[II2II]

> Part of the uphill struggle for these forks is convincing people their brand is trustworthy.

Agreed. I recently installed one of the forks, appreciate how it defaults to the privacy related features that need to be manually enabled in Firefox, but won't use it for anything where privacy and security is important. Which kind of defeats the point.

As for how to build trust: I don't have a clue. Things like real names, day jobs, and backgrounds don't really mean much to me. First of all, verification would be an issue. Second, it isn't really an expectation that I hold any other project or organization to. I suppose being in the main repository of a distribution that I trust would help.

(It's also worth noting that trust is more than trust in motivation. There is also trust in the competence of the individuals involved and in the project's decision making process. One can build trust under a handle. True names are not required.)

[gorgoiler]

This is a helpful contribution. Thank you. My counterpoint is only on real names: LKML and Debian Developers are two examples of projects I trust and I think part of that is real names. Another part is the publicly known application process: namely that you can’t join unless vouched for by other members, and a degree of vetting is in place.

Elevating a browser to the same standard as (or even higher than!) an OS is completely reasonable.

[II2II]

I can definitely understand the need for real names from the perspective of people managing a project, along with someone vouching for those people. But managing a project is different from using the product of that projects. I very much doubt that many users have the ability or desire to do the vetting themselves so I am perfectly fine with maintaining the privacy of developers.

Also agreed that browsers should be held to the same high standard as operating systems. Many people access confidential data with their browsers, may it be their own data or data about other people. (Going back to the notion of trust, I worked for a bank in the early days of the public Internet. The bank I worked for only allowed clients to use the bank's own software. In retrospect, a big part of the reason was the human angle rather than the technical angle. Sure, web browsers may have used the same level of encryption. Yet that is meaningless when the browser itself may serve as a man-in-the-middle.)