By now even nontechnical and casual web surfers have heard of Tor, whether or not they fully understand what it does. Tor is an online privacy mechanism that promises to protect the anonymity of their users. Or that’s the goal, anyway.
Many of you may have heard that the FBI had hacked their network in an attempt to thwart some criminal activities, and this breach led many to distrust the once reputable service.
Believe it or not, Tor was originally a project that was developed by the United States Navy, though it has since become its own organization. Once an Internet user becomes aware of the existence of Tor, it often sparks the same question. If Tor is free to use and it protects my identity online, do I still need a VPN tunnel? The short answer is yes; it is still highly advisable to use a VPN service.
However, we’re going to dig a little deeper and look at the benefits and drawbacks of both VPNs and Tor, and even show you how to use both services together for an extra layer of protection. So, let’s take a closer look at how Tor protects users’ online anonymity and take a look at past security breaches.
How Tor Works
First and foremost, users need to understand that Tor does not provide encryption. That means that unless you are ultimately connecting to a server that uses HTTPS or another encryption mechanism, all of your data will be sent in plain text.
By now you might be wondering how it protects you online. Essentially, Tor masks and disguises the origin of your traffic, making it nigh on impossible for other online entities to see where the initial web server request came from.
This is achieved by obfuscating the source of the traffic, so it is nearly impossible to trace the traffic back to your computer. At its core, Tor is a network of servers, called relay nodes, that ferret your data and information around to seemingly random servers. A
fter your data has been passed around the network, it exits the Tor network through and exit relay, and only then is your data passed on to the intended destination server. From the website’s perspective, they only see that the request originated from the IP address of the exit relay server, thereby ensuring that your true IP address cannot be seen.
Sounds pretty great, right? Well, it isn’t perfect. You see, Tor has been hacked by the government a few times in the past. Admittedly, I think we can all agree that hacking a network for the sake of capturing child pornographers has its moral merits, which brings up two main points.
First of all, is it ethical to use Tor if criminals have taken advantage of the service in the past? Most people agree that it is completely ethical to use Tor, since it isn’t anyone’s business what you do online. Most Tor users aren’t up to any nefarious or illicit activities – just average Joe’s that don’t want big brother looking over their shoulder.
Secondly, is it safe to use Tor? Tor has claimed that they have cracked down on the security of their network to prevent future attacks. But many people still have qualms using their service in the wake of these hacks.
My recommendation for people that want to use Tor is to use it in conjunction with a VPN service, so you get the added security benefits of encryption. With that said, let’s take a look at VPN tunnel benefits.
How VPN Tunnels Work
Conversely, VPN tunnels offer both security (with encryption) and anonymity (the VPN service behaves in a similar manner to a proxy). By encrypting your traffic, it is completely impossible for t data is decrypted by the VPN server, your data is safe and secure.
Furthermore, VPN tunnels mask your true IP address, which is how they are able to unblock web content that has been geo-restricted as well as national censorship programs. As long as your VPN service provider has a strict no-logging policy, you can rest assured that your Internet communications will be secured through the VPN tunnel.
Using Tor through a VPN
This begs the question: why do some people want to use a VPN in conjunction with Tor?
The simple answer is that they want an extra layer of privacy.
You see, when you use a VPN with Tor, not only is your data secured with encryption and your true IP address masked with an IP from the service provider, but it is also nearly impossible to discover the source of your Internet transmissions. Some ISPs may have specific policies about using the Tor network, but using a VPN tunnel in conjunction with Tor will make the fact that you are using the Tor service invisible.
In this scenario, you are connecting to your VPN service provider first, and then connecting to the Tor network. The path that your data takes looks like this:
- Data starts at your computer
- Data is sent to the VPN server
- Next, data is sent through the Tor network
- Your data enters the public Internet by leaving through a Tor Exit Node
- Your Internet Service Provider won’t be able to see that you are connecting to the Tor network, but they will be able to see you have established a VPN tunnel
- The Tor server won’t be able to see your real IP address – rather, it will see a connection attempt from your VPN providers’ IP address
- Enhanced security and anonymity
- Sometimes Tor exit nodes are blocked by streaming content services and a handful of websites
- Once data leaves the Tor network, there is no protection unless HTTPS or SSL are used to connect to the destination server
- Can add overhead such as latency, so may not be a good fit for some types of traffic that are extremely latency sensitive and resource intensive
This will route data through the Tor network and OpenVPN transparently. But this is not as secure as using the Tor browser. When using the Tor browser, data is encrypted only as the data is traversing the Tor network.
Using a VPN through Tor
The more preferred option, in my opinion, is to establish a VPN connection all the way through the Tor network. In this scenario, your data takes the following path:
- Data starts on your computer and is encrypted with a VPN tunnel
- Then the data is sent all the way through the Tor network, finally reaching the VPN server to become decrypted
- After data has been decrypted by the VPN server, it reaches the public Internet
However, these types of configuration is a little more difficult to setup, because your VPN service provider needs to have coded features into their software that allow for this type of configuration. As of now, it seems that the only two providers that offer this functionality are AirVPN and BolehVPN.
- The VPN service provider cannot see your real IP address, because it looks like that of a Tor Exit Node
- Extremely anonymous connections
- To websites and servers on the Internet, your IP address looks like that of the VPN server
- Bypasses blocks that are created for Tor Exit Nodes
- Security from potentially malicious Tor Exit Nodes due to encryption
- You can still spoof your IP address to circumvent geo-restrictions
- Again, this type of connection imposes overhead
- Not available with all VPN providers
In Summary – What’s the Best Setup?
Some users may feel it is overkill to use a VPN tunnel in combination with Tor. Nevertheless, there are plenty of users who take their Internet security and privacy very seriously, and they will likely want to take advantage of the Tor network.
I would advise that users abstain from using the Tor network without a VPN tunnel, though, because of the security concerns with the FBI in the past. If they infiltrate the Tor network, they will be able to trace user activities. But a VPN tunnel, when used appropriately, will be able to safeguard your data in the event of a breach.