HeliBoard is currently asking people to volunteer swipe data so they can further improve on free and open alternative for swipe keyboard. Please consider helping out!
I had similar frustrations and been maintaining a Firefox fork trying to fill a gap there. The result is Konform Browser and I think it might be relevant to you; please check it out!
> every single extension provides 100% access to my websites to whoever controls the extension
That feels a like a bit of overstatement and depends on what addons you use and how you install them... CSPs at least make it possible to restrict such things by policy (assuming user has been exposed to it and parsed it...). https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/Web... MV3 introduced further restrictions and controls regarding addon capabilities. While I agree the UI and UX around this could be much better, it's not all hopeless. The underlying pieces are mostly there.
While the fundamental addon execution security model in Konform Browser is inherited from upstream, for core addons like uBO you can improve the supply-chain security situation by loading it under "system scope" and disable addon updates in the browser itself. So while we don't (yet) improve on the runtime aspects you speak of, at least for now we can tighten up the supply-chain side to minimize risk of bad code running in the first place.
"Enterprise policy files" can be used to change Firefox behavior and tweak security model around addon loading. A little explanation and reference of how it works if you want to do the same in other FF build or for other addons: https://codeberg.org/konform-browser/source#bundled-extensio...
Any particular addon you think is missing from the list there and should also be packaged and easily available? Maybe will be able to improve some of the security-UI/UX here too down the line. I'd be keen to hear your take on how this should be done better!
Regarding what addons can and do leak about you to the outside... I think you may also take interest in FF Bug 1405971. We ship a patch for that which can hopefully be upstreamed Soon (tm).
This week added a simple onboarding screen - I don't think a single default config can ever be ideal for even most situations. Intranet admin web UIs and browsing the tubes call for very different default configuration so it makes sense to have more than one and making switching easy.
Konform Browser is free software developed and maintained by 100% organic free-range humans and does not seek revenue. There's no business model beyond this hopefully turning into a neat line on the resume or a lead for gigs down the line. Considering the project "GA" and actively supporting public users as of last month. Contributions are most welcome.
Currently only shipping for Linux and hoping to do Android one day. We do package binaries (transparently in codeberg ci) and provide repos but for those who prefer, building from source is supported and something I hope to make more accessible for those who want to bring their own patches.
Actually intercepting the cleartext data is less trivial (not inherently - the browsers just make it more obscure than it could be) but it can be done.
https://f-droid.org/packages/helium314.keyboard/
HeliBoard is currently asking people to volunteer swipe data so they can further improve on free and open alternative for swipe keyboard. Please consider helping out!
https://github.com/Helium314/HeliBoard/wiki/Tutorial:-How-to...
https://makertube.net/w/cQECfDkuLGR9eUQquUEo4K