Mozilla Firefox 51 warns you when visiting insecure data-grabbing websites

The latest update encourages developers to use HTTPS by letting users know when data is collected, but not protected.
Written by Charlie Osborne, Contributing Writer

The Mozilla Foundation has tweaked the Firefox browser to make it clear to users when they are visiting an insecure website which collects their personal data.


With the release of Firefox 51, users will now be made aware when websites are using HTTP rather than the more secure variant, HTTPS, but are still collecting their information.

In a blog post, Firefox developers said they would like "to see all developers use HTTPS for their websites," which creates secure connections between a browser and web server with digital certificates approved, making eavesdropping and Man-in-The-Middle (MiTM) attacks more difficult to accomplish.

Without the use of HTTPS when exchanging personal data or conducting activities such as online banking, communication can be exposed, stolen, or tampered with by attackers, placing users at risk.

With the launch of the latest version of Firefox, Mozilla has now included a few changes to make it obvious when HTTP is in use. Up until now, Firefox used a green lock icon in the address bar when HTTPS is in use and no lock icon at all when HTTPS is nowhere to be found.

Now, however, Firefox 51 will use a gray lock icon with a red strike-through to make users aware that connections are not secure. The warning goes further, and when hovered over, will display "Connection is Not Secure," and "Logins entered on this page could be compromised."

"To continue to promote the use of HTTPS and properly convey the risks to users, Firefox will eventually display the struck-through lock icon for all pages that don't use HTTPS, to make clear that they are not secure," Mozilla says. "As our plans evolve, we will continue to post updates but our hope is that all developers are encouraged by these changes to take the necessary steps to protect users of the Web through HTTPS."

Mozilla is now following in the steps of Google and the Chrome browser. This year, Chrome is due to begin marking insecure websites in a similar fashion. HTTPS websites are already used as a ranking signal in the Google search engine and are prioritized when possible.

Firefox 51 is also the first browser to incorporate 3D graphics support system WebGL2, which permits the play of FLAC media, and IndexedDB2, a developer tool which permits APIs for local data storage.

This week, Mozilla patched 33 bugs in the Firefox browser and Firefox ESR, five of which were deemed critical. Vulnerabilities include a use-after-free flaw, memory corruption issues, and Address Space Layout Randomization bypass, some of which can lead to crashes if exploited.

10 steps to erase your digital footprint

Simple hacks to make Google Chrome better and faster:

Editorial standards