Thumbnails On Firefox’s New Tab Page Could Expose Your Private Data, Fix Coming Soon

Mozilla’s Firefox 13 launched earlier this month and the latest version of the popular browser introduced a number of new features, including support for Google’s SPDY protocol and a new homescreen and easy access to your most often used sites through the improved new tab page. That convenient new speed dial-like new tab page presents a bit of a security risk, however. As the Register reports, the thumbnails that accompany these links on the improved new tab page have the potential to leak personal information. The browser, it turns out, regularly takes screenshots of your browsing sessions to create these thumbnails (even while you are browsing a secure site) and, in the process, could potentially expose your private data like banking information or email subjects to anybody else who uses your computer.

Talking to InformationWeek, Mozilla acknowledged this issue and said that “Mozilla remains resolute in its commitment to privacy and user control. The new tab thumbnail feature within Firefox does not transmit nor store personal information outside the user’s direct control.” Mozilla promises that it will fix this issue in a “future release.”

Overall, the risk of somebody stealing your identity because of this seems pretty small, but the browser probably shouldn’t capture screenshots from pages that sit behind login pages and from secure sites. Just to be on the safe side – and especially if you are on a shared computer – it’s probably be best to turn this feature off for the time being. On a shared computer, of course, you can also use Firefox’s Private Browsing Mode (which you should probably do anyway if you are using a public machine).

Google’s Chrome and Opera have been using similar new tab pages to make accessing often used pages faster for quite a while now. There has been some limited discussion of the privacy implications of this feature in Chrome, but these two browsers use smaller and hence harder to read thumbnails than Firefox. Maybe that’s why we never heard much about these thumbnails as a security issue so far. Firefox, however, uses relatively large thumbnails to begin with and they also scale with the size of the browser window.