We're all running some bespoke setup, and probably each planning something more-advanced and more-bespoke, just to overcome bugs in browser implementations. What we all actually need is a browser developed with the goal of being secure by default, rather than shrugging off eg the leaking of network config / window size / rendering engine nondeterminism / etc.