There's an article about insecurities in Firefox (<https://madaidans-insecurities.github.io/firefox-chromium.ht...>), which is a few years old now, but it made me curious as to whether it actually is better to run a Firefox fork, like Librewolf; Firefox itself; or a Chromium fork like Ungoogled Chromium.
Unfortunately I don't really understand the implications about the security issues and I don't know whether any of the issues have been solved, so I don't know how to evaluate the security risks versus the privacy risks.
Browser engines have become so complex that each ultimately represents a massive attack surface. I think, rather than trying to pick the most secure browser (which may change over time) instead:
* Stick to one browser engine per device as much as possible. Two at the most.
* Isolate installed browser engines as much as possible (i.e. Qubes or mobile operating system levels of sandboxed or virtualized isolation, not just containers or flatpaks for dev-environment tidiness and separation).
* Connect end-user devices with browser engines installed to the Internet only while actively using the Internet.
Unfortunately I don't really understand the implications about the security issues and I don't know whether any of the issues have been solved, so I don't know how to evaluate the security risks versus the privacy risks.