sniff the connection rather than jumping to conclusions (and especially before telling people to disable a safety feature of their browser).
Safe browsing does not send the addresses you visit over the wire. The protocol was very carefully designed to be both fast updating and not expose any information about the sites you visit.
edit: just to save time for others parsing the protocol page, and it's been a while since I've read it, so someone please correct me if I have this wrong, but Firefox (and Chrome, and maybe others, not sure) stores a local set of the first 32 bits of the 256-bit hashes of all the sites currently marked as hosting malware or whatever. Your browser pings fairly often to get an updated version of this set of sites.
When you visit a page, the canonicalized name of the page you're on is hashed and the first 32 bits are compared against the database of prefixes. If there is a collision (I believe there are usually a few hundred thousand entries of the 2^32 available hash prefixes), only the first 32 bits of the hash of the page you're on is sent to google, as a request for the set of full hashes of malicious pages that begin with that prefix, which allows for the final, very much local, check.
This saves a bunch of time and bandwidth, and lets you get a last minute double check that the page is still bad with no one able to work out what page you're actually on.
Safe browsing does not send the addresses you visit over the wire. The protocol was very carefully designed to be both fast updating and not expose any information about the sites you visit.
https://www.mozilla.org/en-US/firefox/phishing-protection/
https://code.google.com/p/google-safe-browsing/wiki/Protocol...
edit: just to save time for others parsing the protocol page, and it's been a while since I've read it, so someone please correct me if I have this wrong, but Firefox (and Chrome, and maybe others, not sure) stores a local set of the first 32 bits of the 256-bit hashes of all the sites currently marked as hosting malware or whatever. Your browser pings fairly often to get an updated version of this set of sites.
When you visit a page, the canonicalized name of the page you're on is hashed and the first 32 bits are compared against the database of prefixes. If there is a collision (I believe there are usually a few hundred thousand entries of the 2^32 available hash prefixes), only the first 32 bits of the hash of the page you're on is sent to google, as a request for the set of full hashes of malicious pages that begin with that prefix, which allows for the final, very much local, check.
This saves a bunch of time and bandwidth, and lets you get a last minute double check that the page is still bad with no one able to work out what page you're actually on.