搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Downloaded Mozilla Firefox 4 and yellow security lock disappeared from lower right hand corner - where did it go?

  • 13 个回答
  • 156 人有此问题
  • 2 次查看
  • 最后回复者为 Xircal

more options

I downloaded the update of Firefox to Mozilla Firefox 4 today and noticed the changes in the tool bars/info bars. I am concerned because I no longer see the yellow security lock at the bottom right hand corner of the screen when I log onto a site which should have secure access for information and/or purchase. I do not see any other icon which has replaced it either. Is it safe to log on to my bank, credit card, make online purchases, and how do I know this?

I downloaded the update of Firefox to Mozilla Firefox 4 today and noticed the changes in the tool bars/info bars. I am concerned because I no longer see the yellow security lock at the bottom right hand corner of the screen when I log onto a site which should have secure access for information and/or purchase. I do not see any other icon which has replaced it either. Is it safe to log on to my bank, credit card, make online purchases, and how do I know this?

所有回复 (13)

more options

The padlock has been replaced by the site identity button, for details on using it see https://support.mozilla.com/kb/Site+Identity+Button

more options

There is one major problem with this new feature. Firefox now doesnt notify you if some of the content in the page is insecure. MAJOR MAJOR security hole. Maybe I'm wrong and there is some notification but I havent seen it yet. Now when I'm putting in my credit card number there could be an insecure javascript function on the page collecting that number and sending it plain text over the internet. Great!

more options

Ok like I said just not very clear. The site identity button just disappears. This is one area that IE has always been better unfortunately. It allows you to load only secure items on the page to prevent eavesdropping. It also pops up an error to warn you about it. Which keeps less savvy users from using an insecure connection.

more options

See http://www.dria.org/wordpress/archives/2008/05/06/635/ dria.org » Blog Archive » Firefox 3: Site Identification button

more options

Yeah thats why I like IE's implementation. They give an alert that notifies you of insecure content. It even gives an option to not load the insecure items. There is no such option in firefox. The old padlock did show an exclamation mark on the lock that told you it was not safe which is basically the same as the site identity button disappearing. So now that I have figured this out I know that the site identity button will disappear when it isnt safe. Normal internet users will be able to figure this out but my 60 year old mother will not. She will see the identity button on the first page of a 5 page form requiring identifying information and wont realize that page 5 is not completely secure for instance. The site identity button missing from the address bar is easily missed while the IE alert on page 5 will tell her something is wrong. But this is an issue I have always had with firefox so I guess its nothing new.

more options

If FF4 is not warning users about insecure content on a page, it can definitely be a security issue, as many external JavaScript calls may pass sensitive information, and it should be passed securely.

If you want to see if a secure page is actually fully secure, paste the https URL into the text box at:

WhyNoPadlock.com

more options

Okay, thanks for clearing that up. However as people are accustomed to seeing the gold lock I think it would be GOOD if it was also displayed where is was previously as well as the new 'site ID button. It's hard to change old habits.

more options

I'm not as concerned at the lack of the yellow icon as I am at the lack of a proactive warning that a page contains both secure and insecure content. (And no, I don't consider turning the background on one button grey a proactive warning, especially since I do a lot of work in test environments with self-signed certificates.)

I do web QA, and my devs have been known to screw up the templates and hard code HTTP references on HTTPS pages. I know that most users don't care about those sorts of warnings and told them to go away and not come back, but those of us who do care for whatever reason care a whole lot. Not having even the option to display the old style warning is a big problem. Any time I have to tell people that older versions of Firefox, or even IE, are preferable for security testing, there is a problem.

more options
more options

I agree you should make the padlock automatic. I really need to know if the site is secure and the site id button is confusing

more options

You can click the How do I tell if my connection to a website is secure? on the left end of the location bar to see the padlock if there is a secure connection.
A click on the "More Information" button will show more details about the connection.
The background color of the "Site Identity Button" on the left end of the location bar will change color (blue or green) and show the domain in case of a secure HTTPS connection.

  • Hover the How do I tell if my connection to a website is secure? then to see "Verified by xxxx"
  • Click the "Site Identity Button" on the left end of the location bar to see the padlock
  • Click the "More Information" button in that pop-up to see additional information about the connection.
more options

The whole point is that it now takes more 'clicks' to accomplish the same thing as a quick glance use to. This seems to be the pattern with Firefox 4 (hiding useful controls). Imagine for a minute that there is this great new car with more horsepower, acceleration and better gas mileage but part of the improvements are to put the gas pedal on the left, brake on the dash and have a tuck-away steering wheel. Not to worry though, since there are kits for you or your mechanic to fix some of this.

more options

Actually, you don't have to click anything. If the favicon is green, it means all transmissions are encrypted.

Click the link the-edmeister posted to see what I mean.

由Xircal于修改