The just-released beta of Firefox 2 may disappoint those who expected a major overhaul, but it adds a variety of useful features that make it a must-have upgrade for Firefox users, including anti-phishing filtering, better RSS handling, a built-in spell checker, and more advanced tab handling.

In contrast to the dramatic redesign Microsoft has given to Internet Explorer 7, this is more an incremental upgrade than a major one. The final versions of both browsers will be strikingly similar in features, although not in design. When the two releases are final, IE will have largely caught up to Firefox, although the large ecosystem of Firefox extensions still gives the open-source browser the edge in usefulness.

Focus On Phishing
Phishing has become the latest scourge of the Internet, and Firefox attempts to address it. In a phishing attack, you're sent an e-mail that appears to be from a legitimate financial site, such as PayPal or your bank, and when you click an e-mail link to go to the site, it appears to be legitimate as well. But the site is in fact a spoofed one, and a scam artist steals your account information.

Firefox 2.0's phishing filter warns you away from dangerous Web sites. Click image to enlarge and to launch image gallery.

Firefox's anti-phishing filtering attacks the problem by checking every Web site you visit against a constantly updated list of known phishing sites, and also examining site characteristics to see if they match those of typical phishing sites. If it finds that the site is a phishing site, you get a warning. Click "Get me out of here!" to leave the site and you're sent to your home page. Click "Ignore this warning" to visit the site. The anti-phishing feature uses the same Safe Browsing technology currently available in Google's Toolbar for Firefox.

You have the option of having the list of phishing sites automatically downloaded on a regular basis, or you can have Firefox check the list in real time as you surf. In both cases, Safe Browsing provides the list. The default is to have the list downloaded, which means it would tend to be somewhat out of date compared to real-time checking. (Phishing sites are rarely long-lived phenomena, and are generally temporary sites that have a very short life. So if the download happens even as often as twice a day, it means that sites might not be caught -- even a delay of a few hours makes a difference.) If you want to have them checked in real time, select Tools/Options/Advanced/Anti-Phishing, and then choose the "By asking" option. You will get a warning that information about your browsing will be sent to Google; however, if you're okay with that, you'll get better protection.

	Firefox 2 Beta 1 Image Gallery
	For a close-up view of Firefox 2's new features, check out our Image Gallery.

How effective is the filter? In my tests, Firefox caught only one of four phishing sites tested; Internet Explorer 7 caught three. Here, at least, IE won, hands down.