For me, the big dividing line is that between security and privacy.
As stated above, if they really want to track you down they can and will, but also as stated above, most of us are 'utterly unimportant' and not really in need of heavy security protocols and trying to be a ghost in the wires (or wireless as it were these days). That said, I'm strong believer that everyone deserves basic privacy and that is a right worth fighting for. So let's talk about it.
First, the type of people that need real security are the journalists, activists, whistleblowers, and yeah criminals of various higher degrees than people who grow mushrooms in their closet for personal use. If that's you, seek an expert, I'm afraid you are above my pay grade.
If you are a regular old Nexizen who just wants to browse the web without becoming a databroker's product, click a link and not be assaulted by advertising, keep your traffic from being sniffed by third parties, and access information without being tracked, targeted, fingerprinted, cookied, paywalled, redirected, popped up, enshitified, datasnatched, and sold the highest bidder, then let's look at some resources. I most assuredly don't have all the answers, so if you have tools and resources to help us enjoy a little more digital privacy please share and let's collect them here.
There are so many "privacy focused" extensions/addons/softwares/applications/tools to sift through, Some that are even straight up malware themselves posing as privacy tools (
ghostery anyone?). It's truly an art form to balance legitimacy, hassle, and effectiveness. I'll share my baseline setup and a few other options and hopefully others will chime in and we can build a nice community toolkit.
I always try to keep up with
EFF recommendations. EFF is the OG digital liberties watchdog, if anyone can be trusted to defend online privacy, it's them. Keep them on your radar for the latest updates.
1.
Get a VPN! This encrypts all your traffic and hides it from anyone and everyone between you and the server you are securely connected to. Keeps the ISP from seeing that you visit
DMT-Nexus forum 742 times a day. Use a reliable provider that doesn't keep logs, but always assume they are keeping logs and can be subpoenaed to hand those logs over at any time. Again, this is for privacy to keep our ISP or any other middlemen from sniffing our traffic and sending us cease and decist torrent lettters, this is not security. Security will require multiple layers of proxy + TOR at minimum and is outside the scope of this post. TOR is slow anyway and we want to maintain our speeds, which a good VPN does.
2.
Use Firefox! In addition to being much more security conscious/friendly, Firefox is the only thing stopping a google monopoly on web browsers. Any Firefox based browser is great as well: Librewolf, Mullvad, Waterfox, etc. Some, like Librewolf, come more hardened and privacy friendly out of the box, but lag behind actual Firefox in updates and features. There are also various techniques for hardening Firefox if you want to move toward more secure protocols. At a minimum, go into the settings under Privacy and Security > Browser Privacy > Custom and select either "isolate cross-site cookies", or "block all cross site cookies" (recommend this option) and "in all windows" and check "tracking content", "cryptominers", "known fingerprinters", and "suspected finger printers", and again "in all windows". Also scroll down towad the bottom and select "Enable HTTPS-Only Mode in all windows" if it's not already selected. You can also disable the data sharing with Mozilla and turn off things like like notifications/location/camera/microphone/etc, history, autofill, and so on as preferred.
*A note on DNS over HTTPS: If you are using a VPN, you'll generally be using your VPN's DNS servers, so I generally recommend to leave this on default.
3.
DuckDuckGo! or Startpage, or Searx, or Metager. While you are in those Firefox settings, go over the the search tab and change your default search engine to one that respects your privacy.
4.
Addons! This is where things get really customizable and much more convoluted. I'm gonna give you my bare minimum that I install in every browser, every time:
Shoutout to HTTPS Everywhere, it still exists and you can install it if you like, but enabling HTTPS mode is now built into the browser directly so it's basically defunct. Thank you for your service old friend. 
-
uBlock Origin: This is the most important thing you do. It's the one stop shop to remove all the bullshit from your browsing experience. It blocks ads, trackers, coin miners, popups, etc. No more Youtube ads, no more banners, no more popups. It's infinitely customizable if you want to tinker, but it works for 99% of use cases right out of the box. install it from Mozilla addons and enjoy an actually useable browsing experience.
-
Privacy Badger: From our good friends at EFF, This is the legit tracking blocker. It works quietly in the background and protects your privacy without requiring anything from you. Set it, forget it, and support the EFF in the fight for a better web.
-
SponsorBlock: Make Youtube not suck again. Those sneaky ads that are embedded in the video and get through uBlock, gone. Those segments where the youtuber hypes their product sponsors, gone. You can even set it to skip non-music parts of videos, remove intros and credits, and skip the like and subscribe spheals. Technically, an optional quality of life upgade, but we all encounter youtube videos so much in our work and life, I really treat this one as a non negotiable standard.
That's it, one VPN software, one browser, a few settings changes, and 3 extensions for a baseline semblance of privacy and a useable web. This is the bare minimum to remove the most egregious tracking and advertising and still have most websites function correctly with minimal hassle. You may need to go into uBlock or Privacy Badger and turn it off on certain sites to get them to function correctly, some sites don't play well with firefox at all and you'll have to use a chrome based browser, a lot of sites these days don't like VPN's and will either block you outright, or put you through endless CAPTCHA robot check hell. It's the price you pay for privacy.
For those that want a little more than the bare minimum, I'll add a few more of my vetted choices:
- Decentraleyes: Interrupts library requests from big content delivery networks, helps further limit tracking, a good addition alongside uBlock and Privacy badger.
- CookieAutoDelete: Automatically deletes cookies when tabs close or browser closes. A bit fiddly and prone to break websites.
- ClearURLs: Strips tracking data out of urls, so links you click and share pass less metadata.
- CanvasBlocker: Fingerprint blocker. Fairly prone to break websites.
- Multi‑Account Containers: Firefox only. Compartmentalizes browsing sessions.
One last one that deserves special explanation:
- Noscript: Pro: doesn't let anything run without you giving permission. Con: doesn't let
anything run without you giving permission! This is the absolute best tracking prevention tool available, but it's very management intensive. Recommended only for advanced users and the extremely privacy conscious who want to go to the granular detail of explicitly allowing everything at the individual script level.
This is only scratching the surface and I have a lot more to say on this subject. We still need to talk about basic digital hygiene, operating systems, mobile devices, and more.
calyxos.org
it's like have the Nexus app. 
grapheneos.org
