You can’t be sure, but you can use providers and exit nodes that are based in places hostile to whoever you are trying to protect against.

Also, functional anonymity can exist by different entities having different pieces of data that together would de-anonymize you, but who are unlikely to ever intersect. A good example of this is DMCA requests: if a copyright holder sees a US IP address on a residential Comcast IP range, they’re going to file a court case and get a subpoena for the subscriber info.

If they see a Hong Kong IP from a co-lo datacenter who would need to cooperate to tell them who owned that IP at that time, they’re not going to even bother because they don’t know how to even start filing a court case in China, and if your VPN has too much data it won’t even matter because no one will even have contacted them.

It all depends on your threat model.

There are people who get VPNs because they hear that they prevent your ISP from snooping on you when configured correctly, and just hear “no one can see what I do”, because that’s what snooping is, right?

When I worked at a university IT dept, we’d often get content block hits for adult websites from inside the internal protected network, via the university VPN, because a professor or staff member thought a VPN would route their traffic ‘past’ us.

This absolutely did not kill them. I’ve been dealing with federal procurement, including ATOs for DoD, for years, and 99% of companies never even remotely interact with it. Yes, there’s a large number that do, especially among Fortune 500s and up, but the actual percentage of companies who have military contracts is tiny. This was meant to intimidate them into compliance, but this doesn’t make them any less viable than AIaaS already is or isn’t.

no company wants to become a supply chain risk to potential customers who might have a DoD supplier somewhere down the supply chain

The order is actually much narrow than that; it only applies to companies who directly have contracts with the military.

Anthropic software just can’t be used to process federal data, but if e.g. Lockheed uses ADP to process internal payroll, and ADP uses a third-party developer to build some software, and that developer uses Claude, that doesn’t snake it’s way back up the chain and invalidate Lockheed’s contracts.