'm
> messing with!  :-)

https://support.mozilla.org/en-US/kb/add-on-signing-in-firefox?as=u&utm_source=inproduct#w_what-can-i-do-if-firefox-disables-an-installed-add-on

[toc] | [prev] | [next] | [standalone]

Page 1 of 3  [1] 2 3  Next page →

Back to top | Article view | alt.comp.software.firefox

csiph-web