Operational rules for continuing anonymous activity
Anonymous activity cannot be protected only by the initial setup.
Creating a dedicated email address. Using a or . Not writing your real name in a profile. These preparations are important. However, as activity continues, posting time, reply habits, topics, images, relationships with collaborators, and contact with the real-name environment can gradually accumulate.
Anonymity is worn down more during the time you continue than at the moment you begin.
For long-term operation, do not leave every judgment to how you feel in the moment. Decide rules, review them regularly, and create a structure that lets you stop when you are tired or when reactions are intense.
This article organizes the basic rules for continuing anonymous activity.
Correlation increases during long-term operation
The risk differs between using an anonymous account for one day and using it for one year.
The longer you use it, the more posts increase, topics expand, and replies accumulate. Information that was not visible in a single post becomes visible through accumulation.
What accumulates
Visible information
Response direction
Posting time
Life rhythm, work pattern
Review time-of-day bias
Topics
Job, region, interests, affiliation
Decide the range of topics
Replies
Relationships, emotions, experience
Create reply rules
Images
Backgrounds, places, devices, habits
Fix a pre-posting check
Links
Other accounts, external sites
Do not mix with the real-name environment
In anonymous activity, the danger is not only one major failure.
Small pieces of information that accumulate become strong clues later.
Do not mix with the real-name environment
The most important point in long-term operation is not to mix environments.
If the browser used under your real name, personal email, usual cloud storage, smartphone photo app, contacts, social media apps, and anonymous activity mix, correlation is created somewhere.
What to separate
Reason
Caution
Browser
Separate cookies and login state
Do not log in to real-name accounts at the same time
Email
Separate registration information
Do not make the recovery destination a real-name email either
Storage location
Separate filenames and sync
Do not automatically save to a personal cloud
Image management
Separate photos and screenshots
Watch location information and notifications
Contacts
Separate contact paths with collaborators
Do not pull them toward a personal messaging app or phone number
For high-risk activity, it may become necessary to separate devices or even operating systems.
However, increasing tools does not automatically make you safe. What matters is whether you can use the separated environment the same way every time and operate it without mixing.
Manage posting time and reaction time
Posting time creates a picture of the person.
Posting at the same time every day, reacting only during a commute, acting only during workplace breaks, or writing in detail immediately after a specific event. These patterns show life rhythm or participation at the site.
Rule
Purpose
Specific example
Avoid immediate posting
Avoid showing site participation or location
Delay posting photos immediately after an event
Do not use the same time every time
Avoid fixing life rhythm
Use scheduled posts or drafts
Do not reply when tired
Prevent emotional information additions
Avoid late-night rebuttals
Do not act at the same time as real-name activity
Reduce correlation between accounts
Do not post immediately after reacting on real-name social media
You cannot hide time completely.
However, you can reduce unnecessary patterns. In particular, handle posts that show you are on site with care.
Decide rules for replies and DMs
In long-term operation, replies and DMs add more information than the post body.
Answering questions, arguing back, explaining to collaborators, responding to reporting requests or consultations. In these situations, it is easy to reveal information that was not in the main text.
Situation
Rule to decide
Reason
Replying to criticism
Do not answer immediately
Avoid emotional explanations
Reacting to identity guesses
Do not deny specific guesses in detail
Do not narrow candidates
DM consultation
Do not hand over personal information
Assume it can be screenshotted
Sending materials
Check metadata
Do not leave author names or filenames
Contact with collaborators
Fix the contact path
Do not mix with real-name contacts
DMs look like private conversations, but they are places the other person can save.
It is important not to think "it is not public, so it is safe."
Put regular reviews on the schedule
For anonymous operation, checking only when you notice something is too late.
Once a month, or before and after major posts, check the public state. Review your account name, past posts, images, search results, and external links.
Frequency
What to check
Purpose
Before every post
Body text, images, links, metadata
Prevent immediate leaks
Once a week
Replies, DMs, follow relationships
See whether correlation is increasing
Once a month
Profile, past posts, search results
Check the overall view from outside
After a large reaction
Quotes, reposts, identity guesses
Understand the spread
At the end of activity
Information to keep, information to delete, handover
Avoid abandoned accounts
During a review, do not look only at the screen while logged in.
Check the public state visible to third parties. Use search results and image search too, and see how it can be found from outside. However, for high-risk activity, be careful not to search carelessly from a browser where you are logged in under your real name or from your usual device.
Review tools and trusted parties
VPNs, Tor, proxies, cloud services, email, social media, and messaging apps change during long-term operation.
Terms of service, logging policies, identity verification, payment methods, supported countries, and app specifications can change. Even if you judged a tool to be safe when you started using it, review it regularly.
What to look at
What to check
Meaning for anonymity
VPN
Logging policy, audits, payment, destinations
Where the trusted party is
Tor Browser
Official updates, extensions, setting changes
Whether custom settings make you stand out
Email
Recovery destination, phone number, login history
Whether it connects to the real-name environment
Cloud
Sharing settings, owner name, sync
Whether files reveal personal information
SNS
Display name, contact syncing, publication scope
Whether it mixes with real-name accounts
Tools alone do not protect anonymity.
They change who can see information. If you use a VPN, the destination visible to the ISP changes, but the VPN provider becomes a new trusted party. If you use Tor, how the communication route appears changes, but the effect weakens if you identify yourself through login state or post content.
Stop rules for when you are tired
One thing often overlooked in long-term operation is fatigue.
Being sleepy, angry, afraid, in a hurry, or too focused on reactions. In these states, people reveal information they normally would not.
State
Likely failure
Stopping action
Angry
Explaining in detail during a rebuttal
Save as a draft and look the next day
Afraid
Deleting or changing things in a panic
Check the impact before acting
Sleepy
Skipping image or link checks
Do not post
In a hurry
Omitting metadata checks
Prioritize safety over the deadline
Under attention
Making things worse through additional posts
Stop replying
Stopping is not a failure.
In anonymous operation, deciding not to post when unsure is important.
Summary
When continuing anonymous activity, operation becomes more important than the initial setup.
The longer you continue, the more posting time, topics, replies, images, links, and follow relationships accumulate. Even if each one is small, they form a picture of the person when combined.
Separate the real-name environment and anonymous environment, decide rules for posting time and replies, and regularly inspect the public state.
VPNs, Tor, email, cloud services, and other tools are useful, but they are not universal solutions. You need to keep reviewing where the trusted party moves.
Anonymity is not a state that becomes fixed once created.
It is continuing operation to avoid increasing correlation. Having rules that let you stop when unsure is a realistic safety measure for continuing over the long term.
Related tools
Anonymous OS
Tails
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.