I downloaded Firefox 40 today and now in Firefox Add-Ons > Extensions I get the following message Avast Online Security could not be verified for use in Firefox
Same result in Windows XP and Windows 7 machines.
I downloaded Firefox 40 today and now in Firefox Add-Ons > Extensions I get the following message Avast Online Security could not be verified for use in Firefox
Same result in Windows XP and Windows 7 machines.
In Avast free it says 39.0.3 is the latest. This is a bug since the latest version is 40.0.0
I guess it will be resolved in a few days… But it still is a bug.
It didn’t in mine as the software updater reported a new firefox version/update available.
This is firefox, for some time now add-ons have been signed, but not all add-ons are signed, so those will be flagged for caution. If you know the add-on then there should be no real problem. I have lots of add-ons that aren’t signed, but I have been using them for some considerable time.
I don’t know how various add-ons are signed, so we will just have to wait to see if it gets signed and by whom.
Thanks David / ramam
EDIT: See my reply #13 below for updated information…
I believe FF started “signing” extensions in late May.
Their announced plan [if they go through with it] is that UNsigned extensions will cease to work effective with the release of FF 41 ( 7 weeks from today). Today’s release starts WARNING users if they’re using UNsigned extensions.
So unless the avast OS plug-in gets “signed” by Mozilla, it will be “voided” in FF’s next [scheduled] release.
The problem with FF 41.0 if it follows through on that there are many old/discontinued add-ons that will be hit. I currently have 6 unsigned add-ons, the user should be able to take responsibility for their own choices.
If that is all true it is terrible news. I’ve just checked and I have three unsigned Extensions which include AdBlock Plus, WOT and Classic Theme Restorer. The latter, in particular, I would be gutted to lose.
What version of Classic Theme Restorer ?
I have Classic Theme Restorer 1.3.7 and that isn’t flagged - previously firefox 39.x annotated signed at the end of the add-ons - now they don’t do that and only flag those which aren’t signed. WOT and AdBlockPlus are the same not flagged.
I suggest that you try updating firefox if you haven’t got FF 40.0 and the add-ons.
I haven’t updated Firefox yet because the first I’d heard that FF40 had been released was when I read it here. I checked my Addons and saw that mysteriously their signed/unsigned status is now very prominent. I’m in two minds whether to update this this time and if FF41 is as described then I’ll be sticking with the last version working with my Addons and hang on to it as long as possible.
I’ve had prompts and updated FF twice recently, the previous time only last weekend to FF39.0.3. It really annoys me when they do that. Now we get this looming threat that some thing aren’t going to work or, from the sound of it aren’t going to be allowed to be used unless signed, with FF41.
It goes against the whole spirit of FF being able to control and customise it how you want.
Edit
I’ve checked on the Mozilla web site and I think a mistake has been made here. The threat to disallow unsigned addons will be from FF42 onwards. That’s due for release in November. Until then unsigned addons will only be disabled by default. Users will still have the option to enable the Addons that are unsigned.
Updated FF39.0.3 to FF40 literally a minute ago and as far as I tell no problems with AVAST or anything else ie. no warning messages and all addons enabled and functioning right from the restart.
Only extensions are checked for signing, and those that aren’t signed are flagged but not disabled at this time.
At this time, yes, but the threat to them comes with FF42 in November.
It is getting a bit weird now. Prior to the upadate to FF40 all the signed or unsigned Addon > Extensions were clearly shown but having updated that information is now absent.
Also, as the OP stated I too am getting the warning message: “AVAST Online Security could not be verified for use with FF. Proceed with caution”. The inference is presumably that AVAST, because it is unsigned, is therefore a potential security threat just highlights how bloody stupid and useless the signing process is at IFF.
Hi guys, easy solution, use FF ESR.
The information I posted earlier has indeed been revised…
Updated information about FF’s plans for banning unsigned extensions:
Firefox 40: Firefox warns about signatures but doesn’t enforce them.
Firefox 41 (ETA Sept. 22) : Firefox will have a preference that allows signature enforcement to be disabled (xpinstall.signatures.required in about:config). I take this to mean they will be disabled by default, but that this “feature” can be overridden.
Firefox 42 (ETA Nov. 3): Release and Beta versions of Firefox will not allow unsigned extensions to be installed, with no override.
See TIMELINE at https://wiki.mozilla.org/Addons/Extension_Signing
Looks like they have already done some preparation in the about:config settings, see image, which shows xpinstall.signatures.required is currently default set to false.
That is what is likely to change to true in FF 42.0 when it does, I really hope they aren’t so blind/ridged and the user can set that back to false.
I hope so too.
What I have noticed is that add ons that are frequently updated are not signed. The ones that are rarely or never updated are signed.
+1
After reading this post i’ve check my add-ons and reads that avast is warned…that is so stupid…
If will be impossible for me to keep add ons like classic theme restorer and web mail ad blocker…said so…i will downgrade back again to 39 IF FF 41 will disable these add-ons, period.
I’m tired of FF that more and more is turning like a copy of Chrome…i’ve still blocked my java into mozilla FF which is insane cause every darn update, doesn’t matter which it is,it is says that firefox doesn’t recommend to use.
What is FF ESR?
Firefox ESR
https://www.mozilla.org/en-US/firefox/organizations/all/
What Mozilla did was sign all up-to-date extensions that resided on AMO enmass. If the extension was an old one that didn’t pass muster for updating (the max version was outdated), it wasn’t signed. Also, if the signed extensions were later updated it lost the signing. It seems that now extensions that reside on AMO are signed at the time of vetting and acceptance, either new extensions or updated extensions.
Those extensions that aren’t on AMO require that the extension publisher request that Mozilla signs it, for each and every update. I’m fairly sure that some won’t bother, which means that come Firefox 42 it can’t be installed.