alt Hacker NewsYeah. Take Firefox choosing to create PDF.js to have a clean minimalist sandboxed PDF parser. Chrome instead used an existing one that has been the source of dozens of vulnerabilities.
Or Firefox pulling in a ton of anti-fingerprinting measures from the Tor team. Not even worth talking about anti-fingerprinting as a serious consideration in Chrome.
Rust - a mozilla effort that resulted in code from servo being pulled into Firefox - chrome is headed that way too.
Even WASM was definitely a security improvement over NaCL, and Mozilla also led the way on Flash replacements in the day, making one of the first JS flash players (in the end, the solution was no more flash, but hey, at least they tried).
Font sanitisation - originally a mozilla security effort...
I feel I could go on and on.
Replies
Did you know that Mozilla spends so much of their budget on their CEO's compensation that they actually had to lay off the entire Servo team?
Everything you said don't really matter when there is basically no site sandboxing on Android and desktop.