Can anonymizing techniques make you less anonymous?

If you are in a crowd and you wear a mask, but nobody else in the crowd does, then you tend to attract attention...

If you want to remain anonymous, then you must use only tools which do not single you out as a potential miscreant, i.e. tools that everybody uses. A good example is when you pay in cash: this is a mostly traceless payment system, and yet sufficiently many people use it so that paying with cash does not appear suspicious (unless you use cash to pay for, say, a big car).

To a large extent, this illustrates a tendency to miss the point, which is unfortunately often encountered in circles dealing with anonymity: it is what I would call the "game fantasy". When using Tor, PGP or whatever, the wannabe anonymous sometimes feel that he is playing some game with informal rules, in particular a definite and finished scope. The Tor user tends to believe that his adversaries will meet him only in a network-related way. As rumour has it, one of the first reactions of Kevin Mitnick upon his being arrested was to say that Tsutomu Shimomura had "cheated" by calling the cops, instead of trying to defeat him through technical skills alone.

So let there be a lesson: if you want to be anonymous, don't concentrate on the tools. Instead, focus on the big picture. Layering anonymity gimmicks on top of each other does not address the actual problem.

In fact it can be argued that no layering can help Tor in any way, since the point of Tor is to randomize the network path so that sender and recipient cannot be correlated with each other; if something else is needed then sender and recipient were correlated with each other, and the actual use of Tor came to naught. This is a property of anonymity through absence of correlation: it is all-or-nothing. You cannot get anonymity incrementally; you have it all in one go, or you have none. This answers one of your questions: layering does not ultimately help.

To really be anonymous, you have to blend in the background. You achieve perfect anonymity by doing nothing. However, as soon as you try to act, if only to send an email, then you begin to leave traces of many kinds. For instance, when you use a WiFi access from a coffee shop, then you are physically in the coffee shop, so you are in range of CCTV cameras, you leave fingerprints and DNA traces on the premises,...


I essentially agree - using Tor from within Harvard's own WiFi network was a big mistake.

Note that in this case, the perpetrator did not have the nerve to stay silent in the face of police questioning. His confession is what made the case against him airtight.

Had he "lawyered" up, the police would have:

  • Evidence that he used Tor around the time the emails were sent

The police would not have:

  • Information about what websites or services he accessed using Tor
  • Information about the content that he transmitted and received via Tor
  • Any residual information on his laptop (if he had used something like TAILS)

The Tor network performed exactly as designed - the weakness was a PEBCAK issue.

At a guess, a tired, sleep-deprived student, under considerable parental and cultural pressure to perform, made the biggest mistake of his life.


I think that the concept here would be dividing data from metadata. In the case of the Harvard student what caught him (well as far as reported facts go) was meta-data rather than the content of his communications. Some privacy techniques (e.g. encryption) just hide the content of the communication they don't hide the fact that the communication has taken place.

In terms of anonymity tools making you less anonymous, I'd say that doing things that make you stand out make you a potential target. So if you start using a VPN and Tor and taking burner laptops to coffee shops to connect to the Internet, someone observing your activity is likely to conclude that you have something to hide, which could in turn cause you to be placed under investigation. This of course depends on the idea of someone observing the metadata, which is what happened in the Harvard case.

Better OPSEC practice is to try not to stand out from the crowd, so if you're one of a large number of people using Tor in a location, you don't stand out from a metadata perspective, and Tor may protect the content of the communication.

So to answer the question, I'd say that anonymity tools have a place in an overall OPSEC regime, but if misused they can be counter-productive.