A setting in Firefox, security.enterprise_roots.enabled, in about:config was blocked

  • 22 July 2019
  • 7 replies

While going through some of the low-level settings of my Firefox web browser I noticed that one of the settings was blocked and I could not toggle the setting from true to false.

The setting in question: "security.enterprise_roots.enabled" was being blocked from change by a JavaScript file in the "C:\Program Files\Mozilla Firefox\defaults\prefs" directory.

I had specifically disabled the web security functions within Kaspersky Total Security yet this script had altered my web browser to use Microsofts certificates instead of Mozillas.

Is this setting needed for anything other than Kaspersky's web security or proxy for HotSpot Shield?

Thank you for your time and any response

7 replies

Userlevel 7
Badge +11
Hello @C0ncerned_Citizen,
  • Please show an image of KTS disabled web security functions?
& go to:
  • KTS (application), Settings, Additional, Network > Network settings, scroll to the bottom of the page - Mozilla Firefox & Thunderbird, please screen print & post back image?
  • & please provide:
  1. KTS version?, patch(x)? x = letter, free or licensed?
  2. Operating system, version, build?
  3. Firefox (browser) name? version?
& C:\Program Files\Mozilla Firefox\defaults\pref - which file?
  • Please copy & upload the file using the upload icon in your reply post
  • On a system WITHOUT KTS:

  • Re: "HotSpot Shield", please let us know more information, clarify?
  • Also, is KasperskySecure Connection installed? in use?
If "yes", please provide: KSC version?, patch(x)? x = letter, free or licensed?
Please post back?

Some general reference reading:
Okay, yes. I do see that setting for Mozilla Firefox and Thunderbird as you mentioned.

The script that had kept me from toggling the settings in about:config is called: "kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js"

But what concerns me now even more was that I had installed KTS back in January of 2018 and have not changed any of the settings after I had first set KTS up, yet the timestamp of the JavaScript file in question shows that it was just created 4 months ago.

I don't like new functions being added that I did not expressly set up myself especially when it comes to trust certificates.

As far as HotSpot Shield, I only mentioned them because they were used for the Kaspersky "Secure Connection" (Or at least it was back in early 2018) and also the main reason that I did not use it due to HotSpot Shields horrendous privacy issues.
Userlevel 7
Badge +11
Hello @C0ncerned_Citizen,
Thanks for posting back.
We would like to help.
Please provide the requested information so we can, otherwise, any analysis/information provided, based on generic information, will, in & of itself, be generic.
I "get" your concerns.
You already did help and answered my question.

You showed me the setting in Kspersky that had created the script and why it was there.

I had already resolved the issue before posting my question by simply renaming the file extension of the script from .js to .txt and after restarting my Firefox browser I was no longer blocked from changing the setting in about:config.

Also, I don't publish sensitive information that you are requesting on public message boards.
And you, as a security company representative, shouldn't ask users to do so either.

Sending that data over a private message to one of your reps would be more appropriate.

Thanks for your time.
Userlevel 7
Badge +11
I don't publish sensitive information that you are requesting on public message boards. And you, as a security company representative, shouldn't ask users to do so either. Sending that data over a private message to one of your reps would be more appropriate.

Glad it's fixed @C0ncerned_Citizen.

All of the requested information is standard, none of the following is "sensitive" information:
  • Image KTS disabled web security functions.
  • Image KTS (application), Settings, Additional, Network > Network settings, Mozilla Firefox & Thunderbird.
  • KTS version?, patch(x)? x = letter, free or licensed.
  • Operating system, version, build.
  • Firefox (browser) name? version.
  • C:\Program Files\Mozilla Firefox\defaults\pref - which file.
  • .js file, as easily as it's renamed, it's also easily copied & modifed to remove any "personal" information, I checked 3 systems, 3 Mozilla Firefox browsers, for 3 different used, all identical (Mozilla) kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js files, none have any "personal" information, yours may well be different, if that were the case, the file could copied & edited, to censor the information you'd like protected.
The requested information would/will be asked by all support (if they're professional).
The Community is made up of users of Kaspersky software (like you) , all give their time freely, to help other Community members (like you). There's a small team of Kaspersky employees - all of whom are clearly identifiable, bc, their profile shows "Kaspersky Lab Employee". For the most part, & from my observations, the willing helpers engage in providing technical analysis to address technical issues.
Any Op, always has the option of sending information privately, or, as a courtesy, advising/asking the requestor, they would like to provide the information, "how can it be done, so nothing is disclosed in the public space?"
And, any Op, with licensed Kaspersky software, always has the option of rasing the issues/concerns with Kaspersky Technical Support.


This setting also slows down Firefox first website load by 5 seconds. Followup websites load fast. Disabled kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js and Firefox loads fast also on first website.https://bugzilla.mozilla.org/show_bug.cgi?id=1591691

Solved with Firefox 71