***!!!%%!!! Kaspersky vs. Firefox

[Bob Williams]

Latest Firefox 60.0 (64) has thrown out its dummy over Kaspersky certificates again! If affected, go to Kaspersky dashboard –

Settings – (small “cogwheel”, lower left) –

Additional – Network – “Do Not Scan Encrypted Connections.”

That’s it, until someone bangs Firefox and Kaspersky’s heads together.

When the Thought Police arrive at your door, think -
I'm out.

[Dave Rice]

What causes the issue Bob? I have both and can’t see any problems with https connections.

[Ed P]

Sounds like a corrupted certificates pool. link

[Bob Williams]

Dave Rice wrote:

What causes the issue Bob? I have both and can’t see any problems with https connections.

Thanks Dave.

Looking back to when it happened, I believe it was Kaspersky, making a unilateral decision to update my Total Security 2017 to 2018. At the same time, Kas’s Update service also updated Firefox to version 60.0 (64 bit).

I had this before a couple of years ago, so remembered what I did last time:

Additional – Network – “Do Not Scan Encrypted Connections.” It worked, but will this cause me any further problems?

When the Thought Police arrive at your door, think -
I'm out.

[Ed P]

Maybe Dave and I have been lucky in applying Kaspersky patches at the right moment, however like you, others have not and the ‘approved’ solution is:

“In a new Firefox tab, type or paste “about:config” in the address bar and press Enter/Return. Click the button promising to be careful. 2. In the search box above the list, type or paste “roots” and pause while the list is filtered 3. Double-click the “security.enterprise_roots.enabled” preference to switch the value from false to true.”

Mozilla link

The only possible downside is that if you already have a malware infection this action approves its root certificate. Damned if you do etc, but better than turning off https security!

[Author]

Posts