This thread was archived. Please ask a new question if you need help.
PopUp demand install extension; Older OSX, w/ FrFx v.48.0.2,; Server certificates Untrusted now
Re: Recently saw memory-key address in new line at bottom of FireFox's History Drop-down-menu. (June 2019.) Re: After memory-key displays in FireFox-History menu, from "must add Extension," I can No Longer Connect to one of my financial websites; could connect in early June to same website prior to this extension install, (and as late as July 3 '19 to other financial websites) Re: Firefox Browser (FrFx), ver 48.0.2, latest ver. that could be installed on OSX 10.6.8, Mac Mini early '09 Re: Currently, haven't time to purchase, learn to use newer ver. OSX and Internet (INet) Security on/for it.
1. "Must add extension to Firefox (FrFx) Browser" Pop-Up occurred immediately after update to my Internet (INet) Security program, and gives 'Certificate Authentication; I.D. Errors' -> No Connection > Clear Browser History, Restart, ShutDown, and Start. But, disabling my INet Security, gives same "No Connection" results at that financial website's server. (Therefore, Add-in Not from INet Security program Update.)
2. Checking for unfamiliar- Extensions, -Plug-Ins, -Add-Ons, in all my browsers shows none related to Firefox Browser. So where was the Pop-Up FrFx 'extension installed? Previous Extensions I'd installed all still present.
3a. Using secure https://www.[financial website].com in URL line, yields 'Security Warning Code' notice re: website/server certificate NOT authenticated + can't connect to server.
b. Using non-secure http://www.[financial website].com as URL, gives same can't authenticate + not connect warnings, since both Google and that financial website automatically switch to secure https:// type of connection!
4a. Even using Chrome browser -> Google always converts to https:// in URL line > "Broken HTTPS," plus 'website id not verified,' but at Green-around-padlock: Your connection to www.[financial website].com is encrypted using an obsolete cipher suite. The connection uses TLS 1.2. The connection is encrypted using AES_256_CBC, with ……..1 for message authentication and RAS as the key exchange mechanism." "Your INet connection is blocked," but I have already added 'Chrome://' to my INet Security program's Firewall, and to its 'allowed cookies' list, twice.
b. ***Did that questionable-"must add Firefox Extension" change the encryption method used by Firefox browser to AES……, since that older version of FrFx had just been connecting to that financial website's server just fine.***
5a.Tech. Support department at [financial website] 1st: told me they had made NO Changes to encryption on their server, and 2nd: they have AntiVirus + Internet Security on their server that most likely rejects my older computer (even with up-to-date INet Security definitions).
b. A Mac shop cleaned malware from my Mac, but found NONE. They suggested that some websites are now requiring one of 'only the 3 most recent versions of an O.S.,' which is supported by updates from its manufacturer, in order to connect to their server.
6a. I can't find any items in my Mac's hard drive relating to a FrFx/Mozilla Extension, as that folder won't open, even with administrative rights. (But Can't Log-In as Admin.-User with missing Password.) Can any ....plist s be removed safely and v. 48.0.2 function well?
b. ****How can one find + remove the added extension,, or whatever, at that memory-key stated in the FrFx-History-Menu?***** c. Is there a newer ver. of Firefox browser which can now be installed safely on OSX 10.6.8?
Input and suggestions will be appreciated to solve this problem.
All Replies (4)
I advice to start updating Firefox to version 68!
Updating to the current Firefox release is not possible on the Mac OS X 10.6 platform. Firefox 48.0.2 and the more recent 45.9.0 ESR are the latest versions for this platform.
You may have picked up some malware.
Did you check the connection settings in Firefox?
A lot of websites are added to the HSTS preload list and all domains in this list can only be accessed via a secure HTTPS connection.
Thank you for your replies. Yes, at one time I used v. 45.9.0 ESR, but then quite a while ago, it quit working and I wasn't allowed to reconnect to ESR. Which specific connection settings do you refer to in Firefox? I'll need to read up on HSTS preload list and its ramifications. Anyone have more info on encryption method currently used by Firefox? Or used in the past?
Unfortunately with such an old version of Firefox, you are eventually going to be left in the dust as security technology advances.
Apple does allow you to update your version of MacOS for free, if your hardware supports it.
Here's some links for you to do research:
Or, if your mac is too old, you can probably install https://support.apple.com/en-us/HT206886
Then, after updating your mac, update to Firefox 68.0.1.