Strictly speaking, the operating system has not a whole lot to do with anonymity although some are more resistant to hackers than others. Hackers can indirectly pwn your anonymity by rooting you and getting your IP address around Tor. They could also directly pwn Tor by either hacking you through a vulnerability in it or by rooting the relays you use. There are several nice operating systems. Anything Linux or BSD is pretty good. OpenBSD focuses heavily on out of the box security, although the box doesn't have much in it until you add programs that are probably not anywhere near as secure as a base OpenBSD install. It does have technologies for making some sorts of vulnerabilities non exploitable though, for example ASLR. FreeBSD is another OS that has a lot of security potential, it has a very extensive and highly configurable selection of security modules, but you will need to learn how to use them and this is not trivial. FreeBSD also lacks ASLR which is pretty shitty imo. Hardened Gentoo has probably got the most depth to its potential security, in that it has a lot of configurable security modules as well as having out of the box features like ASLR. I think that Hardened Gentoo can probably be secured to a greater degree than OpenBSD or FreeBSD if you know what you are doing and take the time to do it. There are various other solutions that are much more esoteric: plan9, inferno, sel4, etc.... I honestly know little about these solutions, but I am under the impression that they can be much more secure than either Linux or BSD. sel4 is a formally verified microkernel meaning that it is in theory probably impossible to hack (but in reality some of the assumptions they make don't hold yet, so it is not unhackable in practice yet). It is also not open source, although it has been reviewed by several people. I think sel4 is seen as largely an academic exercise still. Unless you are very sure that you don't need to, you should use the Tor Browser Bundle. It can open you up to some problems, especially if you are browsing the same site anonymously and nonanonymously simultaneously and you connection dies. In general, it is pretty safe if you avoid this, I would not worry about it. Especially if you are only surfing .onion sites Probably because they are dumbasses and like javascript. Having javascript enabled does give you a bigger browser fingerprint crowd to hide in, but I personally find the increased risk to haxx0ring to be unacceptable. Ideally you will use a private bridge that you find anywhere other than SR (or other illegal channels), public bridge is okay though. I strongly suggest using bridges. what about them ? I suggest frequently spoofing your mac address. VPNs are pretty much worthless imo, I prefer obfsproxy bridges for membership concealment and Tor is better than any VPN. Privoxy is not needed, use tor browser bundle. Avoid polipo entirely.