I'll try to be original.
1. Tell me what services you are going to use, perhaps the "chain" will be extremely full of holes.
for example:
habrahabr.ru/company/edison/blog/270831
and among those who advertise on the forums "they don't log completely anonymous" .... in general, there is enough of such a thing even today.
including parsing traffic of "characters from the" scene "by nicknames (in 2014, it seems that they even posted it in public, well, what the "service owners" caught).
2.
https://xakep.ru/2015/11/28/vpn-deanon/
and pay attention to ala
https://ru.wikipedia.org/wiki/WebRTC
and
www.wikireality.ru/wiki/Determining_IP-address_of_Skype_user
3.
There is another VPN option - Tor - VPN. Protects against loyal Tor nodes and against Tor blocks by target sites. But VPN servers must be independent.
+1 Pandos November 30, 2013 at 11:47 pm #↵↑
Hard :) Slow. And, perhaps, you will have to shaman strongly. As it was rightly said at the beginning of the comments, a regular VPN abroad is suitable for everyday use.
+1 starius December 1, 2013 at 00:03#↵↑
I don't think that you need to shaman strongly. On the host system, we launch all traffic to the first VPN and launch Tor. In a virtual system or on a separate machine, we launch a second VPN using the Socks port of this torus as a proxy for the VPN connection. It is possible for safety net to allow the second machine access only to this port. This is not shamanism, in my opinion. I'm afraid I'll have to lower the MTU in the second system below 512, since the torus transmits data in chunks of 512 bytes.
I agree that this scheme is not needed for everyday use. It is more suitable for occasional use. It may even be resistant to "three-letter organizations." But in general, I do not consider everyday use of Tor justified, except for tor-chat and as a DNS and a couple of other cases. Tor at this stage of development is physically unable to serve all traffic.
(c) habrahabr.ru/post/204266
ps
I completely forgot ...
If it's too much, it's better to consider "satellite communications" with multi-level proxies for identification.
slowly expensive, but at least they don’t scorch in the usual ways
ala about this:
https://securelist.ru/featured/26923/turla-i-sputn...
pps
Well, or get out to remember the same stream - it was then distributed to offices for "looting" .
well, they received money for each newly connected user and drew the left data in order to row more.
someone used it ... the owners are not aware that they have become an "access point" for a long time.
like a tag.

If you do not have root access to the servers, then this will be a nested VPN.
You need a route through the external interface from you to the first VPN1.
Then we need to put a route inside the received TUN1 until the second VPN2 is raised and we get TUN2. You need to send a route to the third VPN3. Raise VPN3 and send Default route to the received TUN3.
Don't forget about DNS leak
Caulk on the Firewall client so that no packets slip through your WAN interface. You are allowed only one IP VPN1:PORT path through the WAN. Everything else DROP.
But it's more logical to take three virtual machines and raise your normal triple VPN with DNS.