The first thing to do when you start using sway is to copy the configuration file, which is normally in /etc/sway/config, into your home directory.
mkdir ~/.config/sway
copy /etc/sway/config ~/.config/sway/
It has some basic settings already set, but you’ll probably want to change some of them later.
The basic keybind for running a terminal emulator, which by default is foot, is Super+Enter (Super is the name for what is otherwise called the Windows key or the Command key, depending on your keyboard).
Super+D starts the launcher app (wmenu-run by default).
If you want to change them to something else (i use fuzzel as the launcher), change the variables at the top of the config file and press Super+Shift+C to make sway reload it.
Super+Shift+E is used to exit the session.
As for the top bar that says “1”, it displays a list of your workspaces. You can switch between workspaces by pressing Super + the number of that workspace, or move the current window to a new workspace by pressing Super + Shift + number. You can also click on the workspace’s label in the bar to move to it, or use the mouse wheel to go to the next/previous one.
The timer at the top right is sway’s status bar. By default it shows only the current time, but it’s compatible with the i3bar protocol and can show a variety of statuses. Programs like i3blocks, i3status or swayrbar can be set up to display a variety of data in the status bar, or even to create widgets that respond to clicks.
All the pop-up blocking that old web browsers had is still a thing. It’s just that most websites no longer make their pop-ups as separate browser windows that pop up via timed script, because that’s easily detectable and blockable.
Nowadays, they’ll form a pop-up using additional fixed-position <div>s, or form what’s functionally a redirect by creating what, to the web browser, looks like a giant link that opens up in a separate tab, or do other sneakier techniques, which are much harder to definitively detect as “a pop-up” and block without causing legitimate web pages to break.
As the web is becoming more and more a platform for full-on applications, you can’t really determine which functionality will only be used by ads or malware. There are projects like Gemini, which deliberately aim for a minimalist set of features that can only be used to deliver simple content with no intrusive additions, but these won’t serve as a complete replacement for the web.