Undetectable Humanizer: Lifetime Subscription
Transform AI-Generated Text into Human-Like, High-Ranking Content & Bypass Even the Most Sophisticated AI Detectors
Get 95% Deal

Firefox 44: Find out what is new

Martin Brinkmann
Jan 25, 2016
Updated • Mar 8, 2016
Firefox
|
73

The official release data of Firefox 44 is January 26, 2016. This overview provides you with detailed information about the new release including new features and changes in the desktop version of Firefox and the Firefox version for Android.

Mozilla updates all channels of the browser that it makes available at the same time. This means that Beta, Developer Edition, Nightly and Firefox Extended Support Release channels will be updated as well.

This means the following version changes: Firefox Beta 45, Firefox Developer Edition 46, Firefox Nightly 47 and Firefox ESR 38.6.

Information below cover only Firefox Stable for the desktop and Android, and no other release channel of the browser.

Executive Summary

  • Add-on signing is again delayed and will be enforced in Firefox 46 Stable. The main reason given for the delay is the introduction of the temporary loading of unsigned add-ons in Firefox 45.

Firefox 44 download and update

Firefox 44 will be released on January 26 by Mozilla. Firefox is configured to download and install updates to the browser automatically, and if that is the case, users don't need to do anything to upgrade to the new version.

Since the update is not picked up in realtime, some users may want to run a manual check for updates in Firefox to download it as soon as it becomes available. This is done in the following way:

  1. Tap on the Alt-key on the keyboard.
  2. Select Help > About Firefox from the menu.

Firefox checks for updates manually then, and will prompt to download the update or download it automatically depending on its update preferences.

All versions of Firefox can also be downloaded directly from Mozilla. Please note that it may take a while before the new versions become available as downloads on Mozilla's website.

  1. Firefox Stable download
  2. Firefox Beta download
  3. Firefox Developer download
  4. Nightly download
  5. Firefox ESR download

Firefox 44 Changes

Firefox 44 is a rather uneventful update for the most part. It is the first version of the browser that will enforce add-on signing in the stable version of the browser.

As you may know, Firefox 43 offered a configuration switch to override the enforcement, and Firefox 44 will continue to offer the switch. In fact, Mozilla postponed the enforcement of add-on signatures in stable and beta builds to version 46 of the browser.

This means that you cannot load add-ons in Firefox Stable anymore that are not signed. Read our guide on running unsigned add-ons in Firefox if you want to continue running unsigned add-ons.

Video Support improvements

  • Enable WebM/VP9 video support on systems that don't support MP4/H.264
  • Enable H.264 if system decoder is available

Information is scarce at this point, and Mozilla failed to link to a bug report that would shed some light on the changes.

The most like explanation is that Mozilla will set media.mediasource.webm.enabled in Firefox to true.

It means better support for HTML5 video in Firefox, especially on operating system versions that don't support Mp4/H.264 natively.

Improved warning pages for certificate errors and untrusted connections

warning page firefox

Firefox's new warning page uses less text and a clear "go back" call to action. A click on advanced displays information about the issue (which the old warning page listed under technical details).

There you find an option to add an exception to access the site nevertheless (formerly under "I understand the risks").

Basically, less text on the page but all important information are still there. Plus, the message "your connection is not secure" is more direct than the old "this connection is untrusted".

Other changes

  • RC4 temporary whitelist is disabled in release versions of Firefox and no longer used. [bug 1201025]
  • Support for Brotli compression algorithm has been added. [bug 366559 and bug 1211916]
  • Warning page when RC4 is the only supported cipher.
  • Firefox will no longer trust the Equifax Secure Certificate Authority 1024-bit root certificate or the UTN - DATACorp SGC
  • To support unicode-range descriptor for webfonts, font matching under Linux now uses the same font matching code as other platforms
  • Firefox uses a SHA-256 signing certificate for Windows builds as recommended by Microsoft.

Developer Changes

  • Allow about:pages to load remote content. [bug 1204983]
  • Size restrictions for extension icons to prevent too large toolbar icons from deforming the toolbar. [bug 1208715]
  • MediaStream.stop() has been deprecated, MediaStream.addTrack()/removeTrack() have been added. [bug 1103188]
  • Visual tools for Animation and Layout & Styles have been improved.
  • WebRTC interfaces have been unprefixed: in particular mozRTCPeerConnection is now RTCPeerConnection, mozRTCIceCandidate is now RTCIceCandidate, and mozRTCSessionDescription is now RTCSessionDescription.

Firefox for Android

  • Support added for urls with the mms protocol (multimedia messaging service).
  • Long-press on search label in "quick search bar" opens customize search providers.
  • Firefox users are prompted when "intent URLs" are about to be opened in private browsing tabs.
  • New web-based Firefox accounts page.
  • Support for cloud printing using Android print service.
  • Users may set their homepage when starting Firefox.

Security updates / fixes

Security updates are disclosed after the official release. We update the article as soon as they become available.

  • MFSA 2016-13 Same-origin-policy violation using Service Workers with plugins
  • MFSA 2016-12 Lightweight themes on Firefox for Android do not verify a secure connection
  • MFSA 2016-11 Application Reputation service disabled in Firefox 43
  • MFSA 2016-10 Unsafe memory manipulation found through code inspection
  • MFSA 2016-09 Addressbar spoofing attacks
  • MFSA 2016-08 Delay following click events in file download dialog too short on OS X
  • MFSA 2016-07 Errors in mp_div and mp_exptmod cryptographic functions in NSS
  • MFSA 2016-06 Missing delay following user click events in protocol handler dialog
  • MFSA 2016-05 Addressbar spoofing through stored data url shortcuts on Firefox for Android
  • MFSA 2016-04 Firefox allows for control characters to be set in cookie names
  • MFSA 2016-03 Buffer overflow in WebGL after out of memory allocation
  • MFSA 2016-02 Out of Memory crash when parsing GIF format images
  • MFSA 2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)
  • MFSA 2015-153 HTML injection in homescreen app bypassing DOM sanitizer
  • MFSA 2015-152 Lockscreen passcode bypass due to race condition
  • MFSA 2015-151 Lockscreen delay bypass in Firefox OS

Firefox 44.0.1

Firefox 44.0.1 was released on February 8, 2016. It included the following changes:

  • Fix issue which could lead to the removal of stored passwords under certain circumstances (1242176)
  • Allows spaces in cookie names (1244505)
  • Fix WebSockets when used in a Service Worker context (1243942)
  • Disable opus/vorbis audio with H.264 (1245696)
  • Require NSS 3.21 (1244069)
  • Ship the Gecko SDK (1243740)
  • Fix for graphics startup crash (GNU/Linux) (1222171)
  • Fix a crash in cache networking (1244076)

Firefox 44.0.2

Firefox 44.0.2 was released on February 11, 2016. It included the following changes:

  • Various security fixes (Same-origin-policy violation using Service Workers with plugins)
  • Firefox hangs or crashes on startup (1243098)

Additional information / sources

Summary
Firefox 44: Find out what is new
Article Name
Firefox 44: Find out what is new
Description
Find out what is new and changed in Firefox 44 Stable, the latest version of the popular web browser for the desktop and Android.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Lestat said on March 6, 2016 at 2:53 pm
    Reply

    And some more nice links to Mozilla, calling Pale Moon team stealing money and stealing code!

    http://forum.palemoon.org/viewtopic.php?f=4&p=80512#p80511

    The chatlog where you find that conversation. Kairo is both a Mozilla and Seamonkey guy, who wants to turn Seamonkey into another Australis Chrome UI clone!

    http://logs.glob.uno/?c=mozilla%23seamonkey&s=2+Mar+2016&e=2+Mar+2016

  2. thisisme said on February 26, 2016 at 8:34 pm
    Reply

    After updating to 44, favicons in tabs are not shown after startup of FF. All open tabs from the last session are still there, but without their favicons. This is a pain in the ass, with all the tabs being blank I find it very hard to find the very tab, I am currently looking for.

  3. Lestat said on February 20, 2016 at 5:10 pm
    Reply

    http://forums.theregister.co.uk/forum/1/2016/02/20/yahoo_up_for_sale/ – Welcome into a world which will offer you soon no fresh money anymore Mozilla.

  4. JD said on February 16, 2016 at 2:59 am
    Reply

    Worst version of Firefox yet. It crashes EVERY time I close the browser ( all 3 releases so far!). Looks like I go back to inferior IE…. hate Chrome & the more Firefox becomes like it, the less I use it. (Note: this is on my laptop, my daughters laptop & my PC, all Win 7(& no…not going to W-10) … no “mobile” devices are used by us.)

  5. pd said on February 15, 2016 at 5:25 am
    Reply

    So we’re going to get signed addons enforced in the same version where e10s debuts and is likely to cause some level of inevitable pain due to the nature and extent of the change. Looking forward to 46! ooh yeah! NOT.

    e10s has to happen of course, but geez I have genuinely lost track/count of how many ways/times Mozilla can shoot themselves in the foot. Addon signing should have been bedded down a year or more ago. FFS! Still showing the pain from that idiotic highly dubious move to take on the smartphone duopoly by targeting all those third world people who can’t even afford a feature phone handset. Hindsight is 20/20 but geez … they’ll be building a third world autonomous car next, taking on Tesla amongst others! All in the name of spreading ‘the open web’ to dashboards.

    Oh boy, I gotta stop reading Mozifox news. It’s just too hard to take in without becoming enraged. Time is ripe for a big fork. Wonder if the Pale Moon scene is getting anywhere near capable of a really genuine attempt to fork and target mainstream market share? Maybe with some serious VC funding they could poach the remaining Mozilla staff who actually have a clue what they’re doing … most likely those doing the work rather than those in management.

    1. LimboSlam said on February 15, 2016 at 9:00 am
      Reply

      @pd: UGH! Yes I know how you feel! Just wish they could grow some brains!

      -OFF-TOPIC:
      @pd: I can honestly say Pale Moon is thriving in the right direction at it’s own possible pace. We, if you haven’t heard, just released v26.0.0 (v26.0.3 is the current release and soon to be v26.1.0) which brings forth a new layout/rendering called Goanna and introduces new a security feature called XSS filter (cross-site scripting filter). It’s similar to Chrome’s XSS Auditor. Also Moonchild with other developers are working on ES6 promises and tune fining the UI.

      All together it’s another major milestone of independent development.

  6. beerpatzer said on February 5, 2016 at 10:36 pm
    Reply

    You should start making Youtube reviews…. You’d earn a few bucks that way…

  7. Lestat said on February 5, 2016 at 5:18 pm
    Reply

    More bad news for lovers of customization/power user features: userchrome and usercontent is most likely on the kill-list because it is incompatible with multiprocess.

    https://bugzilla.mozilla.org/show_bug.cgi?id=1046166

    1. Martin Brinkmann said on February 5, 2016 at 5:25 pm
      Reply

      Now that would be a bad move.

      1. Lestat said on February 5, 2016 at 5:49 pm
        Reply

        Exactly like that i have moved on to another browser because it is clear where the jorney is going Mr. Brinkmann :(

        Please make a special blogpost so people get aware of that and perhaps Mozilla rethings at least one time their decision. Because even a guy like Söre is against that change, and he approves almost always feature removals which affect power users.

  8. soheila said on February 3, 2016 at 7:33 am
    Reply

    hello
    after i update firefox to 44 version,embed font dont work
    can you help me?

    1. Gudang said on February 19, 2016 at 7:33 pm
      Reply

      I have the same problem

  9. Gleb Posternak said on February 2, 2016 at 12:48 am
    Reply

    Firefox 44.0 doesn’t load the home page on launch. Just the blank tab. It had never happened before. I did not change any settings. I checked my settings and all is seemingly the same. What is going on?

    1. Anonymous said on February 3, 2016 at 1:41 am
      Reply

      Hi Gleb:

      That’s a bug that’s currently being worked on — SEE: https://bugzilla.mozilla.org/show_bug.cgi?id=1243549

      If you scroll up, and cull through my (Ortho_Fan) posts as well as those by ustavio, you’ll see a couple of work-arounds. (One is to use a Tiny URL for your home page’s URL; another is to copy and paste your home page URL into the box without the http or www.)

      Ortho_Fan

  10. Earl said on January 30, 2016 at 1:07 am
    Reply

    I’ve had no problem with signing (beyond the “it’s pointless and stupid” issue), but there were some changes in 44 that broke a few add-ons (only one of which I’m currently still using, or would be if it worked)–some devs still need to update for the changes (let/const). All in all, though, very little hassle with this update.

    I’ll enjoy it while it lasts… till everything hits the fan (late this year? early next year? whenever). Sadly, too many devs of some of the better and more popular add-ons are dropping off the face of the Firefox earth as their preparation for the end of XUL/XPCOM. I pity the Mozilla! It’ll be Gone in 60 Months!

  11. Ortho_Fan said on January 29, 2016 at 3:16 am
    Reply

    @Ustavio “I don’t know hot to assign a “tiny URL” but, frankly, one shouldn’t have to do anything to workaround such an obvious flaw. ”

    ————————————————-

    Hi Ustavio: Just go to tinyurl.com and paste the entire URL for the webpage you want to use into the box and click on the “Make Tiny URL” button. The screen will refresh and you’ll see the new “tiny” URL which you can highlight, drag, and drop onto the Firefox home page icon.

    FYI, the TinyURL website has been around since 2002, to address the issue of overly long web addresses. (There’s a Wikipedia page about it.) I’ve never heard that there were any problems with it, in terms of security, etc.

    I agree, a person shouldn’t have to do this, but who knows how long before it will be fixed–if ever. I suspect, based on the few posts I’ve seen about this during the past two days, that relatively few people use a Google page for their Firefox home page, so Mozilla will probably be slow to catch on.

    OF

    1. ustavio said on January 30, 2016 at 11:04 am
      Reply

      Hey Otho_Fan.

      “Today, I thought I’d try resetting the home page by simply copying and pasting “google.com/advanced_search” into the box (General tab in Options), rather than the full address, containing “https, www, etc. –or the tinyURL I was using. IT WORKED! I’m flummoxed as to why that should be the case.” (Otho_Fan)

      Seems like we’re both in sync on this. Like minds often result in likely results. I quoted your solution from MozillaZine because (so far) it seems to have worked for me as well. I am as equally flummoxed (love that word) as you are. The flaw is weird especially because none of the common sense or recommended solutions worked. Since Firefox has embraced Yahoo as their default search engine, one can only speculate as to why this last update left us with the choice of the default Firefox home page or a blank New Tab.

      It is also baffling as to why “use current pages” would include the options page. How many folks want to open their browser with options as one of their home pages?

      1. chesscanoe said on January 30, 2016 at 11:44 am
        Reply

        Correction: Thanks for this tip; it worked for me as well running latest Firefox under latest Windows 10 Home ~It also works in latest Chrome Stable as part of the Settings – On Startup – Set Pages – Add a new page option.~

      2. chesscanoe said on January 30, 2016 at 11:13 am
        Reply

        Thanks for this tip; it worked for me as well running latest Firefox under latest Windows 10 Home. It also works in latest Chrome Stable as part of the Use Current Pages option.

  12. mikef90000 said on January 29, 2016 at 12:43 am
    Reply

    Knock wood, my dozen fairly well known addons are still working and on Linux to boot!

  13. Owl said on January 27, 2016 at 10:30 am
    Reply

    Bronco, (for some reason can’t reply directly to you) – I would suggest just to wait. The developer is excellent and there should be a fix. FF will notify you when it is available. :)

  14. RodsMine said on January 27, 2016 at 2:25 am
    Reply

    Breaks _Restartless Restart_ addon – icon gone (not in Customize, either) _and_ Restart entry is gone from the File menu.

  15. chesscanoe said on January 26, 2016 at 9:53 pm
    Reply

    On version 44.0 I have to approve latest Java 2 different ways before I can run
    http://www.wordle.net/create , but I have no problem with that – an extra click is OK with me.

  16. Bronco said on January 26, 2016 at 9:21 pm
    Reply

    FT Deep dark theme not compatible – what to do?

    1. gh said on January 27, 2016 at 4:30 am
      Reply

      You got lost on your way to the fighterfox support forum?

      WTF is “Deep dark theme” and why should I care?

  17. ustavio said on January 26, 2016 at 8:39 pm
    Reply

    Well, this update to 44 has created some weird issues! Most of the Appearance Add Ons are broken in one way or another. The don’t display as advertised anymore. The solid colors are washed out. I had my Home Page set to encrypted Google and that’s all fine while using the browser and returning to “Home”. But if I exit FF 44 and open it up again, it displays a blank New Tab and not Encrypted Google. I have to home it to get the page it should open on. If I go into options to try and reset the Home page to current page, that is no longer an option. It now reads “use current pages” vs. “use current page”. So no matter what you choose, “Home” is now both Encrypted Google AND the Options page. The only way to open a single Home Page is if I use the default Mozilla Home page. The (signed) Site Identity Button Colors extension is hinky. It doesn’t display properly. No telling what else at the moment.

    I think it’s back to 43 for now.

    1. Ortho_Fan said on January 28, 2016 at 4:13 am
      Reply

      The home page (Firefox 44.0) issue seems to be impacting only Google sites. I’ve seen several references to this on various tech forums, including Mozillazine. (Comments about blank tabs on startup after updating to version 44 have also appeared in Firefox’s Welcome;;Input page.)

      A quick fix for me was to assign the “Google Advanced Search Page” a “tiny url.” Now, when I open Firefox it goes directly the the Google Advanced Search page.

      By the way, a simple way to assign a new home page is to highlight the complete URL and then drag and drop it onto the “home” icon in the FF menu bar.

      HTH

      1. ustavio said on January 28, 2016 at 10:16 pm
        Reply

        Thanks for the “drag and drop” tip which works great until I close the browser. Although Encrypted Google is shown as home page in options, when I open Firefox it still brings up a blank New Tab. If I hit the home button it will give me My Google Home Page but what a PITA. Unfortunately, I don’t know hot to assign a “tiny URL” but, frankly, one shouldn’t have to do anything to workaround such an obvious flaw. Seems like Mozilla wants folks to use their Firefox Start Page as Home Page. If so, it’s a cheesy move.

        I am using 64 bit Firefox so I wonder if that makes a difference. Maybe I’ll experiment with 32 bit and see.

        Hopefully, Mozilla is working on a fix.

  18. LimboSlam said on January 26, 2016 at 8:16 am
    Reply

    Oops my bad, got it a bit backwards. As one of my bros told me, “a smaller compressed size allows for better space utilization and faster page loads.”

    1. gh said on January 26, 2016 at 7:00 pm
      Reply

      brotli will benefit webservers, saving a bit of bandwidth. From what I’ve read, best-case savings of 8%. Arguably, we all benefit from cumulative reduction in backbone traffic, but…

      for a decade, servers have already been sending compressed content (ever monitor your traffic and notice “gzip/deflate” in the http headers?). If you disabled support for gzip/deflate in your browser, forcing the server to send uncompressed data, would you notice a slowdown? No, probably not. Same should be ecpected of brotli. Unless you’re staring at a waterfall chart showing a breakout of the pageload, the difference might be imperceptible.

      Because the brotli compression algo is more cpu-intensive than gzip, servers probably won’t be configured to use brotli compression on dynamically-built resources. Brotli is attractive for compressing static resources (e.g. images used in css themes) that will be served myriad times. Either way (brotli or not) only relevant during a client’s first load, when those resource aren’t retrieved from browser cache.

  19. LimboSlam said on January 26, 2016 at 4:29 am
    Reply

    Lol!! :) This is the same date that Pale Moon will be updated to v26.0.0 (marks another major milestone of independent development) of the Goanna engine and introduces new a security feature called XSS filter (cross-site scripting filter). This is similar to Chrome’s XSS Auditor.

    WOW! This should be interesting! :D

    1. George said on January 26, 2016 at 6:52 am
      Reply

      WOW! In an article about Firefox, the Pale Moon Pusher returns again!

      1. LimboSlam said on January 26, 2016 at 8:11 am
        Reply

        @George and @Celtic_God: I know I made a mistake, I’m sorry, so lets not take this further, ok.

        Now what do you all think about Brotli? Like how much of an improvement will it bring to the web! Whats your thoughts? My opinion is that it’ll certainly boost up speeds on slower Internet connections. Well if it’s compressed much faster, then it’ll be faster to download it from the web, right?

      2. Celtic_God said on January 26, 2016 at 7:47 am
        Reply

        And a Chrome UI clone lover is instantly answering the same time!

  20. LimboSlam said on January 26, 2016 at 4:28 am
    Reply

    Lol!! :) This is the same date that Pale Moon will be updated to v26.0.0 (marks another major milestone of independent development) of the Goanna engine and introduces new security feature called XSS filter (cross-site scripting filter). This is similar to Chrome’s XSS Auditor.

    WOW! This should be interesting! :D

    1. LimboSlam said on January 26, 2016 at 7:31 am
      Reply

      Why did ghacks duplicate my post, hm?

    2. LimboSlam said on January 26, 2016 at 7:30 am
      Reply

      @George: Sorry about that, I got excited, I’ll remember next time to stay on topic.

  21. S2015 said on January 26, 2016 at 3:28 am
    Reply

    1. As for security or malware protection, Mozilla can consider adding or embedding an Anti-Virus engine in it. Or, the company could also develop its own brand (?).
    2. Regular users can also pay a visit to the following page@ mozilla.org/en-US/firefox/all/ and, choose an offline setup file that meets his or her needs, which would save one’s time.

  22. All Things Firefox said on January 26, 2016 at 1:34 am
    Reply

    In Nightly 47.0a1, the about:permissions page has been removed. I don’t know whether something replaced it, but if so, I haven’t found it yet.

  23. Michael Fisher said on January 26, 2016 at 12:27 am
    Reply

    Hi Martin – I’m on 43.0.4 & I have a couple of noob questions for you or your knowledgeable readers:

    [1] Is there a simple way of checking [from my addon page perhaps?] which addons are currently signed/unsigned? Or perhaps Mozilla has an alphabetical list I can look up?

    [2] If I find an essential addon is blocked come the update I assume I could roll back using MozBackup & block updates until I decide what to do? e.g. maybe use a Firefox fork instead

    1. John said on January 26, 2016 at 4:00 pm
      Reply

      I keep a list of links of all add-on’s I install, and export the settings for those that support exporting them. For I regularly re-install Firefox, on the various computers I have.

    2. Pants said on January 26, 2016 at 7:09 am
      Reply

      – Forgot to add: MozBackup backs ups your profile – it will NOT roll back your Firefox version.
      – Also, yes, addons page – disabled addons are always at the bottom, greyed out.
      – Also, if you have unsigned addons, its likely that they have been abandoned – and will likely break soon with upcoming changes (eg e10s, but thats a fair way away). All my addons (62 of them) are actively maintained.

      It would be interesting to see an article and comments on people’s broken/unsigned addons and suggested replacements.

    3. Pants said on January 26, 2016 at 7:04 am
      Reply

      1. If they are not disabled – then they are signed

      2. If you go to about:config and search for the user preference xpinstall.signatures.required and set it to false, then you won’t have to worry about any breakage until FF46 (at this stage)

      Alternatively – if you set it to true and restart FF – any unsigned addons will be disabled – so you can check them.

      You have 3 months until 46 lands to sort out better/alternative addons (or longer if you wait until after 46 and allow some time for the community to come up with forks of unsigned addons).

  24. Samm said on January 25, 2016 at 11:13 pm
    Reply

    Note the signing requirement will actually be overrideable until Firefox 46.

    Source: Mozilla’s latest blog post on this @ https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/

  25. Hugh Isaacs II said on January 25, 2016 at 10:08 pm
    Reply

    “a rather uneventful update for the most part” What?!
    This is the update that enables Service Worker support. That’s a big deal for the web. It’ll give us more fully fleshed out offline web apps, unlike AppCache that limited this to a specific type of web app.
    Plus it’ll give us background syncing, push notifications, geofencing and more in the future.

  26. dexter said on January 25, 2016 at 9:07 pm
    Reply

    Signing enforcement is delayed to FF46

    1. Martin Brinkmann said on January 26, 2016 at 12:27 am
      Reply

      Thanks, corrected.

      1. Xi said on January 26, 2016 at 12:54 am
        Reply

        You missed it in one more place.

        Under the head “Firefox 44 Changes”, you didn’t change it.

      2. Martin Brinkmann said on January 26, 2016 at 2:04 pm
        Reply

        Thanks, it is quite difficult to keep up to date while on vacation :)

  27. Dorothy said on January 25, 2016 at 8:53 pm
    Reply

    As of a January 22nd edit, the wiki page lists enforcement for version 46:
    https://wiki.mozilla.org/index.php?title=Add-ons%2FExtension_Signing&diff=1113926&oldid=1108011

  28. Kin said on January 25, 2016 at 6:41 pm
    Reply

    “enforce add-on signing” while removing the workaround switch is really, reeaaaallly stupid.(but then, that’s just another stupid decision to add to their already impressive folio of stupid decisions)

    It wouldn’t be a problem if Mozilla was at least moderately fast to review and accept add-ons, but they are instead excruciatingly slow. As an example, lastpass 4 has been out for weeks now, and FF is the only browser where we cannot have it unless we install an unsigned version. With FF44, it’s back to Lastpass v3 until they get their head out of their *you know what* and finally sign the v4 add-on.

    1. Caspy7 said on January 25, 2016 at 8:19 pm
      Reply

      Non-Mozilla hosted addon are signed instantly while hosted addons will follow the same process as before, so the signing won’t make any additional delay from what it was before.

  29. gh said on January 25, 2016 at 6:27 pm
    Reply

    Confused. Earlier this week, a mozilla blog stated
    “We are delaying the removal of this [addon signing] preference to Firefox 46”
    https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/
    That seems contrary to what you’re reporting in this article.

  30. Caspy7 said on January 25, 2016 at 6:11 pm
    Reply

    Recently Mozilla announced that it was moving the strict signing requirement from 44 to 46.
    https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/
    So the pref to disable signing will still work for 44 and 45.

  31. R. said on January 25, 2016 at 6:06 pm
    Reply

    Addon signing has been postponed until FF 46

    https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/

  32. Add-on signing delayed again said on January 25, 2016 at 6:03 pm
    Reply

    Thankfully, on Friday Mozilla pushed mandatory add-on signing back to Firefox 46 (on April 18), so we have a few more months of breathing space. https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/ Maybe, if we cross our fingers, Mozilla will get tired of delaying this every few months and just pop up big warnings when installing unsigned add-ons instead of preventing them from running entirely.

    Unfortunately, v46 looks to be the add-on-pocolypse, as Electrolysis is also scheduled to be released then, so who knows how many add-ons will still work by April 19. https://wiki.mozilla.org/Electrolysis#Schedule

  33. happysurf said on January 25, 2016 at 5:57 pm
    Reply

    Martin, I have the 44rc3 version but the string media.mediasource.webm.enabled is on false as default.

  34. John said on January 25, 2016 at 5:56 pm
    Reply

    Hmm, regarding add-on signing, I looked into which ones I had that where still installed from non-mozilla sources as of date.

    EFF’s HTTPS Everywhere https://www.eff.org/https-everywhere
    Apparently they made it available on Mozilla: https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/?src=search
    They don’t link it from their site though (As I’ve seen a lot of different “nicknames” on there, I can’t trust the account name to be of a certain maker or not).

    Ghostery https://www.ghostery.com/try-us/download-browser-extension/
    They made a bad direct link to their Addon on Mozilla, which doesn’t work.
    https://addons.mozilla.org/en-US/firefox/addon/ghostery/ is the correct one.

    Tab Utilities FIXED: https://github.com/yfdyh000/tabutils/releases
    Not latest version on Mozilla, and has issues with crashing the browser over time. The github version is newer.
    https://addons.mozilla.org/en-US/firefox/addon/tab-utilities-fixed/

    Youtube Plus: https://github.com/ParticleCore/Particle
    Seems in sync: https://addons.mozilla.org/en-US/firefox/addon/youtube-plus/

    All others are already on the mozilla pages.

    Still a crappy decision, how will that work for dev’s that are wanting to test their add-on before releasing it?

  35. abcdef said on January 25, 2016 at 5:28 pm
    Reply

    Add-on Signing Update: Removal of the disable preference delayed to Firefox 46.

    https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/

  36. Mister Lurker said on January 25, 2016 at 5:11 pm
    Reply

    According to a recent post, the add-on signing switch will not be removed until at least Firefox 46. See https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/

  37. A10 said on January 25, 2016 at 4:32 pm
    Reply

    “Add-on signing is enforced in Firefox 44 Stable. This means that it is no longer possible to override the security feature.”
    But just a couple of days back, this post went up on the Mozilla Blog saying the preference won’t be removed till Firefox 46: https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/

  38. anon said on January 25, 2016 at 4:26 pm
    Reply

    This article has issues.

    Add-on signing enforcement in Release and Beta without the override will only come into effect in Firefox 46, not 44. And RC4 being “not disabled” doesn’t make sense and is incorrect since it is disabled; what they’re talking about is the temporary whitelist for websites still using RC4 ciphers used to test and detect compatibility issues.

  39. Dave said on January 25, 2016 at 4:25 pm
    Reply

    How dodgy is the Driverassist program that’s always advertised on gHacks now?

  40. wonton said on January 25, 2016 at 3:54 pm
    Reply
  41. Kulm said on January 25, 2016 at 3:48 pm
    Reply

    Add-on signing will not be enforced until version 46… at least
    according to this:

    https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/

  42. Joker said on January 25, 2016 at 3:27 pm
    Reply

    “Add-on signing is enforced in Firefox 44 Stable.”

    No, has been postponed until 46.

    Of course it’s hard to keep track of these constant schedule-changes considering Mozillians are scattering this info all over Mozilla- and third-party-services. Affected authors and users be damned.

    https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/
    https://wiki.mozilla.org/Firefox/AddOns/Status/Updates
    https://mozilla.aha.io/published/0d49e74c6853d3d721010bd9d4f67f34?page=2
    https://wiki.mozilla.org/Add-ons/Extension_Signing

    1. Joker said on January 25, 2016 at 3:40 pm
      Reply

      Oh, nice, the release-notes-page on mozilla.org still lists the signing-enforcement.

      Like I said, scattered information. ;)

  43. Tom Hawack said on January 25, 2016 at 2:58 pm
    Reply

    I read “Add-on signing is enforced in Firefox 44 Stable.”
    Is this confirmed? On https://wiki.mozilla.org/Addons/Extension_Signing is stated :

    “Firefox 40-42: Firefox warns about signatures but doesn’t enforce them.
    Firefox 43: Firefox will have a preference that allows signature enforcement to be disabled (xpinstall.signatures.required in about:config).
    Firefox 46: Release and Beta versions of Firefox will not allow unsigned extensions to be installed, with no override.”

    It seems the decision hasn’t been clear up to now. If add-on signing is is indeed enforced starting FF44 I will not update.

  44. Marcos said on January 25, 2016 at 2:47 pm
    Reply

    Thanks to your warnings on this web site, I am still using Firefox 42 — with no add-on signing. I intend to stay with 42. Versions 43 and 44 offer nothing compared to my familiar and useful add-ons.

    1. Kamisama said on January 26, 2016 at 9:45 pm
      Reply

      Don’t forget about the many security fixes that happened between 42 and now ;) If your not into the security and privacy safety then chrome will please you more.

    2. Appster said on January 26, 2016 at 1:19 pm
      Reply

      Why would you stay on Firefox 42? You can still run all of your unsigned Add-Ons in Firefox, it is rather easy:
      1) Update to Firefox 44.0.
      2) Insert “about:config” into the address bar.
      3) Click on “I’ll be careful, I promise!”.
      4) Insert “xpinstall.signatures.required” into the blank bar on top of the site.
      5) Set this preference to “false” via double click.

      Now you are good to go! Your unsigned Add-Ons will run just fine after that. However, please note that Mozilla is currently planning to remove this preference starting with Firefox 46.
      In my opinion there is not a single reason for you not to update, at least for now. Firefox 42 will no longer receive any security updates.
      In the future you may wish to use Firefox ESR as it will keep this preference. You can also try 3rd Party Builds, e.g. Cyberfox or Waterfox, which won't even block unsigned Add-Ons in the first place.

      1. derek said on January 29, 2016 at 11:59 am
        Reply

        and once to 46, you can switch to chrome…like most everyone will. thanks for nothing mozilla

  45. Ficho said on January 25, 2016 at 2:45 pm
    Reply

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.