A glitch is breaking all Firefox extensions

Did you just open Firefox only to find all of your extensions disabled and/or otherwise not working?

You’re not alone, and it’s nothing you did.

Reports are pouring in of a glitch that has spontaneously disabled effectively all Firefox extensions.

Each extension is now being listed as a “legacy” extension, alongside a warning that it “could not be verified for use in Firefox and has been disabled”.

A ticket submitted to Mozilla’s Bugzilla bug tracker first hit at around 5:40 PM Pacific, and suggests the sudden failure is due to a code signing certificate built into the browser that expired just after 5 PM (or midnight on May 4th in UTC time).

Because the glitch stems from an underlying certificate, re-installing extensions won’t work — if you try, you’ll likely just be met with a different error message. Getting extensions back for everyone is going to require Mozilla to issue a patch.

In a post on the company’s forum, Mozilla Add-ons Community Manager Caitlin Neiman writes:

At about 6:10 PST we received a report that a certificate issue for Firefox is causing add-ons to stop working and add-on installs to fail.

Our team is actively working on a fix. We will update as soon as we have more information.

Meanwhile, on Twitter:

Update, March 4th 11 AM Pacific: In a blog post, Mozilla says the issue has now been fixed in the standard desktop version of its browser, though some versions (like Firefox for Android) will need a separate update. The patch for the desktop version should apply automatically within a few hours. The company writes:

The fix will be automatically applied in the background within the next few hours. No active steps need to be taken to make add-ons work again. In particular, please do not delete and/or re-install any add-ons as an attempt to fix the issue. Deleting an add-on removes any data associated with it, where disabling and re-enabling does not.

No one knows how to hire, plus brand design and African tech


Editor’s Note: No one knows how to hire

Hiring is the lifeblood of the world. Few people do truly singular work; instead, nearly every facet of our civilization is built by groups of humans (and increasingly machines) working in tandem.

Image by PeopleImages via Getty Images

That presents quite the puzzle though: if teamwork is so critical to the functioning of, well, everything, why are we so god awfully bad at building teams?

Minus a couple of high functioning teams of course, the evidence for team rot is all around us. Startups go bust when teams of two (i.e. founders) can’t make simple decisions about the future of their business. Large companies exsanguinate cash while their teams spend eons debating the minutia of a pixel in the checkout flow. At even larger scale, massive infrastructure projects like California’s HSR fail because the right people weren’t planning and building it (plus ten other issues of course).

How do we get this so wrong, so consistently?

The first reason, and the one most challenging to overcome, is that human endeavors are fundamentally built upon aspirations. A startup is a dream, no different than improving Excel’s formula editor or adding traffic signals to an intersection. Action cannot happen without aspiration, and so we tend to be far more optimistic with all facets of a plan before execution.

Mozilla ranks dozens of popular ‘smart’ gift ideas on creepiness and security

If you’re planning on picking up some cool new smart device for a loved one this holiday season, it might be worth your while to check whether it’s one of the good ones or not. Not just in the quality of the camera or step tracking, but the security and privacy practices of the companies that will collect (and sell) the data it produces. Mozilla has produced a handy resource ranking 70 of the latest items, from Amazon Echos to smart teddy bears.

Each of the dozens of toys and devices is graded on a number of measures: what data does it collect? Is that data encrypted when it is transmitted? Who is it shared with? Are you required to change the default password? And what’s the worst case scenario if something went wrong?

Some of the security risks are inherent to the product — for example, security cameras can potentially see things you’d rather they didn’t — but others are oversights on the part of the company. Security practices like respecting account deletion, not sharing data with third parties, and so on.

At the top of the list are items getting most of it right — this Mycroft smart speaker, for instance, uses open source software and the company that makes it makes all the right choices. Their privacy policy is even easy to read! Lots of gadgets seem just fine, really. This list doesn’t just trash everything.

On the other hand, you have something like this Dobby drone. They don’t seem to even have a privacy policy — bad news when you’re installing an app that records your location, HD footage, and other stuff! Similarly, this Fredi baby monitor comes with a bad password you don’t have to change, and has no automatic security updates. Are you kidding me? Stay far, far away.

All together 33 of the products met Mozilla’s recently proposed “minimum security standards” for smart devices (and got a nice badge); 7 failed, and the rest fell somewhere in between. In addition to these official measures there’s a crowd-sourced (hopefully not to be gamed) “creep-o-meter” where prospective buyers can indicate how creepy they find a device. But why is BB-8 creepy? I’d take that particular metric with a grain of salt.