I am attempting to determine whether it would be possible to maintain your anonymity while using an internet-connected PC infected with ring 0 malware. The threat model assumes the adversary is willing to purchase zero-day exploits and craft malware specifically targeting the victim in question.
Furthermore, I am assuming my adversary is capable of performing a virtual machine escape, which has previously been done on Qubes OS. My threat model assumes ring 0 access to my physical hardware.
Here are the current threats I have considered along with potential solutions:
The malware simply pings a server controlled by the adversary to leak the victim’s real IP address.
The device will exclusively be connected via Ethernet to a router which routes all traffic through Tor. This router will be configured to disable all remote access (i.e. SSH).
The malware reads the hardware’s MAC address, serial number, or other unique identifiers that tie it to a specific purchase, which could then lead to the victim’s identity.
Potential solution: Anonymously purchase the hardware (i.e. use cash to buy a laptop found on craigslist) and never connect to any WiFi network (to ensure the MAC address is not associated with your identity).
The malware scans for nearby WiFi networks to attempt to estimate the victim’s location by using a combination of the global maps of wireless access points and the WiFi signal’s strength.
Potential solution: Physically remove any WiFi adapters from the device and exclusively use an Ethernet connection.
The malware uses the victim’s camera or microphone to record them, potentially allowing the adversary to uncover the victim’s identity.
Potential solution: Physically remove any cameras or microphones from the device.
The victim will operate under the assumption that their device has been infected with malware. Naturally, if the victim uses the device to log in to their personal Facebook account, their identity will be compromised.
Are the solutions I presented adequate, and are there other de-anonymization tactics I have not considered? In short, is it possible maintain your anonymity while using a ring 0 malware infected PC?