Please see below for my response to your helpful comments.
On 2016-08-08 11:18, Ben Tasker wrote:
If you're using Firefox, one thing you want to consider is DNS leakage.
If you go into about:config, see whether network.proxy.socks_remote_dns
exists. If not create it and set to True.
Without that, DNS won't use the tunnel. As you've got a VPN running it'll
likely egress from the VPN endpoint instead.
Point taken. It did exist and was set to "true".
VPN ---> Torsocks (on 127.0.0.1) ---> SSH (bound to port 33333) ---> VPS---> Internet.
How do you pay for the VPS? If it's in your name (or can be linked to you)
then all you're doing is preventing your local ISP from seeing what you're
connecting to (which might, of course, be your aim). You do, in effect,
have a fixed exit point though, so it's worth bearing in mind that in some
ways it makes you more identifiable from the point of view of services
you're connecting to.
Bitcoin is my friend! I appreciate that using a VPS with a static IP does provide a fixed exit point.
I'm wondering if you feel, based on your expertise, that my system looks secure (see below).