Firefox 3 – security madness
Dear firefox developers. Could you _please_ rethink the current braindead approach to security? Security is important, but the current design is diabolical. I realise that this sometime changes (the windows version seemed better last time I used it). The rant below applies to the latest version on Ubuntu Hardy. For example, I clicked on a link from slashdot earlier today and was presented with this popup:
www.newsdesk.umd.edu uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is not trusted.
(Error code: sec_error_untrusted_issuer) \[OK\]
Firstly the explanation, whilst not bad is still mumbo jumbo to 99% of web users. However the _main_ problem and the point of this rant is the “OK” button. Currently I have to:
1. take a note of the site name
2. edit -> preferences
3. privacy tab (nope), security (nope), ah, _advanced_ tab
4. hunt around a bit more, oh “encryption” sub-tab
5. verification tab?, ah, no, “view certificates” tab (we aren’t viewing then, we are adding an exception)
6. server tab
7. click add exception
8. type in the address of the website
9. click “get certificate”
10. untick “permanently store” if desired
11. confirm security exception
12. close all those windows
13. reclick link
No, it’s not “OK” – it’s dreadful. With this I think firefox will lost many, many users fairly rapidly.
What I want firefox to do is to make clear what the security problem is and give me the choice of whether I:
* trust firefox and proceed no further (e.g. banking)
* tell firefox to add an exception (e.g. for a site I know, or the 50% of sites with self-signed certificates)
* tell firefox to ignore it ATM (e.g. for most other sites where I’m not really fussed – probably also self-signed certificates)
I think the best way to implement this might be in two steps. Firstly, ask me what I want to do – I suggest something like “Do you wish to ignore this warning and continue (not advised):
* No (default)
Then to make this _permanent_ either use one of those drop-down prompts (like the “remember password” one) or perhaps allow people to click on the padlock icon and add a permanent exception if they so wish.