What do you think of Arkenfox' following statements regarding Privacy Badger?
Ghostery, Disconnect, Privacy Badger, etc
Redundant with Total Cookie Protection (dFPI)
Note: Privacy Badger no longer uses heuristics by default, and enabling it makes you easily detected
Which can be found here.
I have multiple LibreWolf profiles with different uses and therefore different extensions tied to each one of them. For example, I've got one in which I exclusively watch the Youtube content I'm interested; through Invidious of course*. Therefore, extensions like SponsorBlock and Video DownloadHelper are only found on that profile to improve the experience thereof without negatively affecting the other profiles. This is mostly done to protect the profile I use for regular browsing, which is somewhat alluded to by the team behind Arkenfox with "We recommend keeping extensions to a minimum: they have privileged access within your browser, require you to trust the developer, can make you stand out, and weaken site isolation.".
As for the extensions I have on my profile that I use for regular/random browsing; those would only consist of uBlock Origin, Redirector and Skip Redirect. All of which are -to some degree- endorsed by the Arkenfox-team. Though, from time to time, I am guilty of using Dark Reader as well; it's just too good to miss out on at times.
and saw the repo of hackliberty, they say to use alpine linux
On the same page you should have noticed links to excellent articles found on privsec.dev and madaidans-insecurities.github.io; both of which advocate other distros (as well) with the former not even mentioning Alpine. As for hackliberty's usage of Alpine; I believe they stated it as their backend of choice for running their online services. So not necessarily recommended as their OS of choice on a desktop device. Though I'd love to be corrected if that's not the case.
I was also looking to stuff like openBSD
If you can deal with it, go for it. Unfortunately I couldn't give up my workflow to that degree. One has to be mindful, though, that however powerful openBSD is, one can elevate it further by using it in conjunction with Qubes OS; this guide might help you with that. Furthermore, this also makes it possible to not forego your entire workflow for the sake of openBSD.
just hardening the arch build I use rn
Also a decent choice, it might need constant tinkering and a lot of know-how to keep it splendid at all times. Though, it's definitely doable as long as you're committed and eager to improve yourself. And once again, this work doesn't have to be for naught; once more this knowledge can be used to perhaps further harden an Arch-qube.
what do you think about that?
It's always best to first define your threat model. After which it becomes clear to what degree you need further protection and what would be the best course of action to achieve that. For some, just moving from Windows/macOS to Linux is already a giant leap and might be enough for their threat model. While for others, this might not be enough as they have to be a lot more cautious to such a degree that even openBSD on a regular laptop might not be sufficient. If you just want maximum protection, then Qubes OS is surely your best bet IF you learn how to use it properly on a well-supported device; kudos if you can get your hands on one that support Heads as well. If you don't mind a mobile device, then something with GrapheneOS should suffice as well.
IMO, you seem to be very new to all of this. Being overzealous might make you a lot more susceptible to burnout. Which is something you absolutely don't want, as this is not a sprint but rather a marathon; keeping it up and going on is therefore of utmost importance and incremental change can help with that.
On LibreWolf, which I use to surf daily, I got one in 180k+.
Afterwards, I tried Tor Browser -which is honestly almost never used- and this was a lot better at one in 6k+. Though this was only in "Safer" mode, I tried testing it on "Safest" afterwards, but an update screwed it up and I somehow couldn't get it back to its standard opening size.
Interestingly, my best result I got once again on LibreWolf. This time, I changed two things:
This resulted in a one in 800+. I am interested to know how Mullvad browser users fare on Mullvad VPN.
While it doesn't satisfy the "under $400"-condition, I couldn't withhold myself from mentioning the likes of NovaCustom and Tuxedo. For the fact that both have been absent from the conversation while they otherwise satisfy the requirement of coreboot on a modern device. With the former, NovaCustom, being arguably the best vendor to buy 'privacy&security'-first devices with modern hardware from. Not for their entire line -mind you- but specifically their NV41 Series; which is -to my knowledge- the only Qubes-certified computer with modern specs and Heads. However (with Qubes and Heads pre-installed) it starts at $1224, which makes it considerably more expensive that your stated target (read: under $400).
It's in privsec.dev's recommendations, so it's safe to assume it's at least a decent choice for privacy. I'd argue it's best for 'normies' together with Fedora.
One of its unique qualities would be the excellent support for Btrfs+Snapper out of the box and the fact that it's the only distro I'm aware of that has configs for both AppArmor and SELinux. Furthermore, its stable rolling release model is perhaps its killer-feature.
Its primary con is probably how it's not Arch(-based) and thus doesn't have access to the vast supplies of packages found in the AUR. Thankfully, this is easily solvable through Distrobox.