- the untrue information that you should send amendments and not yours, which makes you unique – and suspicious;
- The detection techniques are changing and you are unaware of it. So become unique again.
or with a really complicated navigation.
Assuming that you can use Tor or a VPN or OpenShell to tunnel your IP address, I think it's the safest way to boot a virtual machine, install Windows Seven on it, and install it for everyone to use data protection-sensitive operation. Do not install anything unusual on the computer, and it is a standard Windows Seven computer that belongs to a horde of similar computers.
They also have the advantage that the machine is isolated in your real system and you can quickly snapshots / reinstall them. What you can do from time to time – the "you" who has done all the navigation before disappears and a fresh "you" appears with a clean story.
This can be very useful because you can keep a "clean" snapshot and always restore it before you perform sensitive operations like home banking. Some VMs also allow & # 39; sandboxing & # 39; d. H., Nothing made in the VM is constantly changing its content – all system changes, downloaded malware, installed viruses, keyloggers infiltrated disappear as soon as the virtual machine shuts down.
In my opinion not only would the total work be the same (or even more), but also a much more complicated and less stable kind of work.
Install the most common operating system, stick to the included browser and software, and resist the temptation to pimp it hundreds of thousands of similar, just-installed, never-serviced computers on the Internet?
Update – browser behavior and side channels
Now I've installed a virtual Windows 7 machine and even upgraded to Windows 10, as Joe Q. Average would do. I do not use Tor or VPN. All an external site can see is that I'm connecting from Florence, Italy. There are just like my thirty thousand connections. Even if I know my provider, there are still about nine thousand candidates left. Is that sufficiently anonymous?
It turns out that this is not the case. It could still exist correlations that could be investigated, with sufficient access. For example, I play an online game and my input is sent immediately (character-buffered, not line-buffered). It becomes possible to fingerprint digram and trigram delays, and if the corpus is large enough, determine that online user A is the same person as online user B (of course, within the same online game). The same problem could occur elsewhere.
When I surf the net, I usually always meet the same websites in the same order. And of course I called my "personal pages" on several websites, eg. Stack overflow, regular. A customized distribution of images is already in my browser and will not be downloaded or bypassed at all
HTTP If-Modified-Since or
If-None-Match Inquiry. This combination of habit and helpfulness of the browser is also a signature.
Given the abundance of tag methods available to websites, it is unlikely that only cookies and passive data could be collected. For example, a site may promote the need to install a font named
Tracking-ff0a7a.otfand the browser would dutifully download it. This file is not necessarily deleted when deleting the cache. If it is not downloaded again on subsequent visits, this is proof that I have already visited the site. The font may not be the same for all users, but contains a unique combination of glyphs (for example, the character "1" may contain a "d", "2" may include an "e" and "4" may include a "d"). again – or this could be done with infrequently used font code points), and HTML5 can be used to draw a glyph string "12345678" onto an invisible canvas and upload the result as an image, which would then create the unique hex sequence & #. 39; deadbeef & spell, and this is a cookie in every sense.
To fight this, I may have to:
- After each browser session, take another snapshot of the VM (and reset the modem if I do). It would not be enough to always have the same VM.
- Use several different virtual machines or browsers, as well as known proxy services or Tor (I would not mind using a proxy that is unique to me or for which I'm the only user in Florence for anonymity reasons)).
- Empty and / or purge the browser cache routinely and remember this Not for example, to always open XKCD immediately after questionable content.
- Accept two or more different "personas" for the services for which I want anonymity, and for which I'm not interested, and make sure that they stay separate in separate VMs so that a permanent connection may be made by a savvy external Agency is made.
This also shows that I would better have a good reason to want anonymity: because it will be a royal pain in the back to accomplish this reliably.