There Are No "Good" Web Browsers Left (And It is a BIG Problem)
Whelp…. there goes the last solid browser out there…..
I have, for years now, bounced between different browsers and they have been especially top of mind for me ever since Mozilla CEO Anthony Enzor-DeMeo announced that Firefox would become a “Modern AI Browser” in December of 2025.
I’ve had this brewing gut feeling over the last year or two when it comes to web browsers, and the direction of AI agents when paired with services that house the sensitive data of individuals. In fact, I (borderline) ranted about this issue in the last 2025 podcast episode of SysAdmin Weekly and you can watch that below if you prefer the video format. If not, then read on!
What are My Core Issues with Today’s Major Browsers
I’ll state it plainly:
In my opinion, there are no ‘good’ browsers left as of January 2026.
Is that a generalization? Sure. But, my definition of ‘good’ is important for this discussion. Web browsers, you could argue, are perhaps the most important application that runs on our systems. They are essentially mini-operating systems in their own right and some of our most sensitive data, like bank records, health information, and private conversations, for example, flow through them on a regular basis. At a MINIMUM, in order for me to consider a browser as ‘good’, the following MUST be true:
A Web Browser must have / is:
- Highly secure with verifiable regular third-party audits
- A focus on user security and privacy over new features
- A well understood security attack surface
- A predictable and consistent update schedule
- Standards and features that benefit the wider community as a whole, and not just one company / organization
- Wide supportability and compatibility
I will make the argument and die on the hill of the statement: “There isn’t a single web browser that exists today that checks all these boxes”.
That doesn’t mean that all browsers are equally bad…. It just means that every option now involves tradeoffs. Let’s take a look at the big players in the web browser space and define WHY that is the case.
Chromium
If a monoculture exists in today’s web browsers, this is it. Chromium (Google Chrome) has an astonishing amount of market share in the browser space (more on that shortly). This gives Google MASSIVE power over how the internet is shaped and consumed and they use this power to forward their own interests for profit. Many will come at me for saying that, but at the end of the day Google has a mandate to make money. They’ll use their market position to facilitate that. Some other notes:
- Highly secure with regular audits? - Chromium is open source and is continuously audited. Downstream Chrome, less so, but is audited internally.
- Focus on user security and privacy? - Security, yes. Privacy? Absolutely NOT. With google services users ARE the product.
- A well understood attack surface - Yes… due to it’s high adoption, you could argue the attack surface for Chrome is well understood
- Predictable and consistent update schedule - Yes
- Wide supportability and compatibility? - Yes
What about standards and features that benefit the wider community as a whole? Let’s discuss further
This is where the narrative is highly controlled, but it’s clear that Google only has THEIR best interests in mind. Let’s look at the long discussed “Privacy Sandbox”
Why Google’s Privacy Sandbox Is Widely Criticized
What is Google’s Privacy Sandbox?
Privacy Sandbox is Google’s effort to keep behavioral advertising viable without third-party cookies in Chrome by moving ad targeting, measurement, and attribution into a set of Chrome-controlled APIs that live at the browser level rather than via cross-site tracking cookies.
This sounds great on paper, but there has been some drama and clear indicators that this effort is not about privacy, but control. Some key sources here:
- Google undermined its own premise by reversing plans to fully deprecate third-party cookies after years of positioning Privacy Sandbox as their replacement, as reported by The Verge.
- The Electronic Frontier Foundation (EFF) argues that Privacy Sandbox does not eliminate tracking, but instead centralizes it inside Chrome, shifting power rather than meaningfully improving user privacy (EFF analysis).
- The UK Competition and Markets Authority (CMA) has repeatedly raised antitrust concerns, warning that Privacy Sandbox risks reinforcing Google’s dominance by forcing competitors to rely on Google-controlled browser APIs (CMA case overview via Prebid).
- Publishers and independent ad-tech groups reported reduced transparency, weaker attribution, and potential revenue harm during testing, especially for smaller players, as summarized by Econsultancy.
- Key components like FLoC were abandoned after widespread backlash from privacy researchers and browser vendors, signaling foundational design issues rather than simple iteration problems (Privacy Sandbox history on Wikipedia).
- Major browser vendors such as Mozilla (Firefox) and Apple (Safari) have explicitly rejected Privacy Sandbox-style approaches, favoring stronger tracking prevention instead of Google-defined alternatives (Mozilla position).
The Privacy Sandbox saga explains perfectly why I don’t consider Chrome to be a “Good” web browser. My privacy is not the priority. In fact Google will take every effort to profit from my lack of privacy, and that is why I have a fundamental issue with Chromium, and to a lesser extent it’s downstream browsers (Edge, Brave…etc).
Chromium isn’t uniquely flawed, but it is uniquely powerful.
Microsoft Edge
When the first Microsoft Edge hit the market, I was happy for another viable alternative to Chrome. Microsoft shipped their own rendering engine (EdgeHTML), at the time, and provided the Microsoft hooks that we’ve come to expect in the Microsoft Ecosystem. Then they deprecated that early version of Edge and then shipped a new version that was based on Chromium and its Blink rendering engine. I have to say, i was a bit worried at first, but Microsoft showed that they had heavily slimmed down many of the Google-ified aspects of Chromium with much of the telemetry and Google tracking bloat stripped out. What we had was a lean and well supported Chromium based browser that was manageable at enterprise scale, which was a win….. Then things changed.
I don’t recall exactly when it happened, but at a certain point Microsoft started building, in my opinion, very questionable things into the Microsoft Edge. This included native shopping features (assistants, coupon injection…etc), obtrusive Microsoft News integrations, forced service advertising, and now Copilot sidebar integration and AI assistant creep. No longer do we have a lean enterprise-first browser. Instead, Edge now carries a bloated footprint that has increased risk of unintended data exposure or inference, privacy issues, and ever increasing telemetry collection when paired with the larger Microsoft Ecosystem.
Outside of the brief history lesson, how does it stack up?
- Highly secure with regular audits? - Chromium-based, so the core open-source benefits still apply. Downstream Edge benefits from Microsoft’s security practices.
- Focus on user security and privacy? - Security, yes. Privacy is not as blatantly egregious as Google, but Edge still collects a good deal of telemetry. Yes, you can select “Required Diagnostics Only” but that still captures feature usage and interaction patterns, and when paired with integrations in other Microsoft products a great deal of information can be inferred about the user.
- A well understood attack surface - Yes… due to it’s Chromium base and high enterprise adoption rate.
- Predictable and consistent update schedule - Yes
- Standards and features that benefit the larger IT Community - I begrudgingly say yes here due to the enterprise integrations such as settings control via Group policy.
- Wide supportability and compatibility? - Yes
So what is the bottom line on my thoughts about Edge? Microsoft Edge prioritizes Microsoft’s ecosystem goals (unsurprisingly) over privacy minimalism, and while manageable at enterprise scale it must be secured and tamed. It does not arrive this way and it’s privacy settings for your average user suffer from the tyranny of the default setting, which unsurprisingly shares quite a bit of data with Microsoft. It’s also worth mentioning that being based on Chromium, Edge remains at risk of larger upstream privacy concerns.
Firefox
Firefox…. the browser that started this whole rabbit hole of an article for me. Firefox was my bread-and-butter web browser for MANY years. It was always a privacy-centric browser and while Mozilla had lost their way from time to time, the browser was consistent, secure, and privacy-friendly. With the announcement that Firefox will become an “AI Browser” from the new-ish CEO of Mozilla, I don’t share that sentiment any longer.
For a long time, Firefox held a rather important place in the browser ecosystem. It wasn’t Chromium. It wasn’t tied directly to Google’s advertising incentives. And it wasn’t trying to be a shopping assistant, a news portal, a loyalty rewards engine, a kitchen sink…etc. Firefox felt like a browser that still wanted to be a browser. Firefox also was the last real alternative at the rendering-engine level as well.
That independence mattered….. Like…. A LOT. The web is increasingly shaped by Chromium defaults (that whole tyranny of the default thing again, right?). Firefox acted as a counterweight to the Chromium / Google monoculture. It helped keep standards honest, somewhat prevented Google from unilaterally steering the web, and gave privacy-conscious users a viable option that didn’t require using fringe web browsers to maintain privacy. Historically, Firefox struck a rather nice balance with solid security engineering, transparent development, and fewer reasons to try and monetize user behavior.
All this is why Mozilla’s announcement that Firefox would “evolve into a modern AI browser” landed so poorly with me.
Mozilla insists these AI features will be optional, transparent, and user-controlled. Yeah….. on paper, that sounds fine, great in fact. In reality however, we’ve all seen how this story goes. Optional features have a habit of becoming default features once adoption, relevance, or revenue pressure enters the picture. Firefox’s move toward deeper AI integration risks turning it from a neutral tool into yet another platform and that platform lives inside the most trusted and security-sensitive application most users run every day, a web browser.
I want to be REALLY clear here: this is not an anti-AI argument. AI can be genuinely useful in a number of situations. The issue I have is agentic AI inside the browser, where trust boundaries are already thin and sometimes poorly understood. Browsers handle authentication flows, email, financial activity, internal admin portals, SaaS consoles, and privileged work sessions constantly. Introducing AI agents into that environment before we fully understand the threat model expands the attack surface in ways that the industry just doesn’t understand yet. We already know some of the risks here aren’t theoretical. Prompt injection, content-driven manipulation, blurred trust boundaries, and AI-assisted data exfiltration are active areas of research and exploitation. Baking AI deeper into the browser now feels like a familiar industry pattern: ship first, harden later.
“Innovation” and the rush to be first above all other considerations, even security and privacy.
Now before you get your torches and pitchforks out…..yes, there are popular forks of Firefox like LibreWolf and Waterfox that attempt to preserve Firefox’s original values by stripping telemetry and disabling features. Those projects are valuable. I’m not disputing that AT ALL, but those actions are ultimately defensive moves. Forks still depend on upstream architectural decisions, and as AI becomes more deeply embedded, maintaining clean separation becomes harder. Larger patch deltas, higher maintenance burden, and slower security response are the tradeoffs. None of which are good in the long run.
That all said, how does Firefox stack up against the same criteria as the other major browsers I’ve discussed thus far?
- Highly secure with regular audits? — Yes.
- Focus on user security and privacy? — Historically yes, but increasingly in tension with relevance and product direction.
- A well understood attack surface? — Mostly yes today, but AI integration complicates this quickly.
- Predictable and consistent update schedule? — Yes.
- Standards and features that benefit the wider community? — Yes, though that advantage erodes as Firefox converges toward platform behavior.
- Wide supportability and compatibility? — Generally yes, though it still trails Chromium in some enterprise SaaS environments.
In short, Firefox used to feel like it existed primarily to serve users and the health of the web. Its push toward becoming an “AI browser” puts that identity at risk. Not because Mozilla has bad intentions but because browsers are too sensitive, too trusted, and too critical to absorb poorly understood agentic behavior safely, at least for the immediate future.
Firefox may still be a reasonable choice today. For the first time in a long time, though, it no longer feels like an obvious long-term bet.
Safari
Safari is the browser I ultimately landed on, and not because I think it’s good, but because its failures feel…… less adversarial than the alternatives.
Unlike Chrome or Edge, Safari is not trying to be a platform, a shopping assistant, or an engagement engine. It doesn’t inject coupons, it doesn’t surface rewards programs, and it doesn’t exist primarily to feed an advertising ecosystem. From a privacy standpoint, Apple has been fairly consistent over the last several years: reduce cross-site tracking, limit fingerprinting, and aggressively sandbox web content.
Apple’s Intelligent Tracking Prevention (ITP) is a good example of this philosophy. It’s opinionated, sometimes breaks things, and has made advertisers have a bad day. But….yeah, that’s kind of the point. ITP is clearly designed to reduce tracking, not repackage it under a different API or business model. That alone puts Safari in a very different category than Chromium-based browsers.
That said, Safari is far from perfect and it has its own set of problems that one can easily overlook if you’re not careful.
Safari’s biggest weakness is opacity. While WebKit is open source, Safari as a product is tightly controlled by Apple. There are no public, recurring third-party audit reports for Safari as a whole, and users are largely expected to trust Apple’s internal security processes and platform protections. Apple talks a good privacy game, and I’ll concede that they USUALLY back that statement up, but the truth is that verification is limited and centralized. So, take it for what you will.
Safari also leans heavily on platform-level security rather than browser-level transparency. Sandboxing, hardened runtime, system entitlements, and OS-level isolation do a lot of the heavy lifting. That’s not a bad thing IMO. Really, it’s one of Safari’s strengths but it also means that Safari’s security posture is inseparable from macOS and iOS themselves. If you trust Apple’s platforms, Safari inherits that trust. If you don’t, well…. there’s very little you can independently validate.
Compatibility is the other major tradeoff. While Safari’s standards support has improved significantly, it still lags Chromium in some areas that matter to enterprise SaaS users. This is why I keep a secondary browser around. Safari works great, until it doesn’t. And when it breaks, it tends to break quietly and without good diagnostics. That’s not ideal when you’re dealing with modern web apps that assume Chromium behavior by default.
Running Safari through the same criteria as the other browsers:
- Highly secure with verifiable regular audits? — Secure by architecture and platform protections, but lacks transparent third-party audits.
- Focus on user security and privacy? — Yes. Privacy is clearly a first-order concern, even when inconvenient.
- A well understood attack surface? — Reasonably well understood, though obscured by closed components.
- Predictable and consistent update schedule? — Yes, tightly coupled to OS updates.
- Standards and features that benefit the wider community? — Mixed. WebKit matters, but Apple’s priorities dominate.
- Wide supportability and compatibility? — Good for most use cases, but still inconsistent with some enterprise and niche SaaS applications.
So what’s the bottom line on Safari?
Safari isn’t open in the way Firefox historically was, and it isn’t as compatible as Chromium. But it’s also one of the few remaining browsers that does not appear to be actively hostile to user privacy. Apple’s incentives are different: selling hardware and platforms, not ads or engagement metrics. That doesn’t make Safari good. I’ll begrudgingly say, it makes it…… tolerable.
Safari isn’t the browser I’m excited about. It’s the browser I’m least uncomfortable trusting.
Do We Have Competition in the Web Browser Market?
With everything I’ve discussed thus far in mind, do I believe we have genuine “competition” in the browser market any more? No. Absolutely not. Chrome wins on marketshare, by a mile.
Global Browser Market Share (Late 2025)
| Browser | Estimated Global Share |
|---|---|
| Google Chrome | ~65–70% |
| Safari | ~10–17% |
| Microsoft Edge | ~5–6% |
| Mozilla Firefox | ~2–3% |
| Other Browsers | ~5–10% |
Source: Wikipedia – “Usage share of web browsers”, which aggregates data from multiple analytics providers and public datasets (including W3Counter, NetMarketShare, and others).
As you can see, Google outpaces every other option, and that’s not counting the fact that Edge is Chromium under the hood. When looking at just marketshare alone, Google’s power over the web becomes clear and while we (seemingly) have an increase in standards, according to browser news over the past year, we have increasingly little competition. Further consolidation in the browser market will only hurt the web.
Are Monocultures REALLY a Bad Thing?
This all brings me to the talk of monocultures. If Chrome is highly effective and enjoys it’s large marketshare because it’s deemed to be “good”, how can that be bad for the market? There are a few clear reasons why:
- This will eventually lead to a lack of innovation as Google settles into the driver’s seat of very empty car.
- New “features” will serve to improve the footing of the incumbent (Google) to the detriment of all else.
- Attackers need only target one platform to have a high degree of success
- Users are at the mercy of the monoculture, despite being at odds with it’s bad practices, such as bad privacy practices.
A monoculture will make the web worse for ALL of us in the long run. The less appealing the alternatives become, the more powerful the monoculture becomes.
AI Isn’t All Bad… Right?
Before I wrap up this up, I also feel compelled to point out the fact that I’m NOT against AI. Consumed in a vacuum, my above stance could be misconstrued as being “anti-AI” and that’s not the case at all. AI is an amazing tool that can do some really powerful things, but as uncle Ben once said:
“With great power, comes great responsibility”
We’ve been waving the red flag in the Cybersecurity community for some time now on the new threat-models that AI introduces, and it’s clear that the major industry players have determined that they have to be the first across the finish line to the detriment of all else, including security. I cannot overstate the danger of introducing AI and it’s (currently unknown) threat model into our modern day browsers. Sadly I suspect that it will take a major security breach of a mainstream browser before the industry snaps to it’s senses.
Where Do We Go From Here?
That brings us to the ultimate question. Where do we go from here?
I wish I had the answer for you. I really do. I’ve thought long and hard about this over the last several weeks, and I’ve ultimately decided on a strategy that I can say i’m not fully comfortable with, but it’s…. tolerable.
As I live in Apple’s ecosystem for most of my daily-driver devices I’ll be switching to Safari as my primary browser for the immediate future. Yes, that will introduce some SaaS compatibility issues and as a result, I’ll be loading Brave onto my system as a backup to ONLY be used in those situations where compatibility demands it. As a mitigative measure, I’ll not be logging into any unnecessary services while using Brave either.
Again, not a solution I’m happy with, but one that was the least uncomfortable compromise I could make in a browser ecosystem that’s increasingly hostile to user agency.
I’ll be sure to update this article sometime in the future if I come across a better solution. In the meantime, I’d love to hear your thoughts. Come say hey in the SysAdmin Weekly GitHub Discussions board and let me know what you think!
Thanks for reading!