Help us uncover Firefox 3rd party installer
discourse.mozilla.org
In 2023, a significant portion of Firefox downloads came from unknown sources. We believe many of them came from 3rd party websites that let you download Firefox. While some websites are okay, others can put you at risk of downloading an old version or a build with the wrong locale, leading to security risks, a bad user experience, or even malicious installations. Help the Firefox team to uncover this mystery by taking part in the Firefox 3rd-party installer campaign! There will be swag, and y...

From the post:

In 2023, a significant portion of Firefox downloads came from unknown sources. We believe many of them came from 3rd party websites that let you download Firefox. While some websites are okay, others can put you at risk of downloading an old version or a build with the wrong locale, leading to security risks, a bad user experience, or even malicious installations.

Help the Firefox team to uncover this mystery by taking part in the Firefox 3rd-party installer campaign 3!

There will be swag, and you’ll be featured in our blog if you manage to report 10 valid reports. So don’t forget to invite your friends too!

Have any questions about this campaign? Join us on Matrix or watch the recording of our community call with Romain Testard, Principal Product Manager at Mozilla.

Please also help spread the word about this campaign by sharing this on your social media.

Keep on rocking the helpful web,

Kiki & Konstantina

  • Possibly linuxEnglish
    -358 months ago

    “We just need to protect our intellectual property”

    Obviously harmful versions of Firefox that do not release the source code are bad but there are probably soft forks.

    • @[email protected]
      788 months ago

      This isn’t about forks, it’s about installers that pull directly from Mozilla’s servers. This could be installers that bundle malware/adware with it.

      If you fork it, you’ll be building the source and distributing it yourself. This isn’t about that.

      • @[email protected]
        -158 months ago

        It could be “forks” that are just installers packaged with distinct configuration files or add-ons.

        • @[email protected]
          118 months ago

          Evidence? And if so, I don’t think Mozilla cares (e.g. snaps are probably repackaged installers).

          If you’re renaming things, you’re going to recompile to put your branding on it. So things like Mull, Mullvad Browser, Librewolf, etc will all use their own binaries.

          • boredsquirrel
            38 months ago

            The flatpak is absolutely not a repackaged installer and I dont think the snap is either.

            • @[email protected]
              28 months ago

              Cool, I just figured packagers would be lazy and just use upstream builds. That’s what I would do.

              • boredsquirrel
                38 months ago

                They mostly use mozilla binaries, but download them once and package the install in their own format.

                So this will download once instead of thousands of times

        • @[email protected]
          418 months ago

          It’s not. It’s literally talking about installers, not source forks.

          Believe what you want, I guess, but the facts available say otherwise.