Long story short, the facebook login icon currently used is http://static.ak.fbcdn.net/images/connect_sprite.png
It should be //www.facebook.com/images/connect_sprite.png
When running your site over HTTPS, even if you override this in EXTRA.css, some browsers will still throw a mixed content warning because they try to load the http image prior to the one overriding it. This is the only remaining mixed-content issue with XenForo, aside from [img] tags (which are a huge unrelated problem on their own, and should not IMO be handled in the XenForo core).
Long live https