Should You Use a VPN with Tor?

The main advantage of using Tor through a VPN is that your ISP/network can’t see that you’re using Tor, and they can’t block you from using Tor. Many schools and workplaces block Tor but not VPNs. This allows you to bypass those blocks. Also, if you are the only person on a network using Tor, and you access something on that network through Tor, it is easy to establish that you are the person accessing that resource.

Another advantage of using Tor through a VPN instead of a VPN alone is that your VPN can’t see what you’re connecting to. A VPN is primarily useful for obfuscating your IP address and preventing your ISP from seeing your traffic, but they can still see all of your traffic themselves. When you use Tor on top, they can only see that you are connecting to Tor, and not which websites.

The most important security advantage of using Tor through a VPN is that it mitigates against bugs in Tor. A new security flaw in Tor might reveal your non-Tor IP address. When you aren’t using a VPN, this will likely be your home IP address, which will completely deanonymize you. With a VPN, however, this will only reveal one of the VPN’s IP addresses and not yours. This is worse than Tor working correctly and only showing a Tor exit node IP address, since it reveals your VPN provider, but far better than revealing your personal IP address, since it is likely unique to you.

Another way of using Tor with a VPN is to use the VPN through Tor, instead of the other way around. This has different advantages and disadvantages.

The primary disadvantage is that you will not be able to access Tor-only resources like hidden services, since your VPN is the endpoint.

However, an advantage is that your VPN does not see your real IP address. If you set up the VPN carefully using an anonymous payment method like Bitcoin, this means that the VPN has no idea who you are.

Another advantage is that this allows you to access websites that block Tor but not VPNs. How many times while browsing the internet have you encountered a website that just wouldn’t load, or would display an error message, but would work fine if you accessed it without Tor? Some websites block Tor traffic because of malicious traffic that may come from Tor nodes. This is very annoying for legitimate Tor users.

The final advantage is that you don’t need to worry about malicious exit nodes. When you connect to HTTP sites without SSL, a malicious exit node can see everything you see and change content on the page. If the page has a sign-in, they can capture your username and password. A VPN can do this too, of course, but a VPN may be more trustworthy than a random Tor exit node.

Setting up a VPN through Tor is more difficult than setting up Tor through a VPN, however. Tor through VPN is the “default” behavior if you just connect to a VPN and then use the Tor browser. VPN through Tor requires carefully configuring your VPN software to connect through a Tor proxy connection.

Tor through a VPN is simplest and likely safest way to combine a VPN and Tor. Regardless of which you choose, using both is almost always safer than using one of them alone. Whether or not this additional safety is worth the performance and complexity trade-off is up to you. (Also, you have to pay for a VPN, whereas Tor is free.)

Leave a Reply

Your email address will not be published. Required fields are marked *