Like every large software project, browsers are accidentally broken. Put these bugs aside for the moment, and imagine an alternate universe in which the browser implements every relevant standard perfectly. Even in this sincerely mythical world, users aren't safe, because from a security perspective the internet's design is in many ways broken.
I'd like to talk about how we're beginning to mitigate some of these platform-level risks by hardening the defaults, removing barriers to TLS deployment, and giving developers access to new APIs that can be used to lock themselves down by reducing the privilege of their applications to the lowest level necessary.