Tor: What do you need to know?

On the road to achieving a higher level of online privacy and security, many people consider using Tor through a standard Tor browser.

Although Tor is used by people around the world and is recommended by various groups, its perspective on the effectiveness of privacy tools may vary.

Tor is really like an onion. The more you check, the deeper the depth of the layer, the more problems there are. In this guide, we will strip the layers of onions and see Tor from many different perspectives. Here’s what we’re going to cover:

  1. What is Tor?
  2. How does Tor work?
  3. Is Tor safe?
  4. 8 interesting/amazing facts about Tor
  5. Is Tor effective?
  6. Tor user error and bad OPSEC
  7. Tor and VPN services
  8. Multi-hop VPN service, providing more online anonymous services
  9. Use Tor and VPN
  10. Final judgment about Tor

Let’s start with the basics and then move to more shocking materials…

What is Tor?

Tor is a free open source software for use by various people and agents for online anonymity. The name “Tor” originally stands for “onion router” because how traffic is encrypted and directed to different relays (anonymous layer).

Today, Tor is a browser (Tor browser) running on the Tor network. Tor helps anonymize users by encrypting multi-hop traffic in the Tor network by using TLS encryption before reaching the target server.

Tor  was originally funded and created by the US Government’s Office of Naval Research (ONR) and the Defense Advanced Research Projects Agency (DARPA) in Washington, DC. Tor has received most of the funding from the US government, which we will cover in detail below.

How does Tor work?

The most common way to use Tor is to download the Tor browser package   ( here ), although the Tor network can also be used with other browsers. For the purpose of explanation, there are basically two components to use Tor:

  1. Tor Browser  – Tor Browser is based on Firefox – check out the Tor blog to see the (latest) exact version. By default, it is enhanced to protect your privacy, including NoScript and HTTPS Everywhere extensions.
  2. Tor Network  – The Tor browser is automatically configured to run on the Tor network. The Tor network encrypts your traffic through a series of relays or nodes. The network is decentralized and the Tor nodes are run by volunteers.

In the image below, Alice uses the Tor network to connect to a server named “Bob.” Please note that Bob can be any server, including random websites. Before leaving the Tor network to Bob’s server, Alice’s traffic is encrypted by three different Tor relays. Traffic between the Tor exit node and the Bob server is unencrypted (red arrow), but everything before the exit node is encrypted (green arrow).

how to work

When using Tor, your traffic will be routed through three different nodes or trunks. As a general rule, as Tor developers explain, traffic is routed to prioritize speed, and most traffic is relayed through a small amount of high bandwidth. There are Tor nodes around the world, and the exact routing path will vary depending on your location and server.

These Tor nodes or relays run on a volunteer basis, which means that any random person can set up a Tor node through which you can route your Internet traffic (more on this discussion).

From the perspective of online anonymity, Tor offers some interesting benefits. The Tor network routes traffic between different hop counts, which adds an anonymous layer between the unencrypted Internet and your original IP address. This makes it difficult for an attacker to determine the user’s path and identity.

Tor Bridge  – Tor Bridge or Tor Bridge Relay, is just an alternative entry point for the Tor network that is not publicly listed. If Tor is blocked in your area, or if you don’t want your Internet service provider or network administrator to know that you are using Tor, the bridge may be useful. You can here the number of currently active view of Tor relays and bridges.

Tip : The safest way to use the Tor network is to use the default Tor browser bundle . It is generally not recommended to reconfigure and/or modify the default Tor browser, as it may be easy to anonymize the user if the configuration is incorrect.

Is Tor safe?

Tor is well recognized in the privacy community and most people think it can be used safely.

The Electronic Frontier Foundation (EFF), a respected online privacy advocacy organization, is a major supporter and advocate of Thor. Edward Snowden and other high-profile privacy advocates also recommend Tor.

Although Tor has many strong supporters, it also has its critics for various reasons. In fact, the closer you are to Tor’s history, relationships and funding, the more problems there are.

However, like all privacy tools , only you can decide if Tor is a safe and effective solution for your unique needs. Be sure to consider all the facts when deciding whether Tor fits your specific needs and threat model.

After researching Tor in the past few years, I found a lot of interesting information that was mined by various journalists, bloggers and news sites. To help you determine if Tor is appropriate, we will summarize some of these findings below.

There is no “conspiracy theory”!  There is a lot of information (and error messages) about the history and connections of the Tor project. In this guide, we will strictly follow the facts and focus on the active information. Although different journalists draw provocative conclusions from this information, we will avoid speculation and focus only on the facts.

Final note : These are not new or unique information – everything has already appeared, published by various sources, and references are provided below.

Thor was created by the US government

I forgot to mention it before, and may give you a new look at me. I signed a contract with the US government to establish anonymous technology and deploy them. Although we use the term, they do not consider it an anonymous technology. They see it as a security technology. They need these technologies so they can research the people they are interested in so they can have anonymous reminders so they can buy things from people in other countries, learn what they buy, the quantity they buy, and the purchase. The location of it is such a thing.

– Roger Dingledine, co-founder of Tor , presentation in 2004

Tor’s history dates back to the 1990s, when the Naval Research Office and DARPA were working to establish an online anonymous network in Washington, DC. This network is called “onion routing” and returns traffic on different nodes before exiting to the final destination.

In 2002, the Tor version of Tor was developed and released by Paul Syverson (Naval Research Office) and Roger Dingledine and Nick Mathewson, all of whom signed a contract with DARPA. This three-person team working for the US government has developed Tor into what it is today.

The above quote is from Roger Dingledine’s 2004 speech , which is also embedded below:

Audio player00:0022:47

Use the up/down arrow keys to increase or decrease the volume.

Download audio file

After the development and release of Tor for public use, it was eventually split into its own non-profit organization, guiding where to come to the Electronic Frontier Foundation (EFF):

At the end of 2004, with the final deployment of Tor technology, the US Navy cut most of its Tor funds and released them under an open source license. Curiously, the project was handed over to the Electronic Frontier Foundation.

Despite this, despite his own unique entity, Tor still benefits from the US government’s funding, even today.

2. Tor is funded by the US government

It’s no secret that Tor is funded by various US government agencies – the Tor project is open to this. The key question is whether the US government’s funding will have a negative impact on Tor’s independence and credibility as a privacy tool.

A journalist, Yasha Levine, pays close attention to the financial relationship between Tor and the US government. Although I disagree with all of Levine’s conclusions, his analysis of Tor’s funds is very interesting:

Tor has always believed that it is funded by “various sources” and is not affected by any interest group. But I slammed these numbers and found that the opposite is true: in any year, Tor gets 90% to 100% of the budget through the contract and gets funding from the three military Intel branches of the federal government: the Pentagon, the state The CIA separation organization of the department and an old school is called BBG.

To put it simply: financial data shows that Tor is not an independent grassroots anti-state organization it claims. This is a military contractor. It even has its own official military contractor reference number from the government.

Here are some of the different sources of government funding for the Tor project over the years:

Broadcasting Council :

The Broadcasting Council (BBG) is a federal agency that was spun off from the US Central Intelligence Agency and is responsible for overseeing the US foreign broadcasting business today. From 2007 to 2015, it provided Tor with $ 6.1 million in funding .”   ( Source )

State Council :

“The State Department funded Tor for $3.3 million, mainly through its regime change department – ​​the “Department of Democracy, Human Rights and Labor” of the State Department.” ( Source )

Pentagon :

“From 2011 to 2013, the Pentagon paid $2.2 million to Tor through the US Department of Defense/Navy contract and passed a defense contractor called SRI International.” ( Source )

The grant is called : “Basic and Applied Research and Development in the Fields Related to Naval Command, Control, Communications, Computer, Intelligence, Surveillance and Reconnaissance.”

Some people think that these financial relationships with the US government will destroy Thor. Others believe that Thor has always been open to capital and that relations with US government agencies are not concerned or problematic.

We can also see the Tor project’s view on this matter. When collecting funds in 2005, Tor claimed that donors could “affect” the direction of the project :

We are now actively looking for new contracts and funds.  Tor’s sponsors get personal attention, better support, promotion (if they want), and influence our research and development direction!

You have it: Tor claims that donors influence the direction of research and development.

On the positive side, however, Tor celebrated a milestone in December 2018, and it is reported that most of its funding comes from the private sector. This is a major improvement in previous years.

Thor is a tool of the US government

The US government cannot simply run an anonymous system for everyone and then use it on their own. Because every connection comes from it, people will say, “Oh, this is another CIA agent looking at my site,” if those people are the only people who use the network. So you need to let others use the network so they fit together.

-Roger Dingledine, co-founder of Tor Network, 2004 speech

In response to Roger Dingledine’s citation above, Levine   also believes that  Tor is fundamentally a tool of the US government:

Tor’s original – current – ​​purpose is to mask the online identity of government agents and informants online: collecting intelligence, setting up stinging actions, and providing human intelligence assets with the means to report to their handlers – this kind of thing. This information already exists, but it is not very famous, and the person who promotes it will certainly not emphasize it.

The Tor project’s website discusses how Tor is used by government agencies for different purposes:

A branch of the US Navy uses Tor for open source intelligence gathering, and one of the teams recently used Tor in the Middle East deployment. Law enforcement uses Tor to access or monitor websites without leaving a government IP address in their web logs and protecting them during sting operations.

Michael Reed, one of Tor’s early developers, explains how it became a tool for US government intelligence agencies :

The original *question* that led to the invention of onion routing was: “Can we build a system that allows two-way communication over the Internet where sources and destinations cannot be determined through the midpoint?” * Purpose * for mod/intelligence use (open source) Intelligence gathering, covering assets deployed in the forward direction, no matter what). Do not help dissidents in repressive countries. Did not help criminals cover their electronic tracks. Did not help bit-torrent users avoid MPAA / RIAA prosecution. Didn’t let a 10-year-old bypass the anti-porn filter. Of course, we know that these will be other inevitable uses of the technology, but it is not important for the problem we are trying to solve (if these uses will give us more cover 
traffic to better hide what we want to use) The things on the Internet, better… I once told a flag officer, which made him very annoyed.)

As Roger Dingledine quoted the assertion at the beginning of this section, Paul Syverson also emphasized the importance of letting others use Tor to help government agents complete their work, rather   than stand out as the only Tor user :

If your system is just a naval system, then anything that suddenly appears is apparently from the navy. You also need a network that provides traffic to others.

Tor is branded by many different individuals and groups as a grassroots project to protect people from government surveillance. However, in reality, it is a tool for government agents who need other random people to use the network to help mix traffic.

Levin ‘s utility in military surveillance equipment is explained by Levine as follows:

Tor was created not to protect the public from government surveillance, but to cover up the intelligence of the intelligence personnel because they spy on the areas of interest. But in order to do this, Tor must release to the public and use as many people as possible: activists, dissidents, journalists, paranoia, child pornography, criminals and even potential terrorists – larger crowds The more agents, the easier it is to integrate and hide in sight.

The early market for Tor developers clearly seems to contradict the brand image that Tor has cultivated in the privacy community.

Tor developers work with US government agencies

Some Tor users may be surprised to find widespread cooperation between the US government and Tor’s developers. Levin was able to clarify this cooperation through the Freedom of Information Act, which revealed many interesting exchanges.

This is an email letter, and Roger Dingledine discusses the collaboration with DOJ (Ministry of Justice) and the FBI (FBI), as well as the “back door” being installed.

Browser

You can view more details about this communication here .

In another communication below, Tor developer Steven Murdoch discovered Tor’s vulnerability in handling TLS encryption. This vulnerability makes it easier for Tor users to anonymize, so it is valuable to government agencies. Knowing what could be causing this problem, Steven suggested keeping the file inside: “Deferred release of any similar” is bad; I hope no one realizes this until we fix it.”

Eight days later, according to the email below, Roger Dingledine sent two agents to BBG about this vulnerability:

Is safe

It seems that this issue was publicly released four years after Roger Dingledine provided information to the US authorities in 2007 .

Here you can see a lot of communication between Tor developers and US government agencies.

If you really want to learn more, check out the full FOIA cache here .

With regard to the above letter, Levin   also explained that many of the documents he requested were blocked and could not be obtained through the Freedom of Information Act:

It’s important to remember that Tor’s BBG communication can only reveal a small part of Tor’s full interaction with the federal government. Much of the funding for Internet Freedom Technology took place under Radio Free Asia, a private government company that claimed it was not a FOIA requirement and therefore refused to comply with the FOIA requirements of journalists. We also don’t know what Thor has revealed to the other two supporters, the State Department and the US Navy. We also don’t know what Roger Dingledine or other Tor managers revealed during regular meetings with US intelligence and law enforcement agencies. And there are many such meetings .

Foul action?

Whether or not there is any evil happening here is anyone’s guess, I am not sure I will get the same conclusion as Levin. Still, the documents and emails he found will definitely raise some questions.

Anyone can operate Tor nodes, including government, hackers and spies

Many of Tor’s supporters believe that its dispersion is a major benefit. While decentralization does have an advantage, there are risks – that is, anyone can manipulate your traffic through the Tor node.

There are many people who set up Tor nodes to collect data from vulnerable Tor users who are considered safe and reliable.

Take Dan Egerstad, a 22-year-old Swedish hacker, for example. Egerstad has set up several Tor nodes around the world and has collected a lot of private data in just a few months :

Over time, Egerstad received 1,000 high-value email accounts. He will later post 100 sets of sensitive email logins and passwords on the Internet for criminals, spies or just curious teenagers to spy on intergovernmental, non-governmental organizations and high-value corporate emails.

The question on everyone’s lips is: How did he do it? After more than a week, the answer came, and it was a bit anti-climax. The 22-year-old Swedish security consultant installed and monitored the free open source software Tor on five computers in the global data center. Ironically, Tor aims to prevent intelligence agencies, companies and computer hackers from determining the virtual and physical location of the people who use it.

People think they are protected only because they use Tor. Not only do they think it is encrypted, but they also think that “no one can find me.”

In commenting on this case, security consultant Sam Stover  highlighted the risk of someone peeking traffic through the Tor node:

Domestic or international. . . If you want to collect intelligence, there will definitely be data. (When using Tor) You don’t know if someone in China is watching all of your traffic, or someone in Germany, or someone in Illinois. You do not know.

In fact, this is exactly the way WikiLeaks started. The founder can absorb more than one million private files by simply setting up the Tor node. According to the connection :

According to a new source from the founder of the organization, WikiLeaks is a controversial whistle-blower that exposes the secrets of the government and businesses and has obtained a series of documents through its Internet eavesdropping operations.

The activist used Tor (also known as the “onion router”) to travel more than one million files while traveling on the Internet. This is a sophisticated privacy tool that allows users to browse and send files anonymously.

Who else is using the Tor node for bulk data collection?

Egerstad also suggests that Tor nodes may be controlled by powerful institutions (governments) with large resources:

In addition to hackers who use Tor to hide their origins, it seems reasonable that intelligence services have set up malicious exit nodes to sniff data from the Tor network.

“If you really understand where these Tor nodes are hosted and how big they are, some of these nodes cost thousands of dollars a month just for hosting because they use a lot of bandwidth, they are heavy servers, so at, “Aggs Tad said. “Who pays for it and remains anonymous?”

As early as 2014, government agencies seized many different Tor relays in the so-called “Onymous Action”. From the Tor Project blog :

In the past few days, we have received and read reports on several Tor relays seized by government officials. We don’t know why these systems are being used, and we don’t know the survey method used. Specifically, there are reports that the three systems of Torservers.net have disappeared, and another independent relay operator reported.

In commenting on the case, ARS Technica stated:

On July 4th, the Tor project identified a set of Tor relays that actively attempted to break user anonymity by changing the Tor protocol headers associated with their network traffic.

The rogue relay was formed on January 30, 2014 – shortly after Blake Benthall allegedly announced that he had controlled the Silk Road 2.0 two weeks later, the Homeland Security Secrets Officer began to get paid as a webmaster shortly after infiltrating the Silk Road 2.0. These relays not only can de-anonymize some users, but also “may try to understand who posted the hidden service descriptor, which will allow the attacker to know the location of the hidden service,” Tor project leader Roger Dingledine wrote  in July. 30 blog posts .

No quality control!

The fundamental problem here is that there is no real quality control mechanism to review the Tor relay operators. Not only is there no authentication mechanism for setting up the relay, but the operator itself can remain anonymous.

Assuming that the Tor node is indeed a data collection tool, as many have suggested, it is safe to assume that many different governments are involved in data collection, such as China, Russia, and the US government. This actually makes it less likely that you have the same entity that controls all three nodes in the Tor circuit.

See also:   Tor network exit node is found to sniff traffic

6. There is a malicious Tor node

If the government-controlled Tor node is not bad enough, you must also consider a malicious Tor node.

In 2016, a group of researchers published a paper entitled “  Honions: HS HSD for detecting and identifying misconduct  ” and described how they identified 110 malicious Tor relays:

In the past decade, Tor and other privacy infrastructures have proven to be very successful and widely used. However, Tor is still a practical system with various limitations and easy to be abused. Tor’s security and anonymity are based on the assumption that most relays are honest and have no misconduct. In particular, the privacy of hidden services depends on the honest operation of the hidden service catalog (HSDirs). In this work, we introduced the concept of honey onions (HOnions), which is a framework for detecting and identifying misbehavior and snooping HSDirs. After our system was deployed, based on our experimental results during the 72-day period, we detected and identified at least 110 such snoop relays. In addition,

The malicious HSD identified by the team is mostly located in the United States, Germany, France, the United Kingdom and the Netherlands.

A few months after the outbreak of the HSDir problem, a different researcher discovered that a malicious Tor node injects malware into a file download.

Tor malware

According to ITProPortal :

After discovering that Russian hackers have been using the Internet to spread powerful viruses, authorities are recommending that all users of the Tor network check their computers for malware. Malware is spread by compromised nodes in the Tor network.

…have found that one of the exit nodes has been modified to change any program downloaded over the network. This allows an attacker to put their own executable code into such a program and possibly control the victim’s computer.

Since the node has been changed, any Windows executables downloaded over the network are included in the malware. What is worrying is that even files downloaded via Windows Update will be affected.

The use of the risk is at your own risk.

See also:   OnionDuke APT malware distributed through a malicious Tor exit node

7. There is no “Privacy Expectation” when using Tor

Another interesting case highlighting Tor’s flaws came from 2016, when the FBI was able to penetrate Tor to destroy a group of pedophiles.

Hacked

According to Tech Times :

The US Federal Bureau of Investigation (FBI) can still monitor users who remain anonymous on the network using the Tor browser.

US District Court Judge Henry Coke Morgan, Jr. It has been ruled that the FBI does not need to arrest computer systems that invade US citizens. The district judge’s ruling involved the FBI stinging action, called “Operating Pacifier,” for a child porn site called PlayPen on the Dark web.

The defendant used Tor to visit these websites. Federal agencies use hacking tools on computers in Greece, Denmark, Chile, and the United States to capture 1,500 pedophiles in action.

Although it is a pleasure to see these types of criminals being shut down, this case also highlights Tor’s serious vulnerability as a privacy tool that can be trusted by journalists, dissidents, and whistleblowers.

In this case, the judge formally ruled that the  Tor user lacks “reasonable privacy expectations” when hiding his IP address and identity. This basically opens the door for any US government agency to monitor Tor users without having to be authorized or through any legal channel.

This is of course a serious problem when you consider encouraging journalists, activists and whistleblowers to use Tor to evade government agencies and large-scale surveillance.

8. IP address leakage when using Tor

Another recurring problem with Tor is the IP address leak – even if the leak is short, it can be a serious problem of de-anonymizing the Tor user.

A major vulnerability was discovered in November 2017 if they clicked on a local file-based address, such as file:// . Instead of http:// or https:// , the real IP address of the Tor user will be exposed.

Is safe

This problem illustrates a bigger problem with Tor : it only encrypts traffic through the Tor browser , exposing all other (non-Tor browser) traffic. This is in stark contrast to a good VPN (Virtual Private Network), which encrypts all Internet traffic on a computer or device.

This design makes Tor users vulnerable to leaks, which exposes their identity in many different situations:

  • Tor does not provide protection when it is hosted and will use the torrent client to reveal the user’s IP address. (Do not use Tor for Torre; use a VPN instead of hosting.)
  • Tor may leak IP addresses when accessing files that may bypass proxy settings (such as PDF or other documents).
  • Windows users are also susceptible to different types of leaks that expose the user’s real IP address.
window

However, it is important to note that the usual anonymization is due to user error or configuration errors. Therefore, responsibility does not lie in Tor itself, but in people who do not use Tor correctly.

Dan Eggerstad said in his :

People think they are protected only because they use Tor. Not only do they think it is encrypted, but they also think that “no one can find me.” However, if you misconfigure your computer (maybe more than 50% use Tor) , you can still find someone on the other side (top).

Again, non-technical users are better off using good VPN services that provide system-wide traffic encryption and blocking the effective termination of all traffic when the VPN connection is down.

Important : Tor provides specific instructions to help Tor users avoid anonymization caused by “operator errors”:

  • Use the Tor browser
  • Don’t flood through Tor
  • Do not enable or install the browser plugin
  • Use the HTTPS version of the website
  • Do not open documents downloaded via Tor while online
  • Use bridges and / or find companies

For privacy reasons, I also recommend not using Tor on Windows (using Linux instead).

For additional tips, please visit their website


Now that we have introduced some of the different facts about Tor’s history, funding and government relations, we will look at other important issues.

Is Tor effective?

Perhaps the question worth millions of dollars that we should all ask is Tor effective?

Once again, the answer is not clear, the opinions will definitely be different, depending on who you are asking. No matter where your answer is, there are many cases where Tor may not be as good as most of the Tor users expect…

In 2013, the Washington Post broke an article citing reports that the NSA had found out how to anonymize Tor users on a “massive” basis. From the   Washington Post :

According to a 49-page 49-page research paper entitled “Tor”, the agency has studied several methods since 2006, and if successful, will allow NSAs to hide anonymous traffic on “massive” – Effectively enter and exit the Tor system by observing communications, rather than trying to follow them inside. For example, one type of attack would identify a user by a small difference in clock time on the computer.

Of course, this would make Tor useless for anyone who uses it to evade large-scale government surveillance. Please keep in mind that this leaked report began in 2006. Of course, the power and capabilities of the NSA have only grown in the past 13 years.

There are also reports that government agencies collaborate with researchers to “break” or somehow use Tor to de-anonymize users :

Then in July, a much-anticipated speech at the Black Hat Hacking Conference was suddenly cancelled . Scholars from Carnegie Mellon University (CMU) Alexander Volynkin and Michael McCord promised to showcase how the $3,000 suite unlocks the Tor hidden service and its users’ IP addresses.

Its description has striking similarities to the attacks recorded by the Tor project earlier this month. Volynkin and McCord’s approach will anonymize Tor users by using recently disclosed vulnerabilities and “a few powerful servers.” Most importantly, the users claimed that they had tested the attack in the wild.

Thor does not work

ARS Technica also discussed this case in February 2016 , they pointed out:

A federal judge in Washington has now confirmed what has been strongly suspected : the federal government hired researchers at the Software Engineering Institute at Carnegie Mellon University (CMU) to study Tor in 2014.

These cases raise questions about how much trust people should put into Tor as a tool for online anonymity.

Tor user error and bad OPSEC

There are many Tor users that are corrupted or anonymous, but the most common reasons are user errors and/or bad OPSEC . Again, this has nothing to do with Tor, but the Tor user is not enough.

One example is Harvard University student Eldo Kim, who decided to email the bomb threat to take the final exam. Of course, he didn’t stop to think about using Tor on the university network to make him stand out from the crowd (all Tor nodes are public!). When the authority then links the IP address embedded in the email header to the Tor node, Kim is also the only Tor user that has been closed.

Tor IP address
Eldo Kim: Tor has failed.

There are many other examples of user error, bad OPSEC, and the general stupidity of anonymizing various Tor users. Tor will not protect you from these traps.

(Note: VPN traffic can be obfuscated (hidden) in a variety of ways, even if the country, school or work network is actively trying to block the VPN.)

Tor and VPN

For most people looking for online privacy and security, VPN is the solution of choice.

While there are many shady VPNs to avoid, especially   for free VPN services , there are some providers that stand out (see the list of best VPN services ).

VPN will encrypt all traffic between your device (computer, tablet, router, smartphone, etc.) and the VPN server. This makes traffic (your online activity) unreadable to third parties (such as your internet provider, hackers, and any other snoopers).

Most VPNs have servers all over the world, especially large providers such as ExpressVPN and NordVPN .

In general, a good VPN service has the following advantages:

  • Better performance than Tor . I can regularly increase my Internet provider connection speed to 100 Mbps through a good VPN service. The reliability and connectivity stability of the top-level VPN is also very good. On the other hand, with Tor, I am much slower, about 1-3 Mbps (usually too slow to interrupt the Youtube video stream).
  • System-wide encryption . As mentioned above, a good VPN will encrypt Internet traffic on the entire operating system, and Tor is limited to the Tor browser, which may expose users. This is quite different in many different use cases, and VPN users can benefit from a broader range of protection levels.
  • More features . VPNs are also very versatile and can be combined with different features, such as ad-blocking VPNs , multi-hop VPNs , and obfuscation methods for defeating censorship and restricted networks ( also explained in the VPN for China guide).
  • Supported on many devices and operating systems . Tor is very limited – mainly limited to computers running a stable connection to the Tor browser. In contrast, VPNs are very versatile and can be used locally on many operating systems without any application. In addition, most VPN providers offer a wide range of custom applications for all major operating systems and devices. Finally, there are free open source VPN applications, such as Tunnelblick , that can be used with different VPN services.
  • More trust . Trust is very subjective, and there must be unreliable and malicious unreliable VPNs. But in top-level VPNs operated in secure overseas jurisdictions, I think they have more trust than projects that are close to the US government and the military – but that’s just my opinion, others may disagree.
  • Many users . VPNs are becoming mainstream, and many people use them for hosting, accessing geo-constrained content, streaming video, or simply browsing the web for more privacy and security. Having a large number of users on the web can provide many benefits for anonymity because your traffic is mixed with many other users (you are integrated with everyone). Note: This is the main reason I recommend not setting up your own VPN on VPS (Virtual Private Server), only you will use it.

Disclaimer : Although I personally think that VPN is a better choice for most users than Tor, VPN itself is no stranger to controversy. I have discussed many of these issues before, including about logs ( PureVPN and IPVanish ), malicious and intrusive free VPNs, and other VPN spoofing VPNs . Again, please choose your VPN carefully.

One of the benefits of Tor is that traffic is always routed through three different nodes before exiting to the destination. This provides geographic diversity (different jurisdictions) while also providing a high level of protection against damaged Tor relays.

Compared to Tor, most VPN services use very powerful encryption to route traffic on a single VPN server (single hop). For most users, this setting provides sufficient security, privacy, and online anonymity for most VPN use cases. If the VPN uses strong encryption standards, a good VPN protocol , and the VPN client does not leak any data, this is really a very secure and trustworthy setting.

For those seeking a higher level of anonymity, VPN offers many options in addition to a single desired setting.

Multi-hop VPN service, providing more online anonymous services

Similar to the Tor network, there are also VPN services that can route traffic to multiple VPN servers or “jumps” in the network. When a VPN routes traffic on two or more servers, it is often referred to as a “cascading” or multi-hop VPN setup. We will look at some of these below.

Two-hop VPN  – With a two-hop VPN, your traffic is encrypted by two separate servers before exiting to the destination.

user
Direction -4-
CA
Direction -4-
SE-2
Direction -4-
the Internet

For example, a user in New York connects to a Canadian VPN server, which then encrypts and routes traffic to the Swedish VPN server and then exits to the destination on the unencrypted Web.

I tested three different VPNs, which performed well in their respective comments and provided a series of dual-hop VPN server configurations:

  • VPN.ac  – $4.80 per month; in Romania; 18 double-hop configurations (  VPN.ac reviews )
  • NordVPN  – $2.99 ​​per month ( 75% discount ); based in Panama; 16 double-hop configurations (  Nordic VPN evaluation )
  • VPNArea  – $4.92 per month; in Bulgaria; but currently there are only two double-hop configurations (  VPNArea review )

Performance  – With VPN.ac, I can use two-hop configuration Germay >> Canada (tested from my location in Europe) to reach speeds above 80 Mbps on a 100 Mbps connection.

Tor vs vpn

The main disadvantage of the two-hop VPN services listed above is that they are not self-configuring.

Self-configuring multi-hop VPN  – With the self-configuring VPN service, you can build your own unique cascading by selecting the server you need. I tested two VPNs that offer this feature: Perfect Privacy and ZorroVPN .

It can be said that the most common multi-hop VPN is Perfect Privacy . It provides self-configuring multi-hop functionality in VPN clients (Windows, Mac OS and Linux) with up to four different servers.

Performance : Below I use four different servers in Europe, using OpenVPN 256-bit encryption and being able to reach about 25 Mbps (it would be better to use fewer servers).

Vpn vs tor

Perfect Privacy also introduced an interesting multi-hop feature called NeuroRouting . This is a server-side feature that is independent of any application. It dynamically routes all traffic across multiple hops in the VPN server network, corresponding to the physical location of the server (website) you are accessing. It works dynamically, which means that each site you visit will use a unique path with a different egress server (unique IP address).

You can get more information on their website   or in the perfect privacy review .

ZorroVPN is another option for self-configuring multi-hop VPNs. Unlike Perfect Privacy, ZorroVPN primarily uses third-party open source VPN clients (but they are developing custom clients). Another difference is that with ZorroVPN, you need to use their OpenVPN file configuration generator to manually create a multi-hop configuration and then import it into your VPN client.

ZorroVPN is an interesting VPN, but it also has some drawbacks, no custom VPN client, no leak protection and a higher price. For more information, please visit their website or ZorroVPN reviews .

Why use a multi-hop VPN?

Perfect privacy provides a good answer to this question in its multi-hop VPN article :

This [flow-associated] attack becomes more difficult through cascading connections, because although ISP / eavesdroper still knows the user’s VPN ingress node, it does not know which server the traffic exits. He needs to monitor all VPN servers and guess which egress node the user is using. This makes it almost impossible to successfully identify users through traffic associations.

In theory, an attacker can also physically access a VPN server in a data center. In this case, he may perform an anonymous attack on the VPN user. Cascading connections prevent this attack vector: traffic cannot be read or associated with incoming traffic because the user’s traffic is encapsulated by an additional encryption layer for each hop in the cascade.

The attacker will still see the outgoing encrypted traffic to another VPN server, but he is not sure if this is an intermediate node or an exit node. In order to successfully intercept and delete traffic, an attacker needs to physically access all hops in the cascade at the same time. If hops are in different countries, this is actually impossible.

Using multi-hop settings with strong encryption and other privacy tools such as a secure browser gives you a very high level of online anonymity and security.

Virtual machine and VPN

Finally, virtual machines are also a useful tool when used in conjunction with VPNs. In this setup, you can run a VPN on the host and then run a second VPN in the virtual machine. This will double encapsulate your traffic (VPNs in the VPN) while also distributing trust between two different VPN providers.

Of course, you can create virtual machines in a virtual machine, depending on system resources.

This concept, sometimes referred to as a “nested VPN chain,” will provide the highest level of online anonymity (but be sure to consider using a secure browser and protecting yourself from browser/device fingerprinting ). As long as you have system resources and the VPN service provides enough bandwidth for a good server infrastructure, the performance of the setup can be good.

VirtualBox is free and ideal for setting up VMs on a host operating system. You can install a variety of Linux virtual machines for free and use them for different purposes, then just delete them when you no longer need them.

VPN with Tor

Finally, you can also use VPN with Tor. There are usually two easy ways to use Tor with a VPN:

  1. Connect to the VPN server through the VPN client (app) on the operating system, then open the Tor browser and use Tor normally.
  2. Use a VPN service with a server that exits the Tor network. Two good choices are:
    1. NordVPN  – View their Onion-over-VPN servers. (Also check the NordVPN coupon page for the latest offers.)
    2. ZorroVPN  – All of their servers can exit the Tor network.

Of course, there are different ways to use both Tor and VPN, but both methods are simple and most common.

One of the big advantages of using a Tor-equipped VPN is that it can further protect your identity if one of the Tor nodes or the entire Tor circuit is compromised. This is because there will be an encrypted VPN server between you and the Tor network, adding another layer of protection. However, this setting still does not protect you from rogue Tor relays that may snoop on your traffic (collecting data) or inject malware into your downloads.

The final verdict on Tor: You decide

As stated at the beginning of the article, Tor is widely respected in the privacy community and has many loyal fans.

The opinions of Tor are constantly changing, and online discussions may be divided. But at the end of the day, Tor has both advantages and disadvantages for different users.

The key factor of everything is trust. Do you believe that Tor will keep you safe? Only you can decide the answer to this question.

For those who really want to use Tor, I recommend accessing Tor through a good VPN service . This will add an extra layer of protection between you and the Tor network, but it won’t necessarily make your data safely form a rogue Tor node.

Choosing the right privacy tool is a very subjective process that depends on your own unique needs, uses and threat models. When deciding whether Tor is right for you, be sure to consider everything and draw your own conclusions.

Leave a Reply

Your email address will not be published. Required fields are marked *