I’m asking because I’m curious how one would go about doing something like this in 2019. What are the things you need to think about, and what measures would one need to take to ensure continued anonymity over time. In particular, I’m curious about just information transfer, like a simple, not-for-profit blog.
Since the threat model can get pretty vague, I guess I’m thinking about two main scenarios:
1. Easier case: how to prevent being de-anonymized by curious individuals and specific corporations (e.g., multiple ISP’s colluding together may be able to de-anonymize you, but for example a specific company like Google can’t).
2. Harder case: ensuring anonymity even from state-level actors.