- the false information you would need to send along change and yours does not make you unique – and suspicious;
- detection techniques change, and you are not aware of them, so go back to the unique;
or have a really awkward navigation.
Assuming you can use Tor, a VPN, or an OpenShell anywhere to route your IP address by tunnel, the "safest" practice would, in my opinion, be to enable a virtual machine. Install a stock of Windows Seven on this one and use sensitive operation to privacy. Do not install anything unusual on the machine, and it will truthfully say that it is a standard Windows Seven machine, one among a horde of similar machines.
You also have the advantage of being isolated from the machine inside your real system and being able to perform a quick snapshot / reinstallation. What you can do from time to time – the "you" who did all the navigation before disappears and a new "you" appears, with a clean story.
This can be very useful because you can keep a "clean" snapshot and always restore it before sensitive operations such as home banking. Some VMs also allow "sandboxing", that is, no change to the VM will permanently change its content: all system changes, downloaded malware, installed viruses, injected keystrokes, disappear as soon as the virtual machine is powered down.
In my opinion, not only would the total amount of work be the same (or even more), but it would be a much more complicated and less stable type of work.
Install the most popular operating system, respect the browser and software provided, resist the temptation to make up, and what really distinguishes this computer from the machine hundreds of thousands similar computers on the Internet that have just been installed and are never maintained,
Update – navigation behavior and side channels
Now I have installed a Windows 7 virtual machine, I have even upgraded to Windows 10 as would Joe Q. Average. I do not use Tor or VPN; all that an external site can see, is that I connect from Florence, Italy. There are thirty thousand connections exactly like mine. Even knowing my supplier, there are about nine thousand candidates left. Is it sufficiently anonymous?
It turns out that this is not the case. There could still be correlations which could be studied, with sufficient access. For example, I play an online game and my entry is sent right away (buffered character, not online). It becomes possible to prevent fingerprints from digrams and trigrams and, with a sufficiently large corpus, to establish that the online user A is the same person as the online user. B (in the same online game, of course). The same problem could occur elsewhere.
When I surf the Internet, I always tend to view the same sites in the same order. And of course, I go on my "personal pages" on several sites, for example. Stack overflow, regularly. A custom image distribution is already in my browser and is not downloaded at all or is ignored with a
HTTP If-Modified-Since or
If-None-Match request. This combination of habit and browser service is also a signature.
Given the wealth of tagging methods available on websites, it is not safe to assume that only cookies and passive data could be collected. For example, a site may announce the need to install a font called
Tracking-ff0a7a.otf, and the browser would download it conscientiously. This file would not necessarily be deleted when erasing the cache, and during subsequent visits it would not be re-downloaded, which would prove that I have already visited the site. The font can not be the same for all users, but contain a unique combination of glyphs (for example, the character "1" may contain a "d", "2" may contain an "e", "4" may contain a "d" again – or it can be done with rarely used font code points), and HTML5 can be used to draw a string of "12345678" glyphs on an invisible canvas and to download the result as a # 39; s image. The image would then spell out the hexagonal sequence, unique to me, "deadbeef". And this is, for all intents and purposes, a cookie.
To fight against this, I may need:
- re-snap the VM full after each browsing session (and reset the modem when I do it). Keeping the same virtual machine always would not be enough.
- use multiple virtual machines or different browsers, as well as known proxy services or Tor (it would not be appropriate for me to use a single proxy for me, or for which I am the only user of Florence, for the purposes of 39; anonymity).
- regularly empty and / or clean the browser cache and remember do not to always open, for example, XKCD immediately after questionable Content.
- Adopt two or more personalities for the services for which I wish to remain anonymous and those who do not interest me, and make sure to separate them into separate virtual machines. , so that a permanent link can possibly be established by an external organization sufficiently informed.
Which also proves that I would prefer to remain anonymous: it is because to achieve it reliably will be a royal pain in the back.