I read the Tails documentation on how to properly use the operating system to protect yourself as a user. One point of advice they provide is to only use one Tails session (booting into Tails) for one purpose at a time. This is apparently because an adversary can tell if you’re using the same Tor circuit if you connect to their service. My understanding is that if you (for instance) log into Gmail on Account A and then reset your identity in the Tor Browser and log into Account B, Google would have the ability to link those two accounts together. But I’m unsure of a few things.
-
Does this only apply to each service independently from one another? For example, let’s say I log into Google, then restart my identity in Tor Browser, and then log into Reddit. Could Google or Reddit link those two accounts? (Would the answer change if we entertain a hypothetical where Google and Reddit were working together on identifying Tails users this way?)
-
Does this apply when using different applications? For example, if I’m using Google search in the Tor Browser but log in to Gmail on Thunderbird. Could google correlate my search queries with my Gmail account?
-
I use obfs4 bridges to connect to Tor on Tails. Should I be rotating which bridges I’m using every time I start a Tails session?