Ask HN: How can I make anonymous Twitter account?

4 points by 0xfedbee ↗ HN
Is there any way that works today to make anonymous Twitter account, that doesn’t involve providing phone number or email address? I suppose I can create a throwaway email but it’s nearly impossible to get a phone number anonymously in EU. TIA!

8 comments

[ 3.2 ms ] story [ 34.9 ms ] thread
Get a burner phone. Or ask a stranger in a coffee shop. Preferably someone who doesn't use all the social media stuff
The thing is I want to make a dissent account against certain country’s Government and I don’t want anyone else in trouble because of my tweets.
> it’s nearly impossible to get a phone number anonymously in EU.

Wrong, also you can use a one-time verification service like 5sim, smspva, etc. or rent a virtual number

Don’t, twitter is not secure by protocol design, if you want to make an anonymous one -as in it doesn’t have your name/pic- sure, but going against state sponsored targets will easily get you exposed, DMs aren’t encrypted yet, APIs can be reversed and exploited to reveal more info, spies/insider threats can be paid to access your data with certain privileges, still relies on a broken protocol for verification (sms) that can be targeted with sim swap attacks, or exposing more info even with a burner such as how/when you bought it, etc. and all of these happened when twitter was relatively at a better state than it’s now, so I assume things are even more chaotic, but last part is just my personal opinion.

Bottom line, don’t do it, and if you do, assume you are already exposed and act upon it.

Here’s my plan: Tor browser inside a Linux VM running on a computer that is connected to Mullvad VPN. No private messaging on Twitter whatsoever. With anonymous account, I plan to not provide any personal details, so even if someone has access to “my” data it won’t do anything. Still think it’s a bad idea? Curious to know your thoughts. Thanks!
You are still making a lot of assumptions, and assumptions have the potential to turn into a risk if not monitored and confirmed otherwise.

You are assuming:

-Tor is 100% secure, even though in the past FBI did infiltrate it with rouge node/exit nodes

-Linux is automatically secure, while it might be better than windows, but the attack vector can still happen, from a non-core package installed (say photo viewer) to a hardware backdoor like the ones in intel CPUs (look for IME)

-Trusting mullvad, while they have a clean reputation so far, but you still have to trust them, there’s no zero-trust policy

-Using Tor+vpn defeats the purpose of tor btw, regardless of the order.

-How you plan to not provide any personal when you are using a phone number, and connected to the internet. Phone number can be used to access you, from zero-day exploits that doesn’t require you to click any link, to geo-locate you just by being connected to the cellular operator. Also as long as you are using the internet, you have a fingerprint that identifies you, even if you are disabling javascript in the browser, which I don’t think Twitter works without it but I didn’t try.

I remember reading in here a while ago about a Chinese dissent who happen to have long cybersec experience, yet eventually got caught by the government, can’t find the story maybe someone can help.

Edit: I also assume you won’t have “twitter blue” aka pay for twitter subscription, or it’s a quick check mate. And if you don’t pay, your tweets will not have the same impact as the ones tweeted from a paid account.

Bottom line again: Twitter isn’t meant for such activities, plan to have a plan B (and C and D too) whenever someone put enough resources to expose your identity.