This action by Mozilla raises awareness of the fact that Java security updates are too slow and too opaque and it's time to change to something else.

That said, users of these plugins are not just going to stop using these services. They need these services to make bank payments or trade their shares. Getting hacked is a smaller worry than being unable to use those services. That just means they will swap to a different browser. The web becomes no safer, and only Firefox loses market share.

If you get hacked and someone steals from your bank account, the bank will reimburse you and the police will (try) track down the hackers. Same way as if someone broke into a bank vault and stole the money. Being unable to sell off your shares because Firefox blocked your trading app means you are forced to switch browsers.

Basically it's a pointless display. Just show a warning if a website tries to use a plugin (any plugin, including flash - there are numerous undisclosed 0-days) and move on.

It also raises awareness of the fact that you can't trust some of the big names in the browser industry not to break stuff every few weeks just because they don't like it and then push the changes on you whether you want them or not.

Introducing restrictions so tight that you can't actually do your useful work any more isn't security, it's just broken.

That sounds like a long time if you're reading this in Firefox on your home PC, but if you're responsible for a large corporate network with thousands of users and a hundred critical intranet applications to keep working, many of which have a measurable dollar amount attached for every hour of downtime, different rules apply.

There is a reason so many large organisations stuck with IE6 for so long: having tried and tested, stable software is far more valuable in that kind of environment than having the latest shiny features that none of the in-house applications you're actually providing the computers/browsers to use need anyway.