Andrey1404 said

I have Windows Firefox 66.03. Enabled Studies, and had "hotfix-reset-xpi-verification-timestamp-1548973" in "active" status. But I didn't have the second study! Nothing happened for few hours! So I tried to disable Studies and enable them again. After that the first Study became "completed" and no "active". The second is still absent. What should I do?? How to get the required Study and fix the problem? Can you help me please??

It can take 6 hours or so to reach you. It doesn't happen real quick. 2 hours is still a 'short' wait.

~Pj

Thak you for your answer. But WTF?? Why is it so slow? And why I cannot purposely "participate" in necessary study??

I saw messages frow a lot of user who wrote that they obtained the fix in few minutes...it looks strange in compare with my situation.

I changed the studies options, but so far nothing and been a long time, should I restart FF or reboot system?

You can temporarily set app.normandy.run_interval_seconds to a lower value (21600 => 100) to see whether that gives the hotfix. Close and restart Firefox and check about:studies. You may have to refresh the about:studies page a few times. Do not forget to reset app.normandy.run_interval_seconds when about:studies shows that the hotfix has been applied.

You can open the about:config page via the location/address bar. You can accept the warning and click "I accept the risk!" to continue.

• http://kb.mozillazine.org/about:config

I would also like to ask why you broke something that worked stably? You constantly change something, update and as a result break. Who and why made changes to the system of certification of additions? You shouldn't have touched anything if it worked.

Andrey1404 said

I would also like to ask why you broke something that worked stably? You constantly change something, update and as a result break. Who and why made changes to the system of certification of additions? You shouldn't have touched anything if it worked.

It was a Intermediate Certificate Date Expiration bug-a-boo. We're FF users like you here on this Forum. Mozilla normally isn't here.

See:

https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/

~Pj

It would be helpful if they had done some type of notify, like when they check if there is a new update also check to see if a system wide notify would be appropriate (like what is going on now). Then post the message instead of an update notice.

I did a restore from image and then restored an old profile to find out what was going on. Then I finely did a google search and got the news, could have saved me some time doing restores. But FF will never know or more than like care what I suggest.

cor-el said

You can temporarily set app.normandy.run_interval_seconds to a lower value (21600 => 100) to see whether that gives the hotfix. Close and restart Firefox and check about:studies. You may have to refresh the about:studies page a few times. Do not forget to reset app.normandy.run_interval_seconds when about:studies shows that the hotfix has been applied. You can open the about:config page via the location/address bar. You can accept the warning and click "I accept the risk!" to continue.

• http://kb.mozillazine.org/about:config

Thanks, that worked I got the updates, now to see if the updates work. I also set interval back to 21600.

Should a person leave studies checked, I show 3 studies active and admit I don't understand them, I am guessing they are much like a beta test and if I uncheck they will go inactive?

There are other fixes applied via a shield study (Normandy), so you may consider to leave it enabled. A recent hotfix was about blocking auto-play by default (media.autoplay.default = 1)

• app.normandy.startupRolloutPrefs.media.autoplay.default = 1

I guess the problem with the study setup is due to the fact that at the moment a huge number of users have enabled this feature. Since the studies are distributed randomly, with so many applicants it will be less likely and take longer.

I had 2 pushed down that are active. I think the first is because I checked studies under tools/options......

dom.push.alwaysConnect to true.

app.update.lastUpdateTime.xpi-signature-verification to 1556945257.

So far addons are working.

Why can't you apply a simple solution as a temporary measure until a full patch is released? Disable certificate verification or roll back the date/certificate on your own servers? Just to make it work right now in some kind of temporary way.

hi Andrey1404, the signature verification (and the expired certificate that's depending on) are happening locally in your firefox installation, so there is no shortcut or anything to be changed on the server side that could rectify this unfortunately. an update containing the fixed certificate will need to reach all affected installations...

at this point users who the hotfix hasn't reached yet are commonly on systems with security software thats mitm/intercepting secure web traffic (like avast/avg, kaspersky, bitdefender, eset) which is interfering with the proper application of the fix. a general new version 66.0.4 of firefox containing a fix is in the making and currently undergoing testing and will hopefully be released soon.

I activated studies approx 16h ago ... and nothing happened 'till now! - So what's next?

philipp said

hi Andrey1404, the signature verification (and the expired certificate that's depending on) are happening locally in your firefox installation, so there is no shortcut or anything to be changed on the server side that could rectify this unfortunately. an update containing the fixed certificate will need to reach all affected installations... at this point users who the hotfix hasn't reached yet are commonly on systems with security software thats mitm/intercepting secure web traffic (like avast/avg, kaspersky, bitdefender, eset) which is interfering with the proper application of the fix. a general new version 66.0.4 of firefox containing a fix is in the making and currently undergoing testing and will hopefully be released soon.

Yes, I use Kaspersky Internet Security.

However, in order to break everything, you did not need a lot of time and a lot of efforts...you just decided to make changes to something that worked consistently and well...although you could just not touch anything

Andrey1404 said

However, in order to break everything, you did not need a lot of time and a lot of efforts...you just decided to make changes to something that worked consistently and well...although you could just not touch anything

Hello Andreay1404,

It's very understandable that you're not "happy" with the situation, but :

This was caused by an unforeseen technical problem .......

philipp said

The signature verification (and the expired certificate that's depending on) are happening locally in your Firefox installation, so there is no shortcut or anything to be changed on the server side that could rectify this, unfortunately. An update, containing the fixed certificate, will need to reach all affected installations.

At this point, users who the HotFix hasn't reached yet are commonly on systems with security software that's MITM/intercepting secure web traffic (like Avast/AVG, Kaspersky, BitDefender, ESET) which is interfering with the proper application of the fix.

A general new version 66.0.4 of Firefox containing a fix is in the making and currently undergoing testing and will hopefully be released soon.

Hmm. I have Avast Anti-Virus and 'The Fix' reached my browser ok.

~Pj

a man-in-the-middled connection: https://en.wikipedia.org/wiki/Man-in-the-middle_attack