I read about all your advices to stay safe using the different browsers you mentioned.
All those add-ons are needed to keep your browsing safe from most kind of attacks to break into the system,
and to protect the browsers from getting annoying add-ons that would take control over your settings and open pages you don't want.
I didn't noticed important differences between ghostery and requestPolicy, except some security options into requestpolicy that seems not usefull at all from my personal view, as NoScript is so good to secure Firefox. and there's no other add-on on any of the other browsers to compare to NoScript for FireFox.
But chromium security is so good that it's hard to bypass. I tried a lot of websites with various kind of attacks from some website listing them using dragon, and I loaded those bad websites after dragon page alert, and no exploit was able to compromize dragon security.
So nothing was able to break into the system to compromize it.
What I noticed recently for Dragon is that the add-on "AdBlock" is better than "adblock plus" to filter ads and it has options to secure browsing that Adblock Plus doesnt include. and AdBlock is able to stop absolutly any kind of ads that Adblock plus doesnt filter (like new ads on Facebook for exemple).
But at the end, the way to set the browsers are the first thing to do. on Dragon you have lot of settings that keep you safe.
But there's a thing I disagree, it's about using LastPass to save login/pass.
I tried it and I need a lastpass account to use it, what I'll never do.
I don't like to have to create an account to manage my passwords.
and I never save any log/pass on my browser.
I have a lot of accounts but I printed all on 2 pages and I use this way to protect my accounts.
And it's a good thing to train your memory ;-)
Sometimes I need to look at my papers as passwords are longs and suite of characters without any meaning like for exemple : PP0_#98[at]szFF&aZ1,
But after sometime you typed it, you remember most of all.
I clean all data on exit each time i close the browser, can be annoying, but I prefere this solution.
I got only Flashplayer loaded but I block it from storing anything on the machine.
But there's still the temp folder C:\Users\******\AppData\Local\Temp to look at, sometimes you find bad things in it.
I don't use no AV, as they run on database and their scanners are easy to dupe. people use a way to package the files so the scanner cant open it as people using multiple packagers with commands for the scanner to access that send it from erroneous to erroneous way to unpack, so it's unable to be scanned, some AV try several minutes then say the file is correct, some others AV try some seconds then say the file is safe,
maybe some others as they cant scan it alert the user of the potential danger and block it, but I don't know which ones really do that.
I even bypassed very well-known AV just by changing the size of the file using another icon...
So scanners are useless, only signed files from trusted vendors should be allowed to download and stored on the SSD or HDD.
That's why I only use comodo FW and D+ with highest security settings.
I do not use a lot D+ paranoid mode except to find unknown malwares.
For files i don't know, I use the virustotal uploader to have an idea, but with all those false positives, it's not easy,
Because I use tools to modify Bioses that are detected by almost all AV at virustotal as malwares, as I know it's wrong, because the files are coded by a serious group of people.
So how to trust AV when they fail to detect malwares and detect files that are not malwares...
update : I forgot an important thing, I use a VPN with openVPN-256.
and to encrypt you SSD where you installed your system is also a good thing.
If someone can access you machine, he will not be able to steal and use your files as he'll get only encrypted files.