Firefox 85 Is Released With Dismal Out-Of-The-Box Performance

From LinuxReviews
Jump to navigationJump to search
Firefox-tan.png

Firefox 85 partitions network connections and caches in order to further prevent cross-site tracking and "supercookies", it has fixes for 5 "high" and 6 "medium" impact security issues and support for Adobe Flash is dropped. Graphical performance is absolutely horrible out of the box, but it can be tweaked to perform decently using the hidden about:support settings page.

written by 윤채경 (Yoon Chae-kyung). published 2021-01-31last edited 2021-01-31

Firefox-85-naver-tv.jpg
Mozilla Firefox 85 showing a Rockit Girl live performance at Naver TV

Mozilla Firefox version 85 has some big under the hood changes to the network architecture. Network connections and disk cache is now partitioned on a per-site basis in order to prevent "supercookies" and other forms of cross-site tracking. If you visit website A and it uses scripts from content distribution network (CDN) C and you later visit website B and it uses the same CDN then that content is now re-downloaded even if it exists in the web browsers cache. This impacts performance negatively for the sake of some increased tracking-resistance.

Web browser fingerprinting is still possible with the changes to the network architecture in Firefox 85. The changes only make it slightly harder to match someone's fingerprint at site A to someone's fingerprint at site B. Firefox 85 per-site partitions the HTTP cache, image cache, favicon cache, HSTS cache, OCSP cache, style sheet cache, font cache, DNS cache, HTTP Authentication cache, Alt-Svc cache and the TLS certificate cache. That makes it very hard to store web browser fingerprints client-side in Mozilla Firefox 85. It is still very possible to make a browser fingerprint, upload it to a server and match a persons visit to site A to a visit to site B that way. Still, it is a step in the right direction even though there is a real-world performance penalty on sites that load lots of content from commonly used content distribution networks.

Performance

Firefox 85 is still a underdog performance-wise on GNU/Linux. Firefox has always had dismal performance compared to Chromium-based browsers. Graphical performance with default settings took a huge hit when Firefox 83 was released and the default graphical performance is still bad in Firefox 85 when it is compared to Firefox 82.

The following Firefox 85 benchmarks were done using Linux 5.10.11 Yeoreum edition, Mesa 20.3.4 and X.Org 1.20.10 on both machines.

Firefox-85-unity-webgl.jpg

The Unity WebGL 2018 benchmark tells a depressing story when it comes to WebGL performance in Mozilla Firefox. It has always been horrible compared to Chromium-based browsers, that's not new. It got a whole lot worse between Firefox 82 and Firefox 83, and the negative performance-trend continued with Firefox 84. Firefox 85 performs slightly better than Firefox 84 out of the box, but it's still dismal compared to Firefox 82 and it's garbage compared to Chromium-based browsers.

The good news is that it is possible to type about:config into the web address bar and change one of two settings in order to make it slightly better. The setting you likely want to change to true is layers.acceleration.force-enabled. That enabled OpenGL rendering. The special about:support page will say Compositing: OpenGL if OpenGL rendering is force-enabled. Firefox 85 performs better than Firefox 82 does out of the box on our AMD based test-system and performance on our Intel test-machine is also optimal with OpenGL rendering.

It is, alternatively, possible to enable an alternative rendering engine called "WebRender" by changing gfx.webrender.all to true in about:config. This mode performs better than the default but worse than OpenGL (layers.acceleration.force-enabled) on both test-systems.

Firefox-85-basemark.jpg

Firefox 85 is far behind Chromium-based web browsers in the Basemark Web 3 benchmark. This benchmark includes a WebGL component which is why Firefox scores much higher with OpenGL rendering than it does with the default "Basic" rendering. It is noteworthy that Firefox 85 scores higher in Basemark Web 3 on the AMD test-system when WebRender rendering is used but it scores lower on the Intel machine.

Firefox-85-webxprt.jpg

Firefox 85 performs worse than Firefox 82 did out of the box in the WebXprt 3.0 benchmark no matter how you configure it. This particular benchmark does not use any WebGL so rendering settings do not have a huge effect on it. Oddly, Firefox 85 performs better than the previous versions did on the AMD test-machine while it performs worse no matter how you configure it on the Intel test-system.

Security Issues

Firefox 85 has fixes for 5 "high" and 6 "medium" impact security issues. The "high" impact security issues fixed are:

  • CVE-2021-23953: Cross-origin information leakage via redirected PDF requests
  • CVE-2021-23954: Type confusion when using logical assignment operators in JavaScript switch statements
  • CVE-2021-23955: Clickjacking across tabs through misusing requestPointerLock
  • CVE-2021-23964: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
  • CVE-2021-23965: Memory safety bugs fixed in Firefox 85

And the fixed "medium" impact security issues are:

  • CVE-2021-23956: File picker dialog could have been used to disclose a complete directory
  • CVE-2021-23957: Iframe sandbox could have been bypassed on Android via the intent URL scheme
  • CVE-2021-23958: Screen sharing permission leaked across tabs
  • CVE-2021-23959: Cross-Site Scripting in error pages on Firefox for Android
  • CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript variables during GC
  • CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage

Two of these, "Clickjacking across tabs through misusing requestPointerLock" and "Screen sharing permission leaked across tabs", were bugs in the way Firefox isolates content in different tabs. JavaScript running in one tab could generate clicks in other tabs, and JavaScript running in one tab could use screen sharing permissions from another tab. The latter is a serious concern now that so much is done remotely using screen sharing applications. The typical memory safety bugs are, on the other hand, not really something worth worrying about: A malicious website could cause memory leaks using various methods and potentially crash Firefox and that's it.

Major GNU/Linux distributions are staring to roll Mozilla Firefox 85 out in their repositories, you will be able to get it using your distributions regular update method now or in a few days. It is also possible to acquire it using Mozilla's website or as a Flatpak from Flathub (org.mozilla.firefox).

5.00
(2 votes)

avatar

Anonymous user #1

21 days ago
Score 0++
Thanks for that performance tip. Will make some tests on my Linux 5.4.94 Yonhi edition.
avatar

Anonymous user #2

20 days ago
Score 0++

I still use Firefox just because I can completely disable NVME writes (caches). A such important feature for a guy that uses 1Gb/s bandwidth * Toshiba chipset PCIE NVME... I even don't allow cookies at all. The bad thing is that they got out a good feature to make exceptions directly from the search bar + they got out the in-browser feedback function ... Maybe some things they simply can't accept. Anyway, the internet is ruled by oligopolies. You can use DNSSEC+TLS+ESNI, it still doesn't matter, there's always an IP from A to B. People can't understand the basics ... Even with Tor ... Just using Tor makes yourself interesting for your State ...

"What do you have to hide, Mr. ? " Obviously, the greatest feature for Firefox would be to simply implement ublock Origin(Advanced by default) as their default way to block shit.

P.S. : I use xanmod-cacule on devuan, no sudo, no bullshit; Hail apt purge * . In case you're wondering ...
avatar

Anonymous user #3

15 days ago
Score 0++

=you don't have to disable cache to save ssd writes. you can move it to ram instead:

browser.cache.disk.parent_directory = /tmp/firefox-cache


browser.cache.disk.parent_directory is a now hidden about:config option. you have to add it yourself but it works. you can check about:support and it will show the new cache directory to where you put. i did this myself and its saved me gigabytes worth of writes. a day. and all cache is lost for good when you delete the cache folder.
avatar

Anonymous user #4

4 days ago
Score 0++
That's quite interesting I didn't know about this. I will try to switch caching over to ram.
avatar

Anonymous user #5

4 days ago
Score 0++
Except that having the cache in /tmp will clear it every reboot
avatar

Anonymous user #6

one day 4 hours 3 minutes ago
Score 0++
Good post bro. I'm glad you are finally back, I was worried something had happened to you or something.
avatar

Anonymous user #6

15 hours 46 minutes ago
Score 0++

I haven't really noticed any speed change in my box, I think you shouldn't publish one machine benchmarks as facts to the internet.

However I had to disable the WebRender engine because it was freezing my computer swapping memory like crazy.
Add your comment
LinuxReviews welcomes all comments. If you do not want to be anonymous, register or log in. It is free.