I’ll let this video speak for itself.
I use a VPN 24/365 to protect the non-Tor-Browser traffic of my system. Then when I want to access an onion site, I launch Tor Browser and thus have Tor over VPN.
Tor Browser is secure by itself. Tor Browser doesn’t need help from a VPN. VPN doesn’t help or hurt the Tor Browser traffic. VPN is there for the non-Tor-Browser traffic.
That said, neither VPN nor Tor/onion are magic silver bullets that make you safe and anonymous. VPN mainly protects your traffic from other devices on same LAN, from router, and from ISP. Also hides your home IP address from the destination web site. TorBrowser/onion does all of that too, but only for Tor browser traffic; also adds more hops to make it harder to trace back from the destination server to your original IP address, and also mostly forces you into using good browser settings. Both VPN and Tor/onion really protect only the data in motion; if the data content reveals your private info, the destination server gets your private info.
Mental Outlaw does my tits in a lot of the time.
The weakness of using a vpn with tor totally depends on two things if your vpn keeps logs and/or your threat model. Correlation attacks are easy if you’re one of a handful of people using tor in your area as without a vpn your ISP can easily see you connecting. Iirc there was a college kid that got busted just like this, had they used a vpn that wouldn’t have happened. Again this doesn’t mean you should use a vpn with tor but do what makes sense for your situation.
VPN doesn’t help or hurt the Tor Browser traffic.
This is just not true, but generally wont matter if you’re already outputting VPN only traffic (which would be much more of a weak point anyways)
I use a VPN for the non-Tor traffic my system does.
Some benefits of using a VPN:
-
hide some info from your ISP, a company which already knows far too much about you
-
hide info from other devices on your LAN, and your router, which is especially important if you’re on public Wi-Fi
-
make it a little harder for web sites to track you, by hiding your home IP address from them
-
defeat geo-locking by some sites
-
some VPNs provide malware-site blocking, ad-blocking, parental controls features
-
maybe add multiple jurisdictions/countries in the way of anyone who wants to DMCA or sue you
Sign up for the VPN without giving ID (easy to do), always use HTTPS for all sites, don’t let VPN install a cert, and use OS’s generic VPN client.
Yoes you are totally right. You aren’t expert in safety practices
As for the college kid who got busted:
There were actually a few other people using Tor at his college at the same time he was. But the police simply pressed him to admit he was the one that did the bomb threat. He cracked. Had he remained silent, he would have never been caught.
Though this article tells a slightly different story. Interestingly, the police refused to reveal how they caught him. To me, that indicates that it wasn’t through a chink in the tech, but rather a flaw in opsec–as is the story with most people that are caught.
VPN doesn’t hurt Tor traffic. VPN is just an extra hop before getting to the onion entrance node.
I have it on all the time. I don’t just turn it on when I’m doing something sensitive.
Check this out, it explains, better than I could ever do, why a VPN can’t help any TOR user. If you go to the Tor Projects website even the recommend not using a VPN with Tor. Here is proof.
his mistake was connecting to tor on school wifi.
Wrong. VPNs introduce a (likely) malicious entity between you and Tor.
VPNs introduce more software failures that can result in information leaks or exploits.
VPNs replace your persistent guard node with their own servers, or, in the Tor → VPN configuration (which you should never use unless you really need to have your endpoint not look like Tor traffic) it opens you up to correlation and deanonymization if you do not pay for the VPN in Monero.
People who have credibility in the anonymity space (i.e tails, whonix) almost all discredit the idea of using a VPN with Tor.
VPN doesn’t help or hurt Tor. VPN is there for the non-Tor traffic.
Here is proof.
Follow the link to their Wiki: “You can very well decrease your anonymity by using VPN/SSH in addition to Tor. (Proxies are covered in an extra chapter below.) If you know what you are doing you can increase anonymity, security and privacy.”
Your non tor traffic. This. You can freely use tor without any vpn, but this protects only inner encapsulated data wich flows within tor network. Any shit aside this is easily reveal your true identity, unless you are in tails. You have to use vpn in order to protect non-tor traffic if: 1- android device, 2 - no tails installed, 3- you have apps with passive web access. Bridges won’t help, it doesn’t hide the fact that u r using tor. Besides there are dpi. Yes my dear. Some countries must to use dpi regularly dut to law enforcement. And guess, what is the only savor for those people who are under such kind of regimes? That’s right, vpn.
he should’ve used a bridge or tails
A VPN between you and Tor is no worse than having your ISP between you and Tor.
Even the Tor project itself is equivocal about using a VPN: they say it can increase or decrease security, depending on how you use it.
A VPN between you and Tor is no worse than having your ISP between you and Tor.
This is simply not true because you are using the VPN as the guard node.
If you don’t use a VPN, you are using the ISP as “the guard node”.