[ Guide + Questions ] How to be total anonymous in the web!

Hi guys,

in this topic i want to create a guide to be total anonymous in the web and how you can archive this. But i know not enough so let uns create together a Guide so everyone of us will send no more data in the world! Every time someone will say something new, i will add this to this guide, so with time this will be the ultimate Guide :slight_smile:

What you should do:

  1. Internet-Connections
    -Best all traffic over tor (your router can do this too!
    -VPN-Connection if you need by Mullvad for fast speed
    -Change Hostname and never use google dns

  2. Hardware you need
    -Only use open Hardware systems to connect to the web
    Workstations: Opteron 6830 with the D8/D16 board with Coreboots and nv40 line nvidia card with nouveau drivers and wlan cards from technoehtic or think penguin
    Routers: Turris Omnia or Mox
    Notebooks: Librem 15, Librem 13, Lenovo x200 with libreboot and others from this
    Smartphones: Librem 5, Galaxy S3 with Replicant

  3. Software
    -Only use open source apps and programs that’s respect your privacy if the device got a connection to the web
    -Use a privacy Browser like iridium with adding extensions: privacy badger, http everywhere, ublock, cookie autodelete, noscript

  4. Good to know
    -Never use your browser with cookies saved because your browser got a fingerprint, so a code to identifier you. If you only one time connect to a google service it’s over… you can reinstall your browser

My questions:

  1. Every system for the www got a device ID and a Mac-Adress. How companies can see your this
    unique ID? Only if you install an program with internet connection? or if you connect to a side? Does your internet provider can see the mac dress from your router? from your notebook?

  2. Same question with IMEI on phones!

  3. Can i change the mac address of devices? Or if i used for example a google app an my pc, the know this is my pc and can check this? same with the ID

  4. So a phone where i used a android app with the permission to my phone knows my mac-address and the imei so the know that’s me, government too? So the phone is useless to get privacy?

  5. Is this right a “private phone” with tor can’t hide you because the phone providers knows where you are…? I know private switches :wink:

  6. If i’am change my wifi card my device is safe again that’s right? But the serial number is not changing so useless?


The primary thing I think most people overlook when trying to guide anonymity on the internet, is that to be anonymous online you have to have your actions not be unique in any way, not just the actions of the system but the actions of the user as well.

I’m not trying to shoot down your idea, I just want to throw it out there that you can’t do just anything and remain anonymous.

As far as your questions on unique identifiers, it is theoretically possible to create new Global Unique IDentifiers (GUIDs) each time you use a system, but even with that, if your behaviour is unique the multiple unique systems may be able to be correlated to you in turn breaking the anonymity.

This may take a considerable amount of resources currently, but in some instances this may be worthwhile. It is my understanding Google and Facebook do this to some degree to try and correlate behaviour to identities even if they’re identities not tied to specific accounts which is how you can sometimes still get targetted advertising from these services without having an account on either.

On the phone side, as long as you want to have a unique phone number to be identified by, so that you can be contacted, you’re going to be sacrificing anonymity. I am not currently aware of any cellular service that doesn’t result in a significant loss of anonymity to use it at this time.


And if i only use the phone for data?

Oh man, i think all of this would be no problem if in every country there would be good people on the top the really care about people. The climate is fucked up, Companies spy on us better than every government and still there is so much violence in the world. Its so said because everyone of us is important and unique, but not for tracking…

1 Like

These are big topics but …

It depends on what type of client device - but let’s say laptop connected to local LAN (wireless or wired). It also depends on what type of internet connection.

Your internet provider most likely can directly see the unique address on the WAN side of your router, if there is such a unique address. In some cases this may be essential, in other cases not.

Any web site in the world may be able to see the MAC address of the client device if you run client-side code in the browser (and of course if you run untrusted / closed-source code directly on your device then all bets are off).

If you have a portable device (laptop, phone) and it periodically speaks up to see whether any known Wireless Access Points have come into range then the device may be broadcasting its MAC address.

If your Wireless Access Point is filtering by MAC address then it will be inconvenient to alter your MAC address.

If you use IPv6 and you use IPv6 addressing in a privacy-poor mode then any computer on the internet should be able to pick up your MAC address if you communicate with that computer.

Hopefully the mitigations for the above are mostly obvious.


you seem quite naive … but well intended …

my question is … how do you pay your ISP ? do you own ANY identification document (electronic or otherwise) ?

imo there is no such thing as 100% anonymity anywhere in the world … unless your ID is in no database anywhere and you pay in nature :wink:

1 Like

there are still anonymous prepaid gsm cards with internet out there, just sayin’

1 Like

yes but i doubt that once you put it in your mobile-phone it stays anonymous … besides the IMEI is the one that does the identification not the gsm card …

either way you can’t use a gsm card without a mobile-device of some sort … and there is no need to … unless you are a collector :smiley:

nope, it’s imsi. and i use 3g modem anyway which does not have any identity (on my person). And i top it up using anonymous top-up cards purchased in tabaco shop for cash. So - there are still ways to keep myself sane without tinfoil hat :slight_smile:


“ways to keep sane” yes - for NOW - i’m sure they’ll find ways to change that …

Oh yes, for that I’m certain, in many european countries anonymous gsm prepaids are not allowed anymore so that’s the first step they always do. So it’s just a matter of time.

ActiveX & WMI (Windows Interface via Windows Management Instrumentation), Java, Javascript and they now my mac adress right?

So if you want to be private grab and an old s3 with replicant use XMPP to chat but do nothing private with it :smiley:

Okay i get the point, if you use a closed source program the can read this out, the same for web stuff that’s more than html css

for sure someone keeps track of this conversation then … :sweat: … talk about giving them ideas …

I am not qualified to comment on anything to do with Microsoft Windows but if you run Microsoft Windows, you have much bigger problems than whether your MAC address is exposed.

Yes. However these days most people would have the Java browser plug-in either disabled or not even installed.

All other browser plug-ins would also need to be scrutinised for what the implementation does and what the plug-in allows.

I think the answer for this is “no” i.e. no access to the MAC address from JavaScript.

Another way in which your MAC address can be exposed is if your computer uses a fairly old method of UUID generation that is based off the MAC address. (These days I think most computers use the ‘random’ method of UUID generation.)