Beware of unofficial downloads!
Apparently like "any good piece of software", Pale Moon has, by now,
seen its fair share of unofficial, altered and sometimes even virus/malware-infected
downloads. Be very conscious about where you get the browser from, and
if you are not 100% sure that the download you got was clean, make sure
to check the SHA1 checksums of the file you downloaded
against the ones posted on the download pages on this site.
If you have the right software, like GnuPG with Cryptophane, PGP
Desktop Security, or similar, you can also check the files against the
PGP signatures (digital
signatures) posted on this site to make sure that the files have not
with. The public key to check against is the one with ID 0xAB6DDDBA and
can either be
fetched from the public key servers or be downloaded from this web site
Officially endorsed third party contributed builds are listed [Here] - please check this list!
How to quickly know if your source can be trusted:
A few indicators to know if a location is untrusted:
1. Unofficial logo used
Pale Moon unofficial downloads often have "home made" logos on the page
where you download from. The only proper logo is the Pale Moon image as
found on the home page, without overlaid text, altered shading or
colouring, and certainly not
using a fox anywhere in the image. If you see an unofficial logo you can therefore be sure it's not an official source. Of course having the official logo doesn't guarantee it is a good source, but you can at least rule out the ones with a "shopped" logo.
Some examples of unofficial logos:
A far cry from a moon, and more importantly: Pale Moon doesn't have a fox for a logo.
Text overlay, "button edge", no shadow under the moon
Change of shading and text overlay
Firefox logo pasted on top
Different color, stylized image
Altered contrast, text overlay, and no shadow under the moon again
Grey, "3D glass" effect
Photo of a planet, overlayed other unofficial logo.
2. Download locations
These unofficial versions are pretty much always downloaded from
hosting on third-party ad-supported or paid-for file hosting services. Any free/ad-supported hosting service therefore should not be trusted.
Some Examples of unofficial download hosting services:
Megaupload, Rapidshare, DepositFiles, Hotfile,
Filekeen, LetItBit, ShareFlare, VIP-File, Mediafire, FileSonic,
FileServe, FileDropper, FileFactory, FreeFileHosting,
MyFreeFileHosting, FileDen, FastFreeFilehosting, Easy-Share, YouSendIt,
etc., etc., etc.
3. Publisher-signed executables
Starting with Pale Moon 24.3.0, all installer .exes and the main
palemoon.exe file will be cryptographically signed (Publisher = Markus
Straver). If you see this signature you know it's an official and