How current is this still? Asking as a complete noob. I don't expect Firefox's architecture to have changed much, but it's been 3 years, so it could have improved a lot since this was written, and there are things I know about that are outdated in this document.

For instance, the two mentioned Linux sandbox escapes [1] involve two things that have disappeared in many setups: X11 and pulseaudio. We now have Wayland and pipewire, which should both be better in this aspect IIUC. The mentioned bug related to X11 was also closed 3 years ago.

[1] https://madaidans-insecurities.github.io/firefox-chromium.ht...

[2] https://bugzilla.mozilla.org/show_bug.cgi?id=1129492

Firefox Development is essentially dead. Mozilla fucked us over collectively.

Sure this particular bug has been fixed but Firefox Security is nothing compared to the Millions Google is paying to ensure security. Just the amount of paid, full time eyeballs on chromium security alone makes a huge difference.

Maybe all of this is true, but it's a different threat model than I'm concerned with. I'm not that worried about malware exploits, I'm far more worried about software behaving "correctly" in a user-hostile manner.

Also: https://grapheneos.org/usage#web-browsing

Exactly what I was thinking: a modern privacy first proposal may be better suited with starting from chromium, even if it hurts feelings

The Tor Browser still being based on Firefox makes me feel a lot better about it.

Even if it's not on topic, that post is quite interesting.