The best is probably tor in a VM, chromium in a separate VM, javascript disabled, on a private virtual network, with a egress firewall (not just guest VM firewalls, but enable those too) that only allows traffic from a specific origin port on the tor machine. You would also want the VM to spoof the processor features and unique IDs. System time drift/offset remains a vector which is hard to deal with.

Dump the rendered window pixels out to a simple viewer. Mouse movement is still a pain to deal with, but I would default to spoofing it as moving between clicks, with some image parsing logic to identify menu traversal.

Then it should reboot the browser process regularly.

I've been waiting for someone to make a packaged 'VPC in a box' incorporating networking and linked VMs.

> enforcing all connection thru a proxy in the settings (mark the checkbox)

Just use a network namespace individual pieces of software are way too easy to misconfigure.

Would whonix fit that bill?