Linux

Tails in proxmox in tails running on pure ramdrive system with no longterm storage, cpu, bios, mac serials overwritten with FFFFFFF, TPM chip desoldered or lasered off CPU, connected to TOR viato mullvad paid with crypto, through VPN running left behind sanitized device hidden in a library, through second sanitized vpn device connected to private insecure wifi in poor residential area with no cameras, after abolishing the state

QubesOS for security, Tails for privacy. These are both very extreme options though and most likely overkill for the average person

Pretty much any distro that isn't Ubuntu. Are you asking for privacy or security? Those are very different.

For security, I'd stick to more complete distros like Fedora instead of more diy distros like NixOS or Arch. They're great to learn and tinker with, but distros like Fedora have security experts adding mitigations and security stuff in the distro by default, whereas most users of Arch or something would have to manually look up those things and keep up to date on the latest security. So basically, none of them lol.

Using more hardcore security distros like QubesOS is not very realistic as a daily driver. You'll see Linux nerds name drop it and claim they know what they're talking about, but none of them will actually dailt drive it because it's a very painful experience. Just stick with flatpaks as much as you can for pretty solid security.

If you look through this thread, you may notice that almost everything is biased towards personal preference(s). I recommend you research for those aspects of security AND privacy that interest you and select the tools, distros that you prefer. The beauty of Linux lies in its variety. Use what pleases you and serves your needs.

Nix OS, Guix or Vanilla OS for sandboxing I guess. But basically everything but Ubuntu is pretty good for privacy, it’s a big part of free software philosophy.

Qubes on Whonix

Depends on what you mean for security/privacy. You can use Tails or whatever and have everything encrypted and then just be logging into your Facebook account on Chrome without an ad blocker.

Most Linux distros are secure enough for the average person who isn’t being targeted by some crazy state level actor. If you’re particularly concerned stick with a distro that has a security team like Debian. As for privacy that has more to do with the sites you browse and have accounts with but obviously avoid Google (I just use Firefox instead of Chrome) use an adblocker like ublock origin, along with maybe something like decentraleyes.

Try Tails, you don't even gotta install it. Keep it on a flash drive and just plug it into your computer whenever you wanna use it.

Tails

The best for privacy are: Tails, that runs on live-cd; Whonix, which you run in vms; Qubes, which is an os that runs all your user programs inside vms (running whonix inside qubes is the most powerful privacy setup).

How does Void Linux rate on the security and privacy front compared to the top recommendations in this thread?

A GOS emulator?

How many privacy/security are we talking about? Because if you want to go "full ham" on both, then any minimal install + docker + lynx as your main (and only) access to the internet (with "nobody" set as the main user) + a rpi 4 (with openwrt) serving as "middleman" routing access from your router to it, and to your PC. Oh, and using only dumb phones and avoiding any wireless-related stuff.

my impression is that grapheneos is only private and secure compared to regular android. likewise, any linux distro is going to be secure and private when compared to windows.