I already read Manual about VPN and I understand basics. VPN->TOR (anonymous from ISP) TOR->VPN (anonymous from the internet).
I’m not really trying to hide from anybody specific. My ISP is not after me. Internet is not looking for me. I just want more anonymity on the internet. What would you choose? VPN->TOR or TOR->VPN. And will it really help increase anonymity while using Whonix? Let’s consider, that I will pay in Bitcoin for VPN. I will not tell my real name to VPN provider.
(+) I see VPN as an extra part in the network between me and the internet, that has to be broken. So added anonymity. (-) VPN is static part of network (all my connections are going everytime through this point). Does it decrease my anonymity?
Let’s say I’m Snowden. Would I use VPN? Would I use it before TOR? Would I use it after TOR?
Consider this. Your VPN provider will know ( if using VPN->Tor ) the ip address from which you are connecting your client from. If you are always connecting from your home network it could be used to identify you.
No, VPNs do not increase anonymity
Only he can answer that. I think all the information you need to make an informed decision can be found in the Whonix Documentation and the Whonix forum by using the search engine at the top right hand corner of your screen. Search keyword “VPN”
I’m not going to use Ethereum or any other software, that requires VPN.
In that case you don’t recommend VPN at all, right?
I have created bootable live version of Xubuntu. And I’m running Workstation&Gateway through VirtualBox on this system.
Do you recommend (is it recommended) doing any changes to this setup? You already ruled out VPN. Is there anything else I should use for extra anonymity? Is there any extra possible step?
As you can tell, I’m a little bit paranoid about my anonymity on the internet. I’m not worried about security. I’m not so interesting, that somebody would make targeted attack at me. But I would like to be as anonymous as I can be.
Also, I went through links, that you posted. But I don’t really know, what I’m looking for… . That’s why I’m asking more experienced users. Once they recommend something I’m able to make it work and navigate through Manual on my own.
There are use cases other Ethereum for chaining a VPN after Tor. For instance some web sites block Tor users. A workaround would be to use the above chain. All I am saying is this is an option that you could use but you need to make sure you do:
Use anonymous email if your provider requires a email address for registration.
Use the email address for this specific VPN registration and nothing else
Use this VPN in this chain configuration only. Do not use these VPN credentials for User->VPN->Tor->Internet. If you do your VPN service provider will know the ip address from where your client connected from.
Some things you need to keep in mind if you do choose to use a VPN:
Your VPN service provider can see your clearnet traffic regardless of how you chain them.  See below for exception
Your VPN service provider can see the ip address from which your client is logged in from if using: User->VPN->Tor->Internet
I’m not an expert but I know Ubuntu is not known for respecting users privacy. I don’t know if it would really matter since your using a live version.
Your setup sound OK to me. As long as you use Whonix I think you will be alright. The best advice I could give you would be to read through the entire Whonix documentation. There is a lot of information on anonymity in there.
You should be. If Whonix was not secure it could be more easily exploited. Then It would increase the risk of de-anonymization.
Unfortunately it just takes time.There a lot of documentation (and forum threads). The way I learn is by reading the documentation and going through and reading the different threads on the Forum. A lot of the discussions on the forums tie in together. You have to learn about many different thing to really understand what you should and shouldn’t do ( for anonymity ).
Also remember that most of the info I’m giving you comes from memory. That info is scattered throughout the docs and forum threads. I try to add links when I can but I don’t always have the time or can’t recall the exact page I’m quoting info from.
There is something I failed to mention. You have to make sure you install the security patches when they become available. This applies to you host ( Xubuntu ) as well as Whonix gateway and workstation. Although malicious code would not be persistent it could be a problem for your current session.
I understand this could be time consuming but it is very important.