Make your main browser secure and private and use tor/mullvad for anonymity.

You're not a noob, you're a sprout.

Mullvad Browser and LibreWolf have two completely different strategies to avoid fingerprinting. Mullvad Browser operates on everyone having the same configuration to blend in - if you want to use it, you need to avoid changing any of the settings. LibreWolf, on the other hand, works by spoofing a different fingerprint every session. It will look unique to Cover Your Tracks and the like, but it will be different every time you close and reopen it. Again, it works best if you don't mess with the settings.

I believe both Mullvad Browser and LibreWolf come with uBlockOrigin pre-installed. Just about anything you want to do regarding blocking ads or scripts can be done in UBO's settings; do NOT add extra "privacy" add-ons as you will only make yourself easier to fingerprint.

If you're looking for something to use with actual accounts (like banking), use hardened Firefox (with arkenfox) or a hardened chromium browser. Neither Mullvad Browser nor LibreWolf (and especially NOT Tor) are designed for that use case.

As an aside, you can use multiple browsers for different use cases. I honestly think that's best practices at this point, but you'd have to be good about not overlapping your browsing on them (i.e., not visiting/logging into the same website on multiple browsers).

You've gotten some good answers kn fingerprinting so I won't repeat that. I will add though: it depends on what you are trying to do. Blending in with Tor or Mullvad Browsers makes you less trackable, but logging into an account immediately breaks that. Brave et al will only fool naive scripts, sure, but telemetry and built in tracking is another battle to fight: you're going to want a privacy browser even if you stand out amongst the sea of Chrome and Edge. The more of us who do make it more normal looking. At the end of the day you are probably going to want two browsers per machine:a logging in browser and an anonymous web search browser. So no it does not negate itself and is worth doing, but has use case limitations. I find it best to block everything possible in Brave but use it as the sign in browser. Not using Brave shields doesn't make you much less recognizable anyway, you'd have to use Chrome for that.

i would go through your privacy settings and delete and turn off everything you can, then if you can, change pii to nonsense burner info and deletethe account. Services like that can sometimes be useful, but not for accounts specifically. Personally I dont use them and send delete requests to people search sites myself.

Tor + VPN is a VERY contentious topic. The one thing not to do is turn on a VPN in the middle of a Tor session. That's agreed upon. VPN before Tor... it can make it harder to find who you are in some ways, but makes you seem more suspicious that you feel the need to do all that. It makes your activity stand out, and it may even be easier to bully your VPN provider into giving up your identity (if they have it from payment info, etc). But that's just if they are monitoring the exit node, so mot particularly likely. Still, I avoid mixing them entirely. Of the two, Tor is more anonymous, but VPN is faster, hides all network activity even outside the browser and is just about required in many places due to stupid age verification laws and similar nonsense. So I like Mullvad Browser + always on VPN, but Tor is a good tool.

NoScript will improve your privacy by a lot, and will make webpages load faster, since it stops stylish and tracker-ridden JS. If a webpage breaks, you can flick a few buttons to temporarily allow JS (or permanently if you'll be visiting that site a lot).

Tor over VPN is a fine solution if you want to hide it from your ISP, but I don't think you should install extra stuff on TailsOS. Consider using Tor Browser + UblockOrigin on your own PC over a VPN, it's pretty much the same thing if you'll just be browsing online.

Oh-- and one important thing to remember: Don't expend more effort than necessary for your own threat model. Consider the extent of your privacy needs and act accordingly, going overboard will only leave you tired for not much in return.

P.S.: mander.xyz has a Tor-based onion frontpage ;)

Their website (https://coveryourtracks.eff.org/learn) do mention the concern you have; Blocking trackers means you are a user with a very specific privacy settings. I suppose it would be like going around with a full face mask; You are technically private, but you are uniquely identifiable unless someone else does that. I also get "Uniquely Identifiable" on my personalised browser, but nothing like it when I try it out on newly installed Mullvad browser with no changes.

Not that I know much about how Tor traffic is identified, but Tor bridges seems like a potential solution? I would dig into that a bit more.

TL;DR The only way to avoid a near unique fingerprint is Tor Browser

Longer explanation: There are too many styles of fingerprinting protections: randomized and normalized.

Librewolf inherits its fingerprint protections from Firefox (which intern was upstreamed from the Tor uplift project. It works by taking as many fingerprintable characteristics (refresh rate, canvas, resolution, theme, timezone, etc) and normalizes them to a static value to be shared by all browsers using the feature (privacy.resistFingerprinting in about:config). The benefit of normalizing is you appear more generic, though there are many limitations (biggest of which is OS because you cant hide that). The purpose design of these protections stems from the anonymization strategy of Tor which is to blend in with all other users so no individual can be differentiated based on identifiers. Since Librewolf has different a default settings profile to Tor (or Mullvad) and even vanilla Firefox with RFP enabled, the best you can hope is to blend in with other Librewolf users (which you really cant, especially if you install extensions or change [some] specific settings). Instead, the goal is just to fool naive fingerprinting scripts, nation states or any skilled adversary is out of the scope.

Brave (or Cromite) uses the strategy of randomizing fingerprintable characteristics. This is only meant to fool naive FP scripts but in my opinion (when done right) is better at fooling naive scripts. The biggest problem is that these attempts by other browsers and not as comprehensive as Firefox. I think Cromite does a better job than Brave: it is the only browser which fools Creepjs that I have tried by creating a new FP on refresh. Cromite required some configuring to get to place I wanted it, but so does every browser.

The advantage with Firefox forks is that vanilla Firefox has RFP and therefore so do the forks (though most dont enable), but you dont blend i with a crowd (making it far less effective than MB or Tor). The advantage of Brave or Cromite is a randomized FP, bit since it isnt upstreamed (and Google will never do that) you stand out like a sore thumb. Either way is fine though for basically everyone.

The only browsers I know that work against Creepjs are as follows:

• Mullvad (persistent FP)
• Tor (persistent FP)
• Cromite (randomized FP)

For the unique fingerprint, using a lot of privacy apps /extensions makes you stand out more, because you're likely the only person to use that exact configuration. The best way to hide is by obfuscating the data and sending random garbage.

I've heard fingerprinting tests are all sus. Don't put too much stock into them.

Best to do the clean yourself. A tip is to look through your gmail for email with "welcome" "confirmation" in the subject line. These will be accounts you signed up to with gmail. You can also google you email address and look through your password manager or Chrome for saved passwords. The really good news is unused accounts become less valuable to databrokers as the data gets out of date.

For Tails, use a Bridge to hide your Tor usage from your ISP.

Regarding Incogni, this video explains them pretty well

https://www.youtube.com/watch?v=iX3JT6q3AxA