One of my readers recently emailed me and asked if you could be “100% anonymous” online. I think that it’s possible, but you need to take a lot of steps.
To be honest, I’m not 100% anonymous at present, so maybe I’m not the one to ask, but I’m in the process of researching it.
Tor All the Time?
If you use Tor for all of your internet browsing needs, that’s a good start, although even Tor has its weaknesses. At the very least, you would have to get accustomed to it being a little slower than your standard browsers (Chromium, Firefox, etc.). That’s a tradeoff for the anonymity part.
Tor, at present, is improving its cryptography, which is a good thing! If you read Tor Onion v3 Hidden Service, it explains a bit more about the v3 onions (the ones with 56 characters). Although I’m sure some people just find 56 characters to be an annoyance, it actually has to do with the fact that they have better cryptography.
As the post above points out:
Onion v3 is the new next-generation Tor Onion Services specification. The most noticable change is the increase in address length, however Onion v3 uses better cryptography, ECC (eliptic curve cryptography) rather than RSA, and has an improved hidden service directory protocol.https://www.jamieweb.net/blog/onionv3-hidden-service/
Now, there’s been a debate about whether or not you should use a VPN with Tor. This came to mind in part because I talked to someone on MadIRC this morning who said he was “using Tor, a VPN, Tails, and a virtual machine.” From this description, you’d think that the user was either a spy or involved in something criminal, but according to him, neither was the case.
As Matt Traudt (who actually works on the Tor Project) points out in his blog, a VPN and Tor aren’t necessarily a positive thing, particularly if you don’t understand the reasoning behind it: VPN + Tor: Not Necessarily a Net Gain. In fact, I’m glad I referenced this post again because of the fact that Mr. Traudt apparently updated it recently.
He goes into detail about some of the reasons why you might want to use a VPN. For instance, if Tor is blocked in your country:
For whatever reason, Tor is blocked for Alice. Maybe her company has a really strict firewall or her country has a super strict firewall. But apparently the firewall wouldn’t block a VPN.
Alice should try using a Tor bridge first. A bridge is simply an unlisted Tor guard relay. If she was getting blocked because she was trying to connect to an IP known to be a Tor relay, this would help.Source: Traudt, Matt. (2016, August 28). VPN + Tor: Not Necessarily a Net Gain.
I’m also aware that some people use a VPN in order to hide their Tor usage from their ISP, which Traudt also addresses:
First, Alice should consider whether or not her adversary is even capable of extracting information from her ISP. Is what she’s doing even illegal where she lives? Is it embarrassing? To what lengths will her adversary go (or can her adversary go) in order to figure out who she is? If Alice is just trying to hide an embarrassing habit from her spouse or circumvent her incompetent country’s censorship, hiding her Tor usage may not even be necessary.
Furthermore, if Alice isn’t really up to anything bad, by not hiding her Tor usage, she helps reduce Tor’s bad stigma. Many people use Tor for a wide variety of reasons. And if Alice believes Tor usage is enough to get her on a list of potentially bad people, she should be proud of that fact. She’s not bad, and she’s lowering the quality of that list. If everyone used Tor, everyone would be on the list, and the list would be worthless.Source: Traudt, Matt. (2016, August 28). VPN + Tor: Not Necessarily a Net Gain.
This isn’t intended to say that you’re forbidden from using a VPN; it’s only pointing out that you don’t have to be so paranoid as to hide your Tor usage unless you really are using it for something unscrupulous.
What About Tails?
In essence, if you use Tails, then all of your software connects to the internet through Tor. As their site also points out, if an application tries to make a direct connection to the internet, this will be blocked for security purposes.
This is another important point to remember about Tails:
Tails is configured with special care to not use the computer’s hard-disks, even if there is some swap space on them. The only storage space used by Tails is in RAM, which is automatically erased when the computer shuts down. So you won’t leave any trace on the computer either of the Tails system itself or what you used it for. That’s why we call Tails “amnesic”.
To really be more anonymous, you would have to abstain from using most (or all) social media, in particular, the “big boys” like Facebook, or at least the ones that collect the most data. It’s reasonable to assume that practically all social media sites retain some data on you.
As opposed to things like Facebook and Twitter, diaspora doesn’t collect data on you for advertising purposes. I think the internet, in general, is moving toward this sort of model (as with things like Solid).
Many networks use your data to make money by analysing your interactions and using this information to advertise things to you. diaspora* doesn’t use your data for any purpose other than allowing you to connect and share with others.
While I realize that it can be addictive to use social media platforms like Facebook, Twitter, and Snapchat, it’s important to consider these alternatives if privacy is your concern.
These are only a few options; I’m sure there are others as well.
So, readers, do you have any additional suggestions? I’m open to hear them.