What if I am 101% sure my host OS is not compromised and I have turn off all the features that can infect my host OS
If you'd be 101% sure and your system (theoretically) can't get infected (which is never the case), what would you be then afraid of ?
If your host OS is completely clean, what (confidential) keystrokes should be then read by the host in order to weaken your privacy/security? I might be missing your point.
is in this case a different story if I am using a Lubuntu OS for example inside the virtualbox program?
Generally, a windows system is more prone to malware.
This does not automatically mean that other OS are safe, but most malware is simply written for windows since it has the biggest user base.
So, 'in the wild', you are definitely better going with some linux. But regarding a targeted attack, it doesn't matter which OS you are running (regarding security, not privacy).
Virtualbox is made from Oracle which is quite known for leakages during their history so Virtualbox may not be safe at all ?
Virtualbox definitely had some major bugs which allowed malicious software to escape the virtualization, but you can never know if another software doesn't also have a bug (which hasn't been found yet).
I wouldn't call any virtualization software better than another. But this also may be due to the fact that i am not very familiar with VM's.
Anonymity and security are always together, you can't be anonymous if you are not really secure.
Security (in terms of information security) focuses on the C.I.A. paradigm (Confidentiality, Integrity, Availability).
And in fact you can use the web anonymous WITHOUT relying on security mechanisms (e.g. encryption (confidentiality + integrity), authentication (integrity), etc.. ).
