Yeah, I stand by my response here >>12595
I'm not saying never share or visit HTTP links. I'm saying that HTTPS is better than HTTP when available (and that means, taking into account also your countercase, you aren't just being redirected away from the HTTPS site). Your response doesn't say anything against that.
On using a VPN, you need to distinguish between using a home VPN and commercial VPN. Commercial VPN is better for privacy than a home VPN when you trust the provider, because they give you an IP Address that isn't your own.
HTTPS is better than HTTP because the data is encrypted, can't be easily snooped on.
So, obviously, HTTPS with VPN would be best from a privacy and security standpoint, but this isn't what I was talking about.>>12594
Alright, alright. Going off your conception of this then, let's look again at your setup.>>12587>I use HTTPS everywhere, noscript (manually re-configured for my browsing habits), Random Agent Spoofer, Tin Foil (well some of the options, not in full mode), disabled most chromium vulnerabilities with about:config and also use a private VPN (w/ encryption), and I use a Linux OS... am I safe at this point?
I'll need to break it down.>Chromium
What you want is for it to be as stripped down as ungoogled-chromium, which is a distribution of chromium with anti-google patchsets from Iridium and Inox applied, as well as eloston (the founder's) own fixes, if you aren't just going to use ungoogled-chromium itself. I don't think anybody is quite sure to what extent Chromium is Googled, so removing as much as you can from what has been found out is good practice. Just fiddling with about:config is not enough.>Private VPN
A home VPN? You want a commercial VPN like AirVPN which is going to give you a different IP address than your own, is highly unlikely to divulge your data to 3rd parties, and in fact keeps little to no data about you at all. Paid VPN is the only way to go if you care about the Government spying on you.>Linux OS
Depends on which one. Better than Windows, surely, but that's a low bar. Ubuntu has recently started data collection, and they had that Amazon integration; Mint is a hack of different pieces that would be easy to exploit; systemd hasn't been audited and its development has been driven by a company which receives funding from the NSA, and for some strange reason unknown to me, has even become a dependency for TOR (to be more specific, lib-systemd). Systemd has now become the standard init+ system in most of the major distributions, so if this is concerning, then a lot of those, including Debian and Fedora, are off the table as far as being "safe" or trustworthy.
All this to say, it depends on which distribution of Linux you're using.>noscript
uMatrix is strictly better if you know how to use it, but Noscript is eh, better than nothing.
One thing to be aware with browsers is that there is this mechanism, Canvas fingerprinting, by which sites can identify you. They can use the data of how your browser responds to page request to determine which browser you are actually using, even if you spoof the user agent; I've also heard that how many extensions you have or what extensions are installed could also be used to identify you. /g/ used to have threads about it, and link to fingerprinting websites that show you whether you are safe or not, and how so. I'd look up 'browser fingerprinting test' and see whether you can be identified with your setup (like it tells you how unique your browser is compared to the millions of other users out there).>TL;DR
Not quite safe, there's more to consider and to do if you treat Privacy+Security+Anonymity as the end-all-be-all.