Mozilla is to drop anti-phishing protection from the final update to its Firefox 2.0 browser, after Google warned that the feature runs on an obsolete protocol.
Firefox 220.127.116.11 will be the final security update for the open-source browser, which launched in 2006, and is expected to ship on December 16. Firefox 3.0 has been available since June.
"The latest published update for Firefox 2, which is version 18.104.22.168, has the Phishing Protection feature enabled and working," said Mike Beltzner, director of Firefox, in an email to Computerworld US. "However, the next planned update for Firefox 2, version 22.214.171.124, will be required to disable this feature."
Phishing Protection is a feature which warns users when they attempt to reach a site Google suspects of hosting identity theft scams. Beltzner said Google asked Mozilla to disable the feature in Firefox 126.96.36.199 because the older browser line uses an obsolete protocol.
"The Phishing Protection feature in Firefox 2 relies on data provided by Google via the first version of the SafeBrowsing protocol," said Beltzner. The most recent version of the protocol is SafeBrowsing v2.2.
Firefox 3.0 has relied on SafeBrowsing v2.1 since its release several months ago, but is moving to v2.2 this month for its anti-phishing and anti-malware features.
"Now that Firefox 2 is reaching the end of its support lifespan, we have been asked to turn this feature off as Google will no longer be supporting requests using the obsolete SafeBrowsing v1 protocol," said Beltzner.