Mozilla removing favicons in Firefox due to security risk

Shawn Knight

Posts: 13,000   +130
Staff member
Mozilla has deemed favicons a security risk and will be doing away with the tiny graphics in Firefox. The organization has already made the change on the most recent nightly...

Read the whole story


Posts: 101   +3
Should of mentioned it only applied to the address bar sooner. Samfind utilizes these pretty well in its bookmarks toolbar and I would hate to see them completely go.


typical mozilla, removing features instead of fixing the actual problem. the actual problem of course being their shoddy user interface.


Posts: 2,006   +18
"The problem, Mozilla says, is that some malicious site owners are using images of a padlock as their favicon which gives the impression of a secure connection. This could potentially trick less Internet savvy users into thinking the site is safe to transmit personal data over when in fact, it isn?t."

I think that those less savvy internet users will be tricked by a lot of other things if they think that a simple HTTPS connection makes a site safe to give personal info to. Personally I think that getting your credit card jacked may not be such a bad thing if it makes you more aware of the risks of the internet, and you'll learn to be safe before you get stalked, or one of your kids gets abducted.


Posts: 3,363   +3,804
Gee, Mozilla, maybe you might consider making a <b>user preference</b> that's simply disabled by default? Or have you become Microgoogleapple??


Posts: 5,417   +4,899
That's just stupid, FF. Instead, they should present the security information differently, so it creates no confusion. Favicon is an awesome feature on the web, and who is FF after all to decide to dump it, give people more incentive to dump FF. Cheers!


Posts: 31   +7
One thing that Mozilla also mentioned - and will still be there is that with extended validation you will still be able to see who owns the site. That level of information should make more sites use Extended Validation certificates rather than the US$9.99 ones that we all can buy


Got to love the commentors who clearly didn't read the entire article. Anyways I wondered why Chrome was like this already... now it makes sense. Good job Mozilla but something so simple should have already been implemented long ago...


Opera already does this too btw (Using Opera 11.62 stable on Win7 here).


Looks like everyone is still trying to catch up with Opera! Opera figured this out some time ago. Seems Opera is the only browser that's really on the ball.


this change deserves to be applauded because it makes the net surfing by a common user much less prone to phishing attacks and scams. even though it may by itself not make web browsing more secure as such. if need be i would recommend giving the net savvy user an option to enable the favicon feature. however this may sometimes make a friend or a family member make an error if he or she is using that net savvy persons pc with the favicon option enabled.


Posts: 113   +6
I'm all for this, to be honest. They're preserving the feature where it really matters: In tabs and bookmarks. And the logic makes perfect sense.