How to force redirect each application through separate Tor circuit, thus preventing identity correlation through circuit sharing?
Many applications, such as wget, apt-get, gpg, etc. do not speak socks, are unlikely to speak socks anytime soon, but support http.
torsocks is of no big help either. I think it has been designed, when identity correlation wasn't a big topic. By default torsocks uses /etc/torsocks.conf and also presses all applications started with usewithtor <app> into the same SocksPort (identity correlation again ). To me it also looks like torsocks is practically unmaintained, there is a critical bug open, IPv6 can leak real IP, no progress for a very long time. 
In an ideal world, Tor wouldn't only offer multiple SocksPorts, but also multiple HttpPorts. That's for some reasons, either not going to happen anytime soon. 
Now I try to come up with a better suggestion.
IsolateSOCKSAuth ( https://www.torproject.org/docs/tor-manual-dev.html.en ) will be soon available when Tor 0.2.3 gets released (soon, already available in the Tor stable deb repository).
How I wish it to work:
- user adds multiple http or socks ports to privoxy.conf
- if the parent proxy is a socks5 proxy (Tor)
- and if an option with a name like "IsolateSOCKSAuth" gets activated in privoxy.conf
- then use username:password@parent_proxy_ip:parent_proxy_port
(Username and password can be anything and doesn't matter. Simplest thing would be to use for example if http proxy port = 8119, socks_username = $http_proxy_port, socks_password = $http_proxy_port.)
Subsequently different http or socks listen ports were redirected to the same parent proxy ip/port, but using different socks auth and socks password, therefore streams would get isolated by Tor.