What I’m trying to protect: My activity online from being traced back to me and rather to a pseudonym that can’t be connected to me
Threats: Police, Immediate Family
Credibility of Threats: Police Surveillance does indeed exist, but I am not made to believe they are on constant watch of me, but if they detect any more suspicious activity from me I could be in trouble… Immediate family have been and will be immediately affected, I will no longer be able to speak online as I wish to, nor do things I enjoy online.
Risks: Legal Trouble, Loss of Internet Access, Heavy Punishment, Ruined Future
My Goals: Pseudonymity - The ability to speak, act, and post online under a pseudonym made as hard to track as possible in order to keep the real me safe
Direct Issues: The necessity of speaking to family/friends and the necessity of doing school work. These are issues because my identity will be instantly available through those acts and will therefore mean that it is possible to link my identity through the things I do related to school and my personal life with my online activity.
What I own:
I have an iPhone, I do not do any of my online activity on there out of fear of the obvious. I do own orbot, adguard and onion browser for the browsing, but I can not go beyond that.
I will soon get rid of this for a Google Pixel for GrapheneOS but the issues I mentioned above are still present.
I have a laptop, it runs Bazzite (immutable Fedora workstation modified for better gaming experience).
I have Librewolf for general internet and schoolwork, and Tor for browsing.
I use the usual messaging apps for talking to friends and family, and I own Session under my pseudonym to talk to one online friend who I speak to and who speaks on behalf of me to other online friends on apps that I do not feel safe using with my pseudonym.
For my threat model and goals what steps should I take to achieve my goals and deal with my issues.
All this depends on the platforms you’re going to be using, how you make your accounts on them, and how you continue to use them.
Simple rules for decent OPSEC (not necessarily in order):
Never use PII for account creation.
Always use a reputable VPN. Follow Privacy Guides recommendations. Choose between Mullvad or IVPN only because Proton has killswitch issues.
Use Mullvad Browser for its anti fingerprinting capabilities.
If using other browsers, harden it and set it up such that all history, site data, cookies, etc. is deleted between browser reboots.
Use Signal messenger for your IM needs. Never use WhatsApp or Telegram or such apps.
Use a password manager like Proton Pass and all its features including aliasing. Use an account that you’ve never used before and pay for it anonymously/privately first. Cash and Crypto both are accepted. Never use a card to pay. That’s PII.
Also, not at all clear about your “direct issues”. Please explain that better. Also, please improve the formatting of your posts going forward because it is not easy to read or understand all and how you mean things. The more details you add, the better suggestions we can provide.
I added more gaps to make it easier to read hopefully.
Now I’ll address things:
I use PII for things where my identity is going to end up leaked anyway. This happens for things like WhatsApp, Snapchat, Discord where I speak to family or friends.
Mullvad and IVPN cost money, are there free alternatives? Proton was one but you said it’s got issues.
For what use case? I heard you need Mullvad VPN to use it for anonymous browsing as it doesn’t use usual Tor circuiting.
Done and dusted.
Don’t use Telegram, only use Whatsapp for family and friends. Signal Messenger requires Phone Number which I have an issue with, why have that over Session?
Why? Not the card part, I understand that, I mean why use a password manager?
And for the direct issues matter. I mean that my pseudonymity can be compromised if things with my identity like schoolwork and contacting family/friends is done on the same device(s) as my online activity which would be done under a pseudonym.
I’m sorry, truly. But this is the stupidest defeatist attitude one can have. Please stop thinking this. This is like saying, why do I need to eat tomorrow? I’m going to die at some point anyway. I’m genuinely not being harsh. But only describing your thinking here objectively. You still need to and should take steps to maintain good OPSEC no matter what.
What?! How this makes any sense is beyond me.
Please only use Signal for that where communication is private, encrypted, and secure.
They are worth it though. Many privacy tools can be used for free but for securing you threat model, you do need to pay a very nominal amount. It’s really not expensive for all that you get.
If you still don’t want to or cannot pay, you can use Proton. It’s totally fine.
A VPN (inherently) does not make you anonymous. Please read up on info Privacy Guides provide on their website. It’s not a magic pill. But for your use case, a VPN is a must. You ask for what use case? For your pseudonymous use case.
You use DIscord and other apps but this is what you have an issue with?
What is the issue you have really? Signal only needs it to make an account. It doesn’t do anything with it. And you can always hide your number within the app from anyone using Signal and having your number to keep identifying that you use Signal. Once you register with Signal, you can make a username and keep using that to add contacts and whatnot.
Because it helps you manage all your credentials. And aliasing with it is easy too.
Weird sentence structure here. I still do not understand. Please re-frame or use AI to come up with a better way to explain what you mean and get back.
It’s not, it’s more like saying “I’m gonna eat food with my friends so I’ll make the recipe now”. On these apps which my identity will be on because I will use it to speak to family and friends, my Name and Number (which is the only real PII that account creation uses) are used for the profile.
Good point, but it isn’t easy when I have to contact family and friends and do school work, if there are any beneficial ideas you can bring to the table it will be appreciated.
Completely aware, it wasn’t the point I was making. I was saying in order to use anonymous browsing on Mullvad VPN similarly to Tor you need Mullvad VPN otherwise it warns you that your IP is out in the open.
I meant whether it should be used instead of Librewolf for general Internet Access or instead of Tor for browsing, or if there is another use case.
Discord and Whatsapp and such are for speaking with irl friends and family, impossible to uphold pseudonymity in such case. How can I uphold pseudonymity if my Phone Number (which is PII and you said not to use PII for account creation) is used for the account, of course I have an issue with it because it can be traced back to me. Session does the job without phone number, unless there is an issue with Session that I must know about?
Will give it a go, thanks.
“My anonymity could be broken if I use the same device for pseudonym-related online activities as I do for real-identity activity, like schoolwork or contacting family/friends”
Again, suggestion is to only use Signal or iMessage at most (since more people will be using it than wanting to move to Signal). You also don’t need to use your number with iMessage. You can set it such that email is how you connect on and through it.
For your use case, Mullvad Browser is best. If that’s not the only use case, then you can harden Firefox too.
First of all, anonymity can only be truly achieved with Tor. So unless you’re using Tor or the Tor network for everything (where you don’t log into websites), you only will always have pseudonymity at best. It seems like you’re conflating the two here. There are differences. Important to be mindful if such specific questions are being asked and considered for your best OPSEC per your threat model. Pendantry and specificity is necessary here.
Also, to answer for this: yes but there are measures you can take. The real key here for this concern is compartmentalization. Use different browsers or browser profiles to separate your work/activities for the different things you need to do online.
Sound serious. I would personally not use a phone for my pseudonyms if I had a threat like that but if you really want to use a phone use profiles for your pseudonyms when you get a Pixel.
QubesOS + Whonix could help with keeping you personal identity separated from your pseudonyms through compartmentalization it would also help with minimize the risk of human errors.
Bazzite + Whonix and Kicksecure in normal VMs would also do the trick. personal identity(Bazzite) only for personal things like school, gaming, Discord with friends, Etc. Use Whonix or Kicksecure for whatever online pseudonym you want, depending on if you can use Tor or not.
Just remember to use a VPN if you are going to use Kicksecure. I would recommend MullvadVPN + Mullvad browser. But you can use whatever you want.
Yes, I heard Graphene had compartmentalization by default and allowed different profiles so that helps with the irl/online split. Perfect.
I heard it is very hard to use and I am a mere beginner. Been using Linux for just over a month and Bazzite for half of that. How would I get used to Qubes?
I tried Whonix, but obviously a lot of things that I would like to publish things on became painful through the Tor network. I also tried Kicksecure the other day as it was Whonix without tor and hardened Debian which sounded perfect but it was hard to use because the user/root split. I obviously could read documentation and get used to it easily but I didn’t have time at that point and I will definitely try again in the future (Dual Booting Kicksecure and Bazzite).
I can 100% use Tor, and I do for general browsing and whenever available, but activity is limited as there are restrictions on Tor from all over the internet. I don’t want full anonymity, just pseudonymity, whatever that is limited to.
Gotcha, thanks for the recommendation. It is definitely the ideal option but I want to avoid costs as much as possible. Is there any free alternative that can help? Proton VPN is an option but I have heard of concerns. If nothing then I can settle on Mullvad.
OP’s threat model is fairly high since it includes law enforcement. Even though Mullvad Browser has good anti-fingerprinting methods, I don’t know why it’s being recommended here. Tor is the gold standard for anonymity, so I would recommend that over Mullvad Browser, even when you couple Mullvad Browser with a VPN.
If all of your pseudonymous activities can be done in a browser, I would recommend to use Tor. If your internet traffic is being monitored, anyone monitoring it might deduce that you are connecting to Tor, so be sure to connect to a VPN (Mullvad VPN imo) with its killswitch enabled before connecting to Tor (this is called the Tor over VPN method). If you can’t use a VPN for whatever reason, use a built-in bridge like obfs4 to obfuscate the connection.[1]
However, if there are some activities that cannot be done in the browser (which seems to be the case since you mention using Session), I would follow @null’s advice and use Whonix. Whonix is a VM that forces all activities in the VM through Tor, so Session would also connect to Tor. If I were you, I would migrate all of the pseudonymous activities to Whonix.
I would still recommend Mullvad VPN over a built-in bridge. ↩︎
When using Tor, I only find that anonymity is possible. If I were to make an attempt at pseudonymity through Tor I would find myself wasting time a lot because account creation on almost all websites becomes impossible… I wouldn’t be able to speak or post online as Tor usage is restricted on browsers. There is a lot of rate limiting and cloudflare firewalls. If pseudonymity cannot be fully obtained without Tor, then I will be forced to make those sacrifices as we can’t get everything.
Sorry to make you repeat yourself, I didn’t read the whole thread because it was unnecessarily long. If you are experiencing issues with Tor blocks, you will prefer the VPN over Tor method then, where you connect to a VPN after having connected to Tor. In this case, the website will not know that you are connecting to them with Tor. They will instead see the VPN.
However, this means that anyone monitoring your internet traffic will know that you are connecting to Tor. You will therefore want to either use a built-in bridge or continue to use a VPN on the host machine prior to opening up Whonix. This unfortunately opens up the possibility of much human error (such as leaks from misconfigured settings, possibly), which means that you will need extra precaution setting up Tor over VPN for your Whonix VM. If your pseudonymous activities are worth the effort, then you should do it. Even more so if the consequences of revealing your pseudonyms are dire.
If you want to pursue this, I suggest going on the Whonix forum. They will not only provide tech support for any obstacles you will encounter but also likely better advice on which setup to pursue at all based on the threat model you gave.
Absolutely perfect! I can look to anonymousplanet.org for a guide to this, but your recommendation is beneficial as I wouldn’t have bat an eye if not for you. The traffic monitoring can be protected with a normal obfs4 bridge, which I use anyway when I use Tor.
So my connectivity would be: User > Isolated Whonix Network > (Obfs4 Bridge) Tor Network > VPN (Likely Mullvad) > Internet
I looked into it, and saw that only issues were to do with .onion services and stream isolation. Not fully understanding, personally, but I plan to look into it before going ahead. anonymousplanet.org did say the same thing.
Thank you for everything. This is definitely the solution for me! You’ve given me everything I wanted.
I would personally not use a phone for my pseudonyms if I had a threat like that but if you really want to use a phone use profiles for your pseudonyms when you get a Pixel.