Linux distros we can confirm ship @Brave as the default browser: Zorin OS, Nobara Linux, and RefreshOS. That list should be longer. For most desktop users, it is the main security boundary for the modern web. Untrusted JavaScript, media parsing, GPU and WebGL paths, WebRTC, extensions, login sessions, fingerprinting, phishing, and cross-site tracking all converge there. So the default browser matters. A serious browser has to assume hostile web content will eventually hit a renderer bug. The real question is what the attacker can still reach after that. This is where Chromium’s architecture earns its keep: - Site isolation puts different sites into separate sandboxed renderer processes. - The sandbox limits what a compromised renderer can touch locally. - Linux seccomp-bpf reduces exposed kernel syscall surface. - Privilege-separated browser, GPU, network, and utility processes reduce blast radius compared with a monolithic browser. - Chromium’s broader hardening around allocation, control-flow integrity, and use-after-free mitigation makes exploitation harder. There is a second axis a lot of architectural debates skip. A default browser also has to land Chromium security fixes fast. Time-to-patch is part of the threat model. A distro that picks an architecturally strong browser but ships updates slowly has not actually given users a safer default. At Brave, we inherit that Chromium foundation and remove the parts that make no sense as a privacy default: no Google account dependency, no Chrome Sync dependency, no Google-style cross-site surveillance ad model, and no need to install an ad blocker just to get baseline tracker protection. On top of that, we ship real protection on day one: - Shields on by default - third-party ad and tracker blocking - cross-site cookie protections - CNAME uncloaking (canonical-domain resolution) - fingerprinting protections - ephemeral third-party storage - bounce-tracking protections - URL tracking-parameter filtering - De-AMP - a native Rust adblock engine One note for maintainers: packaging is part of the browser security model. Linux distributions should stop treating the browser as a legacy preference.

Over the next two days, we plan to migrate the repository, so please accept our apologies if you experience any issues with its operation. Kind regards, the #PrismLinux Team

Artix Linux joins the ranks of Linux distributions refusing to comply with Age Verification laws. A developer for the systemd-free distro, based on Arch, stated simply: “We'll NEVER require any verification or identification from the user.” forum.artixlinux.org/index.p…