"The problem, Mozilla says, is that some malicious site owners are using images of a padlock as their favicon which gives the impression of a secure connection. This could potentially trick less Internet savvy users into thinking the site is safe to transmit personal data over when in fact, it isn?t."
I think that those less savvy internet users will be tricked by a lot of other things if they think that a simple HTTPS connection makes a site safe to give personal info to. Personally I think that getting your credit card jacked may not be such a bad thing if it makes you more aware of the risks of the internet, and you'll learn to be safe before you get stalked, or one of your kids gets abducted.
That's just stupid, FF. Instead, they should present the security information differently, so it creates no confusion. Favicon is an awesome feature on the web, and who is FF after all to decide to dump it, give people more incentive to dump FF. Cheers!
One thing that Mozilla also mentioned - and will still be there is that with extended validation you will still be able to see who owns the site. That level of information should make more sites use Extended Validation certificates rather than the US$9.99 ones that we all can buy
Got to love the commentors who clearly didn't read the entire article. Anyways I wondered why Chrome was like this already... now it makes sense. Good job Mozilla but something so simple should have already been implemented long ago...
this change deserves to be applauded because it makes the net surfing by a common user much less prone to phishing attacks and scams. even though it may by itself not make web browsing more secure as such. if need be i would recommend giving the net savvy user an option to enable the favicon feature. however this may sometimes make a friend or a family member make an error if he or she is using that net savvy persons pc with the favicon option enabled.