I think the article is right on the marker.
Did you know, one can copy the entire Firefox profile from one PC to another and from the new PC point the profile to this copied one and you have all the shortcuts, history, everything copied.
As an domain admin I can know a lot about my users by doing this, if I wanted to. I can log into any sites they have passwords save as for those are in my Firefox now too. (I should state now that I don't actually do this, other than with my own test profiles on multiple PCs to make a point.)
firefox.exe -profilemanager
So the solution? Be friends with TrueCrypt and integrate this into Firefox. If a user wants to, they can optionally convert their profile into a secure one. Then when they launch Firefox, they either can open the secure profile (valid truecrypt pwd) or the default profile (anything but the valid pwd.) The profile directory becomes a truecrypt volume mounted by firefox, but ideally without mapping a drive letter. Perhaps a junction point?