PS.: Chrome and Opera are having the same/simillar info gathering system. It's seems harmless (For example I'm for not bothered that this info is send to them), but as I said before: It misleads people who want to validate the installer download with shasums. As it's said on Mozilla forum: "We would like to know from where we get new users". When app is installed, the implement identifier is sent to Mozilla, so they now which installer was used. When You download an installer, download page gathers that info and stores it on a server, but at the same time it generates a unique identifier. The information is not passed to installer directly. Information that is gathered by them is: Download page, current used web browser, default system web browser, and some other info. So, after some research I think that Mozilla tries to "connect download with install" of Firefox. It would be nice for someone (for example from Mozilla) to comment on this. Unfortunately, this misleads people who want to validate the installer download. I think this is normal/expected behavior, perhaps due to mozilla's policy of collecting some statistics. These installer differences are simply due to the behavior of the Mozilla website. Firefox exe", this installer has sha256 sum exact the same as listed in official sha256sum from Mozilla ftp server.
Firefox download full install Offline#
However, when a browser with script blocking (or greater privacy protection) is used, scripts used by the website will be blocked and you will see an older version of the download page (Language, Windows exe installer link, Windows msi installer link, Linux installer link.etc), when You click on exact download link You get an offline installer from page for example: "htttps download installer cdn mozilla net pub firefox releases. Hashes are different because either the installers are created dynamically in a slightly different way each time, or the server puts additional information in the installers (e.g. I think that if you using that way of download, each time a key-number/(some kind of identifier) is generated, and an installer is dynamicaly created by Mozilla server. All files downloaded this way seem to be valid and contain valid Firefox installer, they also are correctly digitaly signed. If You reload this page and try to download once again the number between "/win64/" and "/Firefox." will be different, you also will download a installer with different hashsum. When You click "Download Now" You'll get the offline installer from page with link (for example): "https cdn stubdownloader services mozilla com builds firefox latest ssl. When You download Firefox (offline installer) from "Mozilla org -> Download options and other languages" and You're using web browser that don't have any script/privacy blocking You will see a download page with dropdown lists showing (Which browser would you like to download?) (Select your preferred installer) (Select your preferred language).
That sum never corresponds to one provided by Mozilla ftp server.īut when Firefox with noscript addon is used the download page looks different and You could download offline installer that has a sha256 listed in official ftp mozilla org -> sha256sum file. I have noticed that when downloading offline installer from (" -> Download options and other languages") each time you download an installer it has different sha256sum. From some time there's an issue with Firefox offline installer.