Leaderboard

It looks like we've managed to identify the cause of the virtual memory leak on XP x64. It turns out to be GigaCage, which has been enabled by default since version 92.0.4486.0.

New build of post-deprecated Serpent/moebius for XP! * Notice: This repo will not be built on regular schedule, and changes are experimental as usual. ** Current moebius patch level should be on par with 52.9, but some security patches can not be applied/ported due to source milestone differences between versions. Test binary: Win32 https://o.rthost.win/basilisk/basilisk55-win32-git-20260418-6d817e348-xpmod.7z Win64 https://o.rthost.win/basilisk/basilisk55-win64-git-20260418-6d817e348-xpmod.7z repo: https://github.com/roytam1/basilisk55 Repo changes: - ported from `custom` branch of UXP: [Basilisk] update UAO from Dactyloidae fork (a4db612f) (f2ff3841c) - ported from `custom` branch of UXP: Spoof to Firefox 128 for WebExtensions (ae7c40d4) (0a26c24bb) - ported from UXP: Issue #3003 prerequisite - Split non-sRGB CSS color helpers out of nsCSSParser (c249eee4) (b0180d228) - import from UXP: Issue #3003 - Add CSS lch() color parsing support (57626590) (1633c82b7) - import from UXP: Issue #3043 - Fix stack OOB write in nsLocaleService::GetLocaleFromAcceptLanguage bounds checks (3c7ab8a3) (a54588899) - import from UXP: Issue #3047 - Added a null-argument guard in uriloader/exthandler/nsExternalHelperAppService (3836a57d) (b6e99c67f) - ported from UXP: Issue #3045 - backport of bug 1350760 - atomization fast-path improvements (b44216a8) (6d817e348)

New build of Serpent/UXP for XP! Test binary: Win32 https://o.rthost.win/basilisk/basilisk52-g4.8.win32-git-20260418-3219d2d-uxp-d4c4c1f6ec-xpmod.7z Win64 https://o.rthost.win/basilisk/basilisk52-g4.8.win64-git-20260418-3219d2d-uxp-d4c4c1f6ec-xpmod.7z source code that is comparable to my current working tree is available here: https://github.com/roytam1/UXP/commits/custom IA32 Win32 https://o.rthost.win/basilisk/basilisk52-g4.8.win32-git-20260418-3219d2d-uxp-d4c4c1f6ec-xpmod-ia32.7z source code that is comparable to my current working tree is available here: https://github.com/roytam1/UXP/commits/ia32 NM28XP build: Win32 https://o.rthost.win/palemoon/palemoon-28.10.7a1.win32-git-20260418-d849524bd-uxp-d4c4c1f6ec-xpmod.7z Win32 IA32 https://o.rthost.win/palemoon/palemoon-28.10.7a1.win32-git-20260418-d849524bd-uxp-d4c4c1f6ec-xpmod-ia32.7z Win32 SSE https://o.rthost.win/palemoon/palemoon-28.10.7a1.win32-git-20260418-d849524bd-uxp-d4c4c1f6ec-xpmod-sse.7z Win64 https://o.rthost.win/palemoon/palemoon-28.10.7a1.win64-git-20260418-d849524bd-uxp-d4c4c1f6ec-xpmod.7z Win7+ x64 AVX2 https://o.rthost.win/palemoon/palemoon-28.10.7a1.win64-git-20260418-d849524bd-uxp-d4c4c1f6ec-w7plus-avx2.7z Official UXP changes picked since my last build: - Issue #3003 prerequisite - Split non-sRGB CSS color helpers out of nsCSSParser (c249eee4d1) - Issue #3003 - Add CSS lch() color parsing support (576265905a) - Issue #3043 - Fix stack OOB write in nsLocaleService::GetLocaleFromAcceptLanguage bounds checks (3c7ab8a384) - Issue #3045 - backport of bug 1350760 - atomization fast-path improvements (b44216a883) - Issue #3047 - Added a null-argument guard in uriloader/exthandler/nsExternalHelperAppService (3836a57d47) No official Pale-Moon changes picked since my last build. No official Basilisk changes picked since my last build. My changes since my last build: - [Basilisk] update UAO from Dactyloidae fork (a4db612fb8) - Spoof to Firefox 128 for WebExtensions (ae7c40d461) Update Notice: - You may delete file named icudt*.dat and icu63.dll inside program folder when updating from old releases. * Notice: From now on, UXP rev will point to `custom` branch of my UXP repo instead of MCP UXP repo, while "official UXP changes" shows only `tracking` branch changes.

If you had any experience with enterprise level infosec, my statement would make perfect sense. To note that I (personally) have an understanding of the execution chain in theory but this is not confirmed. It would be foolish for me to provide that information as if it were valid, and an exploit exists, it could allow malign actors to take action against the site. If you had any experience in running a website, you would know that you never make public anything that could potentially allow someone to exploit the site. The site is sometimes redirecting to a new url now, a 98m4. User Agent may play a role, but changing the user agent in Palemoon (where I am typing from) to the one that Iron uses (where the redirect happens) doesn't cause the redirect to occur in Palemoon. I suspect that I know the reason for that, however since that information could be linked to an exploit, that won't be shared.

Mr.Scienceman2000 , I'd suggest the vetted 360EE 13.0.1106.0 and 360SE 13.5.1030 - both stable and fast . Decentraleyes ... hmmm , I suspect something's wrong with it , did you check it's guts yourself ? It shows zero redirects for me. Does the author can be trusted ?

It's just Epic Fail Browser , in fact they all are lately. On the other hand , they actually do what they were designed to do [stealing our data, working against us].

I'm sorry , I shan't comment on this since this topic is about how awful Mozilla/Firefox is.

You mean this fake/scam browser "brave" ? "Despite explicitly opting out of telemetry, every few secs a request to: “variations.brave.com”, “laptop-updates.brave.com” which despite its name isn’t just for updates and fetches affiliates for brave rewards, with pings such as grammarly, softonic, uphold e.g. Despite again explicitly opting out of brave rewards. There’s also “static1.brave.com” https://www.reddit.com/r/CryptoCurrency/comments/nxce6t/brave_browser_scam_a_fake_privacy_browser_sharing/ That's "why".

I wouldn't know.

@Mr.Scienceman2000 , excuse me , but the name is kinda nurdy . Why would you ask me then ? And , most importantly, it doesn't reflect the current (awful) state of things . I think those words " mitigate problems" are giving false hopes to the users . Of course , you may not agree , it's your topic . I see you ignored my discovery with 100% fingerprinting , lemme ask why ? This "problem" cannot be solved , the only solution is to dump this browser. Don't you agree ? But if you know how , do tell.

Someone living in Eastern Europe can only tremble watching phenomenons, known from the times of communist takeover, creep back into mainstream politics. The restriction of open debate , but most importantly the restriction of the right to participate in a debate.

Well , it's gotta be short and sweet , yet right to the point . How about : 1- Firefox is a lying sack of sh** (classics , but won't pass the moderation , I guess) 2- Firefox sold it's soul to the commie devil, get alternatives ASAP ! 3- Firefox hides the nastiest FSB telemetry under the hood, yet pretends to be "privacy oriented". 4- Firefox will fingerprint the hell out of you and send the results to KGB. No. 2 is pretty close to your current name. P.S. Firefox , Palemoon, Mypal, Waterfox and all it's "forks" leak data to MS , Yandex , Amazon , Cloudfare , etc. They will fingerprint the hell outta you , even if you have their "privacy resist fingerprinting" on ! See the attached images.

1 (one) bad sector and the disk flies to the garbage bin, it's like it always was , it's like it always ought to be.