Tor and VPN
Should I use a VPN with Tor?
Yes! Using Tor and VPN together provides maximum security.
Should I use a VPN to connect to Tor, or use Tor to connect to a VPN?
Connect to VPN first, then Tor. Here's why:
Use VPN first, then Tor
Connecting to VPN first, then Tor (also known as "Tor over VPN") gets you all the privacy protection of the Tor Network, and the added protection that no Tor node will ever get to see your home IP address. You will also not have to worry about being flagged by your home network for using Tor, as all they see will be encrypted traffic to your VPN server.
Tor over VPN also provides access to the Tor Network even where it is blocked, such as corporate and school networks, or certain countries.
Another advantage to Tor over VPN is that your VPN service will still not see what you are doing inside the Tor Network. And if there is a bug in the Tor Browser (as has happened before), connecting to VPN first will put an additional layer of security between that bug and you.
Setting it up is easy: just connect to your favorite VPN server and then launch the Tor Browser.
Why not Tor first, then VPN?
Creating a tunnel through the Tor network and connecting from there to your VPN service (also known as "VPN over Tor") is more difficult to set up.
ExpressVPN does not support this method as it does not increase your anonymity. While this setup does make it impossible for the exit node to see your traffic, it is now the VPN service that is able to see your traffic again.
In theory, a logless VPN can be trusted with this information, but it reintroduces an element of trust into an otherwise trustless setup, leaving you with no anonymity advantages, only the slow speeds of the Tor network.
How does Tor work without VPN?
Tor functions like a layered series of proxy servers that route your traffic in a zig-zag around the internet before it reaches your destination (hence the name, The Onion Router).
There are at least three hops your data travels through.
- The entry node, which inevitably knows your IP address
- The middle node, which prevents the exit node from finding out which entry node you used, and makes it very hard to correlate this information
- The exit node, which knows what site you are connecting to, but does not know who you are
The three nodes separate your IP address from your destination and enable two individuals to communicate without either party, or any middleman, knowing who the other is.
The Tor Network is typically accessed through the Tor Browser, which is derived from Firefox. The Tor Browser is optimized for security and privacy, unlike most other web browsers, which are optimized for speed and do not defend adequately against attacks such as browser fingerprinting.
Though Tor is pretty much the gold standard for anonymizing your Internet traffic, the system is slow and inefficient. The Tor Browser by default only protects your browsing data, not other applications running on the side, which all have to be configured separately. A more secure option is TAILS, an entire operating system that allows you to route all your data, from all programs, through the Tor Network.
VPN + Tor = Best For Security
Tor is an incredible privacy tool. When it comes to achieving anonymity on the Internet, it is currently unbeatable, and may be the only thing that can thwart the surveillance of a well-funded and sophisticated adversary.
Using Tor over VPN is even better and only increases your privacy. Connect to your VPN, then open the Tor Browser to gain access to the Tor network without your ISP being able to identify you as a Tor user.