There’s all kinds of digital fringerprinting techiniques, its for identifying your device not your body lol

Things like screen size, settings that can be read by the app, even gyroscopic data can be used to uniquely identify your device

What do you mean by sandbox here? Fedora has selinux by default which adds an extra layer of security. If you really want a “sandbox” qubes is probably the way to go. It runs everything in virtual machines, so if there was a browser escape they would still have to eacape the vm. It would be an very sophisticated attack and nothing you have to worry about.

And pulseaudio is fine lol what you’re describing would certainly be assigned a cve and the only cves for pulseaudio are all denial of service except for some back in 2009.

This is the answer, also shows you which trackers are getting blocked and allows you to individually unblock them in case you need it for an app to work.

Edit: When you say you did it manually, what do you mean exactly?

Check dmesg output when after the wifi drops and see what the kernel is doing. That could inform your decision. I have an old asus that started having a bunch of wifi bugs too, and I’m pretty sure they made some updates to iwlwifi. No solution though, I dont really care because that machine barely gets any use. Wifi always works perfect if I stay on a tty and don’t enter a graphical session.

That being said I wouldn’t choose fedora for an older relative unless they were really into computers. While it has become more stable in recent years, they do break things from time to time.

If you do decide to keep them on fedora, maybe try an atomic version. That way when things break you can just roll back with no issues and pin the working deployment. Chances are they just want a web browser and libreoffice so the learning curve wouldn’t really matter to them.