@Patrick I gathered you don’t like these two small edits on the Tor Myths and Misconceptions page. I don’t think the first one is contentious:
Tor is the best solution for people in oppressive regimes. 
It is certainly debatable whether people living in oppressive regimes should utilize Tor. Aggressive censors and state authorities are highly likely to monitor connections to the Tor network and target those people for more intensive investigation since they are assessed as actively evading state authorities. Therefore, despite the many risks this may be one situation where it is safer to utilize a VPN in isolation, or first connect to a VPN before Tor (although this provides very weak protection against advanced adversaries).
That is, those of us who don’t risk having the door kicked in just because we’re using Tor are probably okay, but if you live in sketchy countries in Asia, South America, Eastern Europe etc. Tor is not your friend. I think that is borne out by evidence.
This second one you may not like, but it is backed up by a couple of people who seem to know what they’re talking about 1. grugq & 2. @madaidan who knows a thing or two They both make a strong case i.e. Since Tor Browser is based on Firefox and it lags the competitor browsers in a number of security features, it is not the uber-strong browser a lot of people think it is (although good with respect to privacy features) e.g. I see they’re still working on ‘Project Fission’ which Chrome has had for some time and a million other things.
Tell me what you don’t like or we can cut anything particularly contentious.
Tor Browser is highly secure.  
Some security experts have opined that it is a risky proposition to run Tor Browser because state-level targets are reduced a relatively small set of Firefox versions. While Tor Browser is good for anonymity – since it creates a large group of homogeneous users – this is also a security risk, since any critical bugs will affect the entire population.
It is notable that Tor Browser is a modified version of the “extended support release” (ESR) browser. In contrast to release builds that are available approximately every month which patch all identified and resolvable bugs, ESR versions are usually earlier release builds that only patch critical and high security bugs. This means the code base may have publicly patched critical/high bugs that are months old, and medium/low bugs are never patched at all (“forever bugs”; that is until ESR is rebased on a later Firefox build every year or so).
Although The Tor Project is considering basing Tor Browser on the latest Firefox release in the future, the wait might be lengthy. In the meantime, state-level adversaries are highly likely to attack Tor Browser by:
- Monitoring critical/high patched vulnerabilities in less stable channels (Nightly, Beta etc.) and checking whether it is still exploitable in Tor Browser; this exposure might last many weeks.
- Chaining medium/low vulnerabilities together to achieve an exploit like remote code execution; this provides a permanent window of opportunity.
- Attacking other unknown or unpatched Firefox vulnerabilities (since it relies on a huge number of libraries) which may exist for an extended period.
Whonix ™ developer madaidan has also noted that Firefox lacks many security features that are available in other browsers like Chromium. Firstly the sandbox is relatively weak, for example:
- The seccomp filter is weaker.
- The sandbox lacks site isolation.
- Dangerous system calls are available in Windows.
- X11 sandbox escapes in Linux are relatively easy and there is no GPU process sandboxing.
In addition, many exploit mitigations are missing in Firefox:
- There is no hardened memory allocator.
- Control-Flow Integrity (CFI) has not yet been implemented to prevent code reuse attacks like ROP or JOP.
- JIT hardening techniques have far less mitigations than other browsers.
- Arbitrary Code Guard (ACG) and Code Integrity Guard (CIG) are not yet available to prevent execution of malicious code.