There are some VPN providers that offer anonymous accounts without any information and payed with XMR (Monero), for example Mullvad and IVPN.
If you use the account from your home ip, they could find out who you are.
But what would be if you create an anonymous account and use it only over a public wifi that cannot be tied to your real identity? Would this be leveraging privacy even more or do I made a mistake in thinking?
If you are practicing this, you cold also discard your account every week or month (I think IVPN is better here because they over weekly plans) for increased anonymity.
You also could combine this with Tor.
Public Wifi → A. VPN → Tor → Destination
if we assume that 33% percent of Tor relays are compromised in some way, then the likely hood of getting a compromised circuit is 3.59% (0.33^3)
If you build 100 circuits, then the likelyhood of getting one compromised circuit is 95.1%
And?
You should assume every exit is tampering with your traffic and ensure encryption to the endpoint is always used.
That is irrelevant to your original question.
The main purpose of Tor is not encryption, though the .onion self signed encryption modell is very based.
The purpose is to hide to the destination who you are and hide from your ISP what your destination is.
I don’t see what that has to do with your question. If you’re using public Wi-Fi and exiting through Tor adding a VPN with an account/identifier into the mix has little benefit.
Tor only: 3 compromised relays for deanonymization
VPN + Tor 3 compromised relays and a compromised VPN server for deanonymization
Public Wifi + Anonymous VPN + Tor: 3 compromised releays and a compromized VPN, wouldn’t be sufficent for deanonymization
Not necessarily. This is a big misconception. Often, especially when your ISP doesn’t asign you a unique IP address, an IP will not map your precise location.
Unknown actors took control over a quarter of all Tor network relays to launch man-in-the-middle attacks, target bitcoin addresses and much more.
And that are only the documented one, we can assume that the iceberg is a lot deeper then what we can see.
I assume that if any law enforcment agency, big private company or someone who pretend to be one of them and just use social enginerring can get to know the real name and adress that are tied to my IP adress
25% of exit nodes being compromised is very different than 25% of ALL nodes. And article you linked are contradicting, but hackernews says " 27% of the entire Tor network exit capacity".
As I understand, multiple people might use the same IP .But yeah if you are LE you probably could.
Perhaps multiple people the same wifi, but each ip must point to a specific network, otherwise it wouldn’t be sufficent for data transfer.
Anyway if you use your home wifi its either your, or own of your friends or family members.
The only exceptions would be public wifis where nobody can tell which people use it from the wifi data alone, especially if you randomize your MAC adress (default in GOS, Silverblue, and also Tails and Whonix as far as I know)
It depends. For one-off activities, conducted in a faraway location, using public wifi can provide an additional layer of security. But depending on the location and how you approach it, this layer can be strong or week. The proper usage of public wifi can kill an investigation, especially into one-time activity that happened months or years ago.
Consider the following:
There are cameras everywhere, that track people with facial and gait recognition.
Your movements are likely tracked with your cell phone, and license-plate reading street cameras.
Public wifi logs MAC addresses - so you would need to randomize that the least.
Don’t forget the “classic” traces you leave behind - like footprints, fingerprints, DNA.
In a public setting, you open yourself up to LEA storming you and performing a cold-boot attack, similar to what happened to Ross Ulbricht.
If you’re actually in the place with the public wifi, you also risk the chance of someone just looking at your screen, and reporting you if it looks suspicious.
Using a long-range antenna can mitigate some of the aforementioned risks.
The Hitchhiker’s Guide contains a lot of useful information on using public wifi.
The chances of a VPN getting deanonymized are far, far higher than Tor deanonymization. If your public wifi activity was uncovered, “they” (assuming a government in this case) would start an investigation and already know what general area you live in, provided the public wifi location was close.
That’s not how Tor works anymore due to guard nodes, which caps out the likelihood of getting de-anonymized circuits for each rotation period. Also all nodes are not weighted equally, relatively smaller nodes account for the majority of the bandwidth.
How much distance should be there in your opinion?
I dont think that I need to leave my city to get a sufficiently big anonymity set.
I live in the EU and as far as I know, its not legal here to use ai to create lists of who is where, its only legal to search for specific person if their is a warrant for them.
And (as far as I know) AI CCTV is only used in places like airports and train stations and some other high risks places.
I will use airplane mode to prevent triangulation.
They are also very uncommon where I live.
And also I kan go ti the public wifi places with a bike or something else that doesn’t have a licence plate to prevent this.
GrapheneOS will take care of it.
If they dont show up on the same day to collect this inof, I think it will be cleaned away.
I will never leave a device unlocked in a public space, I don’t even do that at home, I always look everything when I go to the toilet or something like this.
Yes, but there is nothing on my screen like “2kg of [illegal substance] on stock” or something like this.
ANd I also would sit with my back to the wall so that nobody can walk behind me.
