src="data:<;base64 images rendered when "Show images"="Blocked"
Any webpages (e.g. ht tp://defensivepatentlicense.org/) that use base64 encoding thwart people's disabling of images. Due to there not being enough software writers to go around, TBB and its derivatives e.f. Orfox(ht tps://dev.guardianproject.info/issues/8039) often leave remote code execution vulnerabilities in the image parser. Disabling images would protect against this vector of infection, but they can't be disabled. Due to the almost identical codebase for everything but the menus and window borders, I think that this is likely a bug in the TBb source code rather than in the tiny delta that is Orfox.