Pale Moon

Pale Moon is a fork of an old Firefox version, before the user interface change that put off many people. Version 28.4 was used to write this article.

Spyware Level: Medium

After following the mitigation guide, this software is Not Spyware.

Connects to analytics services, and these requests can only be avoided on subsequent runs. Has block lists, search suggestions, and auto-updates. Sends SSL certificates from the sites you visit.

Google Analytics on Homepage

By default, Pale Moon's home page is set to https://palemoon.start.me, and it will automatically make a connection to it upon its first run. This page connects to Google Analytics, which can fingerprint and track you across the internet.

Auto-updates

Pale Moon will automatically update itself, addons and search engines, as well as its blocklist.xml file with the addons it considers "malicious". Some of these can be turned off from the GUI, and some only from about:config.

Search Suggestions

The default search engine is the privacy-respecting DuckDuckGo, however search suggestions are enabled by default, which could send a request for every letter you've typed, all while you think it stays in-browser until you press Enter. Can be turned off by right-clicking the search bar.

OCSP querying

Will automatically check every site's SSL certificate to see if it is valid, which necessitates sending it to a third party. Can be turned off from the GUI.

Not spyware related, but worth noting

Blocking privacy-enhancing addons

Pale Moon by default won't allow you to install the privacy-enhancing addon NoScript, citing this rationale for blocking such an important addon: "NoScript is known to cause severe issues with a large (and growing) number of websites. Unless finely tuned for every website visited, NoScript will cause display issues and functional issues."^[1] To disable this blocklist, set extensions.blocklist.enabled to false in about:config.