Do I understand correctly? The provider sees that there is traffic through the TOR network and it knows the user. But it is not possible for him to track site visits.
Do not use a vpn with tor. Dont use it on tor, in tor, around tor. Never use a vpn if you want security. In order to operate these vpn companies are aligned with governments to get market share. You compromise security from the government when you use a vpn, so attaching this in any way to tor I highly advise against. We can get into the nitty gritty as to why if you’d like but because you seem new, do not use a vpn with or around tor ever.
VPN with TOR is fine!
In best case you build your own…maybe on a russian vps…amnezia vpn is agreat app to automatically install xray vpn on your vps… than your provider not even sees that you even use a vpn… than connect to tor…
Get your own router, flash it with wrt and your isp sees nothing.
Thank you. Will using vpn change anything? I just don’t understand what it’s used for with TOR.
If you’re going through the effort to set up your own VPN server on a VPS, you may as well just use a Tor bridge instead. Not sure why people recommend VPNs when bridges already exist.
You may want to do some reading on how the Internet works.
To clarify what was said by rachnidInner2910
The community is divided over whether using a VPN with TOR is a good thing or bad thing
It is 100% certain though that starting a VPN before starting any TOR session will hide from your provider that you are using TOR
Will using vpn change anything?
Your ISP will know you’re using a VPN (it’s easy to look up who the IP belongs to), but cannot see the traffic inside it. Depending on your DNS configuration it’s possible your ISP still gets requests for domain to ip resolution, so VPN could leak sites you’re visiting.
Running tor (browser) over VPN, means your ISP knows you’re using a VPN and your VPN provider knows you’re using Tor.
So it comes down to who you trust and pay to mask your traffic.
Using VPN over Tor, means that any additional anonymity provided by Tor is removed and available to your VPN provider.
Community is actually pretty divided about that, but personally I wouldn’t. Pay money to make yourself more unique.
The community it divided on that issue, I personally wouldn’t because it gives you more places for something to go wrong. I would suggest reading Tor’s documentation.
Simple explanation is that tor with bridges is extremely secure and so tampering with it when you don’t know how it works can only make it more insecure. The attack vector grows when you add more services. In addition, vpns are inherently linear and are monitored. Internal traffic and websites visited on a vpn if your using tor over vpn are visible as onion links or regular links if your simply browsing regular URLs. vpn over tor also isn’t beneficial and would only slow down your traffic even more. Bridges already obsf your traffic and make you appear like you’re in different places then you are so the question is what is the point of even having the vpn.
You may want to research what a flashed router is capable of
DD-Wrt or fresh tomato software for your router
Well, I wouldn’t say 100% certain. Tor breaks up all packets into identical lengths. This prevents using packet sizes to profile the traffic of different Tor users, blocking a potential deanonymization vector. But at the same time, it might create a traffic profile for Tor users which is distinguishable from non-Tor users. Depending on how unusual that is among other traffic sources and how much a VPN alters it, that might be detectable even within a VPN tunnel, or perhaps just enough to conclude “we think this user has a baseline+xx% likelihood of being a Tor user.”
I think after the revelation of what the germany authorities were up to a few years ago it is accepted by most that the use of a reputable VPN before connecting to tor is the safer option. If your threat model warrants it that is.
Why not just bridge to another computer in another country and use a VPN over there?
What if you host the vpn
Custom firmware doesn’t change the fact that your ISP is still your next hop and owns the upstream infrastructure. They see every packet that leaves your router no matter make, model, software, or anything else.
The router makes no difference here. Tomato or DD-WRT, or any of those, don’t change how traffic fundamentally flows.
Why not just use a VPN to connect to another country then VPN again over there