Closed Bug 1100356 Opened 10 years ago Closed 8 years ago

Link to Flame base image downloads from a non-wiki https mozilla.org page

Categories

(Developer Documentation Graveyard :: Firefox OS, defect)

Product:
Developer Documentation Graveyard
Component:
Firefox OS
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: hsivonen, Unassigned)

Details

Steps to reproduce:
 1) Navigate to https://developer.mozilla.org/en-US/Firefox_OS/Developer_phone_guide/Flame
 2) Locate the base image download links.

Actual results:
The links are on a wiki page and point to an obscure CDN. Unless you examine the wiki history carefully, you have no idea whether the links to privacy-sensitive software were made by a real Mozilla representative or an attacker who edited the wiki to point to malware.

Expected results:
Expected the wiki page to link to a non-wiki https page on the mozilla.org domain and expected the https page on the mozilla.org domain to have the actual download links. This way, users would have more confidence that the download links are legitimate (without having to examine wiki history).
This non-wiki page could be https://nightly.mozilla.org/ . Better yet if it had SHA-256 to allow users to check integrity while bug 1100353 remains unfixed.
Firefox OS is stoppedd now. Resolving thee issue.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.