Actually the problem goes beyond this. The adversary (Hezbollah in this case) correlated anomalous data (the weird mobile phone behavior) with information about people inside their organisation who had access to sensitive information. They could say "this apartment complex has a static mobile phone" and also "this same apartment complex is where the regional director of operations lives". This correlation is what allowed them to then place surveillance on the suspect and eventually they were able to unravel the whole spy ring (due to other tradecraft errors).
Here is why you are probably wrong about your techniques for avoiding detection. Essentially, we don't know what the capabilities of the adversary are, and therefore we can't develop effective countermeasures. We can postulate, and guess, but we can't know if our countermeasures are successful until they fail catastrophically. http://grugq.github.io/blog/2013/06/14/you-cant-get-there-fr...
Here is how one can begin to unlink and operate anonymously, however it is not a viable long term proposition and few people can maintain the discipline to do this for extended periods of time. http://grugq.github.io/blog/2013/06/13/ignorance-is-strength...
The article does not talk about steganography. It talks about how in the real world real adversaries use real data to find real people who made real mistakes and really kill them. The problem was that the CIA case officer was lazy (or incompetent) and reused the same meeting places; the agents inside Hezbollah were contacted in a way that attracted attention, although it likely seemed very low profile at the time it was adopted; and, Hezbollah was able to use this signal "something weird is happening at this location" to narrow the list of suspects that they had to surveil for counterespionage.
That could have been a coded message using a one-time pad. The encryption doesn't have to be super complex. If I didn't link to it, how would you know who posted it?
You'd have to track down pastie.org, or its ISP and see who posted this message around the time it was posted. Then you'd have to track down the IP that originated the message, and then talk to my ISP about who owns that IP. Even assuming everyone cooperated with you, I could have went to a library and sent it from there. If they took some form of ID I could have faked the ID. Then you'd have to obtain video footage from the library of who used the computer.
But you'd get stuck at the first stage - it's unlikely pastie.org keeps track of who's posting. It's a case of #2.
Tor is much less resilient than Freenet because it's A) susceptible to traffic pattern analysis, and B) because each resource has a single point of failure - its host.
The thing about anonymity that it is not about someone taking a single anonymous action. It is hiding the identity of a whole person, a person with many habits and many attributes.
All the information a person produces tells a certain amount about their habit and attributes. The more information one produces under a single handle or for a single purpose, the more information you "leak" about the person who is acting and the more a determined adversary can use to find less protected, less anonymous outputs that have the same signature.
So it is hard to be anonymous anywhere. Maybe you have shown how a determined person can take anonymous actions online. But the problem is people skimp somewhere. You can say X got caught because they didn't take Y precaution. But what may be going on is that with X's resources, he/she can only some lesser level of precautions elsewhere. Given that she/he wouldn't/couldn't do the rest of the protections, he/she figured there wasn't a good reason to do Y - X could been right in that X's life remained a bit happier tell inevitable day he/she was caught.
td;dr; It's not the door but building you gotta secure and buildings are expensive.
You're missing the "nation state level adversary" component. I personally, do not know your mobile phone number or the last cell tower that it associated with. But I am not your adversary. A nation state level adversary ipso facto has access to that information.
I suggest that you read the links I have posted and the articles I've written, both on http://grugq.tumblr.com and http://grugq.github.io ... there is a lot of information there about how to operate clandestinely.
I took a look at the links you provided. There's some interesting stuff in there. I note, however, that the downfall of guys like Ulbricht involved things like:
1) Single point of failure. This is also related to increased susceptibility to network analysis. Even if the CIA "can't deanonymize everyone all the time" they can deanonymize a given host of a given network, by analyzing traffic patterns, placing proxies in the way or backdooring the nodes in the network, etc.
2) Recording. As you say, he got serious about his security "too late". In an age where tons of stuff you do online can be recorded and found when needed, you have to protect your anonymity from day 1.
What I am claiming is that it's possible to BEGIN an alternate identity by leveraging techniques #1 and #2. #1 is what you can do with freenet or perfectdark - basically, distributed DHTs which DO NOT record the originator of a file. While it's true that a given freenode network can be compromised by backdooring enough nodes, that is much harder to do than with Tor. And #2 is what you can do with services like pastie and others who simply DO NOT have the capability in place to record who posted a message. As governments go after people, they will attempt to intimidate #2 type services.
Either way there can be databases listing the confidence that a given system does NOT record a particular identifier such as an IP address. The ones that score high can be used directly. The ones that score low must unfortunately be used via commandeered accounts and the steganography would proceed that way.
If there were truly no networks that the agents could trust, the agents could have aggressively employed steganography - they should have basically commandeered some email addresses in the country (http://xkcd.com/792/) and then tunneled messages through a number of different channels, including the text, the timing of the messages, the order of the messages, etc.
There's tons of ways to do this without falling prey to being doxed. However, once even the smallest bit is revealed (e.g. your literary writing style is identified) the whole thing can unravel IN THEORY.
To be anonymous online is extremely difficult. It requires a huge change in lifestyle. Here is one example of a CIA operative explaining how difficult it would be: http://blogsofwar.com/2013/08/06/tor-and-the-illusion-of-ano...
Here is some technology that I put together to make it easier to avoid mistakes: http://grugq.github.io/blog/2013/10/05/thru-a-portal-darkly/
Here is why you are probably wrong about your techniques for avoiding detection. Essentially, we don't know what the capabilities of the adversary are, and therefore we can't develop effective countermeasures. We can postulate, and guess, but we can't know if our countermeasures are successful until they fail catastrophically. http://grugq.github.io/blog/2013/06/14/you-cant-get-there-fr...
Here is how one can begin to unlink and operate anonymously, however it is not a viable long term proposition and few people can maintain the discipline to do this for extended periods of time. http://grugq.github.io/blog/2013/06/13/ignorance-is-strength...
The article does not talk about steganography. It talks about how in the real world real adversaries use real data to find real people who made real mistakes and really kill them. The problem was that the CIA case officer was lazy (or incompetent) and reused the same meeting places; the agents inside Hezbollah were contacted in a way that attracted attention, although it likely seemed very low profile at the time it was adopted; and, Hezbollah was able to use this signal "something weird is happening at this location" to narrow the list of suspects that they had to surveil for counterespionage.