Are you truly free if you're forced to be paranoid about everything? Secure maybe but that doesn't sound "free".

I'm free to give up technology, the price to pay if I want to use tech is to be careful and paranoid.

Not for myself but for other people in this world who aren't as lucky as myself in terms of freedom.

You're still restricted from going about the life the way you want. Having to make that tradeoff is an imposition on liberty.

> Regularly trade laptops and phones with like-minded individuals

That puts you into a group of people then. Groups are easier to infiltrate.

In opsec, people are vulnerabilities.

That's precisely the point. Infiltrate me and a group of other people that have nothing going on, as long as I'm wasting your time I'm doing my part in protecting a tiny bit those who lack freedom.

I'm pretty sure one waterboarding session will make you regret even having such ideas. Everyone breaks, it's just matter of time.

Breaks how? Torture me all you want; I'll cry and beg and make up stories, but I don't know anything about whatever you are investigating.

Make up stories? I don't think so. Also don't forget that those on the other side are not idiots who cannot recognize a lie/made up story.

My life is so boring I'd literally would have no other option but to invent a story.

But please do keep imagining things, it's a powerful tool to progress!

I agree with you.

But I like the idea of trading devices with people who have already tied their ID with IMEI, wi-fi networks, ISP IPs etc.

Identity theft? Not really... Just borrowing it for a while.

Problem is, you essentially can’t trust people. Not even in a personal “do I know this person” way. But fundamentally people are squishy. If you squish them too much, they’ll do things they never wanted to do. That unfortunately is why groups greater than 1 are a weak spot.

In your scenario, you’ll never know if the last person increments an ID somewhere or did some other activity that adds compromises the chain.

Every person you swap hardware with is a chain leading back to you.

It also becomes tricky to convince someone to lend you their phone in my country since ID cards are required to register any SIM cards.

As someone else above said, adding more people makes the rope (your opsec) weaker.

People generally can't be trusted once their self-preservation instinct kicks in. How sure are you the other guy you trusted enough to put them in your opsec isn't going to sing on you when their balls are gently fondled by LE agents.

What's tricky about swapping burner phones with throwaway SIMs? And what do you mean with LE agents?

In my country we don't have throwaway SIMs. In such a case, randomizing location beacon tracking might work.

LE stands for Law Enforcement.

Your ISMI (aka your sim card) is going to be sent alongside your IMEI, which makes that type of identity "borrowing" pointless because the carrier can see right through it. wifi mac addresses can be easily spoofed without swapping hardware. Overall I don't see much value in swapping hardware.

Different users of one device muddle location, patterns and data being transferred. This is the usefulness.

I'm lucky enough not to live a pretty vanilla life and so do my peers. Please investigate and waste time and resources in tracking down the most boring and uninteresting (on a political and criminal level) persons you could ever snoop on.

Muddled doesn't matter. They'll convict you or lead pipe you or raise your insurance rates based on their misunderstanding of your data.

In this case I would use the SIM card used by the former owner, if it's a pre-paid plan, for example. This is quite common trade in the place I live.

only if they are still paying the bill will this be useful. If you start paying the bill, well then.. they know exactly who you are.

You don't pay bills on burner phones. And if you do you anonymously top them up via scratch card or cash, via a different person.

Yes, that's the idea. At least in the place I live, you just need to go to a convenience store, tell the cashier the phone number and pay cash.

again, once you pay for it, even with cash, they can track you down(though it may take a while). It's trivially easy to see where a given # is, so once they know the phone #, they can pretty easily find out who has it in their possession, by just showing up and seeing who has it in their hand.

Not to say there isn't SOME anonymity by paying cash for a burner phone, but it's not even remotely fool-proof for anyone really wanting to figure out who you are.

yeah running 1 or 2 of your own Tor nodes seems to be pretty ideal. One of which being an exit node. Connecting to that is the move.

providing an obfs4 bridge seems good too

but I really wish there was a docker container for all this, the documentation is all over the place, most of it is just on forums that can only be accessed on Tor and those forums have unreliable uptime, it is really discouraging but it seems like there are some very competent people that are so comfortable doing this that one could just assume they all have this greater level of OPSEC and infrastructure

I possibly misunderstand you, but why would connecting to your own Tor exit node help your anonymity?

your traffic is mixed in with others using your exit node, and you control the data and logging of that exit node

But if they can trace back all the activity pertaining to a case they can show strongly though not conclusively that you were probably the source? Also as long as they can prove that you constructed the setup you also start looking guilty as hell..

varies by jurisdiction, so far us and its states havent made exit node owners responsible for traffic or let that go beyond the doubt

With a solution like https://github.com/jaromil/TorTV one could have much more than a couple of exit nodes.