I don't think he's suggesting that you literally run your browser as the root user.
The argument seems to be that if you don't have the ability to access whatever is the equivalent to the root account on your device at all then this means that whoever does has more control of your device than you do.
This means that you have to trust the device or OS manufacturer.
For example if you buy an iPhone there is no way to "untrust" Apple without throwing the device out or doing a jailbreak.
With a more open system such as Debian you can decide to untrust the OS vendor by simply replacing the entries in /etc/apt.sources with something else.
This kind of model is often used in corporate environments where computers are locked down by the IT dept, therefor the IT dept can make choices on behalf of the users as to what the security settings should be, what software is installed etc.
The argument seems to be that if you don't have the ability to access whatever is the equivalent to the root account on your device at all then this means that whoever does has more control of your device than you do.
This means that you have to trust the device or OS manufacturer. For example if you buy an iPhone there is no way to "untrust" Apple without throwing the device out or doing a jailbreak.
With a more open system such as Debian you can decide to untrust the OS vendor by simply replacing the entries in /etc/apt.sources with something else.
This kind of model is often used in corporate environments where computers are locked down by the IT dept, therefor the IT dept can make choices on behalf of the users as to what the security settings should be, what software is installed etc.