Hi,

please can You share your recipe for staying anonymous on the internet?

Here is interesting one:

OS and HDD security

For anonymity i think its good idea to use Linux distribution proven to be opensource and privacy targeted. Installation should be luks-dmcrypt encrypted (i think this is default encryption of the user directories used by Linux). There are also tutorials on how to make full disk €ncryption. On Windows i am using Truecrypt/Veracrypt system drive encryption Computer can also be set to have automatic screen locking, BIOS password.

Internet data transfer anonymity

Next thing is Tor browser bundle. Most of the anonymity OSes using this web browser. But please note that the data that are transferred thru the Tor are decrypted on the Exit node (last server in the chain) so if you visit and submit sensitive data on HTTP-only (not HTTPs) sites, the Tor exit node operator if bad can record yours submitted data like passwords. And it is said many times there may be thiefs who own Exit nodes for this purpose. It is same like when one do not use any encrypted proxy/secure tunnel/VPN - internet service provider and all people on the way may capture transferred data too. So one is unsafe unless remote website supports HTTPS which means submitted data are encrypted during the transfer. To secure data transfer from being seen by the hacker or ISP, solution can be setting up shadow socks proxy software or a OpenVPN software on the VPS or Dedicated server (preferably in different country than one which may be interested to discover ones identity). One should buy the server anonymously to increase anonymity (Tor browser + anonymous payment like Bitcoin funded by coinjoin service like Bitmixer). Bitcoin alone (without coinjoin/mixing service) is not anonymous as BTC transactions are world readable. Some people using PerfectMoney.is payment where this company is offshore. Before starting to use the new proxy/VPN, you may consider first deleting or forgetting your old accounts created with real identity. Maybe even reinstalling the OS or web browser. Stop using services that you registered with real IP or ask them to be cancelled. Maybe dedicate new minicomputer like RPi4 just for your anonymous activities so it can not be paired with your current computer identity, IP, browser footprint. On the earlier mentioned socks or VPN server, one should setup history, log cleaning to maintain VPS free of any IPs (here is how, but you have to be running zeronet.io to see that page). Identity of the VPS user can be then revealed i assume only by someone physically in datacenter.

E-mail identity

Next thing is e-mail. There are various providers like protonmail or tutanota or mail2tor.com offcourse you register & access such service via Tor or anonymous proxy. Moreover you use multiple email addresses so multiple online activities are not tracked to one single e-mail identity.

Passwords

At the end, very important is not to use single password for everything. Password should be based on random string, never dictionaty based, ideally 8+ characters long. If you have to save passwords and sensitive info., do it in an encrypted way, for example using opensource KeePassX.


What do you think?