Though those change addresses dont help privacy in my opinion. I think they lead to a wrong feeling of security because they look like fresh addresses.

Lets say someone has a wallet, he receives coins from someone and sends some of them to another address. This happens more than once and at one point the coins from these change addresses are sent out too. Now you can pretty easily connect all the dots and you know with a high certainty that all the addresses that sent to those changeaddresses, belong to this one wallet. You might find out that this user has an investment in this or that security. And so on. Because the one who sent you coins first knows one of your addresses. If he can identify one of the sending addresses belongs to an exchange (there are tools for it out there) then he knows your other address is a change address. Since nothing other normally wipes out all the coins on the sending address. And when the coins from this change address are sent with other change addresses then he can identify even more of your wallets addresses. Not only the other change addresses.

The normal change addresses are a tool to connect addresses in one wallet. Thats why i dont use them because i dont know anymore where the coins came from. Where the are connected to. When i send coins to a FRESH deposit address on an exchange and receive the coins back to a fresh address on my wallet only then can i say that this address is secure. Of course you need an exchange with fresh deposit addresses. There are services out there that only provide one address for lifetime. Its way to easy then to connect all the addresses.