In addition, hardware developers reinvent old ways of doing things and only learn by making all the same mistakes that have been made before. It's sad, but true.
This same criticism is validly launched at software devs all the time lol.
One thing I've anecdotalally seen and heard is hardware guys indicating that something is rock solid and solved because it's old, so building on top of it isn't a problem. Obviously we have to build on the old to get to the new, but if we just skip auditing hardware due to age we end up deploying vulnerable hardware globally. Spectre and Meltdown are an interesting example where I've heard from at least one distinguished professor that "everyone" believed branch prediction design/algorithms were essentially done. Was it adequately assessed from a security POV? Clearly not, but was it assessed from a security POV in general? I have no idea, but it would be nice as a tech enthusiast and software guy to see the other side of the fence take these things seriously in a more public way, in particular when it comes to assessing old hardware for new attack vectors.
Are they? I watch YouTube on Firefox all the time, seems fine on my machine.
I think maybe 5+ years ago there were some performance issues caused by YT relying on features that were only implemented in Chrome, but I don't recall having any issues wrt that for years.