digg

I had no idea that this button even had a function, as it never occurred to me to click on it. I hope that Mozilla does a good job in publicizing this security function when Fx3.0 is released. I think this is a big step forward in making security both visually easy & present, and yet unobtrusive at the same time.

I get more and more excited about this release every time I read something new about it.

I think Mozilla has done a really good job with this release, especially compared to Fx2.0, which seemed to make things a bit too clunky and slow. Fx3.0 has gotten extra features without visual weight, and more importantly without slowing the browsing experience itself down. It seems like everything has gotten a speed bump--rendering, javascript, memory usage, etc. Good work folks.

I just hope it looks half as sexy on Windows as it does on the Mac. ;-)

you can test a couple here:
verified: https://www.paypal.com/
secure connection: https://www.cia.gov/
attack site: http://www.mozilla.com/firefox/its-an-attack.html
forgery: http://www.mozilla.com/firefox/its-a-trap.html
ssl error: https://mozilla.com/

The best just got better

Mozilla Firefox way ahead of other browsers.

ah, very cool.

Firefox is going to own, hard!

I've been using BETA 5 for a while and love it. Its more stable and secure. Its one of the best BETA releases I have ever used out of all the BETA software I have tried. I can't wait for Firefox 3 to go gold.

Opera is currently my favorite browser, but i think when firefox comes out of beta, that little O icon is going to get a foxy friend right next to it.

Its looking better and better all the time.

The problem with the attack site blocker is that there doesn't appear to be a good way around it. A few weeks ago I was trying to read a forum that had been blocked an attack site...when I clicked on the 'more info' button it appeared that the site had been clean for weeks, but yet it was still blocked.

The red card is currently a pain, there is no way to skip it except for disabling the checks in options. They should add a "I don't care" button.

Extended Validation has been a feature in IE7 for a while. This was actually a topic on Security Now recently.

Like many others said, this is a great step forward for Firefox and shows what happens when talented open source designers get together to refine a browser.

I am curious though, do you think the not so tech-savy user (my mom for example) might be able to understand this?
Unforutnately, it's those individuals who aren't tech-savy or are too trusting that usually end up getting into the most trouble out there in the field.

What scary is that Chase's site only brings up a gray box. It's not like they're a small bank, time to get with the times.

Passport Officers? This is excellent. It's like having the TSA right inside your browser.

That site is gray.

I know this is more or less off topic, but did they scrap the "privacy mode" (aka porn mode) idea that they were talking about? I love the URL suggestions and smart bookmarks in FF3, but not when they display porn sites...

The whole browser certificate system is hopelessly broken. I've seen large companies that handle large transactions online with completely busted certificates. I've seen certs registered to "changeme.com" or something similar. I've seen expired certs, certs registered to unknown signing authorities and certs registered to the wrong IP address. Obviously, many people continue to hand over their personal financial info without thinking twice. I'm sure their browser at some point gave a warning about a certificate possibly being misconfigured and giving the option to "trust" them anyway. The only thing the browser knows is that it either passes verification or fails, so I'm not sure how they get these lame certificate warning messages with phony explanations. Maybe I'm just too pessimistic...

I am a little ***** about the un-signed screen.
It looks like an error page. I use self-signed ssl certs and when I first saw that screen I was confused.
The whole look needs to change to better explain what is going on and buttons need to be added instead of a tiny web-link. Maybe they could make the "I trust them"/Proceed/Continue button a little smaller so people stop and think.

I applaud the effort but am very disappointed with how self-signed certificates were handled. The author states "they don't mean anything" but later back peddles and admits there are legitimate exceptions.
The problem is that (this portion) of the new (passport cop) feature discriminates against sites that opt to self-sign. When a user requests a page from a self-signed domain that request is (essentially) _hi-jacked_ by Firefox. The heading that states 'Secure Connection Failed' is incorrect and the text that follows is misleading to the user. A (non) technical user may see the bold heading and immediately close the page. If the user does read the text they are given so little information that an informed choice to 'Add an exception' is unlikely to ever happen unless they possesses a certain level of knowledge or they were _specifically_instructed_by_the_web_site_to_do_so_. We can all agree that instructing users to (basically) disregard security related alerts undermines any effort made at keeping them safe. I shudder to think about how many times users were instructed to 'Continue Anyway' when prompted that their software had not passed Window's Logo testing on Windows XP. When they find out that their page requests are being hi-jacked by Firefox this is *exactly* what those sites are going to be telling the users to do.
There are many sites whose content is politically/culturally/socially sensitive and that communicate over secure connections (more often than not through a self-signed certificate). These sites would absolutely be affected by this new feature and that is more than enough reason to revisit it's current implementation.

Shouldn't they make it red instead? The gray doesn't stand out enough.

Oh wow. I've been using Firefox 3 Beta for a while now and never even noticed this was even there.

I wonder what other neat features I never noticed.

Is there any way to put the fanboy and butt kissing comments at the bottom, and the sober comments at the top? I like FF, use it all the time, but its cheerleaders can be such a bore.

Digg does not supply identity information

Where's the "it's a trap" ascii art?

cool, something IE7 has had for years
looks like firefox is finally catching up.

IE7 has a one click icon to the left of any SSL enabled site that gives you the same information, albeit in slightly less colorful style. Not to take away from Firefox 3 or anything, but lets be fair.

Hopefully this fixes all the issue of Firefox 2.0. I switched from IE to FF only two realize a) it was FULL of absolutely horrible memory leaks, and b) it was even WORSE security-wise than IE.

Hopefully the open-source Mozilla community can their ***** together. If they can, I will be one of the first ones using FF 3!!! Can't wait!

Great, now you have to white-list self-signed SSL to view a site? Now they're harming those putting forth an effort to make a site more secure than with no encryption at all.

sick of dealing with security issues..