I highly recommend disabling JavaScript by default in your browser and then whitelisting the websites that you use frequently and need JavaScript to function.
The privacy benefit of this is that when you read articles online or visit new websites, most of the time it will not need JavaScript to function which will stop loading a lot of ads and tracking scripts.
The security benefit here is massive, first if you visited a bad link that contains a malware that is dependent on JavaScript it would not work, secondly if you visited a link for a service that you use and JavaScript did not work there, then you can see in real time that this is a fake page and not the real websitewebsite you intended to visit.
Bonus tip: try to replace the unnecessary websites that can’t work without JavaScript and you need by JavaScript free websites or open source apps.
Disclaimer: Stay cautious. This recommendation will improve your privacy and security, but it does not protect you from everything.
The security part is the reason I use NoScript to do this. We’ve all typo squatted sites we visit, I’m sure. But if I typo squat a site I frequently visit and see the JavaScript disabled, it forces me to recheck I’m on the right site. Granted it’s only happened once where I didn’t realize I typo’d until seeing it was disabled, but it only takes 1 time to lose everything…
Not sure the fingerprint concerns are too major for me either. Hopefully most scenarios, I’m flagged as a bot or crawler and out of some data that would otherwise have been collected. Who knows. I imagine that JavaScript makes up for way more fingerprinting though.
For critical functionality like banking and stuff it’s also a good idea to put a bookmark to the right site on the toolbar and then only ever access it via bookmarks.