Yeah. Take Firefox choosing to create PDF.js to have a clean minimalist sandboxed PDF parser.
Chrome instead used an existing one that has been the source of dozens of vulnerabilities.
Or Firefox pulling in a ton of anti-fingerprinting measures from the Tor team. Not even worth talking about anti-fingerprinting as a serious consideration in Chrome.
Rust - a mozilla effort that resulted in code from servo being pulled into Firefox - chrome is headed that way too.
Even WASM was definitely a security improvement over NaCL, and Mozilla also led the way on Flash replacements in the day, making one of the first JS flash players (in the end, the solution was no more flash, but hey, at least they tried).
Font sanitisation - originally a mozilla security effort...
alt Hacker News
Yeah. Take Firefox choosing to create PDF.js to have a clean minimalist sandboxed PDF parser. Chrome instead used an existing one that has been the source of dozens of vulnerabilities.
Or Firefox pulling in a ton of anti-fingerprinting measures from the Tor team. Not even worth talking about anti-fingerprinting as a serious consideration in Chrome.
Rust - a mozilla effort that resulted in code from servo being pulled into Firefox - chrome is headed that way too.
Even WASM was definitely a security improvement over NaCL, and Mozilla also led the way on Flash replacements in the day, making one of the first JS flash players (in the end, the solution was no more flash, but hey, at least they tried).
Font sanitisation - originally a mozilla security effort...
I feel I could go on and on.