Different needs and different threat models lead to misunderstanding between people. Let’s say you want to leave the most anonymous comment possible on some social network. What do you need for it? VPN? Tor? A SSH tunnel? Well, it’s enough to buy any SIM card and a used phone at a nearest shop, then go at a considerable distance from where you live, insert one into another, post your message, and sink the phone. You have accomplished your mission at 100%.
But what if you don’t want to just leave a one-time comment or hide your IP address from some site? What if you want such an advanced level of anonymity that will make up the most intricate puzzle without any room for any hack on any level? And also conceal the very fact of using anonymity tools on the way? This is what I’m going to talk about in this piece.
The perfect anonymity is mostly a dream, like everything perfect. But it doesn’t mean you can’t approach it pretty close. Even if you’re being identified by system fingertips and other means, you can still stay undistinguishable from the mass of general Web users. In this article I’m going to explain how to achieve this.
This is not a call to action, and the author by no means calls for any illegal actions or violation of any laws of any states. Consider it just a fantasy about “if I were a spy.”
Basic protection level
The basic level of protection and anonymity looks roughly this way: client → VPN/TOR/SSH tunnel → target.
Actually, this is just a slightly more advanced version of a proxy which allows to substitute your IP. You won’t achieve any real or quality anonymity this way. Just one incorrect or default setting in notorious WebRTC, and your actual IP is revealed. This type of protection is also vulnerable to node compromising, fingerprints, and even simple log analysis with your provider and data center.
By the way, there is a common opinion that a private VPN is better than a public one since the user is confident about his system setup. Consider for a moment that someone knows your outside IP. Hence, he knows your data center too. Hence, the data center knows the server this IP belongs to. And now just imagine how difficult it is to determine which actual IP connected to the server. What if you are the only one client there? And if they are numerous, for example 100, it’s getting much harder.
Bitcoin projects are under pressure to collect as much data as possible. Gain full control of your cryptocurrency portfolio with Wasabi Wallet that is designed to be a zero-knowledge software. Developers are not permitted to collect any sensitive information about you. What you do with your bitcoin is entirely up to you