I just came across this Phishing Vulnerability in Firefox wherein you can spoof the source URL in the download dialog box. Just another one of the many reasons to believe that without security, no amount of progress can be made. We need to make browsers secure before they can do any fancy UI dance !
"Secunia rated the flaw "less critical" and has confirmed the vulnerability in Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows, and Mozilla Firefox 1.0. It added that "other versions may also be affected."
it was only a matter of time before mozilla was going to attract hackers.