Documentation for this is incomplete. Contributions are happily considered!
At a minimum, check the connection is encrypted / authenticated, because VNC by default is unencrypted / unauthenticated. Possible methods:
- Perhaps by tunneling VNC through SSH; or
- Running VNC through a Tor Onion Service; or
- Using both SSH and an Onion Service, for stronger encryption and authentication.
Beware of stylometry, keystroke and mouse fingerprinting anonymity risks as outlined in the Surfing Posting Blogging chapter.