>>1929
TLDRessay: we can't tell you how to hide well if we don't know who you're hiding from.
It's hard to give a single source, many will work ans there are many places to ask. OpSec is more of a mindset and learning from others.
1) Hardest lesson for the passionate:
perfection is the enemy of good. Be careful of paranoid fucks
like me /tech/ who think you need a Libreboot ThinkPad TAILS foil-wrapped blah blah for daily life. Striving for that is masturbation and demotivates you. Those tools are useful; if you are fucking Snowden or a jorno then TAILS is needed. If you're just browsing loli tentacle abuse, Tor on Safest setting on a Linux distro should do the trick. If you're not committing crimes you could get by on cancer surveillance Windows 10/Chrome.
2)
'Identify your adversary. Mine are corporate surveillance (Google Analytics and similar) and linking my personal and anon life. I'm not a target for intelligence agencies or online weaponized autism so those don't matter as much to me.
This is important because trying to hide from everyone, including a motivated persistent advanced threat like actual governments, will ruin your life. Minimizing the stalking of Facebook and Google probably won't.
3)
Identify what precautions you need to take to avoid info breach. I want to minimize my use of Goog/Zuck/Micro$oft/etc services, so I use a Linux-based OS (Mint is a recommendation for Windowsfags) and many services recommended by privacytools.io in place of corporate-surveillance alternatives. I also block stuff like most ads and google analytics.
If you want to hide from online autists, you'll be more concerned with InfoSec, what you say
and how you say it. I have nothing to do with the Zchan clusterfuck but someone mentioned the admin has an obvious sleep pattern. List their post times and they clearly sleep for 8 hours. That's why namefagging is bad and why I love imageboards! True anonymity is blending in.
1) don't reveal personal info, especially publicly (pseudonyms, sites you use, account names, location). I know there are a few Finish anons just from images I see here. I wouldn't be surprised if they still had EXIF location details attached. When possible, stick to text!
2) don't be afraid to lie a bit. noise is good.
3) feel free to mix up your typing patterns. theres a schizo spammer who hits sites with Q stuff who is easily identified by words he uses, how he capitalizes and punctuates (e.g. I used American spelling of z/s, capital for country name, all those little fingerprints)
4) use different passwords for different sites, ESPECIALLY one-off sites. Those can be honeypots for hackers to harvest usernames and passwords for credential stuffing attacks.
At this point I'm spewing random ideas less as advice and more to get you thinking. OpSec is only half about tech. For fun examples, see the takedown of the Silk Road owner (Dread Pirate Robberts) or 4chan and 8chan doxxs (HWNDU-CTF is a fun study in revealing more than you thought:
https://www.netwatchglobal.com/case-studies/capturetheflag/#!) or some fun DEFCON talks about digital forensics.