Comment 7 for bug 1186793

This requires more than just switching to HTTPS. The updates UI will also need to explain HTTPS failures in such a way that users don't seek insecure workarounds.

Windows updates are being subjected to MITM patches. Windows Update correctly fails to install them, but gives a vague error code. Googling for a solution to the problem leads people to a direct download that is not subject to the same security checking and can therefore be MITMed successfully. <http://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries/>

Discouraging people from bypassing HTTPS errors is a problem also faced by browser designers.
<http://blog.johnath.com/2008/11/06/ssl-error-pages-in-firefox-31/>
<http://webscripts.softpedia.com/blog/Chrome-s-New-SSL-Error-Pages-393600.shtml>