Last update on 2015-05-18: Demise of RequestPolicy; added umatrix/ublock0; removed mention of Adblock
The amount of tracking and snooping across the Internet has increased vastly over the last few years. Much of this has been motivated by commercial reasons, but the recent PRISM revelations show that nation-states also are actively vacuuming up data.
Trying to protect your security and your privacy is an on-going challenge; even if you are meeting the challenge currently, it's only a matter of time before the next iteration in attacks will be out in the wild.
Unfortunately, security and convenience are usually inverses: the more convenient, the less likely secure.
Be forewarned that that combination is going to cause problems with some number of websites, usually due to the sloth, apathy, and general lack of web skills of the owners of those websites. I personally think it's worth the trouble of using at least those add-ons; if a website cannot be made to function acceptably without turning off your security, then I don't think that you should use the website. It's very likely that such an owner is not doing acceptable due diligence in keeping your data secure.
Using Ghostery is easier than using uMatrix. Ghostery is based on blacklisting trackers and beacons; uMatrix is based on blocking third party interactions. Many legitimate websites use legitimate third party interactions, and using uMatrix will mean that you will have to manually intervene in some cases.
In order to see how much privacy you are losing in using Ghostery, I did some testing. Ghostery clearly doesn't block as many trackers/beacons as uMatrix. Indeed, no blacklist can ever be perfect, and you shouldn't expect Ghostery's (or any other blacklist) to be so. If blocking third party interactions (including but not limited to trackers) is the most important criterion to you, then you should use uMatrix.
However, Ghostery doesn't do a bad job, and it's reasonable to expect that Evidon, the company behind Ghostery, will likely continue to keep up its lists of known trackers and beacons. Using Ghostery will cost you less work on your part than using uMatrix, and Ghostery does try to make it very clear who is trying to track your browser.
BetterPrivacy is a member of the honor roll. It attacks the problem of Flash cookies, part of the EverCookie arsenal of techniques for creating highly persistent state on victims' devices. (uMatrix and uBlock Origin can also apparently to also delete Flash cookies, although I have not tested this functionality.)
Self-Destructing Cookies is also a member of the honor roll. It does two valuable acts: deleting cookies as soon as they are no longer in use, and deleting browser caches automatically. (Again, uMatrix and uBlock Origin can also apparently do some amount of automated cookie destruction.)
Cookies Manager+ is also worth considering. I like the interface better than the very popular Cookie Monster+.
UAControl and User-Agent JS Fixer are also on the "worth considering" list. Your browser may have a very unique "fingerprint" (especially if you allow any Javascript and if you have added any fonts to your system). See EFF's excellent fingerprint tool to see how your browser scores. Using UAControl and User-Agent JS Fixer may make your browser more lower your fingerprint score. Also, some poorly coded websites may incorrectly try to enforce some level of browser incompatibility, and you may be able to circumvent such problems by changing your reported user agent.
Also, uMatrix and uBlock Origin have some functionality in switching your user agent string, though I have not tested this functionality.
In this category, there are a number of add-ons that do have estimable qualities, but also have some significant downsides.
HTTPS-Everywhere is a good example. The idea is a very good one: to try to use HTTPS wherever it is available. However, in practice, it often results in web pages that are locked into poor behavior.
Perspectives also has an excellent idea: rather than just depend on the very shaky X.509 certificate chaining scheme, instead verify that a presented certificate matches what other users see. This is a very powerful idea, and as the implementation improves, I believe that this will be a very useful add-on.
The honor roll of Firefox security and privacy add-ons:
Also strongly worth considering:
The "Keep an Eye On" category: