Programming and reading.
The main reason for Ubuntu against Debian is the packages. For Ubuntu, they’re much newer, and with PPAs (launchpad.net), you can often get more and/or newer packages built by other users. For debian, good luck, you’re stuck with old packages (which is the intent of Debian stable, but not nice as a user, that’s for server)
This would likely only hurt the end user. Many use chromium-based browsers, so you’re just driving those away.
You can detect Firefox, so you can do a superficial block in JS, but lemmy is such a simple site that you’d find it hard to find areas where there’s actual differences between the browsers, those usually only come from complex pages like video calling
The safety number is not part of the encryption. It just says: this person is who they say they are. So as long as you can trust that the number actually came from that person, it’s fine. Afaik, the number is derived from the encryption keys, so it can’t be faked, but I would verify that if you’re unsure.
Edit: was curious, here’s the blog post that introduced them: https://signal.org/blog/safety-number-updates/ Essentially, it’s a hash of the public key, so safe to broadcast, similar the HTTPS certificates employed on the web. They even say so: “the share button on the safety number screen and selecting FB, Twitter, email, etc to send the safety number to your contact.”