How does this work, exactly? I use a unique address each time I receive bitcoins. Then I sometimes move money between more unique addresses in plausible-looking ways. I always use Tor for talking to the bitcoin network.
See the two heuristics in this paper for creating clusters of bitcoin users [0].
The first (and rather obvious) one is to cluster all inputs of a transaction, so if you use A and B, and later use B and C, we now know the same user owns A, B, and C and only need to tie your identity to one of them.
The prior one is rather weak, and could be avoided by consistent usage of unique change addresses. Thus, the second heuristic works to reveal which output is the change address. There are various ways of performing this prediction, some more deterministic than others. A pretty conservative and reliable one, described in [0], assumes an output is a change address if it (1) is the first appearance of the address, (2) the tx is not a coin generation, (3) there is no self-change address, and (4) #1 is only true for this address.
There is an open-source implementation of these ideas called BitIodine [1,2] (albeit with slightly different criteria for change-address identification, including an off-by-one error in bitcoin core that caused the first output to always be the change address in a 2-output transaction until it was fixed in early 2013). Punch in one of your addresses and see what it comes up with. However, I may have found a bug that reduces input-clustering, so if it doesn't find your addresses don't get too excited.
Also, don't forget about the recent technique for de-anonymizing coin mixing transactions [3].
How easy is it to de-anonymise me?