Google shuts off anti-phishing feature in Firefox 2.0

Mozilla had announced earlier that it is not planning to do any further security & stability updates for Firefox 2 and the phishing protection service will no longer be available for Firefox 2 users from January 20, 2009. As announced the phishing protection service has been turned off for Firefox 2.

The phishing sites list (also known as black list) is generated by the Google Search in Firefox 2 using the initial version of the SafeBrowsing Protocol. Google and Mozilla have updated the SafeBrowsing protocol to version 2.2 now. Google has requested Mozilla to turn off the phishing filter in Firefox 2 to encourage users switch to latest versions of Firefox and discontinue using the old browser so that Google can stop using the old protocol.

Firefox 2.0.0.19 and 2.0.0.20, the final 2 versions of Firefox 2.0.0.X series were released without this built-in security mechanism while further earlier versions of Firefox continued to provide the service.

Mozilla has advised users of Firefox 2 to disable the setting Tell me if the site I'm visiting is a suspected forgery in the Security preferences under Options Menu. Mozilla has also recommended users to upgrade to Firefox 3 as it offers a free Phishing and Malware Protection service.

Report a problem with article
Previous Story

President Obama's inauguration in 3D courtesy of Microsoft

Next Story

Sony expected to announce restructuring plan soon

16 Comments

Commenting is disabled on this article.

Bioran23 said,
Why does the title read Google...?

Mozilla =/= Google the last time I checked.


Because Google supply the data and infrastructure for Mozilla's anti-phishing system. The way the anti-phishing protocol works has changed to be much more efficient for Google to run, and so they've now stopped Firefox2's inefficient anti-phishing from working by turning the servers that support it off. Firefox3 and beyond are of course uneffected as they use the newer, more efficient anti-phishing protocol.

Although Fx 2.0.0.19 and 2.0.0.20 had the anti-phishing system turned off in the browser, users on 2.0.0.18 and earlier were still protected because Google's fx2 anti-phishing servers were still active. But no longer.

How old is Firefox 2?

I wonder how the rest of the world would react if MS dropped support for one of its products that had that age.

That's what I don't get about the freeware alternatives' double standard...whether it's a browser or a Linux kernel...MS would never be allowed such short support windows (pardon the pun). I mean, they're still producing updates and hotfixes for OSes and browsers I was using at the same time I was developing software that was intended for RedHat 6.x...when did the last RedHat 6.x update come out?

The first thing i do when i install a new browser in turn off anti-phishing crap.

Btw ugrade to Firefox 3 it's better.

This is exactly why programs should have self-updating mechanisms like Windows Update, to proceed unless there are problems such as too low hardware requirements.

ozgeek said,
This is exactly why programs should have self-updating mechanisms like Windows Update, to proceed unless there are problems such as too low hardware requirements.

And that is exactly what Firefox has.

The uninformed would have had the browser attemp to update anyway telling them they should hit ok to get the newest version. I'd imagine most users would have just followed those default recommendations.


Smigit said,
The uninformed would have had the browser attemp to update anyway telling them they should hit ok to get the newest version. I'd imagine most users would have just followed those default recommendations.

Agreed. The people who haven't upgraded are the ones who deliberately chose not to (due to extension incompatibilities and the like. The people that didn't upgrade are probably aware that FF2 is no longer supported, and are probably going to be upgrading soon.

The "uninformed" have to take responsibility for themselves. You can't rely on a phishing filter to do all the thinking for you. If you don't know what you're doing on the Internet take some responsibility and LEARN about it first. Web browsers are for BROWSING, not hand holding.

C_Guy said,
The "uninformed" have to take responsibility for themselves. You can't rely on a phishing filter to do all the thinking for you. If you don't know what you're doing on the Internet take some responsibility and LEARN about it first. Web browsers are for BROWSING, not hand holding.

You're wrong, and stop being so elitist. The internet should be able to be enjoyed by everyone irregardless of their technical background. Having some kind of anti-phishing feature is a big step to protect tens of millions of people from nefarious websites that otherwise only an internet expert could consciously avoid.

The web is a big and awesome place, but also sometimes nasty - but it's for everyone, and making it a safer place for everyone is always a good thing. People shouldn't need to understand how something works in great detail to be able to use it, and if the software can do something to make their experience safer then it should.

I know some people are absolutely stubborn about change, but 3.x is so much better anyhow. Can't really see someone arguing against this.